Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/3c2956-df9d-4048-b011-d8e98b85aea4/1/lNFhWT2oFcrFjTR5ZS0EhIDSZxM.mft
File: lNFhWT2oFcrFjTR5ZS0EhIDSZxM.mft (raw, json)
Hash identifier: LF0lxNHLpBJ016D+NAAde/BuTKxqWneNokYur/+aYsg=
Subject key identifier: A2:60:64:22:7B:DE:F6:9C:E0:76:76:AC:56:83:DD:47:00:14:5F:C3
Authority key identifier: 94:D1:61:59:3D:A8:15:CA:C5:8D:34:79:65:2D:04:84:80:D2:67:13
Certificate issuer: /CN=94d161593da815cac58d3479652d048480d26713
Certificate serial: 019A4DE208CE3BF248BE3428692E5EF89B2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lNFhWT2oFcrFjTR5ZS0EhIDSZxM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/3c2956-df9d-4048-b011-d8e98b85aea4/1/lNFhWT2oFcrFjTR5ZS0EhIDSZxM.mft
Manifest number: 170D
Signing time: Tue 04 Nov 2025 08:00:50 +0000
Manifest this update: Tue 04 Nov 2025 08:00:50 +0000
Manifest next update: Wed 05 Nov 2025 08:00:50 +0000
Files and hashes: 1: bdAF9viIHB5V5FhTALS-owQhcks.roa (hash: lPv9YsuyVHwxqfP/RRJpZeMDZjwRG/d34AhteS5V7Ew=)
2: lNFhWT2oFcrFjTR5ZS0EhIDSZxM.crl (hash: f5fYriDGiWbELKfkmzKbiOSDurnJuiGcxUIjACncHNo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2e/3c2956-df9d-4048-b011-d8e98b85aea4/1/lNFhWT2oFcrFjTR5ZS0EhIDSZxM.crl
rsync://rpki.ripe.net/repository/DEFAULT/2e/3c2956-df9d-4048-b011-d8e98b85aea4/1/lNFhWT2oFcrFjTR5ZS0EhIDSZxM.mft
rsync://rpki.ripe.net/repository/DEFAULT/lNFhWT2oFcrFjTR5ZS0EhIDSZxM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 08:00:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4d:e2:08:ce:3b:f2:48:be:34:28:69:2e:5e:f8:9b:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94d161593da815cac58d3479652d048480d26713
Validity
Not Before: Nov 4 08:00:50 2025 GMT
Not After : Nov 5 08:00:50 2025 GMT
Subject: CN=a26064227bdef69ce07676ac5683dd4700145fc3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:c4:ec:4e:c3:27:30:77:7b:f1:83:36:ac:89:
c3:80:85:e6:04:ab:29:17:d5:15:45:45:89:76:78:
df:b6:8d:13:d5:22:f9:20:04:0d:a6:70:b1:86:a2:
96:1b:bd:ad:97:29:4a:13:e0:f7:8d:32:b7:b6:eb:
98:9c:25:23:04:7d:eb:7c:46:9b:ff:52:f5:d4:dc:
f4:b4:87:ed:b7:1b:d6:84:f2:06:00:f3:2c:dd:4c:
33:1b:c8:56:09:9e:6c:0f:75:cd:ac:8e:7b:db:76:
8b:51:08:8f:7f:12:21:0e:c2:ba:8e:db:96:50:c9:
3b:1a:86:5d:1b:75:a2:3b:32:15:ef:05:19:c5:cd:
62:96:24:d6:74:98:ca:14:28:ac:0e:b1:fb:05:0c:
3f:9d:e4:da:e1:68:47:9e:6e:4a:7d:63:bb:3b:7d:
fa:1d:00:ba:1d:05:df:fe:49:a2:7f:68:3d:77:fb:
22:56:6c:41:85:c1:83:c5:6f:9b:5d:8d:4e:04:88:
c2:26:1f:a7:af:f8:1d:b1:f2:7c:bf:2f:9a:d0:74:
82:4f:2b:00:6a:35:a0:3b:4d:ec:cd:4f:5a:5c:4b:
fe:b8:79:3e:4d:fc:cd:15:89:06:45:7e:09:c5:25:
af:62:a1:33:06:e4:bd:32:6e:44:fb:12:9d:cd:81:
0b:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:60:64:22:7B:DE:F6:9C:E0:76:76:AC:56:83:DD:47:00:14:5F:C3
X509v3 Authority Key Identifier:
