Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/43d508-d19e-4f66-ae85-f805ab3a327e/1/l9nve9MDJN7fcLrOS72ldgwyaxo.mft
File: l9nve9MDJN7fcLrOS72ldgwyaxo.mft (raw, json)
Hash identifier: 91YoAeWNQjfskgdNUFQzzzDBrltggpiOUOQr3wtolxI=
Subject key identifier: 82:DC:16:9F:E2:91:96:F4:8E:C3:AF:BE:95:1E:33:7C:23:03:0E:DA
Authority key identifier: 97:D9:EF:7B:D3:03:24:DE:DF:70:BA:CE:4B:BD:A5:76:0C:32:6B:1A
Certificate issuer: /CN=97d9ef7bd30324dedf70bace4bbda5760c326b1a
Certificate serial: 0199FD6B181A78C90CB0E3E709C44E9408E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l9nve9MDJN7fcLrOS72ldgwyaxo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/43d508-d19e-4f66-ae85-f805ab3a327e/1/l9nve9MDJN7fcLrOS72ldgwyaxo.mft
Manifest number: 0FAA
Signing time: Sun 19 Oct 2025 17:01:18 +0000
Manifest this update: Sun 19 Oct 2025 17:01:18 +0000
Manifest next update: Mon 20 Oct 2025 17:01:18 +0000
Files and hashes: 1: N0s8xKfa_bF09tlRJvpRIiwnl5w.roa (hash: 90x2GkpRoKN6DUPIyJuUzKhNvSMsOvRGP9u2xtqB9lE=)
2: l9nve9MDJN7fcLrOS72ldgwyaxo.crl (hash: cIvwTo/49ndURC1hrIKeOhIKhaxalsAIm2cTMHVlxE4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/89/43d508-d19e-4f66-ae85-f805ab3a327e/1/l9nve9MDJN7fcLrOS72ldgwyaxo.crl
rsync://rpki.ripe.net/repository/DEFAULT/89/43d508-d19e-4f66-ae85-f805ab3a327e/1/l9nve9MDJN7fcLrOS72ldgwyaxo.mft
rsync://rpki.ripe.net/repository/DEFAULT/l9nve9MDJN7fcLrOS72ldgwyaxo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fd:6b:18:1a:78:c9:0c:b0:e3:e7:09:c4:4e:94:08:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=97d9ef7bd30324dedf70bace4bbda5760c326b1a
Validity
Not Before: Oct 19 17:01:18 2025 GMT
Not After : Oct 20 17:01:18 2025 GMT
Subject: CN=82dc169fe29196f48ec3afbe951e337c23030eda
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:d1:ef:9f:c5:73:21:39:ae:99:56:87:4b:ce:
a9:c2:fc:ba:fc:81:b3:e7:dd:94:c2:ae:4d:31:0c:
64:22:db:38:03:4d:da:6b:dc:34:01:29:ba:76:94:
87:be:78:9a:99:1b:0b:db:6b:1c:03:ce:5e:8b:24:
88:c6:ad:66:36:50:bf:c6:5d:0a:06:49:0f:2c:63:
5c:cb:43:06:fc:6a:65:27:d3:6d:8c:a9:92:b9:50:
65:8a:50:91:15:31:62:0f:e0:d3:65:2d:c7:68:69:
ff:a7:ec:33:c3:92:46:47:ef:d3:16:22:05:9e:fc:
4e:49:4f:70:d5:e1:c1:36:a9:ef:c5:c3:00:07:63:
83:44:4d:75:f3:fa:72:e1:05:0f:5d:6c:71:1a:20:
f4:ca:6b:a5:3f:47:46:1a:95:b7:76:2c:d6:94:bc:
6b:59:0d:fa:5c:9f:5f:8b:92:07:45:6e:05:4d:b2:
7e:57:dc:50:83:0b:ff:70:39:cf:c4:17:b6:84:df:
31:75:00:d3:b1:eb:9b:7d:02:fe:a6:7b:6e:aa:79:
c8:8f:0c:fd:b8:d3:c0:38:fd:94:a4:c1:82:c8:ae:
0d:08:ca:57:62:1f:89:9d:7f:ea:6f:05:ef:62:5e:
da:15:f9:bf:22:93:bc:96:24:60:ec:15:67:58:16:
5e:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:DC:16:9F:E2:91:96:F4:8E:C3:AF:BE:95:1E:33:7C:23:03:0E:DA
X509v3 Authority Key Identifier:
