
Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/d25a72-bbe3-4ab0-9564-fe45d5160c39/1/gaLQ3NUKaC-XXqPYw45eZ7sDIvk.mft
File: gaLQ3NUKaC-XXqPYw45eZ7sDIvk.mft (raw, json)
Hash identifier: ymEEG0yapYJibrLvigCeWjfEqp5Ov4mJOHdMG9WGV70=
Subject key identifier: F5:82:75:5B:00:9D:23:19:86:BB:73:89:8B:5D:2F:6A:7E:86:17:E7
Authority key identifier: 81:A2:D0:DC:D5:0A:68:2F:97:5E:A3:D8:C3:8E:5E:67:BB:03:22:F9
Certificate issuer: /CN=81a2d0dcd50a682f975ea3d8c38e5e67bb0322f9
Certificate serial: 0199FC8F4CE64998EF97211373ACD92BD58B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gaLQ3NUKaC-XXqPYw45eZ7sDIvk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/d25a72-bbe3-4ab0-9564-fe45d5160c39/1/gaLQ3NUKaC-XXqPYw45eZ7sDIvk.mft
Manifest number: 15A9
Signing time: Sun 19 Oct 2025 13:01:13 +0000
Manifest this update: Sun 19 Oct 2025 13:01:13 +0000
Manifest next update: Mon 20 Oct 2025 13:01:13 +0000
Files and hashes: 1: 3bMVFRs8FOeJcOkO2XYWLqzrrkg.roa (hash: jcRVVzJYs1NWamGAFlutgx67H4FacWZP/qMYz6OqYpI=)
2: gaLQ3NUKaC-XXqPYw45eZ7sDIvk.crl (hash: 94elJ/2Ry3qRIKHnCZOMrBZSuELYxOdY2FLcB8IaOZU=)
3: iu1uLDkjA2lC4iCmh3mgoTg-ECs.roa (hash: J1M6seCPFdUQmcH1n+B1kmRcatuaeOrkFhV5roQrzQ8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e2/d25a72-bbe3-4ab0-9564-fe45d5160c39/1/gaLQ3NUKaC-XXqPYw45eZ7sDIvk.crl
rsync://rpki.ripe.net/repository/DEFAULT/e2/d25a72-bbe3-4ab0-9564-fe45d5160c39/1/gaLQ3NUKaC-XXqPYw45eZ7sDIvk.mft
rsync://rpki.ripe.net/repository/DEFAULT/gaLQ3NUKaC-XXqPYw45eZ7sDIvk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fc:8f:4c:e6:49:98:ef:97:21:13:73:ac:d9:2b:d5:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81a2d0dcd50a682f975ea3d8c38e5e67bb0322f9
Validity
Not Before: Oct 19 13:01:13 2025 GMT
Not After : Oct 20 13:01:13 2025 GMT
Subject: CN=f582755b009d231986bb73898b5d2f6a7e8617e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:4e:40:fc:33:46:c2:61:f2:eb:51:ad:ba:8e:
ca:61:f7:55:71:78:6c:15:2c:f5:ab:62:4e:87:a6:
36:7a:08:db:aa:55:71:c8:93:78:05:1c:17:be:c0:
db:00:5a:f6:08:8d:2b:6e:2f:cb:cf:7d:30:e6:d7:
e3:63:52:c0:7c:1b:c4:db:fa:d4:16:c5:53:1a:90:
a7:d0:37:ad:d8:df:c2:fa:f9:a6:65:6b:91:a4:1c:
07:6d:24:b0:a9:5d:5b:90:3e:ea:fc:5b:1e:90:11:
dc:5e:53:16:4c:46:45:e6:bc:fe:a4:a5:f4:bb:20:
4c:3f:95:94:1d:2c:bc:f7:98:ca:f8:ec:59:30:24:
36:fb:2e:f4:8f:c2:71:db:11:1a:ae:ef:76:bc:b0:
7a:a2:49:63:1a:00:59:e3:68:ec:41:b1:10:92:48:
8d:4c:f4:50:e3:b1:a0:5d:72:e6:5a:40:4b:69:d6:
b1:74:03:1b:bf:9c:48:2e:43:00:72:1b:5e:2e:1b:
d0:22:23:a5:db:df:ce:f7:ff:8c:ed:c8:98:69:4b:
05:73:96:dd:41:8a:08:0d:cd:e4:92:b8:c0:60:95:
64:00:a2:6b:0f:41:31:47:8e:06:64:6c:2a:b9:d4:
92:d0:61:bd:56:64:38:15:f4:d4:41:6a:ed:64:6b:
d5:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:82:75:5B:00:9D:23:19:86:BB:73:89:8B:5D:2F:6A:7E:86:17:E7
X509v3 Authority Key Identifier:
