Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/f09a7f-5761-45a7-9ccb-1f3ed6d881b8/1/lSC_jHciaj-ojr4RzI8RacxWCnk.mft
File: lSC_jHciaj-ojr4RzI8RacxWCnk.mft (raw, json)
Hash identifier: EMuj3bPCiXX0oj3COTLomRE08+siaLDkhfaNv2GkOD4=
Subject key identifier: 74:C3:6B:FE:91:B3:ED:20:74:96:1F:DB:1A:F0:70:87:60:E5:37:9E
Authority key identifier: 95:20:BF:8C:77:22:6A:3F:A8:8E:BE:11:CC:8F:11:69:CC:56:0A:79
Certificate issuer: /CN=9520bf8c77226a3fa88ebe11cc8f1169cc560a79
Certificate serial: 019A71EE64186DF21CE9120E2464D030C2EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lSC_jHciaj-ojr4RzI8RacxWCnk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/f09a7f-5761-45a7-9ccb-1f3ed6d881b8/1/lSC_jHciaj-ojr4RzI8RacxWCnk.mft
Manifest number: 0E39
Signing time: Tue 11 Nov 2025 08:00:39 +0000
Manifest this update: Tue 11 Nov 2025 08:00:39 +0000
Manifest next update: Wed 12 Nov 2025 08:00:39 +0000
Files and hashes: 1: 5_9mocxdNZ9MQ0g3lwcXXvM4yBI.roa (hash: QFa9yzo72h2sHM5VVVFbluHjiQ4dadLFT4v/+o9O32g=)
2: lSC_jHciaj-ojr4RzI8RacxWCnk.crl (hash: dSb6nVYNH5HJ98BI7ctQEoe2EajgOg1T38YLsK+gaaM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/f09a7f-5761-45a7-9ccb-1f3ed6d881b8/1/lSC_jHciaj-ojr4RzI8RacxWCnk.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/f09a7f-5761-45a7-9ccb-1f3ed6d881b8/1/lSC_jHciaj-ojr4RzI8RacxWCnk.mft
rsync://rpki.ripe.net/repository/DEFAULT/lSC_jHciaj-ojr4RzI8RacxWCnk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 08:00:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:ee:64:18:6d:f2:1c:e9:12:0e:24:64:d0:30:c2:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9520bf8c77226a3fa88ebe11cc8f1169cc560a79
Validity
Not Before: Nov 11 08:00:39 2025 GMT
Not After : Nov 12 08:00:39 2025 GMT
Subject: CN=74c36bfe91b3ed2074961fdb1af0708760e5379e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:90:60:2b:b2:ae:ba:46:ed:f9:82:e8:0c:5b:
73:f7:35:9d:44:e4:4b:b0:98:f0:20:01:ec:38:c5:
f3:c8:e6:fc:a6:6d:e1:3d:7d:d2:62:dd:17:38:00:
9a:24:de:65:84:a0:32:67:cb:89:2d:8f:b2:96:a1:
79:95:36:2a:90:35:a6:f7:03:ce:91:bb:d9:0a:82:
43:67:77:f5:73:0a:18:bb:b3:61:58:4a:93:8b:df:
a0:c0:70:e2:74:23:55:d5:9d:df:3d:c3:f2:ce:a5:
9e:4f:1b:ca:f9:ab:b5:1d:dc:54:b5:2b:65:24:1d:
64:6f:ad:35:46:5f:35:3e:39:2d:f3:83:79:5f:21:
b1:a8:6f:88:f7:3c:3f:bf:39:d1:0d:d8:9c:15:c0:
57:d0:71:56:82:3a:37:76:78:a0:46:0c:2a:a8:91:
d8:29:0e:eb:aa:74:1d:36:ff:1d:cd:05:e8:eb:c2:
92:da:5e:e2:ef:12:eb:73:ce:75:22:4d:8f:ef:52:
b5:86:4d:e3:e5:75:ca:2d:d0:08:40:df:43:21:8b:
cd:70:a6:95:26:8e:a1:03:ba:3a:17:6a:ec:02:44:
be:41:cd:6d:9a:79:ae:4a:05:d5:c9:9b:cc:ca:e7:
8b:e2:f3:75:51:7a:08:c0:87:a8:07:85:f5:55:a3:
42:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:C3:6B:FE:91:B3:ED:20:74:96:1F:DB:1A:F0:70:87:60:E5:37:9E
X509v3 Authority Key Identifier:
keyid:95:20:BF:8C:77:22:6A:3F:A8:8E:BE:11:CC:8F:11:69:CC:56:0A:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lSC_jHciaj-ojr4RzI8RacxWCnk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/f09a7f-5761-45a7-9ccb-1f3ed6d881b8/1/lSC_jHciaj-ojr4RzI8RacxWCnk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/f09a7f-5761-45a7-9ccb-1f3ed6d881b8/1/lSC_jHciaj-ojr4RzI8RacxWCnk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4b:1e:21:1b:1a:90:ee:68:e9:df:49:80:45:c5:b5:b4:12:9a:
72:b4:5d:9a:bb:46:94:62:73:35:63:0a:97:24:83:4d:ee:8c:
ab:28:73:20:13:0b:ee:9c:d9:fd:d9:d9:8c:c6:65:e6:32:7e:
d4:4b:02:16:95:c3:fd:42:36:b1:c8:d3:3a:a5:13:d1:6e:db:
21:0a:60:e2:02:01:e2:29:62:2e:0d:c2:27:20:66:df:cb:47:
bf:e1:87:7c:16:b5:01:93:fb:fa:4a:a6:2f:51:53:60:0b:86:
e9:94:74:c9:11:bd:fd:08:6a:d3:84:75:85:b8:07:57:d5:f8:
fc:ca:d7:9b:e7:3f:a5:68:f4:e0:b5:a2:60:15:69:db:66:ab:
a9:5a:19:b4:77:e9:5f:96:f7:46:3c:c4:87:09:06:b1:8a:7b:
0a:35:78:93:f3:66:12:30:71:fb:2b:4c:e8:31:53:2a:2d:02:
7b:c7:73:96:fe:16:2b:11:ed:f7:a8:1d:d4:16:48:10:46:de:
5e:a6:fb:12:9c:0f:43:20:5b:e1:0b:1b:0e:6c:7c:3c:c7:10:
be:bc:b4:b5:60:09:57:54:c0:20:f0:c3:3a:4e:9f:08:b5:73:
07:e4:f2:a0:d1:37:35:da:a4:90:2d:ed:cd:00:2d:6a:50:e5:
32:bd:9d:15
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpx7mQYbfIc6RIOJGTQMMLvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1MjBiZjhjNzcyMjZhM2ZhODhlYmUxMWNjOGYxMTY5Y2M1
NjBhNzkwHhcNMjUxMTExMDgwMDM5WhcNMjUxMTEyMDgwMDM5WjAzMTEwLwYDVQQD
Eyg3NGMzNmJmZTkxYjNlZDIwNzQ5NjFmZGIxYWYwNzA4NzYwZTUzNzllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6pBgK7Kuukbt+YLoDFtz9zWdRORL
sJjwIAHsOMXzyOb8pm3hPX3SYt0XOACaJN5lhKAyZ8uJLY+ylqF5lTYqkDWm9wPO
kbvZCoJDZ3f1cwoYu7NhWEqTi9+gwHDidCNV1Z3fPcPyzqWeTxvK+au1HdxUtStl
JB1kb601Rl81Pjkt84N5XyGxqG+I9zw/vznRDdicFcBX0HFWgjo3dnigRgwqqJHY
KQ7rqnQdNv8dzQXo68KS2l7i7xLrc851Ik2P71K1hk3j5XXKLdAIQN9DIYvNcKaV
Jo6hA7o6F2rsAkS+Qc1tmnmuSgXVyZvMyueL4vN1UXoIwIeoB4X1VaNCRQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHTDa/6Rs+0gdJYf2xrwcIdg5TeeMB8GA1UdIwQY
MBaAFJUgv4x3Imo/qI6+EcyPEWnMVgp5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFNDX2pIY2lhai1vanI0UnpJOFJhY3hXQ25rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9mMDlhN2YtNTc2MS00NWE3LTljY2It
MWYzZWQ2ZDg4MWI4LzEvbFNDX2pIY2lhai1vanI0UnpJOFJhY3hXQ25rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9mMDlhN2YtNTc2MS00NWE3LTljY2ItMWYzZWQ2ZDg4MWI4
LzEvbFNDX2pIY2lhai1vanI0UnpJOFJhY3hXQ25rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASx4hGxqQ
7mjp30mARcW1tBKacrRdmrtGlGJzNWMKlySDTe6MqyhzIBML7pzZ/dnZjMZl5jJ+
1EsCFpXD/UI2scjTOqUT0W7bIQpg4gIB4iliLg3CJyBm38tHv+GHfBa1AZP7+kqm
L1FTYAuG6ZR0yRG9/Qhq04R1hbgHV9X4/MrXm+c/pWj04LWiYBVp22arqVoZtHfp
X5b3RjzEhwkGsYp7CjV4k/NmEjBx+ytM6DFTKi0Ce8dzlv4WKxHt96gd1BZIEEbe
Xqb7EpwPQyBb4QsbDmx8PMcQvry0tWAJV1TAIPDDOk6fCLVzB+TyoNE3NdqkkC3t
zQAtalDlMr2dFQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:32:34 2025 by rpki-client