Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/1974ee-408f-4120-8f19-fa2f0d54b1d1/1/lQ8oTPXDnybd0jUufyrfeo3GD44.mft
File: lQ8oTPXDnybd0jUufyrfeo3GD44.mft (raw, json)
Hash identifier: qB3CU9iOSmHyBr8ayZCzjOeRYf3AwTzs+XJBnglziLo=
Subject key identifier: FB:3A:60:86:35:63:3A:2A:99:19:91:52:A1:28:61:AB:CA:2E:4A:BB
Authority key identifier: 95:0F:28:4C:F5:C3:9F:26:DD:D2:35:2E:7F:2A:DF:7A:8D:C6:0F:8E
Certificate issuer: /CN=950f284cf5c39f26ddd2352e7f2adf7a8dc60f8e
Certificate serial: 019A503E43FFD4CBC1132EA9DB74D2313269
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lQ8oTPXDnybd0jUufyrfeo3GD44.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/1974ee-408f-4120-8f19-fa2f0d54b1d1/1/lQ8oTPXDnybd0jUufyrfeo3GD44.mft
Manifest number: 0D09
Signing time: Tue 04 Nov 2025 19:00:49 +0000
Manifest this update: Tue 04 Nov 2025 19:00:49 +0000
Manifest next update: Wed 05 Nov 2025 19:00:49 +0000
Files and hashes: 1: CIXcSM8wlZUJc9_olM2z-Sxe_fI.roa (hash: mDiY7MPNQSCh1DaHA5s1SG/E+/9GUkWw11IjIEdP7WU=)
2: lQ8oTPXDnybd0jUufyrfeo3GD44.crl (hash: oKmIOwJE6loBe3jKpNCldMefMX/uWX6BpD0zk30TwS8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/1974ee-408f-4120-8f19-fa2f0d54b1d1/1/lQ8oTPXDnybd0jUufyrfeo3GD44.crl
rsync://rpki.ripe.net/repository/DEFAULT/b0/1974ee-408f-4120-8f19-fa2f0d54b1d1/1/lQ8oTPXDnybd0jUufyrfeo3GD44.mft
rsync://rpki.ripe.net/repository/DEFAULT/lQ8oTPXDnybd0jUufyrfeo3GD44.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 18:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:50:3e:43:ff:d4:cb:c1:13:2e:a9:db:74:d2:31:32:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=950f284cf5c39f26ddd2352e7f2adf7a8dc60f8e
Validity
Not Before: Nov 4 19:00:49 2025 GMT
Not After : Nov 5 19:00:49 2025 GMT
Subject: CN=fb3a608635633a2a99199152a12861abca2e4abb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:7f:00:b7:9f:5c:31:aa:43:8b:be:88:ef:a4:
e6:a7:4e:0a:fb:a6:a6:2f:37:e2:c1:e9:9e:fa:78:
03:62:ce:b8:0b:d5:2e:c1:57:08:7f:2a:b3:10:88:
7a:65:fa:0f:dc:15:1b:5b:9c:67:7e:59:ad:46:63:
ca:7d:f7:1e:29:9b:d1:4c:5a:68:40:d4:ce:e6:e6:
06:43:96:20:22:c8:d3:3b:73:ac:52:de:6d:5d:10:
22:af:af:e3:10:82:68:c6:90:47:33:08:ca:f8:03:
9e:0e:ec:2d:97:61:f0:d5:bf:39:94:06:91:11:68:
bf:80:80:a3:b6:61:f1:af:ee:d4:77:b6:93:8d:16:
7a:2b:a7:bc:ae:ad:d8:45:25:4b:f3:ed:ba:b0:09:
19:24:c8:81:09:05:d3:31:7e:87:0d:1d:6b:93:e3:
d7:43:cd:bf:c2:51:02:2d:1f:a0:b3:05:de:a8:e7:
7d:25:c6:99:3f:e4:31:67:86:f0:94:6c:a9:c9:ab:
29:b2:8d:8c:4a:e1:01:17:05:c9:80:9f:d8:4f:0d:
83:e7:5d:9a:ec:f1:3e:b9:db:bf:70:a6:27:9d:c2:
a1:0b:10:af:12:b6:a3:a3:dc:f2:bc:41:6a:e2:19:
e0:e1:37:00:b7:8e:20:bb:c3:a1:44:c0:f3:11:07:
8b:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:3A:60:86:35:63:3A:2A:99:19:91:52:A1:28:61:AB:CA:2E:4A:BB
X509v3 Authority Key Identifier:
keyid:95:0F:28:4C:F5:C3:9F:26:DD:D2:35:2E:7F:2A:DF:7A:8D:C6:0F:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lQ8oTPXDnybd0jUufyrfeo3GD44.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/1974ee-408f-4120-8f19-fa2f0d54b1d1/1/lQ8oTPXDnybd0jUufyrfeo3GD44.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/1974ee-408f-4120-8f19-fa2f0d54b1d1/1/lQ8oTPXDnybd0jUufyrfeo3GD44.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3f:c3:a6:7a:f6:f8:1f:a0:06:55:8c:cf:66:a4:0f:1c:df:d7:
d7:05:09:4b:4a:56:f9:a7:31:fa:db:11:c3:7a:6c:f9:50:2d:
2e:ff:e6:1e:b6:7d:0c:29:a4:98:f1:3f:2c:b0:44:7e:7b:34:
e4:33:65:b2:80:0f:6a:0e:b1:b7:7c:a2:eb:b5:c8:3b:ac:42:
35:94:a3:68:fa:cd:bf:1a:b4:c2:ae:34:c7:c6:a7:83:68:e2:
de:df:ab:ca:dc:94:d6:a4:78:22:60:af:99:96:4f:2e:bd:fb:
48:99:f4:48:d3:8c:44:fc:48:d8:e7:8b:c5:fb:2b:73:f0:a4:
fd:79:a6:8b:2e:10:85:f9:ee:52:16:ef:eb:68:7a:97:7e:db:
c1:05:44:5a:94:d2:ee:b2:79:9d:df:2a:40:86:66:e4:ba:3b:
f5:6a:9a:c0:66:ae:d1:58:fe:8e:b7:b1:85:24:e0:24:d5:e9:
ef:e9:63:10:67:a5:e4:ab:25:26:b4:2b:f9:0c:43:59:7b:58:
d0:7d:44:23:41:03:ee:70:bd:98:b2:9b:8a:f6:44:37:e8:66:
23:49:b0:dd:a2:24:45:3a:e2:1b:b1:c0:8e:0d:9c:41:6e:29:
63:e6:9a:0e:d3:bf:87:b2:12:d2:b9:9e:8b:55:72:31:f2:6d:
1d:da:fa:a4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpQPkP/1MvBEy6p23TSMTJpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1MGYyODRjZjVjMzlmMjZkZGQyMzUyZTdmMmFkZjdhOGRj
NjBmOGUwHhcNMjUxMTA0MTkwMDQ5WhcNMjUxMTA1MTkwMDQ5WjAzMTEwLwYDVQQD
EyhmYjNhNjA4NjM1NjMzYTJhOTkxOTkxNTJhMTI4NjFhYmNhMmU0YWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoX8At59cMapDi76I76Tmp04K+6am
Lzfiweme+ngDYs64C9UuwVcIfyqzEIh6ZfoP3BUbW5xnflmtRmPKffceKZvRTFpo
QNTO5uYGQ5YgIsjTO3OsUt5tXRAir6/jEIJoxpBHMwjK+AOeDuwtl2Hw1b85lAaR
EWi/gICjtmHxr+7Ud7aTjRZ6K6e8rq3YRSVL8+26sAkZJMiBCQXTMX6HDR1rk+PX
Q82/wlECLR+gswXeqOd9JcaZP+QxZ4bwlGypyaspso2MSuEBFwXJgJ/YTw2D512a
7PE+udu/cKYnncKhCxCvErajo9zyvEFq4hng4TcAt44gu8OhRMDzEQeLLQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPs6YIY1YzoqmRmRUqEoYavKLkq7MB8GA1UdIwQY
MBaAFJUPKEz1w58m3dI1Ln8q33qNxg+OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFE4b1RQWERueWJkMGpVdWZ5cmZlbzNHRDQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC8xOTc0ZWUtNDA4Zi00MTIwLThmMTkt
ZmEyZjBkNTRiMWQxLzEvbFE4b1RQWERueWJkMGpVdWZ5cmZlbzNHRDQ0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC8xOTc0ZWUtNDA4Zi00MTIwLThmMTktZmEyZjBkNTRiMWQx
LzEvbFE4b1RQWERueWJkMGpVdWZ5cmZlbzNHRDQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAP8Omevb4
H6AGVYzPZqQPHN/X1wUJS0pW+acx+tsRw3ps+VAtLv/mHrZ9DCmkmPE/LLBEfns0
5DNlsoAPag6xt3yi67XIO6xCNZSjaPrNvxq0wq40x8ang2ji3t+rytyU1qR4ImCv
mZZPLr37SJn0SNOMRPxI2OeLxfsrc/Ck/Xmmiy4QhfnuUhbv62h6l37bwQVEWpTS
7rJ5nd8qQIZm5Lo79WqawGau0Vj+jrexhSTgJNXp7+ljEGel5KslJrQr+QxDWXtY
0H1EI0ED7nC9mLKbivZEN+hmI0mw3aIkRTriG7HAjg2cQW4pY+aaDtO/h7IS0rme
i1VyMfJtHdr6pA==
-----END CERTIFICATE-----
Generated at Wed Nov 5 00:17:25 2025 by rpki-client