Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/43d255-284a-468f-8b6e-fb1e9db0c388/1/lPpsQpkyHcX8kfx5Y6pRSH5K9eY.mft
File: lPpsQpkyHcX8kfx5Y6pRSH5K9eY.mft (raw, json)
Hash identifier: z6yr0FNFWwKxRjNF4rWkbKjncAmWfb3+MWXL+G5uZ5c=
Subject key identifier: D2:38:04:C0:72:95:B6:60:E1:B4:24:97:D2:00:52:28:63:A4:33:10
Authority key identifier: 94:FA:6C:42:99:32:1D:C5:FC:91:FC:79:63:AA:51:48:7E:4A:F5:E6
Certificate issuer: /CN=94fa6c4299321dc5fc91fc7963aa51487e4af5e6
Certificate serial: 019A50E311E83546781B95CB469C1FAF32C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lPpsQpkyHcX8kfx5Y6pRSH5K9eY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/43d255-284a-468f-8b6e-fb1e9db0c388/1/lPpsQpkyHcX8kfx5Y6pRSH5K9eY.mft
Manifest number: 13A8
Signing time: Tue 04 Nov 2025 22:00:49 +0000
Manifest this update: Tue 04 Nov 2025 22:00:49 +0000
Manifest next update: Wed 05 Nov 2025 22:00:49 +0000
Files and hashes: 1: GkmNRez_B8q96uaVOleqThEPoEs.roa (hash: aNQGHPeLClAe2Gmzc0jqm+MRXJ2xuLHjsljQiK1K4qw=)
2: lPpsQpkyHcX8kfx5Y6pRSH5K9eY.crl (hash: 5Pu7jG1BloJwGcQMy/R9vAQmG8XIrSTpTFQZusBPMqM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/43d255-284a-468f-8b6e-fb1e9db0c388/1/lPpsQpkyHcX8kfx5Y6pRSH5K9eY.crl
rsync://rpki.ripe.net/repository/DEFAULT/cd/43d255-284a-468f-8b6e-fb1e9db0c388/1/lPpsQpkyHcX8kfx5Y6pRSH5K9eY.mft
rsync://rpki.ripe.net/repository/DEFAULT/lPpsQpkyHcX8kfx5Y6pRSH5K9eY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 18:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:50:e3:11:e8:35:46:78:1b:95:cb:46:9c:1f:af:32:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94fa6c4299321dc5fc91fc7963aa51487e4af5e6
Validity
Not Before: Nov 4 22:00:49 2025 GMT
Not After : Nov 5 22:00:49 2025 GMT
Subject: CN=d23804c07295b660e1b42497d200522863a43310
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:9c:5e:1a:89:cf:e3:73:e8:9b:b9:63:a8:0d:
97:da:0f:86:fc:06:b7:58:a5:9d:7f:3d:34:7a:2e:
2e:2b:79:06:60:27:e1:54:84:1d:ba:49:44:94:a1:
c3:50:6e:e3:4a:83:d5:97:2a:87:33:28:5f:9a:c8:
4a:cd:ab:a8:9a:f4:ea:b2:fc:49:28:69:e5:4e:d8:
a4:78:be:00:ed:71:44:9e:31:d2:b6:c7:3b:6b:1e:
65:a6:15:25:b6:8c:0b:c0:71:80:82:99:03:96:6b:
5d:61:f3:bb:e9:46:6c:bb:22:c7:d1:0b:bd:a1:a7:
54:7e:6e:4c:53:41:01:f4:da:06:17:39:52:dd:96:
ba:9b:d8:84:70:8a:cb:4b:36:96:b8:6e:3f:16:cb:
e3:55:62:40:72:50:94:c2:e0:3f:a0:b2:9b:c0:68:
29:34:64:4b:d8:cb:b7:7e:a2:08:0e:1d:1d:45:9d:
8f:7e:79:42:01:b5:ff:db:4f:6c:71:a2:57:58:68:
aa:1c:23:5e:2c:aa:52:9c:0b:e1:78:99:a3:76:c4:
ff:08:d2:8a:d3:d8:21:33:b0:7f:d9:ee:42:e5:67:
1a:b0:e8:9a:f6:ae:ab:43:d6:13:89:db:a5:c3:e6:
e3:42:00:5c:c3:1a:b8:be:e3:36:2d:04:81:4d:bf:
54:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:38:04:C0:72:95:B6:60:E1:B4:24:97:D2:00:52:28:63:A4:33:10
X509v3 Authority Key Identifier:
