Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/9eaf5c-8c54-45ed-bfc4-673c3889161d/1/lQSgmkWW2BV9pp3DNGxavOTOThM.mft
File: lQSgmkWW2BV9pp3DNGxavOTOThM.mft (raw, json)
Hash identifier: TNR9Ju134OhZYWXmJOsH6zUmJrzRBw/cgOOiVbLHP8k=
Subject key identifier: DD:7C:4B:DC:1F:2B:D4:DE:91:7B:94:AD:5A:18:94:EC:16:3C:8F:E8
Authority key identifier: 95:04:A0:9A:45:96:D8:15:7D:A6:9D:C3:34:6C:5A:BC:E4:CE:4E:13
Certificate issuer: /CN=9504a09a4596d8157da69dc3346c5abce4ce4e13
Certificate serial: 019A7225ECC24E5466BF8BA025DC3C469CD2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lQSgmkWW2BV9pp3DNGxavOTOThM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/9eaf5c-8c54-45ed-bfc4-673c3889161d/1/lQSgmkWW2BV9pp3DNGxavOTOThM.mft
Manifest number: 037D
Signing time: Tue 11 Nov 2025 09:01:19 +0000
Manifest this update: Tue 11 Nov 2025 09:01:19 +0000
Manifest next update: Wed 12 Nov 2025 09:01:19 +0000
Files and hashes: 1: Pe2NALGIvmCuJSlPZ20SuZ-M9hg.roa (hash: OtaghSGRDvDf2NYLRv+GOjbFhhiw6EZBcNNwCgYOYjA=)
2: lQSgmkWW2BV9pp3DNGxavOTOThM.crl (hash: d0kE48XYyxMzRFkoNTDaW2KVVPtkxNPsHpuul321VoE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/9eaf5c-8c54-45ed-bfc4-673c3889161d/1/lQSgmkWW2BV9pp3DNGxavOTOThM.crl
rsync://rpki.ripe.net/repository/DEFAULT/f4/9eaf5c-8c54-45ed-bfc4-673c3889161d/1/lQSgmkWW2BV9pp3DNGxavOTOThM.mft
rsync://rpki.ripe.net/repository/DEFAULT/lQSgmkWW2BV9pp3DNGxavOTOThM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:25:ec:c2:4e:54:66:bf:8b:a0:25:dc:3c:46:9c:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9504a09a4596d8157da69dc3346c5abce4ce4e13
Validity
Not Before: Nov 11 09:01:19 2025 GMT
Not After : Nov 12 09:01:19 2025 GMT
Subject: CN=dd7c4bdc1f2bd4de917b94ad5a1894ec163c8fe8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:43:cb:2d:f3:19:66:19:e4:99:41:79:38:35:
4a:c9:c7:61:85:c1:dc:48:e3:09:a8:a8:c5:72:e8:
8a:97:82:85:57:47:b1:57:5f:5d:1f:05:4b:f6:c4:
47:7d:55:41:31:2e:e5:f7:56:e7:29:30:10:c2:72:
8f:c4:35:d2:b5:82:96:b5:6f:5a:ea:b3:e6:1a:99:
01:21:fd:63:1e:54:c7:46:e3:08:9e:7c:07:15:eb:
63:b4:a6:f0:12:c4:24:77:6a:ae:d0:4c:f9:f1:06:
0b:c1:bb:9f:a8:92:0f:48:ef:df:b6:81:b7:ff:1d:
55:ee:7b:a5:a7:9d:19:71:73:70:ee:16:03:cd:01:
7e:0a:99:c0:25:be:9d:38:3e:d8:27:61:97:c5:1a:
c8:cd:f8:27:92:06:7d:57:ad:b5:e4:d9:4b:7c:fd:
67:6e:53:5d:b9:5e:0a:00:d0:4c:9b:b9:0f:c7:96:
02:f4:ab:20:d0:8e:0f:02:fd:4b:a0:9d:4c:ab:19:
6e:2d:a5:7e:77:3d:01:5a:e7:82:f4:f0:7b:0b:e6:
ff:d1:df:b3:12:e2:38:f5:68:35:d5:8f:61:98:d2:
6f:54:ad:f7:bc:8a:1b:12:5a:d4:d3:f0:fe:f2:03:
94:2f:24:06:89:c4:c1:3f:cb:4e:11:26:c7:60:40:
e2:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:7C:4B:DC:1F:2B:D4:DE:91:7B:94:AD:5A:18:94:EC:16:3C:8F:E8
X509v3 Authority Key Identifier:
keyid:95:04:A0:9A:45:96:D8:15:7D:A6:9D:C3:34:6C:5A:BC:E4:CE:4E:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lQSgmkWW2BV9pp3DNGxavOTOThM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/9eaf5c-8c54-45ed-bfc4-673c3889161d/1/lQSgmkWW2BV9pp3DNGxavOTOThM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/9eaf5c-8c54-45ed-bfc4-673c3889161d/1/lQSgmkWW2BV9pp3DNGxavOTOThM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
19:fd:4e:66:f1:7a:d9:08:61:50:5d:b6:7b:68:67:64:89:d1:
d1:c0:0e:fe:09:b9:5d:fa:9d:db:50:3c:f4:cd:bb:8c:c0:fe:
f7:eb:5b:10:48:79:63:6f:e7:5b:ab:ff:fe:de:3e:5e:47:2c:
c5:21:f0:97:30:12:cc:99:11:f1:7c:57:7c:83:1c:0d:0d:0f:
ed:9e:ab:61:2a:31:c7:96:88:a4:35:3e:17:f0:f9:bd:a9:4b:
83:09:39:84:bc:0c:62:80:0f:ea:14:1b:27:dc:cf:b1:08:53:
b0:9e:46:42:8d:19:6c:50:3a:e7:52:be:19:be:2f:79:5e:29:
c0:eb:35:30:3e:c9:ba:0e:5c:8a:01:9c:c5:8a:92:10:1d:1c:
fe:9c:b1:55:a8:3f:91:9c:95:af:22:41:b1:14:17:0f:1f:f6:
97:2d:53:2f:d1:a9:f0:ff:54:fb:a6:dd:53:2d:c9:ca:78:3e:
98:7a:3d:32:9c:32:ab:01:17:b7:50:6a:c1:9e:5d:7e:39:bf:
7d:06:80:26:f3:50:77:01:34:77:57:c1:28:b7:66:eb:d3:c2:
9e:84:68:c5:f3:6f:1c:24:24:70:3e:63:d2:2f:f5:13:8b:0e:
9c:b7:5c:af:a6:40:69:0e:cb:c2:fc:c9:1b:5e:07:96:49:e9:
1f:b2:6b:88
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJezCTlRmv4ugJdw8RpzSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1MDRhMDlhNDU5NmQ4MTU3ZGE2OWRjMzM0NmM1YWJjZTRj
ZTRlMTMwHhcNMjUxMTExMDkwMTE5WhcNMjUxMTEyMDkwMTE5WjAzMTEwLwYDVQQD
EyhkZDdjNGJkYzFmMmJkNGRlOTE3Yjk0YWQ1YTE4OTRlYzE2M2M4ZmU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA80PLLfMZZhnkmUF5ODVKycdhhcHc
SOMJqKjFcuiKl4KFV0exV19dHwVL9sRHfVVBMS7l91bnKTAQwnKPxDXStYKWtW9a
6rPmGpkBIf1jHlTHRuMInnwHFetjtKbwEsQkd2qu0Ez58QYLwbufqJIPSO/ftoG3
/x1V7nulp50ZcXNw7hYDzQF+CpnAJb6dOD7YJ2GXxRrIzfgnkgZ9V6215NlLfP1n
blNduV4KANBMm7kPx5YC9Ksg0I4PAv1LoJ1MqxluLaV+dz0BWueC9PB7C+b/0d+z
EuI49Wg11Y9hmNJvVK33vIobElrU0/D+8gOULyQGicTBP8tOESbHYEDi6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN18S9wfK9TekXuUrVoYlOwWPI/oMB8GA1UdIwQY
MBaAFJUEoJpFltgVfaadwzRsWrzkzk4TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFFTZ21rV1cyQlY5cHAzRE5HeGF2T1RPVGhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC85ZWFmNWMtOGM1NC00NWVkLWJmYzQt
NjczYzM4ODkxNjFkLzEvbFFTZ21rV1cyQlY5cHAzRE5HeGF2T1RPVGhNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC85ZWFmNWMtOGM1NC00NWVkLWJmYzQtNjczYzM4ODkxNjFk
LzEvbFFTZ21rV1cyQlY5cHAzRE5HeGF2T1RPVGhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGf1OZvF6
2QhhUF22e2hnZInR0cAO/gm5Xfqd21A89M27jMD+9+tbEEh5Y2/nW6v//t4+Xkcs
xSHwlzASzJkR8XxXfIMcDQ0P7Z6rYSoxx5aIpDU+F/D5valLgwk5hLwMYoAP6hQb
J9zPsQhTsJ5GQo0ZbFA651K+Gb4veV4pwOs1MD7Jug5cigGcxYqSEB0c/pyxVag/
kZyVryJBsRQXDx/2ly1TL9Gp8P9U+6bdUy3Jyng+mHo9MpwyqwEXt1BqwZ5dfjm/
fQaAJvNQdwE0d1fBKLdm69PCnoRoxfNvHCQkcD5j0i/1E4sOnLdcr6ZAaQ7LwvzJ
G14HlknpH7JriA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:35:33 2025 by rpki-client