Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/e1f171-a889-4395-9cfc-0805419d721a/1/lnRtO9Pi3eYWQCDesLXYkixkdm0.mft
File: lnRtO9Pi3eYWQCDesLXYkixkdm0.mft (raw, json)
Hash identifier: Sxt3vW2OcpYUA3qqQx9Es+5LcthXCwkzG/WBxrnPSfM=
Subject key identifier: 7F:48:61:A1:8B:99:44:E2:BD:DF:28:01:3C:E0:AD:BB:1E:23:CF:F7
Authority key identifier: 96:74:6D:3B:D3:E2:DD:E6:16:40:20:DE:B0:B5:D8:92:2C:64:76:6D
Certificate issuer: /CN=96746d3bd3e2dde6164020deb0b5d8922c64766d
Certificate serial: 019A5376445697E3267BD9C984FF8161581A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lnRtO9Pi3eYWQCDesLXYkixkdm0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/e1f171-a889-4395-9cfc-0805419d721a/1/lnRtO9Pi3eYWQCDesLXYkixkdm0.mft
Manifest number: 03C5
Signing time: Wed 05 Nov 2025 10:00:50 +0000
Manifest this update: Wed 05 Nov 2025 10:00:50 +0000
Manifest next update: Thu 06 Nov 2025 10:00:50 +0000
Files and hashes: 1: lnRtO9Pi3eYWQCDesLXYkixkdm0.crl (hash: 8erMKjyL+mf3UsXSJ040p+rfl5rhCIAvXgCYQ9jYPdQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d1/e1f171-a889-4395-9cfc-0805419d721a/1/lnRtO9Pi3eYWQCDesLXYkixkdm0.crl
rsync://rpki.ripe.net/repository/DEFAULT/d1/e1f171-a889-4395-9cfc-0805419d721a/1/lnRtO9Pi3eYWQCDesLXYkixkdm0.mft
rsync://rpki.ripe.net/repository/DEFAULT/lnRtO9Pi3eYWQCDesLXYkixkdm0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 03:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:53:76:44:56:97:e3:26:7b:d9:c9:84:ff:81:61:58:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=96746d3bd3e2dde6164020deb0b5d8922c64766d
Validity
Not Before: Nov 5 10:00:50 2025 GMT
Not After : Nov 6 10:00:50 2025 GMT
Subject: CN=7f4861a18b9944e2bddf28013ce0adbb1e23cff7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:68:ad:66:fe:87:8e:61:3a:98:36:d7:ac:c5:
e1:a3:ed:6b:da:83:df:9b:f9:27:c7:16:6c:d4:c3:
f0:93:d1:57:15:0a:ea:af:c8:cc:0d:27:c6:40:57:
60:66:ab:a1:b8:da:e2:a8:6c:72:9a:7c:09:28:dc:
4e:45:25:80:c6:46:25:da:03:0c:84:b3:07:d9:24:
fe:15:cd:f8:d8:4c:bb:66:6f:fb:fd:e5:c0:4e:5c:
c8:7e:30:ec:27:f8:ac:5c:df:68:01:cc:c5:22:c9:
68:f1:16:0e:df:9c:be:95:22:c1:52:35:d3:6d:f3:
20:f1:2b:3d:f6:30:cd:c9:8e:0d:f4:a2:ef:3c:92:
ff:5c:1c:35:a0:3c:f3:6e:7d:52:0b:15:d2:33:57:
af:72:55:97:da:38:6e:1a:2e:38:e1:b8:92:c2:07:
0b:ff:ea:b1:aa:e9:03:13:37:ef:10:37:ef:d8:18:
c8:ef:ce:4a:ef:fb:35:c8:62:d9:d0:8f:21:0b:a7:
70:f7:c7:9a:44:b3:da:8c:eb:26:00:f6:70:c7:ad:
e9:e4:35:f7:aa:e9:03:45:8d:d7:39:ac:79:3a:1b:
87:d3:cd:de:49:e4:f7:90:d3:67:50:ac:78:b0:a2:
a2:ba:71:cc:a3:c0:51:49:69:25:c8:8c:31:3d:62:
d0:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:48:61:A1:8B:99:44:E2:BD:DF:28:01:3C:E0:AD:BB:1E:23:CF:F7
X509v3 Authority Key Identifier:
