Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/13c33a-a46f-4889-b809-57303aa45cbb/1/lIHpRs_I4ZwWZ683XRCh5AQvDrk.mft
File: lIHpRs_I4ZwWZ683XRCh5AQvDrk.mft (raw, json)
Hash identifier: cs+Ix9gUA5vFkA6gwjAs+xP8RcdmucXFD0umEY+jWts=
Subject key identifier: 7C:74:F1:9E:61:34:D3:C3:B3:EA:76:D5:61:91:63:AF:8F:C7:67:D3
Authority key identifier: 94:81:E9:46:CF:C8:E1:9C:16:67:AF:37:5D:10:A1:E4:04:2F:0E:B9
Certificate issuer: /CN=9481e946cfc8e19c1667af375d10a1e4042f0eb9
Certificate serial: 019A725CB2C67A5D6EF5C1E7024D39052337
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lIHpRs_I4ZwWZ683XRCh5AQvDrk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/13c33a-a46f-4889-b809-57303aa45cbb/1/lIHpRs_I4ZwWZ683XRCh5AQvDrk.mft
Manifest number: 0636
Signing time: Tue 11 Nov 2025 10:01:08 +0000
Manifest this update: Tue 11 Nov 2025 10:01:08 +0000
Manifest next update: Wed 12 Nov 2025 10:01:08 +0000
Files and hashes: 1: lIHpRs_I4ZwWZ683XRCh5AQvDrk.crl (hash: GV8vo1tcGGTjtiTmD/6jlBxOw9kJlwtogFxhQJsYGaM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/13c33a-a46f-4889-b809-57303aa45cbb/1/lIHpRs_I4ZwWZ683XRCh5AQvDrk.crl
rsync://rpki.ripe.net/repository/DEFAULT/42/13c33a-a46f-4889-b809-57303aa45cbb/1/lIHpRs_I4ZwWZ683XRCh5AQvDrk.mft
rsync://rpki.ripe.net/repository/DEFAULT/lIHpRs_I4ZwWZ683XRCh5AQvDrk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:5c:b2:c6:7a:5d:6e:f5:c1:e7:02:4d:39:05:23:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9481e946cfc8e19c1667af375d10a1e4042f0eb9
Validity
Not Before: Nov 11 10:01:08 2025 GMT
Not After : Nov 12 10:01:08 2025 GMT
Subject: CN=7c74f19e6134d3c3b3ea76d5619163af8fc767d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:d6:9f:71:89:c1:e8:72:d7:c6:1f:92:df:59:
50:4a:2b:72:49:39:b0:08:7b:4a:6e:b5:31:0a:50:
df:72:47:7f:23:e3:cb:6a:fa:b5:eb:5e:c1:22:a8:
00:de:7c:7d:bc:f1:45:dd:5e:63:4e:21:a1:a7:45:
39:2b:31:a8:45:7f:e1:0e:73:6d:38:39:f5:2a:de:
3f:d4:00:0f:31:0a:eb:0e:38:c8:46:23:13:5e:0d:
cf:28:1c:18:03:ca:cb:bb:dd:a2:b3:5c:e3:16:8e:
17:dd:02:19:2d:79:59:87:99:d7:43:b2:88:3b:da:
9f:8d:3e:43:47:2f:e5:4c:a8:5f:0c:70:44:22:70:
b0:c9:77:08:04:e7:a6:7c:6e:b9:28:5e:cc:ae:91:
1f:69:51:fb:f6:c1:1b:c3:39:58:8a:e0:4b:df:ad:
2c:2d:87:2f:b2:95:db:5b:71:b8:87:06:83:1e:14:
8f:66:04:ed:cf:92:0d:8c:b7:5b:6a:b3:9c:78:67:
76:bd:e4:23:3a:c2:91:3c:82:f2:ad:4f:37:f3:dc:
35:72:68:3d:1a:7e:f3:06:7a:82:da:41:09:59:45:
49:21:74:63:56:86:4a:89:41:cc:72:5b:d6:ed:ba:
dd:22:ed:66:c1:5e:13:99:d2:5a:6f:a2:4b:44:ec:
ac:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:74:F1:9E:61:34:D3:C3:B3:EA:76:D5:61:91:63:AF:8F:C7:67:D3
X509v3 Authority Key Identifier:
keyid:94:81:E9:46:CF:C8:E1:9C:16:67:AF:37:5D:10:A1:E4:04:2F:0E:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lIHpRs_I4ZwWZ683XRCh5AQvDrk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/13c33a-a46f-4889-b809-57303aa45cbb/1/lIHpRs_I4ZwWZ683XRCh5AQvDrk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/13c33a-a46f-4889-b809-57303aa45cbb/1/lIHpRs_I4ZwWZ683XRCh5AQvDrk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0e:07:2b:28:f6:00:48:91:97:f4:78:a2:1a:87:6c:c0:b2:26:
38:d6:e8:97:a0:a5:8a:09:94:5b:04:a6:18:a6:ca:72:9f:e2:
b6:0b:73:95:27:5a:e4:c8:5d:36:8b:c3:02:fc:32:18:17:9f:
59:46:d4:c8:9e:54:75:ee:1f:88:f8:bb:42:37:45:93:f7:95:
85:d0:ab:e7:8a:af:2e:85:5c:82:9e:ff:37:1d:66:4f:46:b4:
49:0f:3d:de:0a:dc:eb:7d:17:e1:41:4c:6e:5b:5d:55:87:5c:
37:57:80:7a:c8:5c:fc:b5:53:13:07:13:8c:f2:37:a2:9b:16:
85:d5:7a:c4:95:59:1a:ec:0a:5a:35:c8:00:8b:cb:fe:5c:e9:
b5:d9:36:cc:ee:c0:18:60:b3:18:6e:1e:2e:d0:b7:ee:d7:a5:
e9:12:a9:13:79:24:7d:0d:92:29:f5:8f:55:81:62:f1:00:37:
0e:de:e0:1b:ad:83:36:7b:2a:7f:4a:01:b0:90:ac:4c:5a:69:
49:23:a9:47:fb:3e:63:b1:f1:30:69:c7:e2:c4:46:65:d0:a4:
09:59:aa:29:1f:cb:47:33:07:66:61:ea:07:29:9c:43:c5:ef:
20:ba:56:1d:8e:2c:36:8a:1d:51:b3:5c:ff:d2:1e:16:6e:99:
ff:2b:c0:97
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXLLGel1u9cHnAk05BSM3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0ODFlOTQ2Y2ZjOGUxOWMxNjY3YWYzNzVkMTBhMWU0MDQy
ZjBlYjkwHhcNMjUxMTExMTAwMTA4WhcNMjUxMTEyMTAwMTA4WjAzMTEwLwYDVQQD
Eyg3Yzc0ZjE5ZTYxMzRkM2MzYjNlYTc2ZDU2MTkxNjNhZjhmYzc2N2QzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4NafcYnB6HLXxh+S31lQSitySTmw
CHtKbrUxClDfckd/I+PLavq1617BIqgA3nx9vPFF3V5jTiGhp0U5KzGoRX/hDnNt
ODn1Kt4/1AAPMQrrDjjIRiMTXg3PKBwYA8rLu92is1zjFo4X3QIZLXlZh5nXQ7KI
O9qfjT5DRy/lTKhfDHBEInCwyXcIBOemfG65KF7MrpEfaVH79sEbwzlYiuBL360s
LYcvspXbW3G4hwaDHhSPZgTtz5INjLdbarOceGd2veQjOsKRPILyrU8389w1cmg9
Gn7zBnqC2kEJWUVJIXRjVoZKiUHMclvW7brdIu1mwV4TmdJab6JLROystQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHx08Z5hNNPDs+p21WGRY6+Px2fTMB8GA1UdIwQY
MBaAFJSB6UbPyOGcFmevN10QoeQELw65MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbElIcFJzX0k0WndXWjY4M1hSQ2g1QVF2RHJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi8xM2MzM2EtYTQ2Zi00ODg5LWI4MDkt
NTczMDNhYTQ1Y2JiLzEvbElIcFJzX0k0WndXWjY4M1hSQ2g1QVF2RHJrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi8xM2MzM2EtYTQ2Zi00ODg5LWI4MDktNTczMDNhYTQ1Y2Ji
LzEvbElIcFJzX0k0WndXWjY4M1hSQ2g1QVF2RHJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADgcrKPYA
SJGX9HiiGodswLImONbol6CligmUWwSmGKbKcp/itgtzlSda5MhdNovDAvwyGBef
WUbUyJ5Ude4fiPi7QjdFk/eVhdCr54qvLoVcgp7/Nx1mT0a0SQ893grc630X4UFM
bltdVYdcN1eAeshc/LVTEwcTjPI3opsWhdV6xJVZGuwKWjXIAIvL/lzptdk2zO7A
GGCzGG4eLtC37tel6RKpE3kkfQ2SKfWPVYFi8QA3Dt7gG62DNnsqf0oBsJCsTFpp
SSOpR/s+Y7HxMGnH4sRGZdCkCVmqKR/LRzMHZmHqBymcQ8XvILpWHY4sNoodUbNc
/9IeFm6Z/yvAlw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 17:19:46 2025 by rpki-client