Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/2dafbc-52ee-4c7b-b006-a786cebe20d3/1/Lr_2z7gya0RylaEbEHhoIS5mX90.mft
File: Lr_2z7gya0RylaEbEHhoIS5mX90.mft (raw, json)
Hash identifier: I7K2JcEAH9aVPVwgmBv4YM/Xyo1DTPl9hhGum8+CHTA=
Subject key identifier: 46:32:A9:3F:23:63:DF:25:72:7A:AF:97:98:8C:D9:F9:C1:F1:A1:C8
Authority key identifier: 2E:BF:F6:CF:B8:32:6B:44:72:95:A1:1B:10:78:68:21:2E:66:5F:DD
Certificate issuer: /CN=2ebff6cfb8326b447295a11b107868212e665fdd
Certificate serial: 019A72938BA861BC7E2EFFA08BBD09B22EB4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Lr_2z7gya0RylaEbEHhoIS5mX90.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/2dafbc-52ee-4c7b-b006-a786cebe20d3/1/Lr_2z7gya0RylaEbEHhoIS5mX90.mft
Manifest number: 07FF
Signing time: Tue 11 Nov 2025 11:01:03 +0000
Manifest this update: Tue 11 Nov 2025 11:01:03 +0000
Manifest next update: Wed 12 Nov 2025 11:01:03 +0000
Files and hashes: 1: 2EHY0ANqI6GjPJ3q8F_H43sabIk.roa (hash: 6KKbNu6n/lBjRM28xxVSQgucF7edE6uzeJUy5fL1Psg=)
2: Lr_2z7gya0RylaEbEHhoIS5mX90.crl (hash: foFVNknXlzrWU8BGygO2nb6UB7meI9Wf550kBXWCUwg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/2dafbc-52ee-4c7b-b006-a786cebe20d3/1/Lr_2z7gya0RylaEbEHhoIS5mX90.crl
rsync://rpki.ripe.net/repository/DEFAULT/ca/2dafbc-52ee-4c7b-b006-a786cebe20d3/1/Lr_2z7gya0RylaEbEHhoIS5mX90.mft
rsync://rpki.ripe.net/repository/DEFAULT/Lr_2z7gya0RylaEbEHhoIS5mX90.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:93:8b:a8:61:bc:7e:2e:ff:a0:8b:bd:09:b2:2e:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ebff6cfb8326b447295a11b107868212e665fdd
Validity
Not Before: Nov 11 11:01:03 2025 GMT
Not After : Nov 12 11:01:03 2025 GMT
Subject: CN=4632a93f2363df25727aaf97988cd9f9c1f1a1c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:03:90:19:d1:fb:75:e2:d0:aa:46:86:1b:18:
bb:d3:37:95:22:55:cf:ad:79:3a:d5:c9:c3:77:ef:
41:d1:3b:48:cd:7c:da:4c:eb:de:76:a0:4a:1c:16:
90:d1:b4:1a:e4:f5:eb:c0:74:b7:f5:19:8c:1c:14:
b1:30:4d:3c:f6:b5:d7:1e:a3:66:78:c7:b3:b4:00:
62:06:88:7f:a4:24:56:28:6f:bf:b2:4c:5c:95:62:
7e:54:e7:ef:f4:8d:6c:68:8b:4b:8f:c8:b6:69:dd:
e2:36:3b:14:17:72:e6:64:17:e4:75:03:f0:05:b1:
3e:92:b4:d5:8e:be:e5:7f:e6:b8:38:b1:3e:3a:b1:
e1:f4:37:9e:7f:40:1f:04:15:46:e9:a1:23:db:25:
86:8c:82:f8:5c:5b:11:c4:92:a8:42:c3:f2:c0:fe:
86:5d:1a:d3:a3:fb:a6:6f:c8:28:98:3e:d1:87:6b:
a6:50:20:50:64:1a:62:33:ab:48:99:f4:18:7e:5a:
44:b0:69:31:4b:19:6e:21:4c:c0:fb:22:7b:9f:ed:
22:b5:2b:37:7d:11:09:7e:80:7d:3a:9b:fe:db:5a:
83:20:a4:60:6c:5a:14:6b:f3:e4:c7:57:30:4d:b3:
d1:05:84:b4:83:4e:c2:f4:73:9e:3c:39:98:aa:a4:
19:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:32:A9:3F:23:63:DF:25:72:7A:AF:97:98:8C:D9:F9:C1:F1:A1:C8
X509v3 Authority Key Identifier:
keyid:2E:BF:F6:CF:B8:32:6B:44:72:95:A1:1B:10:78:68:21:2E:66:5F:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Lr_2z7gya0RylaEbEHhoIS5mX90.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/2dafbc-52ee-4c7b-b006-a786cebe20d3/1/Lr_2z7gya0RylaEbEHhoIS5mX90.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/2dafbc-52ee-4c7b-b006-a786cebe20d3/1/Lr_2z7gya0RylaEbEHhoIS5mX90.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
45:dd:9c:7b:f9:91:28:b3:ec:b5:7b:46:92:42:a1:96:b0:71:
eb:95:aa:48:cd:25:45:e0:08:f4:7b:75:19:4e:6a:dc:ae:36:
89:02:c8:81:a9:1c:1d:35:49:4c:b7:77:e4:0e:12:86:4d:d1:
67:de:53:66:2c:34:15:06:b4:3c:1d:05:04:92:a1:0e:af:21:
9c:f3:b8:07:1b:c5:70:86:ff:8d:32:d5:c4:63:bb:47:1c:70:
62:59:7d:a4:7b:68:f6:e2:d1:d3:fe:57:98:36:8e:b6:f2:bf:
c1:07:c9:35:3f:59:4f:31:92:8c:9b:13:57:0f:df:91:82:14:
19:a7:d6:fa:81:69:24:dd:92:dc:9b:e6:fb:ce:fb:1f:2e:cd:
36:65:b5:20:4a:4a:70:1a:58:ae:8e:2f:c9:a0:12:ff:6e:42:
6f:e2:19:eb:e5:ba:4b:50:12:99:d0:33:83:6c:a5:0d:af:c2:
26:df:92:3e:d8:d5:23:4f:97:53:45:67:9a:dc:26:2e:d4:2c:
aa:fb:fd:56:32:e1:bb:5f:7c:62:32:44:1b:06:5a:03:20:13:
6b:71:5a:c0:de:6b:1d:60:fc:82:0b:13:24:8f:ab:cb:30:9b:
91:c7:ba:96:d2:c8:a0:29:57:28:aa:e1:14:8b:1e:b9:a8:dd:
c9:e5:45:1f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyk4uoYbx+Lv+gi70Jsi60MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlYmZmNmNmYjgzMjZiNDQ3Mjk1YTExYjEwNzg2ODIxMmU2
NjVmZGQwHhcNMjUxMTExMTEwMTAzWhcNMjUxMTEyMTEwMTAzWjAzMTEwLwYDVQQD
Eyg0NjMyYTkzZjIzNjNkZjI1NzI3YWFmOTc5ODhjZDlmOWMxZjFhMWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsAOQGdH7deLQqkaGGxi70zeVIlXP
rXk61cnDd+9B0TtIzXzaTOvedqBKHBaQ0bQa5PXrwHS39RmMHBSxME089rXXHqNm
eMeztABiBoh/pCRWKG+/skxclWJ+VOfv9I1saItLj8i2ad3iNjsUF3LmZBfkdQPw
BbE+krTVjr7lf+a4OLE+OrHh9Deef0AfBBVG6aEj2yWGjIL4XFsRxJKoQsPywP6G
XRrTo/umb8gomD7Rh2umUCBQZBpiM6tImfQYflpEsGkxSxluIUzA+yJ7n+0itSs3
fREJfoB9Opv+21qDIKRgbFoUa/Pkx1cwTbPRBYS0g07C9HOePDmYqqQZuwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEYyqT8jY98lcnqvl5iM2fnB8aHIMB8GA1UdIwQY
MBaAFC6/9s+4MmtEcpWhGxB4aCEuZl/dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHJfMno3Z3lhMFJ5bGFFYkVIaG9JUzVtWDkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8yZGFmYmMtNTJlZS00YzdiLWIwMDYt
YTc4NmNlYmUyMGQzLzEvTHJfMno3Z3lhMFJ5bGFFYkVIaG9JUzVtWDkwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8yZGFmYmMtNTJlZS00YzdiLWIwMDYtYTc4NmNlYmUyMGQz
LzEvTHJfMno3Z3lhMFJ5bGFFYkVIaG9JUzVtWDkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARd2ce/mR
KLPstXtGkkKhlrBx65WqSM0lReAI9Ht1GU5q3K42iQLIgakcHTVJTLd35A4Shk3R
Z95TZiw0FQa0PB0FBJKhDq8hnPO4BxvFcIb/jTLVxGO7RxxwYll9pHto9uLR0/5X
mDaOtvK/wQfJNT9ZTzGSjJsTVw/fkYIUGafW+oFpJN2S3Jvm+877Hy7NNmW1IEpK
cBpYro4vyaAS/25Cb+IZ6+W6S1ASmdAzg2ylDa/CJt+SPtjVI0+XU0VnmtwmLtQs
qvv9VjLhu198YjJEGwZaAyATa3FawN5rHWD8ggsTJI+ryzCbkce6ltLIoClXKKrh
FIseuajdyeVFHw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:51:01 2025 by rpki-client