Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/356e78-dcf8-4625-87ca-8688b1e53571/1/L45RIlad5SzVCux5NJS_HOfCX8g.mft
File: L45RIlad5SzVCux5NJS_HOfCX8g.mft (raw, json)
Hash identifier: ZyxnlEqL1XEZS9kIvbpifVNcT1sTmNmgPjgMTNuWX5U=
Subject key identifier: 0E:B2:E2:E9:06:DE:B7:2F:A1:14:FE:A4:07:2C:CC:9F:88:A0:33:84
Authority key identifier: 2F:8E:51:22:56:9D:E5:2C:D5:0A:EC:79:34:94:BF:1C:E7:C2:5F:C8
Certificate issuer: /CN=2f8e5122569de52cd50aec793494bf1ce7c25fc8
Certificate serial: 019A7293C20DAF6C7F99209D4DDFFB3F5AA6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L45RIlad5SzVCux5NJS_HOfCX8g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/356e78-dcf8-4625-87ca-8688b1e53571/1/L45RIlad5SzVCux5NJS_HOfCX8g.mft
Manifest number: 0DD3
Signing time: Tue 11 Nov 2025 11:01:17 +0000
Manifest this update: Tue 11 Nov 2025 11:01:17 +0000
Manifest next update: Wed 12 Nov 2025 11:01:17 +0000
Files and hashes: 1: 4inp3rmc8abBZrSpYG-9NzczLIs.roa (hash: qFrZA2CrZBITypnTYdQbhEuRjClc/T+Pn0jtn1pc/ok=)
2: L45RIlad5SzVCux5NJS_HOfCX8g.crl (hash: Tcu1I9S+j6+DoQaImFki7JX+u9VTD34cmPQjoxmm84c=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/356e78-dcf8-4625-87ca-8688b1e53571/1/L45RIlad5SzVCux5NJS_HOfCX8g.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/356e78-dcf8-4625-87ca-8688b1e53571/1/L45RIlad5SzVCux5NJS_HOfCX8g.mft
rsync://rpki.ripe.net/repository/DEFAULT/L45RIlad5SzVCux5NJS_HOfCX8g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:93:c2:0d:af:6c:7f:99:20:9d:4d:df:fb:3f:5a:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f8e5122569de52cd50aec793494bf1ce7c25fc8
Validity
Not Before: Nov 11 11:01:17 2025 GMT
Not After : Nov 12 11:01:17 2025 GMT
Subject: CN=0eb2e2e906deb72fa114fea4072ccc9f88a03384
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:93:16:8c:b2:12:6f:4d:9b:5e:95:07:75:bb:
1f:d8:14:10:72:a0:9e:f1:22:be:61:4d:fc:9e:6d:
53:3d:c0:82:5f:0a:52:b5:bb:b4:52:38:bf:c7:aa:
58:41:b3:75:2a:f7:01:25:93:41:1a:5c:4f:d0:af:
59:8f:b2:a8:38:06:fc:f9:b9:e8:20:be:e2:71:6c:
6a:e2:6f:75:b2:a0:30:a5:a1:95:cd:5c:9c:75:13:
06:2c:a6:1a:a6:3d:60:a1:dd:96:2b:1c:02:23:d8:
57:46:b3:33:93:71:81:bb:c7:ed:39:ac:0a:d6:2e:
1c:4f:91:f5:72:55:c3:99:17:ae:5b:ec:d2:e9:62:
62:a2:74:4e:bd:6d:12:03:27:4f:3b:f3:85:72:8b:
4b:cb:7e:7b:32:85:0d:61:1e:e6:6d:cd:c9:67:95:
47:e7:04:1c:75:4c:be:3a:db:ad:24:19:2d:04:fe:
fd:e5:b8:b1:ad:73:69:9d:4f:21:c0:05:1b:9f:ee:
2f:a0:69:bc:54:a8:5b:2b:a3:0e:30:d4:74:48:5c:
1d:c4:03:51:85:6e:82:93:86:36:55:b1:46:d7:0a:
6a:1d:ef:97:69:d8:a9:e2:f7:f8:50:07:88:39:d7:
59:e8:53:18:79:ac:16:24:7c:a9:a0:83:48:5e:58:
8b:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:B2:E2:E9:06:DE:B7:2F:A1:14:FE:A4:07:2C:CC:9F:88:A0:33:84
X509v3 Authority Key Identifier:
keyid:2F:8E:51:22:56:9D:E5:2C:D5:0A:EC:79:34:94:BF:1C:E7:C2:5F:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L45RIlad5SzVCux5NJS_HOfCX8g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/356e78-dcf8-4625-87ca-8688b1e53571/1/L45RIlad5SzVCux5NJS_HOfCX8g.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/356e78-dcf8-4625-87ca-8688b1e53571/1/L45RIlad5SzVCux5NJS_HOfCX8g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3a:2a:53:98:19:62:3a:2c:00:42:05:84:67:38:56:f2:53:ae:
a1:6b:80:af:6c:13:04:c1:b3:2d:05:0c:14:e6:30:64:03:90:
66:cc:96:ba:6d:f3:f0:09:cd:e6:3a:20:de:d9:0b:3d:25:bb:
4e:b7:de:d4:60:f5:4e:f8:55:ec:f8:e7:bb:04:8f:f3:f5:2e:
b5:c4:aa:af:f5:64:be:3b:3f:06:3d:47:a6:39:f6:b2:ad:15:
6e:27:c5:79:6a:bb:52:32:69:58:38:97:76:a6:36:2e:9e:bb:
4b:5d:db:20:a2:ed:cd:31:8e:91:cf:69:5b:28:99:da:7e:dd:
55:53:c1:33:90:da:30:9a:1a:89:54:a6:01:d0:f0:46:8d:74:
29:e8:9d:55:fb:2e:ce:23:d2:4c:ee:55:de:4e:86:e5:84:2f:
21:3e:78:ac:9d:c8:b5:a0:7c:e1:d6:0f:bc:f0:4b:4a:8d:12:
fd:8c:4a:d7:92:99:03:7f:8a:21:48:99:a3:4a:ef:d6:98:d3:
80:ec:27:ef:5a:91:65:a4:1f:37:fe:4f:fc:a0:01:c2:60:44:
02:54:bb:1f:ea:6e:de:fc:7d:4c:15:52:c0:6e:1b:51:4c:e7:
08:5b:2e:cb:3a:13:67:fd:dd:7d:fd:14:9a:10:69:dd:bd:bf:
c1:ef:97:1a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyk8INr2x/mSCdTd/7P1qmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmOGU1MTIyNTY5ZGU1MmNkNTBhZWM3OTM0OTRiZjFjZTdj
MjVmYzgwHhcNMjUxMTExMTEwMTE3WhcNMjUxMTEyMTEwMTE3WjAzMTEwLwYDVQQD
EygwZWIyZTJlOTA2ZGViNzJmYTExNGZlYTQwNzJjY2M5Zjg4YTAzMzg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuZMWjLISb02bXpUHdbsf2BQQcqCe
8SK+YU38nm1TPcCCXwpStbu0Uji/x6pYQbN1KvcBJZNBGlxP0K9Zj7KoOAb8+bno
IL7icWxq4m91sqAwpaGVzVycdRMGLKYapj1god2WKxwCI9hXRrMzk3GBu8ftOawK
1i4cT5H1clXDmReuW+zS6WJionROvW0SAydPO/OFcotLy357MoUNYR7mbc3JZ5VH
5wQcdUy+OtutJBktBP795bixrXNpnU8hwAUbn+4voGm8VKhbK6MOMNR0SFwdxANR
hW6Ck4Y2VbFG1wpqHe+Xadip4vf4UAeIOddZ6FMYeawWJHypoINIXliL4wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA6y4ukG3rcvoRT+pAcszJ+IoDOEMB8GA1UdIwQY
MBaAFC+OUSJWneUs1QrseTSUvxznwl/IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDQ1UklsYWQ1U3pWQ3V4NU5KU19IT2ZDWDhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS8zNTZlNzgtZGNmOC00NjI1LTg3Y2Et
ODY4OGIxZTUzNTcxLzEvTDQ1UklsYWQ1U3pWQ3V4NU5KU19IT2ZDWDhnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS8zNTZlNzgtZGNmOC00NjI1LTg3Y2EtODY4OGIxZTUzNTcx
LzEvTDQ1UklsYWQ1U3pWQ3V4NU5KU19IT2ZDWDhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOipTmBli
OiwAQgWEZzhW8lOuoWuAr2wTBMGzLQUMFOYwZAOQZsyWum3z8AnN5jog3tkLPSW7
Trfe1GD1TvhV7PjnuwSP8/UutcSqr/Vkvjs/Bj1Hpjn2sq0VbifFeWq7UjJpWDiX
dqY2Lp67S13bIKLtzTGOkc9pWyiZ2n7dVVPBM5DaMJoaiVSmAdDwRo10KeidVfsu
ziPSTO5V3k6G5YQvIT54rJ3ItaB84dYPvPBLSo0S/YxK15KZA3+KIUiZo0rv1pjT
gOwn71qRZaQfN/5P/KABwmBEAlS7H+pu3vx9TBVSwG4bUUznCFsuyzoTZ/3dff0U
mhBp3b2/we+XGg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:54:09 2025 by rpki-client