Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/3c2956-df9d-4048-b011-d8e98b85aea4/1/lNFhWT2oFcrFjTR5ZS0EhIDSZxM.mft
File: lNFhWT2oFcrFjTR5ZS0EhIDSZxM.mft (raw, json)
Hash identifier: QMqlR8tHIhhQwA41pkbV3DGR9LsY3fFDOqOgcMTjhaQ=
Subject key identifier: 41:FC:97:A0:0F:87:E9:64:70:68:31:9F:84:E7:C7:FB:C6:F6:58:5B
Authority key identifier: 94:D1:61:59:3D:A8:15:CA:C5:8D:34:79:65:2D:04:84:80:D2:67:13
Certificate issuer: /CN=94d161593da815cac58d3479652d048480d26713
Certificate serial: 019A7293E83EE85A8F0E8B8EBA9F32A151C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lNFhWT2oFcrFjTR5ZS0EhIDSZxM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/3c2956-df9d-4048-b011-d8e98b85aea4/1/lNFhWT2oFcrFjTR5ZS0EhIDSZxM.mft
Manifest number: 1720
Signing time: Tue 11 Nov 2025 11:01:27 +0000
Manifest this update: Tue 11 Nov 2025 11:01:27 +0000
Manifest next update: Wed 12 Nov 2025 11:01:27 +0000
Files and hashes: 1: bdAF9viIHB5V5FhTALS-owQhcks.roa (hash: lPv9YsuyVHwxqfP/RRJpZeMDZjwRG/d34AhteS5V7Ew=)
2: lNFhWT2oFcrFjTR5ZS0EhIDSZxM.crl (hash: uFv7xIMO9kxhlj9dy+cSkCiIZD+uxqlrN3gs+l3Y1vU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2e/3c2956-df9d-4048-b011-d8e98b85aea4/1/lNFhWT2oFcrFjTR5ZS0EhIDSZxM.crl
rsync://rpki.ripe.net/repository/DEFAULT/2e/3c2956-df9d-4048-b011-d8e98b85aea4/1/lNFhWT2oFcrFjTR5ZS0EhIDSZxM.mft
rsync://rpki.ripe.net/repository/DEFAULT/lNFhWT2oFcrFjTR5ZS0EhIDSZxM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:93:e8:3e:e8:5a:8f:0e:8b:8e:ba:9f:32:a1:51:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94d161593da815cac58d3479652d048480d26713
Validity
Not Before: Nov 11 11:01:27 2025 GMT
Not After : Nov 12 11:01:27 2025 GMT
Subject: CN=41fc97a00f87e9647068319f84e7c7fbc6f6585b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:b4:35:78:a6:69:21:11:a6:62:a4:b7:2a:3f:
6a:e0:31:b6:43:23:2b:24:43:22:16:d2:e7:c6:6e:
13:66:b7:b3:f9:d6:5c:2e:f7:55:bd:e9:08:63:66:
0d:91:f5:b3:ca:be:61:57:63:6e:82:60:e8:3f:56:
10:c5:44:80:94:c8:2e:04:f6:b1:9a:a7:4e:c1:97:
ea:a8:74:f0:6f:6e:aa:fa:fe:ec:c8:3f:f3:4d:b8:
4a:d6:2a:98:0b:07:ef:cf:3b:a5:f0:97:4d:94:62:
38:58:3c:08:68:65:77:69:68:7f:92:60:98:32:1a:
24:c1:82:4d:a8:2f:29:a1:6d:d6:cf:b8:f8:fc:a2:
7e:2f:79:c9:2f:44:1d:09:15:c2:55:8f:75:da:34:
d4:8c:41:83:1d:9c:f6:ec:b0:95:3a:7a:7d:54:d3:
7c:b1:f4:74:47:92:a8:5f:25:cd:d3:bf:32:97:e9:
92:34:d6:95:8d:fd:d5:ae:2b:d9:e8:2d:f8:7e:58:
68:e3:fa:20:a6:20:a3:5c:64:5b:70:37:56:62:6b:
e2:81:09:69:dd:d8:d0:26:0c:31:82:2f:7b:f0:dc:
e3:b5:90:f1:36:27:4b:f3:4d:e3:77:92:67:35:9b:
24:f5:29:b2:e5:7e:15:4f:d0:4f:08:71:ad:f6:9b:
7d:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:FC:97:A0:0F:87:E9:64:70:68:31:9F:84:E7:C7:FB:C6:F6:58:5B
X509v3 Authority Key Identifier:
keyid:94:D1:61:59:3D:A8:15:CA:C5:8D:34:79:65:2D:04:84:80:D2:67:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lNFhWT2oFcrFjTR5ZS0EhIDSZxM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/3c2956-df9d-4048-b011-d8e98b85aea4/1/lNFhWT2oFcrFjTR5ZS0EhIDSZxM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/3c2956-df9d-4048-b011-d8e98b85aea4/1/lNFhWT2oFcrFjTR5ZS0EhIDSZxM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a5:52:a0:07:a5:9d:91:fc:21:8b:05:bd:9c:a6:ed:b5:95:1c:
c8:b6:94:3e:f9:7d:92:ba:91:d3:2c:3d:e6:ea:5e:67:e8:6e:
c6:f0:4b:1b:04:8a:c5:45:4d:e0:6b:c8:a3:46:36:42:c4:37:
2c:03:f8:c4:15:1d:ef:dc:c7:30:b4:d0:61:82:1b:03:8b:bd:
e0:c7:f9:5a:7b:23:45:4e:e2:96:03:87:9f:97:bd:af:2c:6f:
bc:7d:b9:36:39:ed:cb:f8:dd:29:11:23:00:9f:69:d3:7e:83:
ae:a3:a6:24:22:15:eb:54:5f:65:a1:4d:63:3e:56:cb:6e:9f:
51:32:6d:42:95:60:63:c3:c1:04:a0:d5:82:02:a3:88:a1:68:
90:ed:c1:f3:51:bd:1d:d8:06:e0:69:08:23:67:1b:58:4d:1b:
e1:0b:51:30:18:86:d2:4c:b8:65:13:d0:0e:85:40:bc:63:ff:
b5:dd:8c:e0:27:db:2e:c3:dc:0c:16:72:c7:c8:dc:b8:17:f5:
03:92:31:ac:01:67:02:95:49:52:b6:92:3a:9e:51:63:47:77:
7c:1b:88:14:c8:dd:5a:f7:75:32:10:30:a6:91:cc:2d:c9:37:
74:97:e4:c3:da:90:77:54:a0:63:e0:af:78:61:1a:91:a0:72:
66:d0:79:96
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyk+g+6FqPDouOup8yoVHCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0ZDE2MTU5M2RhODE1Y2FjNThkMzQ3OTY1MmQwNDg0ODBk
MjY3MTMwHhcNMjUxMTExMTEwMTI3WhcNMjUxMTEyMTEwMTI3WjAzMTEwLwYDVQQD
Eyg0MWZjOTdhMDBmODdlOTY0NzA2ODMxOWY4NGU3YzdmYmM2ZjY1ODViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAprQ1eKZpIRGmYqS3Kj9q4DG2QyMr
JEMiFtLnxm4TZrez+dZcLvdVvekIY2YNkfWzyr5hV2NugmDoP1YQxUSAlMguBPax
mqdOwZfqqHTwb26q+v7syD/zTbhK1iqYCwfvzzul8JdNlGI4WDwIaGV3aWh/kmCY
MhokwYJNqC8poW3Wz7j4/KJ+L3nJL0QdCRXCVY912jTUjEGDHZz27LCVOnp9VNN8
sfR0R5KoXyXN078yl+mSNNaVjf3VrivZ6C34flho4/ogpiCjXGRbcDdWYmvigQlp
3djQJgwxgi978NzjtZDxNidL803jd5JnNZsk9Smy5X4VT9BPCHGt9pt9LwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEH8l6APh+lkcGgxn4Tnx/vG9lhbMB8GA1UdIwQY
MBaAFJTRYVk9qBXKxY00eWUtBISA0mcTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbE5GaFdUMm9GY3JGalRSNVpTMEVoSURTWnhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS8zYzI5NTYtZGY5ZC00MDQ4LWIwMTEt
ZDhlOThiODVhZWE0LzEvbE5GaFdUMm9GY3JGalRSNVpTMEVoSURTWnhNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS8zYzI5NTYtZGY5ZC00MDQ4LWIwMTEtZDhlOThiODVhZWE0
LzEvbE5GaFdUMm9GY3JGalRSNVpTMEVoSURTWnhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApVKgB6Wd
kfwhiwW9nKbttZUcyLaUPvl9krqR0yw95upeZ+huxvBLGwSKxUVN4GvIo0Y2QsQ3
LAP4xBUd79zHMLTQYYIbA4u94Mf5WnsjRU7ilgOHn5e9ryxvvH25Njnty/jdKREj
AJ9p036DrqOmJCIV61RfZaFNYz5Wy26fUTJtQpVgY8PBBKDVggKjiKFokO3B81G9
HdgG4GkII2cbWE0b4QtRMBiG0ky4ZRPQDoVAvGP/td2M4CfbLsPcDBZyx8jcuBf1
A5IxrAFnApVJUraSOp5RY0d3fBuIFMjdWvd1MhAwppHMLck3dJfkw9qQd1SgY+Cv
eGEakaByZtB5lg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:43:03 2025 by rpki-client