keyid:94:FA:6C:42:99:32:1D:C5:FC:91:FC:79:63:AA:51:48:7E:4A:F5:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lPpsQpkyHcX8kfx5Y6pRSH5K9eY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/43d255-284a-468f-8b6e-fb1e9db0c388/1/lPpsQpkyHcX8kfx5Y6pRSH5K9eY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/43d255-284a-468f-8b6e-fb1e9db0c388/1/lPpsQpkyHcX8kfx5Y6pRSH5K9eY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
53:27:8f:85:48:28:95:f8:35:91:1d:99:fd:fd:26:af:42:58:
31:64:fb:ad:7a:15:fd:dc:92:79:5f:24:79:6b:d4:c8:f0:a9:
8b:5c:38:6f:1b:45:6b:14:0f:28:0b:cc:2b:a2:d8:93:73:30:
dc:f6:50:e7:8c:93:87:90:b1:1d:97:1c:e9:db:99:7d:4c:b9:
c1:24:f2:da:f4:94:49:d3:22:60:cc:9c:12:2a:75:58:9b:58:
30:14:7f:41:c7:30:ba:a6:db:ac:12:35:48:6c:31:18:ec:88:
db:51:92:27:15:7a:48:1b:e4:dd:ee:4f:92:51:14:d7:2f:f6:
fb:96:bd:12:af:3c:3f:26:03:c1:75:ef:97:5d:22:71:7d:30:
9a:e8:4d:72:3f:25:7d:e4:f7:c1:80:c0:6c:67:fc:ac:d5:b2:
31:2a:ea:14:a6:bd:82:0f:a8:23:fa:db:96:d5:5e:ea:70:b8:
b1:85:28:3d:8e:0f:a9:ec:16:bd:a9:80:8d:af:a5:eb:8c:8b:
33:1c:f2:71:4c:12:3e:be:25:31:f6:f5:4f:c7:54:ce:2c:33:
9a:c4:4b:d2:4a:2e:d7:6e:98:c0:23:ee:73:e3:21:8b:38:33:
a6:69:7f:53:61:e3:dc:0c:dc:f4:33:13:d6:3d:a4:d6:8b:62:
49:39:36:a1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpQ4xHoNUZ4G5XLRpwfrzLBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0ZmE2YzQyOTkzMjFkYzVmYzkxZmM3OTYzYWE1MTQ4N2U0
YWY1ZTYwHhcNMjUxMTA0MjIwMDQ5WhcNMjUxMTA1MjIwMDQ5WjAzMTEwLwYDVQQD
EyhkMjM4MDRjMDcyOTViNjYwZTFiNDI0OTdkMjAwNTIyODYzYTQzMzEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhJxeGonP43Pom7ljqA2X2g+G/Aa3
WKWdfz00ei4uK3kGYCfhVIQduklElKHDUG7jSoPVlyqHMyhfmshKzauomvTqsvxJ
KGnlTtikeL4A7XFEnjHStsc7ax5lphUltowLwHGAgpkDlmtdYfO76UZsuyLH0Qu9
oadUfm5MU0EB9NoGFzlS3Za6m9iEcIrLSzaWuG4/FsvjVWJAclCUwuA/oLKbwGgp
NGRL2Mu3fqIIDh0dRZ2PfnlCAbX/209scaJXWGiqHCNeLKpSnAvheJmjdsT/CNKK
09ghM7B/2e5C5WcasOia9q6rQ9YTidulw+bjQgBcwxq4vuM2LQSBTb9UQQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNI4BMBylbZg4bQkl9IAUihjpDMQMB8GA1UdIwQY
MBaAFJT6bEKZMh3F/JH8eWOqUUh+SvXmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFBwc1Fwa3lIY1g4a2Z4NVk2cFJTSDVLOWVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC80M2QyNTUtMjg0YS00NjhmLThiNmUt
ZmIxZTlkYjBjMzg4LzEvbFBwc1Fwa3lIY1g4a2Z4NVk2cFJTSDVLOWVZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC80M2QyNTUtMjg0YS00NjhmLThiNmUtZmIxZTlkYjBjMzg4
LzEvbFBwc1Fwa3lIY1g4a2Z4NVk2cFJTSDVLOWVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUyePhUgo
lfg1kR2Z/f0mr0JYMWT7rXoV/dySeV8keWvUyPCpi1w4bxtFaxQPKAvMK6LYk3Mw
3PZQ54yTh5CxHZcc6duZfUy5wSTy2vSUSdMiYMycEip1WJtYMBR/QccwuqbbrBI1
SGwxGOyI21GSJxV6SBvk3e5PklEU1y/2+5a9Eq88PyYDwXXvl10icX0wmuhNcj8l
feT3wYDAbGf8rNWyMSrqFKa9gg+oI/rbltVe6nC4sYUoPY4PqewWvamAja+l64yL
MxzycUwSPr4lMfb1T8dUziwzmsRL0kou126YwCPuc+Mhizgzpml/U2Hj3Azc9DMT
1j2k1otiSTk2oQ==
-----END CERTIFICATE-----
Generated at Wed Nov 5 00:14:48 2025 by rpki-client