Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/6a7c93-87b4-4a4c-a21e-41a84f419ac5/1/0LkE317sIhazQwFsXLJLuQpD06Q.mft
File: 0LkE317sIhazQwFsXLJLuQpD06Q.mft (raw, json)
Hash identifier: /ogIvhTTNtMivayy2+HqgfT5w7q6mMRQbm7OIJGtXqA=
Subject key identifier: 58:8C:EE:A4:AA:61:4F:48:79:8B:75:08:A2:E5:1A:69:37:F4:44:9E
Authority key identifier: D0:B9:04:DF:5E:EC:22:16:B3:43:01:6C:5C:B2:4B:B9:0A:43:D3:A4
Certificate issuer: /CN=d0b904df5eec2216b343016c5cb24bb90a43d3a4
Certificate serial: 019A725CA29E51A41CCCAB7A02BD71BC2D96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0LkE317sIhazQwFsXLJLuQpD06Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/6a7c93-87b4-4a4c-a21e-41a84f419ac5/1/0LkE317sIhazQwFsXLJLuQpD06Q.mft
Manifest number: 171C
Signing time: Tue 11 Nov 2025 10:01:04 +0000
Manifest this update: Tue 11 Nov 2025 10:01:04 +0000
Manifest next update: Wed 12 Nov 2025 10:01:04 +0000
Files and hashes: 1: 0LkE317sIhazQwFsXLJLuQpD06Q.crl (hash: Jq01tjrcmSIX1AD/KAW04fsMnTH0E+/jmHyoYOKXX1I=)
2: NrSqEKUOU2XauV-i5XcFK6G4SDE.roa (hash: QbfLyNgfhw89ncOBcXtsqNeuurH1zO/6qaF1UEA+u6E=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/6a7c93-87b4-4a4c-a21e-41a84f419ac5/1/0LkE317sIhazQwFsXLJLuQpD06Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/4f/6a7c93-87b4-4a4c-a21e-41a84f419ac5/1/0LkE317sIhazQwFsXLJLuQpD06Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/0LkE317sIhazQwFsXLJLuQpD06Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:5c:a2:9e:51:a4:1c:cc:ab:7a:02:bd:71:bc:2d:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d0b904df5eec2216b343016c5cb24bb90a43d3a4
Validity
Not Before: Nov 11 10:01:04 2025 GMT
Not After : Nov 12 10:01:04 2025 GMT
Subject: CN=588ceea4aa614f48798b7508a2e51a6937f4449e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:21:c8:cc:c0:a0:ed:ae:3a:bc:f7:b8:e5:87:
b2:f6:e1:21:d7:38:be:1c:ae:f6:d8:bd:38:bf:f7:
64:e7:ce:ea:4a:dd:21:81:d6:50:31:ff:46:9e:c6:
cb:f8:37:96:f4:e1:a9:22:32:0c:29:7a:90:f7:8e:
f6:05:e2:ea:e5:74:c3:a1:33:e4:61:b2:be:d4:be:
4e:1f:fd:d8:3b:60:b8:8b:43:ae:14:6c:16:29:e7:
37:b8:1e:35:30:d1:6c:00:71:82:b8:a1:f0:b6:b8:
5c:1d:5a:3c:7e:c0:72:55:d2:59:be:fd:a5:6e:2f:
78:49:68:18:67:83:d9:f7:ab:0d:10:e9:58:52:2c:
05:4e:5f:95:75:7d:d5:be:95:45:1e:d2:60:ae:38:
52:b8:c2:90:03:09:dc:49:a6:b0:98:88:28:9a:72:
ec:e1:7d:cb:40:05:24:5c:73:9f:75:cb:d5:2c:77:
9e:7d:e7:f6:89:8c:1e:e9:67:1f:c1:ce:6c:a8:d0:
01:04:84:1c:d2:17:45:86:e2:69:37:ff:3a:08:d8:
bb:7d:72:b4:1e:7b:7d:ff:e2:99:1d:b4:b2:13:35:
c8:04:e5:7f:00:49:7a:54:2c:6d:24:9d:58:0b:d8:
71:ba:23:9e:f2:dd:e9:06:08:f9:ec:09:6a:01:dc:
a7:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:8C:EE:A4:AA:61:4F:48:79:8B:75:08:A2:E5:1A:69:37:F4:44:9E
X509v3 Authority Key Identifier:
