Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/fdd688-3e23-46f4-a073-35b0c96524fa/1/lMhsmzXXghFrLNhYOifOtAO49ho.mft
File: lMhsmzXXghFrLNhYOifOtAO49ho.mft (raw, json)
Hash identifier: YFUAn0ndzl/LhikKTfv7k0wTPt1hL1sITVKASz8znYc=
Subject key identifier: 77:3B:DD:DB:6A:15:4A:7E:06:53:42:5B:C8:A3:D9:DE:6F:23:55:68
Authority key identifier: 94:C8:6C:9B:35:D7:82:11:6B:2C:D8:58:3A:27:CE:B4:03:B8:F6:1A
Certificate issuer: /CN=94c86c9b35d782116b2cd8583a27ceb403b8f61a
Certificate serial: 019894ED7EBF5DD643C10ABB1AF7E4D92823
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lMhsmzXXghFrLNhYOifOtAO49ho.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/fdd688-3e23-46f4-a073-35b0c96524fa/1/lMhsmzXXghFrLNhYOifOtAO49ho.mft
Manifest number: 1628
Signing time: Sun 10 Aug 2025 17:00:49 +0000
Manifest this update: Sun 10 Aug 2025 17:00:49 +0000
Manifest next update: Mon 11 Aug 2025 17:00:49 +0000
Files and hashes: 1: kL5tCodlPmsKcG8VmzS3vTT-EpU.roa (hash: rTcyxkJLmIdGub6lXVfezUyk6BdEW9e85j13e1XiRBA=)
2: lMhsmzXXghFrLNhYOifOtAO49ho.crl (hash: GeKP0ZJszI8QrTxcK63/nXEolCMosFjmGHxJgzI50H4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/fdd688-3e23-46f4-a073-35b0c96524fa/1/lMhsmzXXghFrLNhYOifOtAO49ho.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/fdd688-3e23-46f4-a073-35b0c96524fa/1/lMhsmzXXghFrLNhYOifOtAO49ho.mft
rsync://rpki.ripe.net/repository/DEFAULT/lMhsmzXXghFrLNhYOifOtAO49ho.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 11 Aug 2025 17:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:94:ed:7e:bf:5d:d6:43:c1:0a:bb:1a:f7:e4:d9:28:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94c86c9b35d782116b2cd8583a27ceb403b8f61a
Validity
Not Before: Aug 10 17:00:49 2025 GMT
Not After : Aug 11 17:00:49 2025 GMT
Subject: CN=773bdddb6a154a7e0653425bc8a3d9de6f235568
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:dc:61:23:c5:66:bb:ce:b9:eb:39:e3:36:49:
73:04:e8:7b:c3:f1:07:06:35:e3:1e:50:21:ec:1e:
1f:12:16:f1:90:16:ff:6c:9f:9d:0b:00:88:7c:a5:
8b:54:b8:80:6a:3f:a2:18:24:b2:5a:5c:64:5d:59:
c5:5f:0e:9b:e1:22:e6:60:21:dc:ca:79:cb:33:42:
d7:e3:c3:28:bb:f4:65:ce:02:c5:4f:e0:bc:97:ef:
ac:b7:05:2d:5d:30:6a:a4:31:2c:3e:d6:45:9a:a8:
99:f6:56:f6:bd:39:f8:35:b7:66:61:84:5d:43:e9:
90:5f:3d:86:cc:9f:da:68:b9:57:a6:fa:67:5a:65:
a4:df:6b:8c:8c:1c:48:14:89:dd:f9:b0:d3:99:95:
70:8d:2d:0a:ed:fc:f2:49:21:45:48:ec:d9:ee:78:
98:c7:f4:29:dc:91:15:98:46:01:ce:5d:49:ef:48:
86:5c:8b:47:45:bf:e1:6f:05:4a:b0:3a:77:96:2e:
f1:0b:c3:36:4a:4a:20:36:f6:c3:31:39:58:e1:6e:
84:c4:8b:12:13:42:e1:22:51:d7:8e:64:86:a9:75:
92:06:56:50:76:fa:8e:d8:53:a4:63:7f:9c:8c:a5:
05:fb:3a:a4:72:cc:0d:c9:5f:a2:f3:5b:d5:42:c1:
70:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:3B:DD:DB:6A:15:4A:7E:06:53:42:5B:C8:A3:D9:DE:6F:23:55:68
X509v3 Authority Key Identifier:
keyid:94:C8:6C:9B:35:D7:82:11:6B:2C:D8:58:3A:27:CE:B4:03:B8:F6:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lMhsmzXXghFrLNhYOifOtAO49ho.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/fdd688-3e23-46f4-a073-35b0c96524fa/1/lMhsmzXXghFrLNhYOifOtAO49ho.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/fdd688-3e23-46f4-a073-35b0c96524fa/1/lMhsmzXXghFrLNhYOifOtAO49ho.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
61:09:1f:de:c9:17:1c:3f:09:e3:32:10:f7:dd:05:e5:c9:1d:
f3:99:fb:6d:b3:77:ff:ea:d4:ea:3c:e9:9b:26:c4:32:6a:ef:
26:7a:2b:3c:32:12:0b:99:71:5f:60:2e:c5:c5:73:74:b2:0c:
90:92:49:f2:f7:94:f2:4c:46:c5:3e:6a:ca:08:9b:27:6b:65:
bc:23:d5:68:6e:ad:04:78:6d:91:d6:9d:af:17:1b:49:14:15:
2c:0f:73:8c:8b:3e:e6:83:01:e8:c4:99:ff:46:79:05:98:85:
ef:b4:b9:7f:74:e4:5d:21:3a:f8:b5:43:b5:47:bf:77:35:96:
8f:2e:2b:51:1c:09:cb:49:94:5c:c0:95:8b:23:43:93:86:d7:
13:49:5b:ce:a8:92:5f:bb:b1:db:a5:a6:d8:3f:56:2b:d9:dc:
d1:e7:00:9b:55:d9:a8:a3:70:a9:64:38:8d:5e:b8:50:d2:19:
fc:a8:0a:7e:46:b5:37:92:df:f9:fa:3d:31:25:ca:bb:9e:34:
e7:5f:f1:75:c5:cd:18:ea:95:33:5e:00:73:9e:77:1f:7c:1c:
14:0a:0b:07:79:4b:51:b1:14:69:0b:53:ae:ef:7a:75:d6:02:
e4:4f:ad:ce:52:90:34:e6:19:3b:78:b8:3f:5a:55:4b:48:72:
3e:9b:fc:4c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiU7X6/XdZDwQq7Gvfk2SgjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0Yzg2YzliMzVkNzgyMTE2YjJjZDg1ODNhMjdjZWI0MDNi
OGY2MWEwHhcNMjUwODEwMTcwMDQ5WhcNMjUwODExMTcwMDQ5WjAzMTEwLwYDVQQD
Eyg3NzNiZGRkYjZhMTU0YTdlMDY1MzQyNWJjOGEzZDlkZTZmMjM1NTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwNxhI8Vmu8656znjNklzBOh7w/EH
BjXjHlAh7B4fEhbxkBb/bJ+dCwCIfKWLVLiAaj+iGCSyWlxkXVnFXw6b4SLmYCHc
ynnLM0LX48Mou/RlzgLFT+C8l++stwUtXTBqpDEsPtZFmqiZ9lb2vTn4NbdmYYRd
Q+mQXz2GzJ/aaLlXpvpnWmWk32uMjBxIFInd+bDTmZVwjS0K7fzySSFFSOzZ7niY
x/Qp3JEVmEYBzl1J70iGXItHRb/hbwVKsDp3li7xC8M2SkogNvbDMTlY4W6ExIsS
E0LhIlHXjmSGqXWSBlZQdvqO2FOkY3+cjKUF+zqkcswNyV+i81vVQsFwAwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHc73dtqFUp+BlNCW8ij2d5vI1VoMB8GA1UdIwQY
MBaAFJTIbJs114IRayzYWDonzrQDuPYaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbE1oc216WFhnaEZyTE5oWU9pZk90QU80OWhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9mZGQ2ODgtM2UyMy00NmY0LWEwNzMt
MzViMGM5NjUyNGZhLzEvbE1oc216WFhnaEZyTE5oWU9pZk90QU80OWhvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9mZGQ2ODgtM2UyMy00NmY0LWEwNzMtMzViMGM5NjUyNGZh
LzEvbE1oc216WFhnaEZyTE5oWU9pZk90QU80OWhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYQkf3skX
HD8J4zIQ990F5ckd85n7bbN3/+rU6jzpmybEMmrvJnorPDISC5lxX2AuxcVzdLIM
kJJJ8veU8kxGxT5qygibJ2tlvCPVaG6tBHhtkdadrxcbSRQVLA9zjIs+5oMB6MSZ
/0Z5BZiF77S5f3TkXSE6+LVDtUe/dzWWjy4rURwJy0mUXMCViyNDk4bXE0lbzqiS
X7ux26Wm2D9WK9nc0ecAm1XZqKNwqWQ4jV64UNIZ/KgKfka1N5Lf+fo9MSXKu540
51/xdcXNGOqVM14Ac553H3wcFAoLB3lLUbEUaQtTru96ddYC5E+tzlKQNOYZO3i4
P1pVS0hyPpv8TA==
-----END CERTIFICATE-----
Generated at Sun Aug 10 19:51:04 2025 by rpki-client