Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/1974ee-408f-4120-8f19-fa2f0d54b1d1/1/lQ8oTPXDnybd0jUufyrfeo3GD44.mft
File: lQ8oTPXDnybd0jUufyrfeo3GD44.mft (raw, json)
Hash identifier: Epgobi92z6ewo2lycitjFfCD5qAq+Lz1E1KPJdYxIEw=
Subject key identifier: 5A:00:3B:6B:98:7D:7E:3F:84:50:FC:84:BC:78:84:E1:EB:ED:CC:E7
Authority key identifier: 95:0F:28:4C:F5:C3:9F:26:DD:D2:35:2E:7F:2A:DF:7A:8D:C6:0F:8E
Certificate issuer: /CN=950f284cf5c39f26ddd2352e7f2adf7a8dc60f8e
Certificate serial: 0199FB45BAB6F8C8E8BBBF64ED9213522015
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lQ8oTPXDnybd0jUufyrfeo3GD44.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/1974ee-408f-4120-8f19-fa2f0d54b1d1/1/lQ8oTPXDnybd0jUufyrfeo3GD44.mft
Manifest number: 0CDD
Signing time: Sun 19 Oct 2025 07:01:14 +0000
Manifest this update: Sun 19 Oct 2025 07:01:14 +0000
Manifest next update: Mon 20 Oct 2025 07:01:14 +0000
Files and hashes: 1: CIXcSM8wlZUJc9_olM2z-Sxe_fI.roa (hash: mDiY7MPNQSCh1DaHA5s1SG/E+/9GUkWw11IjIEdP7WU=)
2: lQ8oTPXDnybd0jUufyrfeo3GD44.crl (hash: jVKjBtPivXyE8tm/Tf67EotM9wqYdftNZZJ0QWTs0Dk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/1974ee-408f-4120-8f19-fa2f0d54b1d1/1/lQ8oTPXDnybd0jUufyrfeo3GD44.crl
rsync://rpki.ripe.net/repository/DEFAULT/b0/1974ee-408f-4120-8f19-fa2f0d54b1d1/1/lQ8oTPXDnybd0jUufyrfeo3GD44.mft
rsync://rpki.ripe.net/repository/DEFAULT/lQ8oTPXDnybd0jUufyrfeo3GD44.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fb:45:ba:b6:f8:c8:e8:bb:bf:64:ed:92:13:52:20:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=950f284cf5c39f26ddd2352e7f2adf7a8dc60f8e
Validity
Not Before: Oct 19 07:01:14 2025 GMT
Not After : Oct 20 07:01:14 2025 GMT
Subject: CN=5a003b6b987d7e3f8450fc84bc7884e1ebedcce7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:47:5f:0e:65:71:45:b5:ff:fe:cf:60:ae:9e:
75:2d:95:a5:56:e1:8c:c8:7d:5a:ae:83:2b:73:47:
f3:8f:a7:af:ee:d6:2f:05:41:0c:c0:df:fc:2f:89:
47:38:68:5b:26:76:34:2b:72:93:e2:0a:a8:9d:4a:
bf:35:b5:94:aa:87:65:91:66:77:69:39:d0:d7:63:
29:1b:70:46:4b:6d:3a:63:87:da:54:fa:7b:ca:9d:
51:4c:29:8c:ca:d7:99:85:55:8d:c4:91:69:d7:ce:
f6:c1:2c:0c:67:ef:96:0d:b8:05:b8:db:c3:8b:1b:
12:94:e0:2d:93:31:6b:0b:52:78:e8:7d:f9:f5:05:
51:6a:0c:d8:34:41:8e:f3:10:65:73:fd:b8:f8:91:
62:ea:6a:69:d3:57:89:87:3f:6a:97:9b:4f:92:24:
67:ba:a1:fc:4b:47:97:0e:32:b0:2b:c2:06:c3:5e:
6f:7e:64:55:46:bb:71:e2:5e:65:c3:5a:59:18:ea:
44:8d:18:3a:24:0f:6e:bf:1f:c3:f4:35:ce:ac:40:
7e:b0:43:ca:eb:84:dd:5d:87:84:8b:8c:c8:63:cf:
8c:47:4e:24:68:c6:9a:65:fb:1c:19:df:72:39:a5:
22:30:03:8f:ef:ea:59:d5:5e:4a:47:ce:1c:48:ba:
ea:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:00:3B:6B:98:7D:7E:3F:84:50:FC:84:BC:78:84:E1:EB:ED:CC:E7
X509v3 Authority Key Identifier:
keyid:95:0F:28:4C:F5:C3:9F:26:DD:D2:35:2E:7F:2A:DF:7A:8D:C6:0F:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lQ8oTPXDnybd0jUufyrfeo3GD44.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/1974ee-408f-4120-8f19-fa2f0d54b1d1/1/lQ8oTPXDnybd0jUufyrfeo3GD44.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/1974ee-408f-4120-8f19-fa2f0d54b1d1/1/lQ8oTPXDnybd0jUufyrfeo3GD44.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
54:46:4e:72:94:de:3e:e9:30:2f:51:5b:55:f2:55:eb:09:60:
c3:9b:33:3d:72:bc:c1:d0:eb:52:dd:0c:4d:23:e4:8c:1e:18:
dc:9e:7e:0a:e7:ae:3a:26:36:e3:cd:2b:d1:c2:e0:79:44:bf:
18:c9:d4:11:b6:21:2d:dd:37:83:f7:35:29:02:9a:a5:1b:20:
f3:7b:01:3c:91:ee:7a:17:3c:32:d1:ad:f3:93:cb:36:a7:bc:
3d:5d:11:6a:fc:7c:ee:26:6c:b6:5c:72:4c:44:40:32:7e:4c:
94:a0:a9:b5:f1:2a:a4:20:e7:6b:8e:4a:8c:03:2b:fe:d2:2a:
9d:82:1c:66:d1:59:85:67:16:87:23:93:37:5f:b0:dd:2d:5e:
7a:e8:1b:ae:b5:92:8a:b1:77:fe:78:60:2a:36:b1:3e:7b:d5:
a6:09:95:9e:ec:52:79:19:00:78:a6:f2:8c:36:85:56:63:2b:
cd:26:cb:25:b1:c0:56:f7:fb:66:4c:c0:4a:85:0b:a1:f3:71:
5d:56:ec:a2:c3:ac:20:23:5e:36:49:f4:02:be:55:40:92:cd:
b4:18:69:9c:ab:1d:6c:8b:e1:bd:bc:10:f6:08:33:b3:fe:ef:
5d:a8:1f:ba:39:bc:5b:6d:1b:13:41:bf:90:9b:45:43:53:f7:
da:0a:71:10
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn7Rbq2+Mjou79k7ZITUiAVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1MGYyODRjZjVjMzlmMjZkZGQyMzUyZTdmMmFkZjdhOGRj
NjBmOGUwHhcNMjUxMDE5MDcwMTE0WhcNMjUxMDIwMDcwMTE0WjAzMTEwLwYDVQQD
Eyg1YTAwM2I2Yjk4N2Q3ZTNmODQ1MGZjODRiYzc4ODRlMWViZWRjY2U3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsUdfDmVxRbX//s9grp51LZWlVuGM
yH1aroMrc0fzj6ev7tYvBUEMwN/8L4lHOGhbJnY0K3KT4gqonUq/NbWUqodlkWZ3
aTnQ12MpG3BGS206Y4faVPp7yp1RTCmMyteZhVWNxJFp1872wSwMZ++WDbgFuNvD
ixsSlOAtkzFrC1J46H359QVRagzYNEGO8xBlc/24+JFi6mpp01eJhz9ql5tPkiRn
uqH8S0eXDjKwK8IGw15vfmRVRrtx4l5lw1pZGOpEjRg6JA9uvx/D9DXOrEB+sEPK
64TdXYeEi4zIY8+MR04kaMaaZfscGd9yOaUiMAOP7+pZ1V5KR84cSLrqZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFoAO2uYfX4/hFD8hLx4hOHr7cznMB8GA1UdIwQY
MBaAFJUPKEz1w58m3dI1Ln8q33qNxg+OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFE4b1RQWERueWJkMGpVdWZ5cmZlbzNHRDQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC8xOTc0ZWUtNDA4Zi00MTIwLThmMTkt
ZmEyZjBkNTRiMWQxLzEvbFE4b1RQWERueWJkMGpVdWZ5cmZlbzNHRDQ0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC8xOTc0ZWUtNDA4Zi00MTIwLThmMTktZmEyZjBkNTRiMWQx
LzEvbFE4b1RQWERueWJkMGpVdWZ5cmZlbzNHRDQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVEZOcpTe
PukwL1FbVfJV6wlgw5szPXK8wdDrUt0MTSPkjB4Y3J5+CueuOiY2480r0cLgeUS/
GMnUEbYhLd03g/c1KQKapRsg83sBPJHuehc8MtGt85PLNqe8PV0Ravx87iZstlxy
TERAMn5MlKCptfEqpCDna45KjAMr/tIqnYIcZtFZhWcWhyOTN1+w3S1eeugbrrWS
irF3/nhgKjaxPnvVpgmVnuxSeRkAeKbyjDaFVmMrzSbLJbHAVvf7ZkzASoULofNx
XVbsosOsICNeNkn0Ar5VQJLNtBhpnKsdbIvhvbwQ9ggzs/7vXagfujm8W20bE0G/
kJtFQ1P32gpxEA==
-----END CERTIFICATE-----
Generated at Sun Oct 19 13:10:04 2025 by rpki-client