keyid:94:D1:61:59:3D:A8:15:CA:C5:8D:34:79:65:2D:04:84:80:D2:67:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lNFhWT2oFcrFjTR5ZS0EhIDSZxM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/3c2956-df9d-4048-b011-d8e98b85aea4/1/lNFhWT2oFcrFjTR5ZS0EhIDSZxM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/3c2956-df9d-4048-b011-d8e98b85aea4/1/lNFhWT2oFcrFjTR5ZS0EhIDSZxM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
96:3d:5a:a9:18:32:88:ec:4c:a8:74:3b:b1:43:85:4f:d7:49:
51:c6:22:2d:c9:d7:7a:ba:6d:4d:56:db:62:57:83:83:24:37:
36:f6:c3:05:34:36:4d:90:fe:0d:d9:a2:8e:7a:8c:49:da:c0:
19:e6:47:e6:5a:ad:db:84:63:7d:03:f6:fa:e2:d8:54:e3:de:
a2:e3:52:e2:5e:5d:82:55:47:a6:70:14:01:39:ab:ed:33:d3:
69:5b:4d:c9:1f:32:87:e6:a1:ac:1a:5e:cf:12:45:a4:dc:62:
d1:09:04:47:67:ef:3e:d2:d1:af:fd:de:42:9b:c0:cc:f0:51:
62:4f:4f:66:35:76:fa:2d:c1:77:aa:db:23:ee:28:1b:0f:c0:
d2:b2:9c:d3:30:8a:fb:10:ad:2c:3b:50:af:18:da:6f:b5:91:
9b:14:8f:b5:86:36:93:38:14:43:d7:55:bf:13:9b:51:a5:dd:
cd:2f:ea:2b:e1:88:d7:ed:96:ac:dc:f8:23:5e:0a:b2:ef:23:
0b:40:77:55:56:3c:30:9a:3a:6c:a6:e4:d1:d3:a2:82:38:fd:
20:a7:07:23:04:a8:86:71:c9:16:1e:bc:98:57:f8:90:8f:f3:
73:e8:14:55:02:27:c3:d5:03:5b:f2:2f:82:aa:37:33:53:5f:
6c:ac:dc:e5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpN4gjOO/JIvjQoaS5e+JsqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0ZDE2MTU5M2RhODE1Y2FjNThkMzQ3OTY1MmQwNDg0ODBk
MjY3MTMwHhcNMjUxMTA0MDgwMDUwWhcNMjUxMTA1MDgwMDUwWjAzMTEwLwYDVQQD
EyhhMjYwNjQyMjdiZGVmNjljZTA3Njc2YWM1NjgzZGQ0NzAwMTQ1ZmMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1cTsTsMnMHd78YM2rInDgIXmBKsp
F9UVRUWJdnjfto0T1SL5IAQNpnCxhqKWG72tlylKE+D3jTK3tuuYnCUjBH3rfEab
/1L11Nz0tIfttxvWhPIGAPMs3UwzG8hWCZ5sD3XNrI5723aLUQiPfxIhDsK6jtuW
UMk7GoZdG3WiOzIV7wUZxc1iliTWdJjKFCisDrH7BQw/neTa4WhHnm5KfWO7O336
HQC6HQXf/kmif2g9d/siVmxBhcGDxW+bXY1OBIjCJh+nr/gdsfJ8vy+a0HSCTysA
ajWgO03szU9aXEv+uHk+TfzNFYkGRX4JxSWvYqEzBuS9Mm5E+xKdzYEL1QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKJgZCJ73vac4HZ2rFaD3UcAFF/DMB8GA1UdIwQY
MBaAFJTRYVk9qBXKxY00eWUtBISA0mcTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbE5GaFdUMm9GY3JGalRSNVpTMEVoSURTWnhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS8zYzI5NTYtZGY5ZC00MDQ4LWIwMTEt
ZDhlOThiODVhZWE0LzEvbE5GaFdUMm9GY3JGalRSNVpTMEVoSURTWnhNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS8zYzI5NTYtZGY5ZC00MDQ4LWIwMTEtZDhlOThiODVhZWE0
LzEvbE5GaFdUMm9GY3JGalRSNVpTMEVoSURTWnhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlj1aqRgy
iOxMqHQ7sUOFT9dJUcYiLcnXerptTVbbYleDgyQ3NvbDBTQ2TZD+DdmijnqMSdrA
GeZH5lqt24RjfQP2+uLYVOPeouNS4l5dglVHpnAUATmr7TPTaVtNyR8yh+ahrBpe
zxJFpNxi0QkER2fvPtLRr/3eQpvAzPBRYk9PZjV2+i3Bd6rbI+4oGw/A0rKc0zCK
+xCtLDtQrxjab7WRmxSPtYY2kzgUQ9dVvxObUaXdzS/qK+GI1+2WrNz4I14Ksu8j
C0B3VVY8MJo6bKbk0dOigjj9IKcHIwSohnHJFh68mFf4kI/zc+gUVQInw9UDW/Iv
gqo3M1NfbKzc5Q==
-----END CERTIFICATE-----
Generated at Tue Nov 4 14:53:38 2025 by rpki-client