Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/fdd688-3e23-46f4-a073-35b0c96524fa/1/lMhsmzXXghFrLNhYOifOtAO49ho.mft
File: lMhsmzXXghFrLNhYOifOtAO49ho.mft (raw, json)
Hash identifier: a7LxAelwMaDDu5m1ohYwAy88fLz0v32nbXbOjh2WOxw=
Subject key identifier: 0B:CE:C3:31:5C:00:B7:32:EF:26:2D:BF:B9:02:FD:61:D0:B5:67:78
Authority key identifier: 94:C8:6C:9B:35:D7:82:11:6B:2C:D8:58:3A:27:CE:B4:03:B8:F6:1A
Certificate issuer: /CN=94c86c9b35d782116b2cd8583a27ceb403b8f61a
Certificate serial: 019A52D1427CD92D41EB4C3C57487510EC40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lMhsmzXXghFrLNhYOifOtAO49ho.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/fdd688-3e23-46f4-a073-35b0c96524fa/1/lMhsmzXXghFrLNhYOifOtAO49ho.mft
Manifest number: 170F
Signing time: Wed 05 Nov 2025 07:00:36 +0000
Manifest this update: Wed 05 Nov 2025 07:00:36 +0000
Manifest next update: Thu 06 Nov 2025 07:00:36 +0000
Files and hashes: 1: kL5tCodlPmsKcG8VmzS3vTT-EpU.roa (hash: rTcyxkJLmIdGub6lXVfezUyk6BdEW9e85j13e1XiRBA=)
2: lMhsmzXXghFrLNhYOifOtAO49ho.crl (hash: mq6pA958L5Urp/54DAReXsZ4GYbyoMla2zqJWeX5Z9c=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/fdd688-3e23-46f4-a073-35b0c96524fa/1/lMhsmzXXghFrLNhYOifOtAO49ho.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/fdd688-3e23-46f4-a073-35b0c96524fa/1/lMhsmzXXghFrLNhYOifOtAO49ho.mft
rsync://rpki.ripe.net/repository/DEFAULT/lMhsmzXXghFrLNhYOifOtAO49ho.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 03:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:52:d1:42:7c:d9:2d:41:eb:4c:3c:57:48:75:10:ec:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94c86c9b35d782116b2cd8583a27ceb403b8f61a
Validity
Not Before: Nov 5 07:00:36 2025 GMT
Not After : Nov 6 07:00:36 2025 GMT
Subject: CN=0bcec3315c00b732ef262dbfb902fd61d0b56778
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:eb:68:51:eb:7e:b0:ee:60:b6:c1:c9:12:72:
18:93:86:80:45:9c:3f:bf:9e:fe:a6:aa:63:60:86:
f8:81:11:85:44:53:3a:08:20:38:05:f4:a0:79:91:
95:93:fb:3a:5e:ea:06:ee:1a:e8:a2:12:4d:ab:5b:
87:02:3f:49:c8:c3:ac:cc:e2:66:64:ad:cb:34:73:
9f:e7:64:d6:0f:38:df:a9:62:91:7b:85:1b:bd:87:
57:88:99:a6:d8:66:0e:94:58:fc:e7:27:ae:03:ea:
79:7b:4a:50:f4:81:1b:f1:48:dd:98:0c:b4:63:81:
ea:93:d7:08:dd:45:d1:4e:5b:21:43:40:64:d7:7a:
13:14:82:9f:e2:83:e3:dc:a1:a6:00:8f:e9:2b:17:
e6:65:2b:43:72:ab:44:0b:14:90:b4:de:72:09:77:
81:18:4a:db:24:d4:af:d2:00:de:89:c2:64:0e:50:
d1:e0:5d:87:b7:38:4e:ac:2b:18:b9:1e:4a:81:e2:
a4:6c:a5:96:8e:92:b8:10:86:f2:9b:41:19:58:9a:
ea:6f:73:3f:56:bf:8d:86:39:f8:10:17:73:d1:b3:
08:9e:6d:be:ac:be:ae:bc:0c:fe:ae:cb:86:a8:49:
3b:ee:2c:95:44:3d:c0:d7:c3:5f:d9:88:97:43:93:
04:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:CE:C3:31:5C:00:B7:32:EF:26:2D:BF:B9:02:FD:61:D0:B5:67:78
X509v3 Authority Key Identifier:
keyid:94:C8:6C:9B:35:D7:82:11:6B:2C:D8:58:3A:27:CE:B4:03:B8:F6:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lMhsmzXXghFrLNhYOifOtAO49ho.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/fdd688-3e23-46f4-a073-35b0c96524fa/1/lMhsmzXXghFrLNhYOifOtAO49ho.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/fdd688-3e23-46f4-a073-35b0c96524fa/1/lMhsmzXXghFrLNhYOifOtAO49ho.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
42:90:ab:34:5f:f4:a5:01:cd:f9:0b:c4:c3:a3:aa:ca:df:cc:
d3:c2:8f:85:c8:a1:e5:d2:c7:75:5d:28:26:53:0f:39:e1:9d:
74:e0:8d:26:4b:d5:ef:83:b3:44:85:15:d9:8f:ef:a6:25:48:
ed:1b:5b:d6:1a:65:1b:35:1b:91:8c:9d:80:0e:ef:82:5f:96:
f0:54:a7:6f:48:37:8a:2e:f4:c3:a0:7b:21:48:09:07:20:13:
22:03:0e:4b:c5:e3:4b:b4:fd:4c:78:da:d8:71:87:16:7c:c1:
3d:34:20:8d:fe:26:06:85:aa:30:0b:d7:ca:39:15:50:25:43:
81:79:08:25:25:c2:33:91:0e:cf:df:4a:64:13:c1:2e:ff:29:
43:46:47:4e:9d:15:32:25:a7:4e:c4:bd:82:f1:a1:5b:cc:2b:
66:10:92:38:a7:3b:a7:e3:33:d2:0e:ad:27:45:50:d2:c8:a3:
ec:d2:cb:59:d4:0e:68:b7:f0:5c:44:c0:a7:05:0c:6e:1e:1f:
c8:dd:88:13:50:bd:27:bd:db:85:27:75:cd:c3:73:e9:9d:4f:
77:ce:ef:bc:77:38:0a:f6:2d:48:b8:86:5b:11:bc:b4:9d:59:
67:58:85:56:f8:72:ff:5a:c6:d3:d0:2d:10:81:e0:1d:4e:46:
e0:13:95:2d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpS0UJ82S1B60w8V0h1EOxAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0Yzg2YzliMzVkNzgyMTE2YjJjZDg1ODNhMjdjZWI0MDNi
OGY2MWEwHhcNMjUxMTA1MDcwMDM2WhcNMjUxMTA2MDcwMDM2WjAzMTEwLwYDVQQD
EygwYmNlYzMzMTVjMDBiNzMyZWYyNjJkYmZiOTAyZmQ2MWQwYjU2Nzc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlOtoUet+sO5gtsHJEnIYk4aARZw/
v57+pqpjYIb4gRGFRFM6CCA4BfSgeZGVk/s6XuoG7hroohJNq1uHAj9JyMOszOJm
ZK3LNHOf52TWDzjfqWKRe4UbvYdXiJmm2GYOlFj85yeuA+p5e0pQ9IEb8UjdmAy0
Y4Hqk9cI3UXRTlshQ0Bk13oTFIKf4oPj3KGmAI/pKxfmZStDcqtECxSQtN5yCXeB
GErbJNSv0gDeicJkDlDR4F2HtzhOrCsYuR5KgeKkbKWWjpK4EIbym0EZWJrqb3M/
Vr+Nhjn4EBdz0bMInm2+rL6uvAz+rsuGqEk77iyVRD3A18Nf2YiXQ5ME3wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAvOwzFcALcy7yYtv7kC/WHQtWd4MB8GA1UdIwQY
MBaAFJTIbJs114IRayzYWDonzrQDuPYaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbE1oc216WFhnaEZyTE5oWU9pZk90QU80OWhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9mZGQ2ODgtM2UyMy00NmY0LWEwNzMt
MzViMGM5NjUyNGZhLzEvbE1oc216WFhnaEZyTE5oWU9pZk90QU80OWhvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9mZGQ2ODgtM2UyMy00NmY0LWEwNzMtMzViMGM5NjUyNGZh
LzEvbE1oc216WFhnaEZyTE5oWU9pZk90QU80OWhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQpCrNF/0
pQHN+QvEw6Oqyt/M08KPhcih5dLHdV0oJlMPOeGddOCNJkvV74OzRIUV2Y/vpiVI
7Rtb1hplGzUbkYydgA7vgl+W8FSnb0g3ii70w6B7IUgJByATIgMOS8XjS7T9THja
2HGHFnzBPTQgjf4mBoWqMAvXyjkVUCVDgXkIJSXCM5EOz99KZBPBLv8pQ0ZHTp0V
MiWnTsS9gvGhW8wrZhCSOKc7p+Mz0g6tJ0VQ0sij7NLLWdQOaLfwXETApwUMbh4f
yN2IE1C9J73bhSd1zcNz6Z1Pd87vvHc4CvYtSLiGWxG8tJ1ZZ1iFVvhy/1rG09At
EIHgHU5G4BOVLQ==
-----END CERTIFICATE-----
Generated at Wed Nov 5 13:27:14 2025 by rpki-client