keyid:81:A2:D0:DC:D5:0A:68:2F:97:5E:A3:D8:C3:8E:5E:67:BB:03:22:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gaLQ3NUKaC-XXqPYw45eZ7sDIvk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/d25a72-bbe3-4ab0-9564-fe45d5160c39/1/gaLQ3NUKaC-XXqPYw45eZ7sDIvk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/d25a72-bbe3-4ab0-9564-fe45d5160c39/1/gaLQ3NUKaC-XXqPYw45eZ7sDIvk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6a:0c:0a:2e:78:1b:ba:d3:c0:e6:e9:ec:2a:06:07:b2:9a:16:
ae:ec:b6:7c:47:d4:08:50:30:81:12:1d:28:92:ad:2f:0a:aa:
ef:90:fe:43:de:ef:7e:b9:a7:9f:18:a9:98:52:22:2a:30:21:
65:73:89:6d:81:c3:6b:31:60:d1:98:6c:2a:6c:c8:6a:89:de:
3a:4e:5e:07:0c:bc:33:78:b9:7d:43:64:d5:cb:7a:eb:77:41:
ed:3c:5a:48:13:e0:df:cc:c9:06:70:85:92:6c:e8:b9:b3:1d:
3d:e8:57:85:5b:84:d3:07:3b:d6:ac:e9:9c:13:b9:3b:b6:c8:
6f:c6:d4:6a:01:73:83:30:d8:f1:df:b9:40:ce:4f:f1:ce:89:
cd:d2:50:4c:fc:72:a9:66:f5:9f:b4:19:d7:d1:8e:aa:17:af:
f2:54:11:a1:e7:16:50:0c:20:15:cf:48:f2:e5:91:0a:9b:0c:
8d:ab:db:8d:5a:9a:64:51:3c:85:7f:82:b8:b7:43:95:c6:de:
62:8d:c5:b5:7d:a9:61:e1:bb:a4:ae:19:c8:1e:39:90:22:b7:
75:ac:c5:dc:d7:99:3e:14:69:cb:19:93:b0:3f:24:ec:05:98:
74:ff:0a:36:dc:60:8c:f0:69:c3:f5:0a:1d:bd:7a:9c:52:60:
fe:5d:72:41
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8j0zmSZjvlyETc6zZK9WLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxYTJkMGRjZDUwYTY4MmY5NzVlYTNkOGMzOGU1ZTY3YmIw
MzIyZjkwHhcNMjUxMDE5MTMwMTEzWhcNMjUxMDIwMTMwMTEzWjAzMTEwLwYDVQQD
EyhmNTgyNzU1YjAwOWQyMzE5ODZiYjczODk4YjVkMmY2YTdlODYxN2U3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvU5A/DNGwmHy61Gtuo7KYfdVcXhs
FSz1q2JOh6Y2egjbqlVxyJN4BRwXvsDbAFr2CI0rbi/Lz30w5tfjY1LAfBvE2/rU
FsVTGpCn0Det2N/C+vmmZWuRpBwHbSSwqV1bkD7q/FsekBHcXlMWTEZF5rz+pKX0
uyBMP5WUHSy895jK+OxZMCQ2+y70j8Jx2xEaru92vLB6okljGgBZ42jsQbEQkkiN
TPRQ47GgXXLmWkBLadaxdAMbv5xILkMAchteLhvQIiOl29/O9/+M7ciYaUsFc5bd
QYoIDc3kkrjAYJVkAKJrD0ExR44GZGwqudSS0GG9VmQ4FfTUQWrtZGvV4wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPWCdVsAnSMZhrtziYtdL2p+hhfnMB8GA1UdIwQY
MBaAFIGi0NzVCmgvl16j2MOOXme7AyL5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2FMUTNOVUthQy1YWHFQWXc0NWVaN3NESXZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9kMjVhNzItYmJlMy00YWIwLTk1NjQt
ZmU0NWQ1MTYwYzM5LzEvZ2FMUTNOVUthQy1YWHFQWXc0NWVaN3NESXZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9kMjVhNzItYmJlMy00YWIwLTk1NjQtZmU0NWQ1MTYwYzM5
LzEvZ2FMUTNOVUthQy1YWHFQWXc0NWVaN3NESXZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAagwKLngb
utPA5unsKgYHspoWruy2fEfUCFAwgRIdKJKtLwqq75D+Q97vfrmnnxipmFIiKjAh
ZXOJbYHDazFg0ZhsKmzIaoneOk5eBwy8M3i5fUNk1ct663dB7TxaSBPg38zJBnCF
kmzoubMdPehXhVuE0wc71qzpnBO5O7bIb8bUagFzgzDY8d+5QM5P8c6JzdJQTPxy
qWb1n7QZ19GOqhev8lQRoecWUAwgFc9I8uWRCpsMjavbjVqaZFE8hX+CuLdDlcbe
Yo3FtX2pYeG7pK4ZyB45kCK3dazF3NeZPhRpyxmTsD8k7AWYdP8KNtxgjPBpw/UK
Hb16nFJg/l1yQQ==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:14:29 2025 by rpki-client