keyid:D0:B9:04:DF:5E:EC:22:16:B3:43:01:6C:5C:B2:4B:B9:0A:43:D3:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0LkE317sIhazQwFsXLJLuQpD06Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/6a7c93-87b4-4a4c-a21e-41a84f419ac5/1/0LkE317sIhazQwFsXLJLuQpD06Q.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/6a7c93-87b4-4a4c-a21e-41a84f419ac5/1/0LkE317sIhazQwFsXLJLuQpD06Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a8:2d:34:a0:91:65:da:43:f7:11:b5:4f:a4:6e:62:27:47:bf:
e1:e2:96:ce:7c:0a:25:80:69:83:9c:66:f8:cd:5a:b3:c4:14:
c8:4c:df:55:aa:c1:71:db:aa:92:b8:04:98:da:e9:3d:61:5b:
4d:3f:36:99:a4:26:27:ae:c1:42:42:58:a3:81:08:bd:b7:dd:
2d:a1:c7:1c:1e:29:2a:79:09:7c:f1:28:81:b3:23:19:92:38:
18:d5:37:f0:27:69:2f:77:48:1c:27:d5:38:44:bb:ac:cb:c9:
26:85:99:1c:21:54:f0:c5:8e:aa:59:1c:09:66:72:74:1c:f4:
97:7f:bc:45:47:2d:1e:2a:8b:d8:2d:85:19:dc:54:9b:d4:14:
1f:18:06:89:ee:69:63:32:84:88:ae:bb:f6:dd:ec:7c:04:0f:
f9:3b:51:cc:2c:0f:44:e3:1d:64:c4:34:ce:aa:6e:79:e0:2c:
a8:e2:e4:53:31:05:2f:75:fa:90:4b:e6:20:06:21:ee:df:c7:
69:53:e8:3d:da:6f:64:a4:bb:5d:d4:5a:cd:5b:3a:ea:6b:46:
58:74:21:7d:11:69:7e:33:da:f0:17:0e:be:ad:ba:ea:a1:75:
2c:8f:7d:4c:c3:69:d9:9c:ae:80:ac:a7:a9:52:54:36:29:ef:
88:d8:a6:7a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXKKeUaQczKt6Ar1xvC2WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwYjkwNGRmNWVlYzIyMTZiMzQzMDE2YzVjYjI0YmI5MGE0
M2QzYTQwHhcNMjUxMTExMTAwMTA0WhcNMjUxMTEyMTAwMTA0WjAzMTEwLwYDVQQD
Eyg1ODhjZWVhNGFhNjE0ZjQ4Nzk4Yjc1MDhhMmU1MWE2OTM3ZjQ0NDllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlSHIzMCg7a46vPe45Yey9uEh1zi+
HK722L04v/dk587qSt0hgdZQMf9GnsbL+DeW9OGpIjIMKXqQ9472BeLq5XTDoTPk
YbK+1L5OH/3YO2C4i0OuFGwWKec3uB41MNFsAHGCuKHwtrhcHVo8fsByVdJZvv2l
bi94SWgYZ4PZ96sNEOlYUiwFTl+VdX3VvpVFHtJgrjhSuMKQAwncSaawmIgomnLs
4X3LQAUkXHOfdcvVLHeefef2iYwe6Wcfwc5sqNABBIQc0hdFhuJpN/86CNi7fXK0
Hnt9/+KZHbSyEzXIBOV/AEl6VCxtJJ1YC9hxuiOe8t3pBgj57AlqAdynWwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFiM7qSqYU9IeYt1CKLlGmk39ESeMB8GA1UdIwQY
MBaAFNC5BN9e7CIWs0MBbFyyS7kKQ9OkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMExrRTMxN3NJaGF6UXdGc1hMSkx1UXBEMDZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi82YTdjOTMtODdiNC00YTRjLWEyMWUt
NDFhODRmNDE5YWM1LzEvMExrRTMxN3NJaGF6UXdGc1hMSkx1UXBEMDZRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi82YTdjOTMtODdiNC00YTRjLWEyMWUtNDFhODRmNDE5YWM1
LzEvMExrRTMxN3NJaGF6UXdGc1hMSkx1UXBEMDZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqC00oJFl
2kP3EbVPpG5iJ0e/4eKWznwKJYBpg5xm+M1as8QUyEzfVarBcduqkrgEmNrpPWFb
TT82maQmJ67BQkJYo4EIvbfdLaHHHB4pKnkJfPEogbMjGZI4GNU38CdpL3dIHCfV
OES7rMvJJoWZHCFU8MWOqlkcCWZydBz0l3+8RUctHiqL2C2FGdxUm9QUHxgGie5p
YzKEiK679t3sfAQP+TtRzCwPROMdZMQ0zqpueeAsqOLkUzEFL3X6kEvmIAYh7t/H
aVPoPdpvZKS7XdRazVs66mtGWHQhfRFpfjPa8BcOvq266qF1LI99TMNp2ZyugKyn
qVJUNinviNimeg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:04:14 2025 by rpki-client