Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/9f3bfa-ef3b-4361-b311-6705dc2e3aaa/1/lfdgXoUMnb8X2vC6OONvzGPCy_o.mft
File: lfdgXoUMnb8X2vC6OONvzGPCy_o.mft (raw, json)
Hash identifier: ZvmtLA6bKNTmL5qEJ4u+unvalMwz1DNL5NEiw4W0Zok=
Subject key identifier: DF:6D:1C:D7:D5:38:5C:9C:D5:D7:9E:43:80:B2:3F:A6:CE:65:3D:17
Authority key identifier: 95:F7:60:5E:85:0C:9D:BF:17:DA:F0:BA:38:E3:6F:CC:63:C2:CB:FA
Certificate issuer: /CN=95f7605e850c9dbf17daf0ba38e36fcc63c2cbfa
Certificate serial: 019A72940EAB766643CB47A23550B134BEB5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lfdgXoUMnb8X2vC6OONvzGPCy_o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/9f3bfa-ef3b-4361-b311-6705dc2e3aaa/1/lfdgXoUMnb8X2vC6OONvzGPCy_o.mft
Manifest number: 171F
Signing time: Tue 11 Nov 2025 11:01:36 +0000
Manifest this update: Tue 11 Nov 2025 11:01:36 +0000
Manifest next update: Wed 12 Nov 2025 11:01:36 +0000
Files and hashes: 1: 5-Dy59i1_U0ZRMyz_6apK6err6E.roa (hash: HTKVf7q+nYn6Qr/j/qsCTy9hUzuLpJ7dJx3pfn4b6GM=)
2: lfdgXoUMnb8X2vC6OONvzGPCy_o.crl (hash: S2bDUfvkxM9kRclpapF7zLj5FNJ25U3DElv58q58r2U=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/9f3bfa-ef3b-4361-b311-6705dc2e3aaa/1/lfdgXoUMnb8X2vC6OONvzGPCy_o.crl
rsync://rpki.ripe.net/repository/DEFAULT/34/9f3bfa-ef3b-4361-b311-6705dc2e3aaa/1/lfdgXoUMnb8X2vC6OONvzGPCy_o.mft
rsync://rpki.ripe.net/repository/DEFAULT/lfdgXoUMnb8X2vC6OONvzGPCy_o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:94:0e:ab:76:66:43:cb:47:a2:35:50:b1:34:be:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=95f7605e850c9dbf17daf0ba38e36fcc63c2cbfa
Validity
Not Before: Nov 11 11:01:36 2025 GMT
Not After : Nov 12 11:01:36 2025 GMT
Subject: CN=df6d1cd7d5385c9cd5d79e4380b23fa6ce653d17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:78:6d:49:43:fc:48:8b:f5:a0:8a:c3:ee:cb:
4b:7b:8c:ad:31:ef:ed:57:38:a4:43:ed:5e:3b:03:
75:53:d2:7e:1e:15:05:83:0e:47:fb:13:47:18:30:
f8:81:fc:f6:09:f2:08:bc:08:72:80:22:b8:cd:5a:
9e:6e:e5:ea:b6:19:b4:5c:50:8b:3d:35:60:3a:30:
51:1c:4a:91:2d:47:09:50:60:34:aa:5a:32:ed:20:
9a:74:b1:9c:07:a4:f2:83:77:64:2b:03:6f:3c:8e:
43:42:30:f5:4c:fe:50:6e:1a:c3:bc:f1:10:c1:ec:
41:96:bd:cf:32:65:39:7c:11:d3:52:28:48:f0:4b:
02:e1:4d:84:a2:30:4d:5d:e1:32:9f:e9:63:09:9c:
87:d1:d9:2a:02:1e:64:ca:90:92:28:a9:b2:a7:fc:
01:51:c9:09:ef:84:4a:3f:18:f6:23:c5:dc:6d:7c:
6b:30:0e:df:89:25:be:67:6d:64:91:ef:61:12:d0:
62:61:ec:83:4f:88:2b:9e:7e:db:24:42:9d:b1:d8:
22:8b:5f:f6:85:ce:41:7f:b7:18:b3:95:c9:d3:1b:
46:33:00:01:82:e9:14:a8:36:49:b4:f9:e6:3c:70:
ad:0a:8a:7d:8e:c8:10:2e:b4:bb:15:cd:f2:08:89:
4a:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:6D:1C:D7:D5:38:5C:9C:D5:D7:9E:43:80:B2:3F:A6:CE:65:3D:17
X509v3 Authority Key Identifier:
keyid:95:F7:60:5E:85:0C:9D:BF:17:DA:F0:BA:38:E3:6F:CC:63:C2:CB:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lfdgXoUMnb8X2vC6OONvzGPCy_o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/9f3bfa-ef3b-4361-b311-6705dc2e3aaa/1/lfdgXoUMnb8X2vC6OONvzGPCy_o.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/9f3bfa-ef3b-4361-b311-6705dc2e3aaa/1/lfdgXoUMnb8X2vC6OONvzGPCy_o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3a:87:58:87:a9:f0:1c:9e:fb:7e:8b:e1:e1:e7:92:2b:fa:0f:
56:19:63:32:eb:aa:48:44:1c:29:89:6c:f4:68:82:a0:d6:ba:
3e:3e:0c:ae:82:f3:93:34:4b:fe:0c:99:18:42:89:a9:3a:d1:
a3:e2:ec:2e:40:cd:ea:ee:f4:a0:b1:b8:53:f8:d9:c3:cf:82:
e0:2c:3a:50:42:ef:22:1f:63:75:09:17:dc:df:fe:86:fb:4d:
ab:b0:92:b7:54:50:1b:60:e5:ba:2c:13:e4:1a:87:40:13:f8:
02:0b:1c:88:fc:4f:00:dd:e2:a8:d4:75:16:a4:71:05:67:11:
4e:51:a5:fe:c0:90:36:c0:c3:9d:38:d0:87:73:39:2d:4f:10:
f8:0a:fd:74:54:7b:34:67:94:86:33:be:24:1e:0a:6a:ba:ec:
d3:af:43:31:77:83:dc:c7:f8:5b:a0:4d:da:93:8b:04:3b:f4:
40:57:f7:ba:59:da:a3:42:fa:62:7d:33:40:34:9c:d6:30:68:
bb:af:69:b7:7a:25:e5:16:d6:e5:56:31:ba:ad:ce:e8:be:41:
43:04:01:1c:bc:53:f2:63:a6:65:5f:5f:79:ff:07:59:5c:0f:
00:64:6b:94:a1:15:ac:d7:71:48:56:cc:6f:80:8f:76:3b:33:
1e:74:e1:a8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpylA6rdmZDy0eiNVCxNL61MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1Zjc2MDVlODUwYzlkYmYxN2RhZjBiYTM4ZTM2ZmNjNjNj
MmNiZmEwHhcNMjUxMTExMTEwMTM2WhcNMjUxMTEyMTEwMTM2WjAzMTEwLwYDVQQD
EyhkZjZkMWNkN2Q1Mzg1YzljZDVkNzllNDM4MGIyM2ZhNmNlNjUzZDE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuHhtSUP8SIv1oIrD7stLe4ytMe/t
VzikQ+1eOwN1U9J+HhUFgw5H+xNHGDD4gfz2CfIIvAhygCK4zVqebuXqthm0XFCL
PTVgOjBRHEqRLUcJUGA0qloy7SCadLGcB6Tyg3dkKwNvPI5DQjD1TP5QbhrDvPEQ
wexBlr3PMmU5fBHTUihI8EsC4U2EojBNXeEyn+ljCZyH0dkqAh5kypCSKKmyp/wB
UckJ74RKPxj2I8XcbXxrMA7fiSW+Z21kke9hEtBiYeyDT4grnn7bJEKdsdgii1/2
hc5Bf7cYs5XJ0xtGMwABgukUqDZJtPnmPHCtCop9jsgQLrS7Fc3yCIlKXwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN9tHNfVOFyc1deeQ4CyP6bOZT0XMB8GA1UdIwQY
MBaAFJX3YF6FDJ2/F9rwujjjb8xjwsv6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGZkZ1hvVU1uYjhYMnZDNk9PTnZ6R1BDeV9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC85ZjNiZmEtZWYzYi00MzYxLWIzMTEt
NjcwNWRjMmUzYWFhLzEvbGZkZ1hvVU1uYjhYMnZDNk9PTnZ6R1BDeV9vLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC85ZjNiZmEtZWYzYi00MzYxLWIzMTEtNjcwNWRjMmUzYWFh
LzEvbGZkZ1hvVU1uYjhYMnZDNk9PTnZ6R1BDeV9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOodYh6nw
HJ77fovh4eeSK/oPVhljMuuqSEQcKYls9GiCoNa6Pj4MroLzkzRL/gyZGEKJqTrR
o+LsLkDN6u70oLG4U/jZw8+C4Cw6UELvIh9jdQkX3N/+hvtNq7CSt1RQG2DluiwT
5BqHQBP4AgsciPxPAN3iqNR1FqRxBWcRTlGl/sCQNsDDnTjQh3M5LU8Q+Ar9dFR7
NGeUhjO+JB4Karrs069DMXeD3Mf4W6BN2pOLBDv0QFf3ulnao0L6Yn0zQDSc1jBo
u69pt3ol5RbW5VYxuq3O6L5BQwQBHLxT8mOmZV9fef8HWVwPAGRrlKEVrNdxSFbM
b4CPdjszHnThqA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:44:21 2025 by rpki-client