Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/83f82d-1545-4074-8682-a1de58a3b35b/1/goiQPZDAHi1c4YeIBa1KktKK7ck.mft
File: goiQPZDAHi1c4YeIBa1KktKK7ck.mft (raw, json)
Hash identifier: rLpWcISxHwupGaxNVd2FgyPqRrL8wHinbwlUw3HSBtA=
Subject key identifier: 8E:A0:5A:73:BF:ED:4B:4B:E3:8F:E5:9A:D2:A0:EB:96:F9:E2:B6:7D
Authority key identifier: 82:88:90:3D:90:C0:1E:2D:5C:E1:87:88:05:AD:4A:92:D2:8A:ED:C9
Certificate issuer: /CN=8288903d90c01e2d5ce1878805ad4a92d28aedc9
Certificate serial: 019A714A149D6A4D65BA7DBD3D280330D8AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/goiQPZDAHi1c4YeIBa1KktKK7ck.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/83f82d-1545-4074-8682-a1de58a3b35b/1/goiQPZDAHi1c4YeIBa1KktKK7ck.mft
Manifest number: 0E71
Signing time: Tue 11 Nov 2025 05:01:11 +0000
Manifest this update: Tue 11 Nov 2025 05:01:11 +0000
Manifest next update: Wed 12 Nov 2025 05:01:11 +0000
Files and hashes: 1: goiQPZDAHi1c4YeIBa1KktKK7ck.crl (hash: YWnD61wcDy125CcJECDWeI6Ire1YcAKWI70a09DeJpc=)
2: xs7enPVeNIMyt7yLlWdZQsBjc6E.roa (hash: Hl7Zc5f4P4RuVLf0+lM7s4f9NcFGJ5Df6CUhJF0dl6Q=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e2/83f82d-1545-4074-8682-a1de58a3b35b/1/goiQPZDAHi1c4YeIBa1KktKK7ck.crl
rsync://rpki.ripe.net/repository/DEFAULT/e2/83f82d-1545-4074-8682-a1de58a3b35b/1/goiQPZDAHi1c4YeIBa1KktKK7ck.mft
rsync://rpki.ripe.net/repository/DEFAULT/goiQPZDAHi1c4YeIBa1KktKK7ck.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 05:01:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:4a:14:9d:6a:4d:65:ba:7d:bd:3d:28:03:30:d8:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8288903d90c01e2d5ce1878805ad4a92d28aedc9
Validity
Not Before: Nov 11 05:01:11 2025 GMT
Not After : Nov 12 05:01:11 2025 GMT
Subject: CN=8ea05a73bfed4b4be38fe59ad2a0eb96f9e2b67d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:d1:2c:6a:ea:70:c5:4a:f5:79:22:f8:5b:35:
5e:ad:df:3e:d6:95:c3:e0:72:b0:c4:97:e0:b3:1b:
82:de:74:e7:c0:8e:2f:38:da:9a:f8:9e:d9:d5:3a:
77:46:75:e0:fb:ed:43:d2:f3:1a:58:bc:71:fb:cc:
f5:39:52:16:7d:61:5d:87:ea:f1:24:1f:45:2a:91:
32:d8:e3:b7:0a:d1:8b:8a:ba:84:f8:f3:52:19:4e:
48:13:74:eb:8e:ce:0f:bc:d4:25:a9:14:97:b1:ef:
43:7c:f5:e7:f9:d5:ae:8d:60:be:61:95:6d:fb:06:
3f:48:6b:17:fe:9f:08:5b:ad:94:49:fa:68:cf:09:
22:17:a5:dc:4d:3d:a8:34:b4:7c:c3:b2:e5:88:f3:
06:75:f2:87:18:f1:7d:7f:6c:67:51:5e:07:ef:bb:
ba:78:cc:68:61:12:63:30:20:14:d2:bf:8e:74:cc:
05:2b:9e:fb:bb:eb:52:17:3c:61:d6:da:51:68:94:
a4:60:86:83:4c:68:ef:52:bd:d7:3a:21:55:d4:a9:
44:59:9b:d8:2a:91:88:37:91:a6:44:00:10:76:5a:
01:30:73:88:1d:7d:9e:a2:70:75:06:6e:0a:c2:97:
0d:15:9c:4d:8d:85:40:97:78:fd:1d:26:9d:e8:f8:
9e:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:A0:5A:73:BF:ED:4B:4B:E3:8F:E5:9A:D2:A0:EB:96:F9:E2:B6:7D
X509v3 Authority Key Identifier:
keyid:82:88:90:3D:90:C0:1E:2D:5C:E1:87:88:05:AD:4A:92:D2:8A:ED:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/goiQPZDAHi1c4YeIBa1KktKK7ck.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/83f82d-1545-4074-8682-a1de58a3b35b/1/goiQPZDAHi1c4YeIBa1KktKK7ck.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/83f82d-1545-4074-8682-a1de58a3b35b/1/goiQPZDAHi1c4YeIBa1KktKK7ck.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9e:7c:7e:8d:fe:99:76:ab:77:66:24:81:a3:90:8d:81:72:23:
65:a7:0c:6d:80:ee:13:50:cc:7d:9a:4d:91:78:35:85:cd:fa:
d0:e0:1f:bb:82:11:5f:8d:84:2b:61:59:87:cd:07:c3:33:62:
9b:89:27:06:7f:be:46:2f:15:1f:72:f1:a7:ee:21:b3:1f:bd:
c9:c3:40:10:bd:a1:92:41:5d:57:c0:82:0d:7f:05:3f:c9:ef:
bb:ef:3e:9c:78:d7:67:8b:e8:19:a0:ed:85:eb:ec:5e:14:22:
57:8b:60:f0:85:98:7e:3f:40:23:c6:25:c7:f0:7d:c6:6f:ce:
16:e8:9a:b4:4b:bc:af:3a:4d:ee:28:df:fc:e0:45:0b:8c:72:
e3:5f:e3:c1:fc:7b:b3:2c:8b:b0:0e:bc:c0:2e:9c:7b:ff:ee:
34:ff:54:20:d6:ab:1c:80:e9:4b:9f:a8:e9:ef:0a:33:37:f0:
76:d4:70:50:c8:c4:85:82:71:0f:a7:c6:1c:70:05:70:48:8c:
88:7a:6a:58:11:89:52:20:72:d4:64:95:08:cf:28:63:21:5e:
28:ab:e3:20:d9:37:92:0d:dd:bc:55:7b:60:17:d5:28:1c:a8:
ce:dc:68:08:9b:b6:11:8a:45:2d:9a:42:33:57:c1:e6:ad:98:
76:50:fd:29
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxShSdak1lun29PSgDMNiuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyODg5MDNkOTBjMDFlMmQ1Y2UxODc4ODA1YWQ0YTkyZDI4
YWVkYzkwHhcNMjUxMTExMDUwMTExWhcNMjUxMTEyMDUwMTExWjAzMTEwLwYDVQQD
Eyg4ZWEwNWE3M2JmZWQ0YjRiZTM4ZmU1OWFkMmEwZWI5NmY5ZTJiNjdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAptEsaupwxUr1eSL4WzVerd8+1pXD
4HKwxJfgsxuC3nTnwI4vONqa+J7Z1Tp3RnXg++1D0vMaWLxx+8z1OVIWfWFdh+rx
JB9FKpEy2OO3CtGLirqE+PNSGU5IE3Trjs4PvNQlqRSXse9DfPXn+dWujWC+YZVt
+wY/SGsX/p8IW62USfpozwkiF6XcTT2oNLR8w7LliPMGdfKHGPF9f2xnUV4H77u6
eMxoYRJjMCAU0r+OdMwFK577u+tSFzxh1tpRaJSkYIaDTGjvUr3XOiFV1KlEWZvY
KpGIN5GmRAAQdloBMHOIHX2eonB1Bm4KwpcNFZxNjYVAl3j9HSad6PieyQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI6gWnO/7UtL44/lmtKg65b54rZ9MB8GA1UdIwQY
MBaAFIKIkD2QwB4tXOGHiAWtSpLSiu3JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ29pUVBaREFIaTFjNFllSUJhMUtrdEtLN2NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi84M2Y4MmQtMTU0NS00MDc0LTg2ODIt
YTFkZTU4YTNiMzViLzEvZ29pUVBaREFIaTFjNFllSUJhMUtrdEtLN2NrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi84M2Y4MmQtMTU0NS00MDc0LTg2ODItYTFkZTU4YTNiMzVi
LzEvZ29pUVBaREFIaTFjNFllSUJhMUtrdEtLN2NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnnx+jf6Z
dqt3ZiSBo5CNgXIjZacMbYDuE1DMfZpNkXg1hc360OAfu4IRX42EK2FZh80HwzNi
m4knBn++Ri8VH3Lxp+4hsx+9ycNAEL2hkkFdV8CCDX8FP8nvu+8+nHjXZ4voGaDt
hevsXhQiV4tg8IWYfj9AI8Ylx/B9xm/OFuiatEu8rzpN7ijf/OBFC4xy41/jwfx7
syyLsA68wC6ce//uNP9UINarHIDpS5+o6e8KMzfwdtRwUMjEhYJxD6fGHHAFcEiM
iHpqWBGJUiBy1GSVCM8oYyFeKKvjINk3kg3dvFV7YBfVKByoztxoCJu2EYpFLZpC
M1fB5q2YdlD9KQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:27:16 2025 by rpki-client