keyid:97:D9:EF:7B:D3:03:24:DE:DF:70:BA:CE:4B:BD:A5:76:0C:32:6B:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l9nve9MDJN7fcLrOS72ldgwyaxo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/43d508-d19e-4f66-ae85-f805ab3a327e/1/l9nve9MDJN7fcLrOS72ldgwyaxo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/43d508-d19e-4f66-ae85-f805ab3a327e/1/l9nve9MDJN7fcLrOS72ldgwyaxo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
88:b7:49:be:08:39:9b:2b:d9:d2:56:30:8e:35:24:e2:5a:5f:
94:23:b6:3f:ae:39:79:4d:4e:d5:47:12:66:91:6a:76:5b:ec:
4f:cb:dc:13:3d:88:58:d5:b0:56:f1:27:2e:d2:0a:79:5c:80:
e5:b6:8b:3d:fe:7b:3b:21:cc:f3:a7:e7:82:d1:b4:ec:42:3f:
fa:a0:c4:fe:d5:98:08:58:7e:10:5f:cb:63:c5:8e:0b:38:60:
cb:52:35:df:ba:51:38:cb:27:dc:7f:4e:22:49:d0:6e:00:13:
53:16:89:35:2d:af:4b:87:fe:01:32:3b:10:f3:00:65:e1:9e:
5d:1c:bb:09:de:31:e8:b7:3b:47:0a:cf:12:a5:4c:90:31:a2:
c5:8c:2d:a1:a1:28:37:f9:aa:6c:df:96:91:88:cd:71:7f:13:
88:23:87:45:a8:62:2a:ea:78:44:f2:dd:76:3e:da:fa:1e:76:
3f:a6:76:de:da:f6:d3:cb:33:70:3d:0a:d4:eb:ae:cc:9e:34:
e9:18:7f:49:23:e3:e1:ac:db:87:28:90:c3:bb:24:bf:ee:66:
b5:f4:7f:3e:c8:16:71:45:8c:4a:86:bd:8d:e0:32:b8:7c:fa:
28:de:3a:fb:8d:ed:10:da:5a:81:22:47:3f:e4:0a:fc:a8:ab:
66:99:7c:d9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn9axgaeMkMsOPnCcROlAjoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3ZDllZjdiZDMwMzI0ZGVkZjcwYmFjZTRiYmRhNTc2MGMz
MjZiMWEwHhcNMjUxMDE5MTcwMTE4WhcNMjUxMDIwMTcwMTE4WjAzMTEwLwYDVQQD
Eyg4MmRjMTY5ZmUyOTE5NmY0OGVjM2FmYmU5NTFlMzM3YzIzMDMwZWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxNHvn8VzITmumVaHS86pwvy6/IGz
592Uwq5NMQxkIts4A03aa9w0ASm6dpSHvniamRsL22scA85eiySIxq1mNlC/xl0K
BkkPLGNcy0MG/GplJ9NtjKmSuVBlilCRFTFiD+DTZS3HaGn/p+wzw5JGR+/TFiIF
nvxOSU9w1eHBNqnvxcMAB2ODRE118/py4QUPXWxxGiD0ymulP0dGGpW3dizWlLxr
WQ36XJ9fi5IHRW4FTbJ+V9xQgwv/cDnPxBe2hN8xdQDTseubfQL+pntuqnnIjwz9
uNPAOP2UpMGCyK4NCMpXYh+JnX/qbwXvYl7aFfm/IpO8liRg7BVnWBZeHQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFILcFp/ikZb0jsOvvpUeM3wjAw7aMB8GA1UdIwQY
MBaAFJfZ73vTAyTe33C6zku9pXYMMmsaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDludmU5TURKTjdmY0xyT1M3MmxkZ3d5YXhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS80M2Q1MDgtZDE5ZS00ZjY2LWFlODUt
ZjgwNWFiM2EzMjdlLzEvbDludmU5TURKTjdmY0xyT1M3MmxkZ3d5YXhvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS80M2Q1MDgtZDE5ZS00ZjY2LWFlODUtZjgwNWFiM2EzMjdl
LzEvbDludmU5TURKTjdmY0xyT1M3MmxkZ3d5YXhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiLdJvgg5
myvZ0lYwjjUk4lpflCO2P645eU1O1UcSZpFqdlvsT8vcEz2IWNWwVvEnLtIKeVyA
5baLPf57OyHM86fngtG07EI/+qDE/tWYCFh+EF/LY8WOCzhgy1I137pROMsn3H9O
IknQbgATUxaJNS2vS4f+ATI7EPMAZeGeXRy7Cd4x6Lc7RwrPEqVMkDGixYwtoaEo
N/mqbN+WkYjNcX8TiCOHRahiKup4RPLddj7a+h52P6Z23tr208szcD0K1OuuzJ40
6Rh/SSPj4azbhyiQw7skv+5mtfR/PsgWcUWMSoa9jeAyuHz6KN46+43tENpagSJH
P+QK/KirZpl82Q==
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:40:14 2025 by rpki-client