Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/2ce520-ec07-45ef-b587-a2abdadf5f90/1/0luQuJgbWR11p-k14TBKdAdWAv0.mft
File: 0luQuJgbWR11p-k14TBKdAdWAv0.mft (raw, json)
Hash identifier: z0MROKfcZ/WeR3I+5eQTBhMCQPoQu37znZy2wlYPq38=
Subject key identifier: 93:87:4E:28:66:42:1C:31:85:14:21:86:DE:3F:D0:01:E9:39:06:10
Authority key identifier: D2:5B:90:B8:98:1B:59:1D:75:A7:E9:35:E1:30:4A:74:07:56:02:FD
Certificate issuer: /CN=d25b90b8981b591d75a7e935e1304a74075602fd
Certificate serial: 019A72934BBC70EBEBE2D85B00E41192A5E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0luQuJgbWR11p-k14TBKdAdWAv0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/2ce520-ec07-45ef-b587-a2abdadf5f90/1/0luQuJgbWR11p-k14TBKdAdWAv0.mft
Manifest number: 15F9
Signing time: Tue 11 Nov 2025 11:00:47 +0000
Manifest this update: Tue 11 Nov 2025 11:00:47 +0000
Manifest next update: Wed 12 Nov 2025 11:00:47 +0000
Files and hashes: 1: 0luQuJgbWR11p-k14TBKdAdWAv0.crl (hash: LBa9I43UDlKgFv3Nxx5xJD3Vqunk2btJRew08Xbpmys=)
2: n6mO0jwfMCGtBTJz4z0BBFhaaaw.roa (hash: depvn6FAlXY00NO5eAYz1KXbUInLhBp+Jz+PGCqafeo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/2ce520-ec07-45ef-b587-a2abdadf5f90/1/0luQuJgbWR11p-k14TBKdAdWAv0.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/2ce520-ec07-45ef-b587-a2abdadf5f90/1/0luQuJgbWR11p-k14TBKdAdWAv0.mft
rsync://rpki.ripe.net/repository/DEFAULT/0luQuJgbWR11p-k14TBKdAdWAv0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:93:4b:bc:70:eb:eb:e2:d8:5b:00:e4:11:92:a5:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d25b90b8981b591d75a7e935e1304a74075602fd
Validity
Not Before: Nov 11 11:00:47 2025 GMT
Not After : Nov 12 11:00:47 2025 GMT
Subject: CN=93874e2866421c3185142186de3fd001e9390610
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:67:a9:1c:26:c4:eb:f8:48:49:fd:dd:5f:ea:
d6:53:47:32:43:99:22:bf:7f:37:52:2a:c5:57:d6:
15:79:89:b6:28:fd:71:9c:e7:db:51:fd:e7:65:58:
33:ae:94:1f:21:11:4f:1c:fa:ac:cb:a3:e1:33:80:
79:e6:66:a6:b5:1f:0f:aa:3c:f8:92:1a:5b:79:36:
d0:53:9d:d1:da:36:a2:ac:1b:58:09:1d:f8:cf:6d:
ba:66:ed:d4:29:c8:31:34:89:1a:e0:3c:93:c1:77:
3f:f6:83:42:ef:d6:7c:63:cc:a4:c0:5a:07:09:d7:
60:fe:6b:74:76:99:bd:9f:1b:a5:7d:aa:e1:e5:7e:
77:6e:bd:10:3b:57:e6:3b:2e:df:fb:e5:26:a6:32:
72:40:3b:35:84:ab:b8:28:6e:2f:d5:89:5b:d8:be:
fe:5b:fa:dc:d8:b5:44:9d:1e:f6:25:cf:34:91:db:
da:10:d7:a7:bf:dc:4d:57:19:db:ad:5c:ee:d3:f9:
be:7b:79:24:9f:74:d2:67:b5:cb:49:e7:f3:7f:60:
02:5c:d5:80:3a:76:9b:28:19:e7:91:d2:b7:ed:2f:
c5:d4:a4:b7:fb:69:13:f2:72:c7:ae:10:7c:9a:c3:
13:d3:22:f1:2b:40:13:d1:ee:f8:0b:8f:9e:76:ae:
12:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:87:4E:28:66:42:1C:31:85:14:21:86:DE:3F:D0:01:E9:39:06:10
X509v3 Authority Key Identifier:
keyid:D2:5B:90:B8:98:1B:59:1D:75:A7:E9:35:E1:30:4A:74:07:56:02:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0luQuJgbWR11p-k14TBKdAdWAv0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/2ce520-ec07-45ef-b587-a2abdadf5f90/1/0luQuJgbWR11p-k14TBKdAdWAv0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/2ce520-ec07-45ef-b587-a2abdadf5f90/1/0luQuJgbWR11p-k14TBKdAdWAv0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6d:1b:4d:03:2f:05:77:80:b3:92:6e:9a:bd:06:83:17:b2:2b:
d3:bc:57:19:02:89:b0:47:b7:f1:cc:0e:3e:39:03:57:0b:c0:
28:ca:d6:b1:86:38:9e:e3:6d:cc:b7:60:3f:4a:68:ff:51:10:
20:73:51:49:f0:e6:56:36:20:20:11:4b:c0:df:07:a9:d8:47:
1c:8a:11:21:9b:80:6b:dc:49:04:ce:c9:04:44:fa:cd:e5:e2:
0a:1c:06:8e:f8:be:25:9e:f6:5a:18:4c:2f:e9:32:bf:b6:1f:
fa:92:4c:07:cd:d8:69:1a:e2:62:8b:a8:7a:16:d8:54:96:f8:
a4:e1:dc:9e:b8:85:b4:11:29:69:2e:9a:fc:c1:8a:f8:03:14:
e6:70:5d:69:f9:6a:02:de:02:32:a6:d7:45:86:58:6f:0f:48:
3f:a2:b5:f1:c1:b5:1d:55:70:fc:95:db:2e:5d:2e:1a:31:8e:
da:d2:ea:ab:98:01:cc:1d:e5:2f:93:a7:3c:20:29:fe:9b:f1:
28:a7:7f:56:5c:46:f3:8e:e4:2c:f7:fa:99:8b:00:cd:92:55:
25:d1:86:c7:82:ad:3e:1a:46:06:70:d1:0a:e0:67:ea:ca:9a:
a8:31:26:5d:eb:48:32:3a:92:06:d3:b2:56:a9:d5:1a:cf:7f:
60:3c:92:14
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyk0u8cOvr4thbAOQRkqXkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyNWI5MGI4OTgxYjU5MWQ3NWE3ZTkzNWUxMzA0YTc0MDc1
NjAyZmQwHhcNMjUxMTExMTEwMDQ3WhcNMjUxMTEyMTEwMDQ3WjAzMTEwLwYDVQQD
Eyg5Mzg3NGUyODY2NDIxYzMxODUxNDIxODZkZTNmZDAwMWU5MzkwNjEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtmepHCbE6/hISf3dX+rWU0cyQ5ki
v383UirFV9YVeYm2KP1xnOfbUf3nZVgzrpQfIRFPHPqsy6PhM4B55mamtR8Pqjz4
khpbeTbQU53R2jairBtYCR34z226Zu3UKcgxNIka4DyTwXc/9oNC79Z8Y8ykwFoH
Cddg/mt0dpm9nxulfarh5X53br0QO1fmOy7f++UmpjJyQDs1hKu4KG4v1Ylb2L7+
W/rc2LVEnR72Jc80kdvaENenv9xNVxnbrVzu0/m+e3kkn3TSZ7XLSefzf2ACXNWA
OnabKBnnkdK37S/F1KS3+2kT8nLHrhB8msMT0yLxK0AT0e74C4+edq4S5wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJOHTihmQhwxhRQhht4/0AHpOQYQMB8GA1UdIwQY
MBaAFNJbkLiYG1kddafpNeEwSnQHVgL9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGx1UXVKZ2JXUjExcC1rMTRUQktkQWRXQXYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS8yY2U1MjAtZWMwNy00NWVmLWI1ODct
YTJhYmRhZGY1ZjkwLzEvMGx1UXVKZ2JXUjExcC1rMTRUQktkQWRXQXYwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS8yY2U1MjAtZWMwNy00NWVmLWI1ODctYTJhYmRhZGY1Zjkw
LzEvMGx1UXVKZ2JXUjExcC1rMTRUQktkQWRXQXYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbRtNAy8F
d4Czkm6avQaDF7Ir07xXGQKJsEe38cwOPjkDVwvAKMrWsYY4nuNtzLdgP0po/1EQ
IHNRSfDmVjYgIBFLwN8HqdhHHIoRIZuAa9xJBM7JBET6zeXiChwGjvi+JZ72WhhM
L+kyv7Yf+pJMB83YaRriYouoehbYVJb4pOHcnriFtBEpaS6a/MGK+AMU5nBdaflq
At4CMqbXRYZYbw9IP6K18cG1HVVw/JXbLl0uGjGO2tLqq5gBzB3lL5OnPCAp/pvx
KKd/VlxG847kLPf6mYsAzZJVJdGGx4KtPhpGBnDRCuBn6sqaqDEmXetIMjqSBtOy
VqnVGs9/YDySFA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 16:45:07 2025 by rpki-client