keyid:96:74:6D:3B:D3:E2:DD:E6:16:40:20:DE:B0:B5:D8:92:2C:64:76:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lnRtO9Pi3eYWQCDesLXYkixkdm0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/e1f171-a889-4395-9cfc-0805419d721a/1/lnRtO9Pi3eYWQCDesLXYkixkdm0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/e1f171-a889-4395-9cfc-0805419d721a/1/lnRtO9Pi3eYWQCDesLXYkixkdm0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1c:46:6a:b4:8c:85:3e:5a:f8:18:e6:01:d4:71:a8:36:a4:db:
51:b8:ed:af:04:d8:6d:19:d4:6c:33:2b:25:be:20:c9:3e:53:
68:cf:7d:07:df:e0:0c:ff:1d:e4:7d:4b:5b:8c:64:07:2a:f9:
b1:5a:2b:44:d3:ca:2e:6e:e4:2c:03:28:37:a1:75:b6:29:15:
bd:e3:1e:e9:83:63:4b:7c:61:1e:a6:50:6d:ca:0e:28:b0:c5:
97:0b:a2:30:37:c4:2f:68:36:34:10:a8:40:92:06:04:40:99:
59:a1:4f:8c:07:bc:1f:a8:30:c1:45:60:41:d2:db:83:90:4a:
14:22:22:ea:9e:24:84:b4:dd:72:76:a4:35:8c:e1:f0:0b:f7:
25:1b:7c:9f:80:a7:68:8e:e3:21:e7:b5:c6:69:22:40:f2:02:
e7:92:b1:ff:95:27:93:8d:15:88:3d:d1:da:74:ce:75:e7:97:
75:0e:bf:90:b8:04:da:5c:8d:d4:46:3c:9d:73:84:52:5b:c9:
0e:9d:1d:1d:1c:f1:8f:9a:e6:27:04:01:b9:6e:b6:cf:16:b1:
fb:9f:22:1c:d8:66:aa:f5:fc:56:33:d7:8d:10:cd:0b:12:51:
85:d8:1d:6b:ba:9a:8e:a0:d1:48:a9:da:bd:f7:65:32:5a:47:
f9:00:67:eb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpTdkRWl+Mme9nJhP+BYVgaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2NzQ2ZDNiZDNlMmRkZTYxNjQwMjBkZWIwYjVkODkyMmM2
NDc2NmQwHhcNMjUxMTA1MTAwMDUwWhcNMjUxMTA2MTAwMDUwWjAzMTEwLwYDVQQD
Eyg3ZjQ4NjFhMThiOTk0NGUyYmRkZjI4MDEzY2UwYWRiYjFlMjNjZmY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2mitZv6HjmE6mDbXrMXho+1r2oPf
m/knxxZs1MPwk9FXFQrqr8jMDSfGQFdgZquhuNriqGxymnwJKNxORSWAxkYl2gMM
hLMH2ST+Fc342Ey7Zm/7/eXATlzIfjDsJ/isXN9oAczFIslo8RYO35y+lSLBUjXT
bfMg8Ss99jDNyY4N9KLvPJL/XBw1oDzzbn1SCxXSM1evclWX2jhuGi444biSwgcL
/+qxqukDEzfvEDfv2BjI785K7/s1yGLZ0I8hC6dw98eaRLPajOsmAPZwx63p5DX3
qukDRY3XOax5OhuH083eSeT3kNNnUKx4sKKiunHMo8BRSWklyIwxPWLQsQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH9IYaGLmUTivd8oATzgrbseI8/3MB8GA1UdIwQY
MBaAFJZ0bTvT4t3mFkAg3rC12JIsZHZtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbG5SdE85UGkzZVlXUUNEZXNMWFlraXhrZG0wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS9lMWYxNzEtYTg4OS00Mzk1LTljZmMt
MDgwNTQxOWQ3MjFhLzEvbG5SdE85UGkzZVlXUUNEZXNMWFlraXhrZG0wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS9lMWYxNzEtYTg4OS00Mzk1LTljZmMtMDgwNTQxOWQ3MjFh
LzEvbG5SdE85UGkzZVlXUUNEZXNMWFlraXhrZG0wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHEZqtIyF
Plr4GOYB1HGoNqTbUbjtrwTYbRnUbDMrJb4gyT5TaM99B9/gDP8d5H1LW4xkByr5
sVorRNPKLm7kLAMoN6F1tikVveMe6YNjS3xhHqZQbcoOKLDFlwuiMDfEL2g2NBCo
QJIGBECZWaFPjAe8H6gwwUVgQdLbg5BKFCIi6p4khLTdcnakNYzh8Av3JRt8n4Cn
aI7jIee1xmkiQPIC55Kx/5Unk40ViD3R2nTOdeeXdQ6/kLgE2lyN1EY8nXOEUlvJ
Dp0dHRzxj5rmJwQBuW62zxax+58iHNhmqvX8VjPXjRDNCxJRhdgda7qajqDRSKna
vfdlMlpH+QBn6w==
-----END CERTIFICATE-----
Generated at Wed Nov 5 11:43:19 2025 by rpki-client