Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/43d255-284a-468f-8b6e-fb1e9db0c388/1/lPpsQpkyHcX8kfx5Y6pRSH5K9eY.mft
File: lPpsQpkyHcX8kfx5Y6pRSH5K9eY.mft (raw, json)
Hash identifier: ZBDk5D5FAVppiDHVLaHXMih1k9BAHh1uS5O0nMrDPKA=
Subject key identifier: AE:9E:A3:CF:18:EB:59:FA:76:EB:E5:38:E2:59:8E:C2:86:0D:F6:E7
Authority key identifier: 94:FA:6C:42:99:32:1D:C5:FC:91:FC:79:63:AA:51:48:7E:4A:F5:E6
Certificate issuer: /CN=94fa6c4299321dc5fc91fc7963aa51487e4af5e6
Certificate serial: 019A73A66ABFC83E8E9331C6969F11EC5A15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lPpsQpkyHcX8kfx5Y6pRSH5K9eY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/43d255-284a-468f-8b6e-fb1e9db0c388/1/lPpsQpkyHcX8kfx5Y6pRSH5K9eY.mft
Manifest number: 13BA
Signing time: Tue 11 Nov 2025 16:01:17 +0000
Manifest this update: Tue 11 Nov 2025 16:01:17 +0000
Manifest next update: Wed 12 Nov 2025 16:01:17 +0000
Files and hashes: 1: GkmNRez_B8q96uaVOleqThEPoEs.roa (hash: aNQGHPeLClAe2Gmzc0jqm+MRXJ2xuLHjsljQiK1K4qw=)
2: lPpsQpkyHcX8kfx5Y6pRSH5K9eY.crl (hash: VweivPXWS3+R1Jw1WKebFsaCmxQ58BiR2WbnveGnbtI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/43d255-284a-468f-8b6e-fb1e9db0c388/1/lPpsQpkyHcX8kfx5Y6pRSH5K9eY.crl
rsync://rpki.ripe.net/repository/DEFAULT/cd/43d255-284a-468f-8b6e-fb1e9db0c388/1/lPpsQpkyHcX8kfx5Y6pRSH5K9eY.mft
rsync://rpki.ripe.net/repository/DEFAULT/lPpsQpkyHcX8kfx5Y6pRSH5K9eY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:73:a6:6a:bf:c8:3e:8e:93:31:c6:96:9f:11:ec:5a:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94fa6c4299321dc5fc91fc7963aa51487e4af5e6
Validity
Not Before: Nov 11 16:01:17 2025 GMT
Not After : Nov 12 16:01:17 2025 GMT
Subject: CN=ae9ea3cf18eb59fa76ebe538e2598ec2860df6e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:9b:48:f9:3b:08:c8:cf:02:bd:97:88:14:01:
af:59:2e:6b:97:73:00:84:50:b8:f8:6b:71:73:28:
c4:9d:4d:30:0f:91:ae:63:ab:8b:d9:b5:73:45:2d:
48:9d:70:fd:17:2f:b3:af:d8:04:a7:24:75:ba:fa:
b8:7c:4e:9c:6a:53:dc:be:2f:2c:cf:7e:de:ef:10:
c9:41:61:bf:39:33:92:f0:d4:5d:e3:47:41:cb:1b:
93:9a:aa:d7:b3:ff:50:32:8d:75:9e:c3:b2:eb:3f:
2f:93:5f:27:9e:24:2d:6d:34:85:64:59:5a:cb:6d:
16:46:ed:f0:74:be:ae:0e:b0:49:97:d4:e4:bf:06:
5f:39:26:89:33:d3:df:37:b8:a1:7c:63:62:29:3c:
c6:65:6c:2a:ae:cd:e7:57:88:2d:5c:6b:56:fc:87:
ef:98:dd:54:2d:e8:7c:7f:40:e8:22:8f:04:57:05:
b3:f3:e7:c0:d6:aa:72:83:12:e3:33:89:d1:c8:65:
a1:87:b2:37:88:6d:96:8f:13:35:64:15:c3:23:cb:
7d:45:c3:0a:d8:4d:1b:9b:5f:24:f4:ab:22:2a:ff:
16:41:7a:16:d3:17:fd:25:4d:d7:4d:52:29:4f:2f:
c1:72:2b:b5:2c:fa:9b:8a:bd:ad:8b:47:7e:6d:d0:
cf:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:9E:A3:CF:18:EB:59:FA:76:EB:E5:38:E2:59:8E:C2:86:0D:F6:E7
X509v3 Authority Key Identifier:
keyid:94:FA:6C:42:99:32:1D:C5:FC:91:FC:79:63:AA:51:48:7E:4A:F5:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lPpsQpkyHcX8kfx5Y6pRSH5K9eY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/43d255-284a-468f-8b6e-fb1e9db0c388/1/lPpsQpkyHcX8kfx5Y6pRSH5K9eY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/43d255-284a-468f-8b6e-fb1e9db0c388/1/lPpsQpkyHcX8kfx5Y6pRSH5K9eY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7e:be:46:7a:1b:38:ef:a5:ba:f5:9f:c6:1d:05:ee:37:f2:44:
9d:12:60:bc:44:6b:0a:db:1e:7e:2c:fe:81:13:1c:5c:30:89:
62:0b:1f:56:61:a5:f5:31:66:53:ce:75:bf:90:b0:b2:33:8b:
c8:99:72:13:69:61:15:7f:61:a4:31:a6:a4:30:ce:25:29:11:
c7:b1:fe:48:58:cd:22:e7:60:88:8d:4c:4a:8c:8a:b9:fb:e0:
a6:19:e9:27:1c:c5:dd:04:30:ae:5e:37:84:fc:70:82:c3:84:
81:cc:ef:55:a7:62:20:f3:59:16:e7:3a:c5:cc:9a:bf:c4:17:
b9:f9:1b:0c:e1:b9:07:17:0c:47:a6:63:91:d6:ad:c4:b7:36:
68:8c:64:a5:9b:eb:0f:e8:ec:ea:55:06:c4:e8:a3:a5:78:a2:
06:1c:71:0b:43:74:66:c9:5d:c7:ec:cb:5e:8d:a4:65:4d:11:
ad:af:93:3a:f7:bb:09:92:85:4c:45:23:76:e8:01:e0:8a:dc:
3c:a1:35:c7:69:f8:a8:91:39:03:94:68:a3:bc:d2:73:31:2c:
8a:7d:df:c8:38:44:2b:70:cf:ac:4d:42:37:b6:ee:a4:48:9f:
90:b4:4d:da:43:d1:b8:d8:fe:c8:dd:12:59:4f:07:1d:0c:7a:
27:d4:83:ca
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpzpmq/yD6OkzHGlp8R7FoVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0ZmE2YzQyOTkzMjFkYzVmYzkxZmM3OTYzYWE1MTQ4N2U0
YWY1ZTYwHhcNMjUxMTExMTYwMTE3WhcNMjUxMTEyMTYwMTE3WjAzMTEwLwYDVQQD
EyhhZTllYTNjZjE4ZWI1OWZhNzZlYmU1MzhlMjU5OGVjMjg2MGRmNmU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuJtI+TsIyM8CvZeIFAGvWS5rl3MA
hFC4+GtxcyjEnU0wD5GuY6uL2bVzRS1InXD9Fy+zr9gEpyR1uvq4fE6calPcvi8s
z37e7xDJQWG/OTOS8NRd40dByxuTmqrXs/9QMo11nsOy6z8vk18nniQtbTSFZFla
y20WRu3wdL6uDrBJl9TkvwZfOSaJM9PfN7ihfGNiKTzGZWwqrs3nV4gtXGtW/Ifv
mN1ULeh8f0DoIo8EVwWz8+fA1qpygxLjM4nRyGWhh7I3iG2WjxM1ZBXDI8t9RcMK
2E0bm18k9KsiKv8WQXoW0xf9JU3XTVIpTy/Bciu1LPqbir2ti0d+bdDP9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK6eo88Y61n6duvlOOJZjsKGDfbnMB8GA1UdIwQY
MBaAFJT6bEKZMh3F/JH8eWOqUUh+SvXmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFBwc1Fwa3lIY1g4a2Z4NVk2cFJTSDVLOWVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC80M2QyNTUtMjg0YS00NjhmLThiNmUt
ZmIxZTlkYjBjMzg4LzEvbFBwc1Fwa3lIY1g4a2Z4NVk2cFJTSDVLOWVZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC80M2QyNTUtMjg0YS00NjhmLThiNmUtZmIxZTlkYjBjMzg4
LzEvbFBwc1Fwa3lIY1g4a2Z4NVk2cFJTSDVLOWVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfr5Gehs4
76W69Z/GHQXuN/JEnRJgvERrCtsefiz+gRMcXDCJYgsfVmGl9TFmU851v5CwsjOL
yJlyE2lhFX9hpDGmpDDOJSkRx7H+SFjNIudgiI1MSoyKufvgphnpJxzF3QQwrl43
hPxwgsOEgczvVadiIPNZFuc6xcyav8QXufkbDOG5BxcMR6ZjkdatxLc2aIxkpZvr
D+js6lUGxOijpXiiBhxxC0N0Zsldx+zLXo2kZU0Rra+TOve7CZKFTEUjdugB4Irc
PKE1x2n4qJE5A5Roo7zSczEsin3fyDhEK3DPrE1CN7bupEifkLRN2kPRuNj+yN0S
WU8HHQx6J9SDyg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 18:41:07 2025 by rpki-client