Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/8d3c3b-6069-4cd1-89b1-cec35c453c5e/1/LrlwnvMbddaOIgiqvyosPD2Hb8E.mft
File: LrlwnvMbddaOIgiqvyosPD2Hb8E.mft (raw, json)
Hash identifier: Kb+BlL/7AY74dGqqRF36iQSEFv9xSMOpB51wnzEvab4=
Subject key identifier: 4D:A9:1F:B3:73:5E:C3:2A:13:9A:6D:B5:7B:10:42:AF:62:CB:85:FD
Authority key identifier: 2E:B9:70:9E:F3:1B:75:D6:8E:22:08:AA:BF:2A:2C:3C:3D:87:6F:C1
Certificate issuer: /CN=2eb9709ef31b75d68e2208aabf2a2c3c3d876fc1
Certificate serial: 019A537603DD614AFEA9BFF72DA9282FCDD5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LrlwnvMbddaOIgiqvyosPD2Hb8E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/8d3c3b-6069-4cd1-89b1-cec35c453c5e/1/LrlwnvMbddaOIgiqvyosPD2Hb8E.mft
Manifest number: 170D
Signing time: Wed 05 Nov 2025 10:00:34 +0000
Manifest this update: Wed 05 Nov 2025 10:00:34 +0000
Manifest next update: Thu 06 Nov 2025 10:00:34 +0000
Files and hashes: 1: LrlwnvMbddaOIgiqvyosPD2Hb8E.crl (hash: 7cqKoAqNfCZ1WjY/A8nUTJnLpbQQ3i19eOqpAO10LGM=)
2: pb4QZ95Peoa-v89w9IfVF9OInYI.roa (hash: mVmSldgY3RuIKYBpTP9fbMVJ33NM7M6bAyGk/0LxYwU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/8d3c3b-6069-4cd1-89b1-cec35c453c5e/1/LrlwnvMbddaOIgiqvyosPD2Hb8E.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/8d3c3b-6069-4cd1-89b1-cec35c453c5e/1/LrlwnvMbddaOIgiqvyosPD2Hb8E.mft
rsync://rpki.ripe.net/repository/DEFAULT/LrlwnvMbddaOIgiqvyosPD2Hb8E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 10:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:53:76:03:dd:61:4a:fe:a9:bf:f7:2d:a9:28:2f:cd:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2eb9709ef31b75d68e2208aabf2a2c3c3d876fc1
Validity
Not Before: Nov 5 10:00:34 2025 GMT
Not After : Nov 6 10:00:34 2025 GMT
Subject: CN=4da91fb3735ec32a139a6db57b1042af62cb85fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:8f:25:b8:36:1c:c6:63:ad:71:42:c9:36:2f:
42:80:4c:d0:48:71:8a:33:0a:19:49:df:3c:b5:f7:
de:d8:8d:ca:e0:96:9b:0f:23:5f:c0:97:3e:fd:57:
20:bf:8b:aa:a7:9c:bf:48:58:91:f2:30:43:aa:ec:
8f:b0:01:c7:42:22:b4:80:11:57:eb:39:4c:df:30:
ef:14:24:13:ad:23:0f:f8:a7:35:ae:22:49:51:6d:
ff:3c:c9:c6:ab:81:82:24:d2:69:ba:2f:a1:03:70:
56:ae:7e:82:a4:65:f0:77:4c:d3:01:07:a1:39:7b:
9f:f1:f3:2d:f3:04:00:4d:db:d4:3c:2f:65:fb:75:
f6:bd:be:17:97:99:ea:08:8e:d5:d5:c1:ee:8c:7d:
57:b2:f6:c5:9d:5f:2f:e4:3e:82:8c:dc:d2:11:c6:
81:88:f9:0b:b9:03:9e:8f:5e:26:0d:b2:0d:16:e3:
18:ec:71:66:ee:eb:c5:ef:f1:da:39:94:d5:59:48:
14:60:f6:74:e3:40:41:0b:e0:76:be:49:dc:70:4e:
be:5c:b1:0c:53:53:65:54:73:be:5d:0e:17:2d:68:
ba:64:1e:0b:46:9d:99:cc:5b:75:7d:39:18:10:f1:
d5:77:a3:90:bf:02:8b:99:90:48:9e:ba:97:6f:16:
2e:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:A9:1F:B3:73:5E:C3:2A:13:9A:6D:B5:7B:10:42:AF:62:CB:85:FD
X509v3 Authority Key Identifier:
keyid:2E:B9:70:9E:F3:1B:75:D6:8E:22:08:AA:BF:2A:2C:3C:3D:87:6F:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LrlwnvMbddaOIgiqvyosPD2Hb8E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/8d3c3b-6069-4cd1-89b1-cec35c453c5e/1/LrlwnvMbddaOIgiqvyosPD2Hb8E.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/8d3c3b-6069-4cd1-89b1-cec35c453c5e/1/LrlwnvMbddaOIgiqvyosPD2Hb8E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1c:01:a7:24:94:a5:28:3f:24:40:57:c0:7e:79:f6:bb:34:c6:
77:85:04:03:cf:e4:7b:71:63:9a:b2:f1:c3:bd:2e:0d:ad:c3:
fb:ec:ab:28:29:14:64:b0:87:16:a1:89:65:8f:32:92:83:08:
6f:a3:23:97:87:89:0b:d3:1f:f0:f6:97:cf:4e:e6:81:d7:65:
62:e6:06:e3:84:bd:b0:58:01:21:fa:1f:3d:8b:ef:ca:b9:c5:
6d:18:44:ba:04:81:9a:03:a4:6a:8a:5d:af:08:c2:88:6b:ff:
c6:d4:4e:aa:96:91:90:04:77:ce:43:98:22:56:41:8b:fe:57:
fb:e5:36:e1:7d:9f:fa:a9:4f:b6:e7:9b:f3:64:9c:d3:5b:ab:
4e:ed:9e:0c:4c:c2:63:09:52:5d:31:16:e7:95:bf:dc:af:83:
a5:11:e2:63:e7:d1:47:ee:88:70:c6:62:64:8d:6b:4e:9f:2e:
25:15:3a:94:1e:0c:dd:02:2a:b3:4a:78:fe:89:4b:e9:92:20:
d7:4e:cd:2f:05:d5:80:72:c3:d2:fe:d6:a5:df:4e:11:cf:41:
d0:3a:d9:a3:db:32:85:e2:e1:cd:d6:e7:1d:41:a8:41:67:31:
e3:bd:30:67:7b:be:63:98:b4:8b:a8:75:61:e5:17:ee:b1:11:
7b:2b:52:3e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpTdgPdYUr+qb/3LakoL83VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlYjk3MDllZjMxYjc1ZDY4ZTIyMDhhYWJmMmEyYzNjM2Q4
NzZmYzEwHhcNMjUxMTA1MTAwMDM0WhcNMjUxMTA2MTAwMDM0WjAzMTEwLwYDVQQD
Eyg0ZGE5MWZiMzczNWVjMzJhMTM5YTZkYjU3YjEwNDJhZjYyY2I4NWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Y8luDYcxmOtcULJNi9CgEzQSHGK
MwoZSd88tffe2I3K4JabDyNfwJc+/Vcgv4uqp5y/SFiR8jBDquyPsAHHQiK0gBFX
6zlM3zDvFCQTrSMP+Kc1riJJUW3/PMnGq4GCJNJpui+hA3BWrn6CpGXwd0zTAQeh
OXuf8fMt8wQATdvUPC9l+3X2vb4Xl5nqCI7V1cHujH1XsvbFnV8v5D6CjNzSEcaB
iPkLuQOej14mDbINFuMY7HFm7uvF7/HaOZTVWUgUYPZ040BBC+B2vknccE6+XLEM
U1NlVHO+XQ4XLWi6ZB4LRp2ZzFt1fTkYEPHVd6OQvwKLmZBInrqXbxYuoQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE2pH7NzXsMqE5pttXsQQq9iy4X9MB8GA1UdIwQY
MBaAFC65cJ7zG3XWjiIIqr8qLDw9h2/BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHJsd252TWJkZGFPSWdpcXZ5b3NQRDJIYjhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi84ZDNjM2ItNjA2OS00Y2QxLTg5YjEt
Y2VjMzVjNDUzYzVlLzEvTHJsd252TWJkZGFPSWdpcXZ5b3NQRDJIYjhFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi84ZDNjM2ItNjA2OS00Y2QxLTg5YjEtY2VjMzVjNDUzYzVl
LzEvTHJsd252TWJkZGFPSWdpcXZ5b3NQRDJIYjhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHAGnJJSl
KD8kQFfAfnn2uzTGd4UEA8/ke3FjmrLxw70uDa3D++yrKCkUZLCHFqGJZY8ykoMI
b6Mjl4eJC9Mf8PaXz07mgddlYuYG44S9sFgBIfofPYvvyrnFbRhEugSBmgOkaopd
rwjCiGv/xtROqpaRkAR3zkOYIlZBi/5X++U24X2f+qlPtueb82Sc01urTu2eDEzC
YwlSXTEW55W/3K+DpRHiY+fRR+6IcMZiZI1rTp8uJRU6lB4M3QIqs0p4/olL6ZIg
107NLwXVgHLD0v7Wpd9OEc9B0DrZo9syheLhzdbnHUGoQWcx470wZ3u+Y5i0i6h1
YeUX7rEReytSPg==
-----END CERTIFICATE-----
Generated at Wed Nov 5 16:22:49 2025 by rpki-client