Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/20f805-df63-4631-99bd-a256177739c6/1/lNtLHp7Wi7XDMiiuMOnN0lKzL7g.mft
File: lNtLHp7Wi7XDMiiuMOnN0lKzL7g.mft (raw, json)
Hash identifier: PQO3FnAwrfnHV5FxrfPHA7ffVSMzhie6FMfPyoQGtmo=
Subject key identifier: E9:35:F3:C5:C2:FC:C2:AA:0D:37:59:06:0B:FF:EB:EB:8E:77:26:36
Authority key identifier: 94:DB:4B:1E:9E:D6:8B:B5:C3:32:28:AE:30:E9:CD:D2:52:B3:2F:B8
Certificate issuer: /CN=94db4b1e9ed68bb5c33228ae30e9cdd252b32fb8
Certificate serial: 019A4E4FF465C2C488DB7473ABC05F5D9B0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lNtLHp7Wi7XDMiiuMOnN0lKzL7g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/20f805-df63-4631-99bd-a256177739c6/1/lNtLHp7Wi7XDMiiuMOnN0lKzL7g.mft
Manifest number: 170D
Signing time: Tue 04 Nov 2025 10:00:53 +0000
Manifest this update: Tue 04 Nov 2025 10:00:53 +0000
Manifest next update: Wed 05 Nov 2025 10:00:53 +0000
Files and hashes: 1: lNtLHp7Wi7XDMiiuMOnN0lKzL7g.crl (hash: y7kdpeP1XkFqyjnufgFBzmEThRhQ/dZW6vfksx8cuO8=)
2: q0ApgfDR6MUFo5SmPdczTTS0Xsc.roa (hash: scfCeq11ilCac8clsFq/zmbEUDIqGanHD8OiJk8YEiI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/20f805-df63-4631-99bd-a256177739c6/1/lNtLHp7Wi7XDMiiuMOnN0lKzL7g.crl
rsync://rpki.ripe.net/repository/DEFAULT/0d/20f805-df63-4631-99bd-a256177739c6/1/lNtLHp7Wi7XDMiiuMOnN0lKzL7g.mft
rsync://rpki.ripe.net/repository/DEFAULT/lNtLHp7Wi7XDMiiuMOnN0lKzL7g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:4f:f4:65:c2:c4:88:db:74:73:ab:c0:5f:5d:9b:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94db4b1e9ed68bb5c33228ae30e9cdd252b32fb8
Validity
Not Before: Nov 4 10:00:53 2025 GMT
Not After : Nov 5 10:00:53 2025 GMT
Subject: CN=e935f3c5c2fcc2aa0d3759060bffebeb8e772636
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:32:19:88:14:41:31:cb:7c:6a:a9:b7:87:1f:
a6:d1:37:95:f4:ff:7f:2c:c7:2f:a3:06:c9:9b:e6:
e5:36:79:7a:16:52:4b:37:d8:86:c5:26:cb:82:87:
11:ea:17:c4:b3:e7:ed:bc:3c:1f:79:95:fc:a5:73:
de:27:d9:b7:82:78:c9:86:23:b7:28:3e:09:3e:da:
8c:fa:46:2f:88:b1:4d:ca:9e:79:67:8d:16:52:90:
eb:18:03:fe:e8:a7:d1:68:40:d2:c4:bd:46:9a:51:
ea:87:dd:c0:37:90:97:5c:71:fa:a1:17:ef:de:dc:
d8:be:cb:07:2e:c5:72:e7:fc:0d:4a:6e:6d:24:55:
35:f0:4e:60:8c:a2:7b:82:30:64:be:d3:3a:49:84:
ea:51:d0:a7:ea:2e:5f:91:58:21:99:b2:5c:16:05:
af:41:07:be:c9:6a:a0:80:51:c5:95:8f:2d:15:86:
d2:e9:20:6d:4d:ad:0d:03:95:51:be:a0:be:b1:ad:
0c:50:8d:c8:79:42:3d:19:bb:30:42:57:11:1b:74:
e5:a3:62:46:43:63:15:8f:58:bb:c9:11:74:83:40:
47:35:a5:2c:b3:4b:15:f8:17:08:2c:c2:92:62:b6:
4b:a3:9a:5a:cf:36:c9:ca:66:0f:eb:b8:62:02:aa:
44:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:35:F3:C5:C2:FC:C2:AA:0D:37:59:06:0B:FF:EB:EB:8E:77:26:36
X509v3 Authority Key Identifier:
keyid:94:DB:4B:1E:9E:D6:8B:B5:C3:32:28:AE:30:E9:CD:D2:52:B3:2F:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lNtLHp7Wi7XDMiiuMOnN0lKzL7g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/20f805-df63-4631-99bd-a256177739c6/1/lNtLHp7Wi7XDMiiuMOnN0lKzL7g.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/20f805-df63-4631-99bd-a256177739c6/1/lNtLHp7Wi7XDMiiuMOnN0lKzL7g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
06:d7:d4:0c:d0:5d:a6:45:27:38:3f:63:e3:63:5f:a2:b8:21:
c1:f4:94:b0:86:f8:ca:d9:62:84:39:64:d9:64:15:a9:dd:a5:
29:a6:ea:77:b0:4e:32:e3:7f:b5:ef:23:0e:86:c3:27:62:33:
21:41:6a:4b:8c:86:fa:a8:89:23:7a:17:45:fa:94:c2:e1:2d:
67:80:ea:6c:43:80:5c:1d:13:1a:cb:88:2d:2c:2d:18:15:dd:
99:e7:5a:b7:c4:31:31:09:48:7b:f3:36:93:06:f3:1e:65:77:
09:83:f5:91:a9:7b:1f:40:06:8d:69:a4:bc:5c:8f:ac:69:fa:
af:ba:fe:59:57:c4:b7:0e:23:7e:7e:c7:40:b3:b4:e4:1b:a3:
37:c0:8c:db:01:04:4b:56:41:be:99:62:e3:1e:7a:58:cf:8d:
bd:31:0a:bb:3c:3f:f7:83:8e:a4:7f:da:22:11:19:2d:e6:91:
2c:bd:1b:f0:2d:4e:b1:8a:69:ba:12:3d:44:8c:bf:53:01:f2:
1e:e1:40:06:a3:d5:d8:c5:df:d5:ed:d4:c2:70:ed:15:ae:7d:
a1:a6:8b:7c:00:d9:91:b2:43:f6:c2:52:8d:b1:d6:a2:f5:bc:
7c:2e:7c:ee:08:a0:a1:bc:62:c2:d0:09:4d:a7:96:f4:1b:62:
50:f1:64:a9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpOT/RlwsSI23Rzq8BfXZsNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0ZGI0YjFlOWVkNjhiYjVjMzMyMjhhZTMwZTljZGQyNTJi
MzJmYjgwHhcNMjUxMTA0MTAwMDUzWhcNMjUxMTA1MTAwMDUzWjAzMTEwLwYDVQQD
EyhlOTM1ZjNjNWMyZmNjMmFhMGQzNzU5MDYwYmZmZWJlYjhlNzcyNjM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0zIZiBRBMct8aqm3hx+m0TeV9P9/
LMcvowbJm+blNnl6FlJLN9iGxSbLgocR6hfEs+ftvDwfeZX8pXPeJ9m3gnjJhiO3
KD4JPtqM+kYviLFNyp55Z40WUpDrGAP+6KfRaEDSxL1GmlHqh93AN5CXXHH6oRfv
3tzYvssHLsVy5/wNSm5tJFU18E5gjKJ7gjBkvtM6SYTqUdCn6i5fkVghmbJcFgWv
QQe+yWqggFHFlY8tFYbS6SBtTa0NA5VRvqC+sa0MUI3IeUI9GbswQlcRG3Tlo2JG
Q2MVj1i7yRF0g0BHNaUss0sV+BcILMKSYrZLo5pazzbJymYP67hiAqpE9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOk188XC/MKqDTdZBgv/6+uOdyY2MB8GA1UdIwQY
MBaAFJTbSx6e1ou1wzIorjDpzdJSsy+4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbE50TEhwN1dpN1hETWlpdU1Pbk4wbEt6TDdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC8yMGY4MDUtZGY2My00NjMxLTk5YmQt
YTI1NjE3NzczOWM2LzEvbE50TEhwN1dpN1hETWlpdU1Pbk4wbEt6TDdnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC8yMGY4MDUtZGY2My00NjMxLTk5YmQtYTI1NjE3NzczOWM2
LzEvbE50TEhwN1dpN1hETWlpdU1Pbk4wbEt6TDdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABtfUDNBd
pkUnOD9j42NforghwfSUsIb4ytlihDlk2WQVqd2lKabqd7BOMuN/te8jDobDJ2Iz
IUFqS4yG+qiJI3oXRfqUwuEtZ4DqbEOAXB0TGsuILSwtGBXdmedat8QxMQlIe/M2
kwbzHmV3CYP1kal7H0AGjWmkvFyPrGn6r7r+WVfEtw4jfn7HQLO05BujN8CM2wEE
S1ZBvpli4x56WM+NvTEKuzw/94OOpH/aIhEZLeaRLL0b8C1OsYppuhI9RIy/UwHy
HuFABqPV2MXf1e3UwnDtFa59oaaLfADZkbJD9sJSjbHWovW8fC587gigobxiwtAJ
TaeW9BtiUPFkqQ==
-----END CERTIFICATE-----
Generated at Tue Nov 4 15:08:06 2025 by rpki-client