Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/2a96b8-046d-4ac3-b23d-d819794a32a3/1/lCgqYHi6mPtKbjQ-dgOpYOemNEI.mft
File: lCgqYHi6mPtKbjQ-dgOpYOemNEI.mft (raw, json)
Hash identifier: hpv3VZRndaQv+/K8+Jxs6djQIxi3zGqnldB6sfEkWnk=
Subject key identifier: A1:2B:8A:EE:46:A6:AB:97:EE:3E:8B:94:D5:AE:20:01:3F:4C:FB:0C
Authority key identifier: 94:28:2A:60:78:BA:98:FB:4A:6E:34:3E:76:03:A9:60:E7:A6:34:42
Certificate issuer: /CN=94282a6078ba98fb4a6e343e7603a960e7a63442
Certificate serial: 019A7294099629FDFD855750BE3AFA50D440
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lCgqYHi6mPtKbjQ-dgOpYOemNEI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/2a96b8-046d-4ac3-b23d-d819794a32a3/1/lCgqYHi6mPtKbjQ-dgOpYOemNEI.mft
Manifest number: 16DA
Signing time: Tue 11 Nov 2025 11:01:35 +0000
Manifest this update: Tue 11 Nov 2025 11:01:35 +0000
Manifest next update: Wed 12 Nov 2025 11:01:35 +0000
Files and hashes: 1: G39ME0xFxZesqQwqos2EdI8n7qo.roa (hash: 8k5VE0uXEGXbMB9ED4RCnZSTVNYbIG3+AEXwxhVpiyI=)
2: lCgqYHi6mPtKbjQ-dgOpYOemNEI.crl (hash: AEu9E1louuWh6+vYL6p0VCMFCDMDH3khLVyzheeY2CA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3b/2a96b8-046d-4ac3-b23d-d819794a32a3/1/lCgqYHi6mPtKbjQ-dgOpYOemNEI.crl
rsync://rpki.ripe.net/repository/DEFAULT/3b/2a96b8-046d-4ac3-b23d-d819794a32a3/1/lCgqYHi6mPtKbjQ-dgOpYOemNEI.mft
rsync://rpki.ripe.net/repository/DEFAULT/lCgqYHi6mPtKbjQ-dgOpYOemNEI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:94:09:96:29:fd:fd:85:57:50:be:3a:fa:50:d4:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94282a6078ba98fb4a6e343e7603a960e7a63442
Validity
Not Before: Nov 11 11:01:35 2025 GMT
Not After : Nov 12 11:01:35 2025 GMT
Subject: CN=a12b8aee46a6ab97ee3e8b94d5ae20013f4cfb0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:4c:34:a7:b0:3e:54:cc:eb:65:af:2d:29:e3:
9e:76:9a:61:f6:5c:b7:b2:87:df:66:c3:e3:fb:92:
3c:6d:e5:b7:de:52:71:14:31:a8:db:d7:2e:19:79:
b4:6d:db:3d:c6:47:11:e0:89:98:d0:e7:cb:e5:36:
64:07:a5:ed:97:13:b9:78:f3:30:42:bb:49:74:cf:
3c:7f:b7:0b:92:d3:b5:56:9a:72:04:93:70:ff:b8:
7d:eb:98:19:d5:91:37:90:5f:e3:77:72:95:10:24:
3a:5c:d8:8b:67:39:52:4f:0c:ca:a1:a0:e1:99:70:
f8:cf:eb:c1:d8:77:3b:77:40:77:8e:b1:d0:c9:f5:
a1:35:aa:5a:66:57:5a:5d:40:8c:11:fc:e7:60:13:
f1:9e:71:1c:2a:52:f9:8c:62:c7:91:47:74:9b:46:
85:0e:16:68:2a:90:02:0a:3c:33:af:0b:28:d9:a2:
38:d7:24:f9:71:72:b8:50:13:9a:c5:63:6d:8c:6b:
60:d9:d3:14:24:ba:92:3b:17:7d:3a:0c:01:b0:10:
ad:08:6c:fe:58:94:1a:89:d8:31:ba:ae:fd:34:da:
18:7d:58:9d:1e:0d:42:60:fc:00:63:b2:08:52:ba:
0a:fd:f9:fd:3a:b5:47:01:1d:dd:8a:d4:99:e5:58:
bc:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:2B:8A:EE:46:A6:AB:97:EE:3E:8B:94:D5:AE:20:01:3F:4C:FB:0C
X509v3 Authority Key Identifier:
keyid:94:28:2A:60:78:BA:98:FB:4A:6E:34:3E:76:03:A9:60:E7:A6:34:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lCgqYHi6mPtKbjQ-dgOpYOemNEI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/2a96b8-046d-4ac3-b23d-d819794a32a3/1/lCgqYHi6mPtKbjQ-dgOpYOemNEI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/2a96b8-046d-4ac3-b23d-d819794a32a3/1/lCgqYHi6mPtKbjQ-dgOpYOemNEI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4f:e7:eb:02:04:f9:b7:44:c6:f3:05:a5:86:af:65:c7:e0:87:
dc:5c:b6:c5:6c:13:c0:6e:d1:23:07:93:c4:d5:f4:0a:b6:6a:
91:e9:de:c8:1d:3a:af:63:d6:af:3e:77:d9:70:1c:57:3e:07:
ba:8b:42:e7:b9:05:0a:0a:70:70:1e:4e:2f:51:72:a1:0c:01:
3e:fa:1d:c7:02:23:fd:f4:78:e3:e1:a8:c4:37:cc:45:a0:1f:
f8:9e:bf:9c:6c:da:ca:a0:26:87:70:20:88:e6:06:24:5b:58:
00:04:36:fe:d8:f3:7b:bf:70:3e:60:ff:fc:f3:6c:6e:21:f8:
82:bb:1c:e7:87:bb:3c:f0:7f:9d:73:e1:fb:81:91:94:cb:dc:
55:d7:0c:d0:8d:b5:68:87:41:2a:78:52:07:31:c4:03:ff:a1:
3a:e8:e2:bd:21:c9:ee:d2:a6:92:45:f7:97:b3:e8:51:fe:35:
51:a3:01:1f:a3:dd:2d:1c:25:4d:db:8a:8d:f5:b0:26:41:be:
dc:49:47:4b:2a:ab:37:bf:f0:f4:e1:aa:3f:9b:f2:13:3b:51:
23:58:4f:4e:7e:4d:62:38:63:4a:61:d2:53:de:2e:b8:21:cd:
9d:f0:b7:9e:2d:fe:a5:e7:0d:38:0a:ca:5e:24:03:48:fc:13:
82:ec:f4:2e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpylAmWKf39hVdQvjr6UNRAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0MjgyYTYwNzhiYTk4ZmI0YTZlMzQzZTc2MDNhOTYwZTdh
NjM0NDIwHhcNMjUxMTExMTEwMTM1WhcNMjUxMTEyMTEwMTM1WjAzMTEwLwYDVQQD
EyhhMTJiOGFlZTQ2YTZhYjk3ZWUzZThiOTRkNWFlMjAwMTNmNGNmYjBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh0w0p7A+VMzrZa8tKeOedpph9ly3
soffZsPj+5I8beW33lJxFDGo29cuGXm0bds9xkcR4ImY0OfL5TZkB6XtlxO5ePMw
QrtJdM88f7cLktO1VppyBJNw/7h965gZ1ZE3kF/jd3KVECQ6XNiLZzlSTwzKoaDh
mXD4z+vB2Hc7d0B3jrHQyfWhNapaZldaXUCMEfznYBPxnnEcKlL5jGLHkUd0m0aF
DhZoKpACCjwzrwso2aI41yT5cXK4UBOaxWNtjGtg2dMUJLqSOxd9OgwBsBCtCGz+
WJQaidgxuq79NNoYfVidHg1CYPwAY7IIUroK/fn9OrVHAR3ditSZ5Vi8swIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKEriu5GpquX7j6LlNWuIAE/TPsMMB8GA1UdIwQY
MBaAFJQoKmB4upj7Sm40PnYDqWDnpjRCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbENncVlIaTZtUHRLYmpRLWRnT3BZT2VtTkVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi8yYTk2YjgtMDQ2ZC00YWMzLWIyM2Qt
ZDgxOTc5NGEzMmEzLzEvbENncVlIaTZtUHRLYmpRLWRnT3BZT2VtTkVJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi8yYTk2YjgtMDQ2ZC00YWMzLWIyM2QtZDgxOTc5NGEzMmEz
LzEvbENncVlIaTZtUHRLYmpRLWRnT3BZT2VtTkVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAT+frAgT5
t0TG8wWlhq9lx+CH3Fy2xWwTwG7RIweTxNX0CrZqkeneyB06r2PWrz532XAcVz4H
uotC57kFCgpwcB5OL1FyoQwBPvodxwIj/fR44+GoxDfMRaAf+J6/nGzayqAmh3Ag
iOYGJFtYAAQ2/tjze79wPmD//PNsbiH4grsc54e7PPB/nXPh+4GRlMvcVdcM0I21
aIdBKnhSBzHEA/+hOujivSHJ7tKmkkX3l7PoUf41UaMBH6PdLRwlTduKjfWwJkG+
3ElHSyqrN7/w9OGqP5vyEztRI1hPTn5NYjhjSmHSU94uuCHNnfC3ni3+pecNOArK
XiQDSPwTguz0Lg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:48:03 2025 by rpki-client