Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/095d5f-2693-4182-9397-cda94fb796d1/1/8lizqXQbQx177NZChrnmvODpddo.mft
File: 8lizqXQbQx177NZChrnmvODpddo.mft (raw, json)
Hash identifier: oGyiJmEpg60P9zbK33BIen3mlbQVPs4KQj1XVJaxCD8=
Subject key identifier: 80:2D:52:67:15:5E:6F:55:9C:69:A8:A8:6B:C2:47:DE:AF:A5:85:2C
Authority key identifier: F2:58:B3:A9:74:1B:43:1D:7B:EC:D6:42:86:B9:E6:BC:E0:E9:75:DA
Certificate issuer: /CN=f258b3a9741b431d7becd64286b9e6bce0e975da
Certificate serial: 019A70DC01BCE76C13BCF167B936B864F33F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8lizqXQbQx177NZChrnmvODpddo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/095d5f-2693-4182-9397-cda94fb796d1/1/8lizqXQbQx177NZChrnmvODpddo.mft
Manifest number: 16ED
Signing time: Tue 11 Nov 2025 03:00:57 +0000
Manifest this update: Tue 11 Nov 2025 03:00:57 +0000
Manifest next update: Wed 12 Nov 2025 03:00:57 +0000
Files and hashes: 1: 8lizqXQbQx177NZChrnmvODpddo.crl (hash: OLgvONGMXvVu7H5TC6CvCBqHEOWU3DfUxgPxMMhTc8Q=)
2: LSDLxpYG9vUS-ynb5NuKXC0hxwk.roa (hash: iU/GAJxLreLcqJkb0jyy5NFNWuEEVZB548A5w51V+6U=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/095d5f-2693-4182-9397-cda94fb796d1/1/8lizqXQbQx177NZChrnmvODpddo.crl
rsync://rpki.ripe.net/repository/DEFAULT/af/095d5f-2693-4182-9397-cda94fb796d1/1/8lizqXQbQx177NZChrnmvODpddo.mft
rsync://rpki.ripe.net/repository/DEFAULT/8lizqXQbQx177NZChrnmvODpddo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 03:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:70:dc:01:bc:e7:6c:13:bc:f1:67:b9:36:b8:64:f3:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f258b3a9741b431d7becd64286b9e6bce0e975da
Validity
Not Before: Nov 11 03:00:57 2025 GMT
Not After : Nov 12 03:00:57 2025 GMT
Subject: CN=802d5267155e6f559c69a8a86bc247deafa5852c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:8b:96:17:82:ff:58:37:78:cb:d5:1a:40:90:
0c:82:b0:2a:fc:39:20:1d:e0:26:14:6e:b2:a1:83:
77:ee:0f:e0:a6:44:ef:42:28:b3:b3:34:bc:28:1a:
e1:ee:17:03:00:10:a9:53:b5:28:1f:89:08:40:ec:
88:9c:38:1d:f9:e2:3b:2a:d5:26:9c:44:cd:63:30:
02:7b:67:7b:56:ab:10:ee:6b:e3:44:1f:7e:d4:0b:
d7:c4:ac:a2:b9:84:31:da:d6:a2:01:d8:1d:88:f0:
bc:e7:42:f7:97:c4:bb:8f:b0:57:70:95:17:a2:f5:
bd:dc:91:2d:ba:a7:90:42:ba:df:20:93:c9:5a:6f:
3e:80:96:69:8f:14:52:b2:98:c6:0b:44:17:22:34:
a7:a3:bd:6d:ef:ca:97:4a:f3:dc:d3:ed:d9:c6:c2:
ed:11:04:95:9a:1a:d0:9a:31:53:1f:8f:30:70:93:
93:ec:44:f7:bb:7c:64:b9:87:a9:29:04:74:19:7f:
93:ce:4c:08:72:f5:b5:49:a7:85:14:6d:60:34:73:
04:16:a7:3e:49:83:70:1c:59:7c:c4:a8:84:1f:2d:
7e:83:24:1e:fb:c1:df:bb:e6:3e:69:3f:d9:fd:de:
40:36:b4:47:a2:da:b1:d6:01:06:3f:91:d2:11:c5:
87:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:2D:52:67:15:5E:6F:55:9C:69:A8:A8:6B:C2:47:DE:AF:A5:85:2C
X509v3 Authority Key Identifier:
keyid:F2:58:B3:A9:74:1B:43:1D:7B:EC:D6:42:86:B9:E6:BC:E0:E9:75:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8lizqXQbQx177NZChrnmvODpddo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/095d5f-2693-4182-9397-cda94fb796d1/1/8lizqXQbQx177NZChrnmvODpddo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/095d5f-2693-4182-9397-cda94fb796d1/1/8lizqXQbQx177NZChrnmvODpddo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1e:cf:1d:c0:99:1f:c0:c9:1b:79:3c:87:3c:3c:23:09:90:c6:
f6:1a:bd:2a:0b:9a:81:0d:20:5c:d2:05:8e:f9:4e:e1:2d:30:
a1:94:33:a2:46:be:85:89:c2:f6:4e:cd:0b:dc:17:ec:cb:2e:
1e:2d:43:bc:94:c6:18:d0:b7:5c:c1:84:aa:a6:86:61:50:ad:
29:c2:09:56:c4:99:04:e1:2e:01:a4:36:b2:1c:98:42:8b:12:
b8:e5:b0:c1:d7:5e:7a:2f:95:72:fb:67:a6:43:21:69:30:34:
ae:8f:cb:20:c6:a3:39:50:2b:ce:d7:5b:4d:c4:7e:0e:7f:71:
4d:99:50:3b:b4:22:ad:e8:42:d0:82:42:27:66:38:e2:8a:2a:
57:10:3c:15:97:02:06:0e:14:9c:d3:d7:9e:4b:1d:c0:02:43:
d3:a4:d8:6c:9e:4d:ae:cf:57:b4:ad:f3:7a:79:05:16:36:2e:
49:ea:4a:f2:49:4b:4e:a8:c8:9b:c3:ea:c3:63:4c:6c:79:74:
72:c7:88:95:d8:3a:72:d6:80:a0:35:8b:fb:cd:ab:dd:0e:1c:
7d:e8:95:3c:9c:92:3b:24:49:ae:66:1d:97:71:de:03:47:11:
f3:0a:b4:d8:5c:99:07:e4:b3:73:76:33:a3:a7:47:b7:13:22:
94:86:2c:2f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpw3AG852wTvPFnuTa4ZPM/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyNThiM2E5NzQxYjQzMWQ3YmVjZDY0Mjg2YjllNmJjZTBl
OTc1ZGEwHhcNMjUxMTExMDMwMDU3WhcNMjUxMTEyMDMwMDU3WjAzMTEwLwYDVQQD
Eyg4MDJkNTI2NzE1NWU2ZjU1OWM2OWE4YTg2YmMyNDdkZWFmYTU4NTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwouWF4L/WDd4y9UaQJAMgrAq/Dkg
HeAmFG6yoYN37g/gpkTvQiizszS8KBrh7hcDABCpU7UoH4kIQOyInDgd+eI7KtUm
nETNYzACe2d7VqsQ7mvjRB9+1AvXxKyiuYQx2taiAdgdiPC850L3l8S7j7BXcJUX
ovW93JEtuqeQQrrfIJPJWm8+gJZpjxRSspjGC0QXIjSno71t78qXSvPc0+3ZxsLt
EQSVmhrQmjFTH48wcJOT7ET3u3xkuYepKQR0GX+TzkwIcvW1SaeFFG1gNHMEFqc+
SYNwHFl8xKiEHy1+gyQe+8Hfu+Y+aT/Z/d5ANrRHotqx1gEGP5HSEcWH5wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIAtUmcVXm9VnGmoqGvCR96vpYUsMB8GA1UdIwQY
MBaAFPJYs6l0G0Mde+zWQoa55rzg6XXaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGxpenFYUWJReDE3N05aQ2hybm12T0RwZGRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi8wOTVkNWYtMjY5My00MTgyLTkzOTct
Y2RhOTRmYjc5NmQxLzEvOGxpenFYUWJReDE3N05aQ2hybm12T0RwZGRvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi8wOTVkNWYtMjY5My00MTgyLTkzOTctY2RhOTRmYjc5NmQx
LzEvOGxpenFYUWJReDE3N05aQ2hybm12T0RwZGRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHs8dwJkf
wMkbeTyHPDwjCZDG9hq9KguagQ0gXNIFjvlO4S0woZQzoka+hYnC9k7NC9wX7Msu
Hi1DvJTGGNC3XMGEqqaGYVCtKcIJVsSZBOEuAaQ2shyYQosSuOWwwddeei+Vcvtn
pkMhaTA0ro/LIMajOVArztdbTcR+Dn9xTZlQO7QirehC0IJCJ2Y44ooqVxA8FZcC
Bg4UnNPXnksdwAJD06TYbJ5Nrs9XtK3zenkFFjYuSepK8klLTqjIm8Pqw2NMbHl0
cseIldg6ctaAoDWL+82r3Q4cfeiVPJySOyRJrmYdl3HeA0cR8wq02FyZB+Szc3Yz
o6dHtxMilIYsLw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 13:16:17 2025 by rpki-client