Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/2c3619-2c59-46d2-aaae-ef7453ad099f/1/lRZkUh1QOVkhL1WypZrsbSB7Cig.mft
File: lRZkUh1QOVkhL1WypZrsbSB7Cig.mft (raw, json)
Hash identifier: H7cGSAaglhF/dHP7FvSDmceAmwcjCTWL2ffiMfvyRW0=
Subject key identifier: F5:07:E1:39:AE:DB:0C:20:11:AD:B3:EC:EE:6B:4F:01:22:D0:CF:79
Authority key identifier: 95:16:64:52:1D:50:39:59:21:2F:55:B2:A5:9A:EC:6D:20:7B:0A:28
Certificate issuer: /CN=951664521d503959212f55b2a59aec6d207b0a28
Certificate serial: 019A72263E0AF17F5935FC1E6ABE95535C75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lRZkUh1QOVkhL1WypZrsbSB7Cig.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/2c3619-2c59-46d2-aaae-ef7453ad099f/1/lRZkUh1QOVkhL1WypZrsbSB7Cig.mft
Manifest number: 171D
Signing time: Tue 11 Nov 2025 09:01:40 +0000
Manifest this update: Tue 11 Nov 2025 09:01:40 +0000
Manifest next update: Wed 12 Nov 2025 09:01:40 +0000
Files and hashes: 1: IPg6gK3cvCBZgriElu-X9QULHhI.roa (hash: KfBBSFaoabvdCiHx1hEd3tUcsuSp0LUQmRosJtF9Y6s=)
2: lRZkUh1QOVkhL1WypZrsbSB7Cig.crl (hash: GIc2NX/i8g7sn3f6vLg8UEPX+G1cvVR2bfJ67pyQTFs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d1/2c3619-2c59-46d2-aaae-ef7453ad099f/1/lRZkUh1QOVkhL1WypZrsbSB7Cig.crl
rsync://rpki.ripe.net/repository/DEFAULT/d1/2c3619-2c59-46d2-aaae-ef7453ad099f/1/lRZkUh1QOVkhL1WypZrsbSB7Cig.mft
rsync://rpki.ripe.net/repository/DEFAULT/lRZkUh1QOVkhL1WypZrsbSB7Cig.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:26:3e:0a:f1:7f:59:35:fc:1e:6a:be:95:53:5c:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=951664521d503959212f55b2a59aec6d207b0a28
Validity
Not Before: Nov 11 09:01:40 2025 GMT
Not After : Nov 12 09:01:40 2025 GMT
Subject: CN=f507e139aedb0c2011adb3ecee6b4f0122d0cf79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:a5:91:45:8d:39:5b:2b:f0:71:7e:d3:fc:c8:
76:c9:68:cb:cb:84:f8:86:00:05:bb:81:e3:ce:91:
7f:fb:5e:50:f9:65:e8:1a:e3:ed:ef:a0:7d:86:7c:
19:8c:39:37:06:67:a7:06:7e:23:46:0b:2d:cb:dd:
1f:c3:24:24:e3:bc:e1:c2:87:6a:5d:ab:a4:7a:96:
92:98:9c:1d:a5:3a:ff:dc:2f:65:86:f7:43:3f:70:
1e:c2:06:09:84:f4:c5:79:b4:ff:9e:da:23:0b:92:
10:41:ef:96:c2:52:f0:ce:ac:33:5a:7d:54:4b:4a:
e8:d6:ca:91:48:9c:44:73:64:69:88:8f:68:46:99:
a1:5c:22:f0:20:9a:3e:c9:8d:fe:bf:23:58:90:d9:
50:8d:02:ff:2a:49:02:6c:c6:8f:7d:27:4c:cc:58:
b8:b0:51:6d:4c:99:45:73:8a:6d:7b:03:9c:2b:ec:
22:96:63:a9:ae:69:bc:64:28:9a:24:9d:5b:e4:7b:
0a:fb:ec:eb:6d:25:82:6e:57:fa:c6:b0:bf:a6:4a:
d6:2f:f2:cf:77:2c:6b:fd:d9:3b:38:29:a5:52:39:
f8:89:91:b2:21:12:4a:b0:0d:15:be:87:85:45:b4:
23:5f:c1:dc:37:00:57:ae:21:fa:6c:b0:cf:63:29:
96:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:07:E1:39:AE:DB:0C:20:11:AD:B3:EC:EE:6B:4F:01:22:D0:CF:79
X509v3 Authority Key Identifier:
keyid:95:16:64:52:1D:50:39:59:21:2F:55:B2:A5:9A:EC:6D:20:7B:0A:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lRZkUh1QOVkhL1WypZrsbSB7Cig.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/2c3619-2c59-46d2-aaae-ef7453ad099f/1/lRZkUh1QOVkhL1WypZrsbSB7Cig.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/2c3619-2c59-46d2-aaae-ef7453ad099f/1/lRZkUh1QOVkhL1WypZrsbSB7Cig.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
76:54:2c:28:ff:91:9e:b0:85:4a:85:9f:eb:10:c3:47:82:cf:
d4:68:ab:55:b2:18:8e:32:ef:f0:7b:4a:17:a7:39:97:31:e3:
78:63:fe:06:18:15:36:36:0d:5d:47:3a:3b:30:a4:0a:00:5e:
f6:5d:c4:97:49:8e:84:d5:00:a1:24:14:23:3a:d8:b8:f9:d3:
e2:2d:55:ff:06:cf:9f:1f:8b:98:23:75:9a:25:0b:5e:bd:f5:
90:ff:6d:86:50:5a:72:4f:97:84:96:61:29:79:86:80:25:6a:
58:33:53:a6:49:e6:d2:73:15:9d:8a:2e:51:11:50:2a:74:59:
e6:36:fa:60:d7:42:08:21:ba:e4:66:60:51:55:ac:73:60:83:
50:69:cc:46:dd:99:8d:9e:89:a7:a6:8a:10:c8:57:6a:21:71:
2d:e5:7d:29:30:75:d2:25:aa:92:4b:99:c7:69:79:0f:cd:4c:
40:e1:bd:44:42:b6:ce:07:6f:4d:db:32:d5:ee:cf:18:22:d2:
e9:8d:aa:36:7f:9e:8e:eb:1a:e0:bd:85:02:7c:8a:66:b6:c3:
9f:d2:0b:e9:ae:41:dc:6c:fe:9c:81:b0:54:58:cc:17:31:ce:
2f:54:b6:d1:66:5d:98:37:ea:ac:78:95:b6:a9:d0:22:ec:d6:
cc:ce:bb:72
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJj4K8X9ZNfwear6VU1x1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1MTY2NDUyMWQ1MDM5NTkyMTJmNTViMmE1OWFlYzZkMjA3
YjBhMjgwHhcNMjUxMTExMDkwMTQwWhcNMjUxMTEyMDkwMTQwWjAzMTEwLwYDVQQD
EyhmNTA3ZTEzOWFlZGIwYzIwMTFhZGIzZWNlZTZiNGYwMTIyZDBjZjc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq6WRRY05WyvwcX7T/Mh2yWjLy4T4
hgAFu4HjzpF/+15Q+WXoGuPt76B9hnwZjDk3BmenBn4jRgsty90fwyQk47zhwodq
XaukepaSmJwdpTr/3C9lhvdDP3AewgYJhPTFebT/ntojC5IQQe+WwlLwzqwzWn1U
S0ro1sqRSJxEc2RpiI9oRpmhXCLwIJo+yY3+vyNYkNlQjQL/KkkCbMaPfSdMzFi4
sFFtTJlFc4ptewOcK+wilmOprmm8ZCiaJJ1b5HsK++zrbSWCblf6xrC/pkrWL/LP
dyxr/dk7OCmlUjn4iZGyIRJKsA0VvoeFRbQjX8HcNwBXriH6bLDPYymW0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPUH4Tmu2wwgEa2z7O5rTwEi0M95MB8GA1UdIwQY
MBaAFJUWZFIdUDlZIS9VsqWa7G0gewooMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFJaa1VoMVFPVmtoTDFXeXBacnNiU0I3Q2lnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS8yYzM2MTktMmM1OS00NmQyLWFhYWUt
ZWY3NDUzYWQwOTlmLzEvbFJaa1VoMVFPVmtoTDFXeXBacnNiU0I3Q2lnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS8yYzM2MTktMmM1OS00NmQyLWFhYWUtZWY3NDUzYWQwOTlm
LzEvbFJaa1VoMVFPVmtoTDFXeXBacnNiU0I3Q2lnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdlQsKP+R
nrCFSoWf6xDDR4LP1GirVbIYjjLv8HtKF6c5lzHjeGP+BhgVNjYNXUc6OzCkCgBe
9l3El0mOhNUAoSQUIzrYuPnT4i1V/wbPnx+LmCN1miULXr31kP9thlBack+XhJZh
KXmGgCVqWDNTpknm0nMVnYouURFQKnRZ5jb6YNdCCCG65GZgUVWsc2CDUGnMRt2Z
jZ6Jp6aKEMhXaiFxLeV9KTB10iWqkkuZx2l5D81MQOG9REK2zgdvTdsy1e7PGCLS
6Y2qNn+ejusa4L2FAnyKZrbDn9IL6a5B3Gz+nIGwVFjMFzHOL1S20WZdmDfqrHiV
tqnQIuzWzM67cg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:35:48 2025 by rpki-client