Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/6a88ac-efb4-45e4-9199-2abdb21941bc/1/lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.mft
File: lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.mft (raw, json)
Hash identifier: hF/Np2ZIQ6uSxwumx8S2C094wiky9MGeUlEpONrUUBs=
Subject key identifier: 23:F3:DE:E9:D8:11:25:D7:99:89:32:FF:A7:0A:B4:87:FA:2F:4D:C0
Authority key identifier: 96:B8:7E:5F:D1:AA:DC:1B:BE:A3:72:B4:26:9E:EB:D3:93:C5:CD:67
Certificate issuer: /CN=96b87e5fd1aadc1bbea372b4269eebd393c5cd67
Certificate serial: 01988B460773965F2FADC8D54F8000D217CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/6a88ac-efb4-45e4-9199-2abdb21941bc/1/lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.mft
Manifest number: 0D5A
Signing time: Fri 08 Aug 2025 20:01:18 +0000
Manifest this update: Fri 08 Aug 2025 20:01:18 +0000
Manifest next update: Sat 09 Aug 2025 20:01:18 +0000
Files and hashes: 1: O8xQyf4SlO_QA8u4YHx9nqfuT4c.roa (hash: WyDwMMx1y5LT2GHueRZtXWT+BMFzzrzU6Km40azPSxA=)
2: lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.crl (hash: xRAOyr1+xHtXLM3NmzJ+ddxY+mBWuFs8NOJWqAbLjss=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1b/6a88ac-efb4-45e4-9199-2abdb21941bc/1/lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.crl
rsync://rpki.ripe.net/repository/DEFAULT/1b/6a88ac-efb4-45e4-9199-2abdb21941bc/1/lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.mft
rsync://rpki.ripe.net/repository/DEFAULT/lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Aug 2025 20:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:8b:46:07:73:96:5f:2f:ad:c8:d5:4f:80:00:d2:17:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=96b87e5fd1aadc1bbea372b4269eebd393c5cd67
Validity
Not Before: Aug 8 20:01:18 2025 GMT
Not After : Aug 9 20:01:18 2025 GMT
Subject: CN=23f3dee9d81125d7998932ffa70ab487fa2f4dc0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:07:e8:94:38:b3:72:db:a9:89:08:58:cd:6e:
cf:b4:a8:04:eb:e2:dc:6d:d4:ba:c6:aa:84:eb:8f:
1f:54:c8:5a:c1:f0:34:52:56:8b:21:31:fc:23:7c:
f4:a2:10:64:e7:71:77:12:3a:30:a0:7f:94:b2:c3:
07:4c:05:89:32:0c:2d:33:a3:a4:e9:87:4c:9c:33:
0d:31:34:b3:04:0c:e3:d0:d5:e7:c5:ab:4a:65:70:
f5:ba:ed:ed:91:cc:ef:55:16:9d:56:2c:fd:12:40:
bf:f5:a5:9f:0f:cd:41:b8:c5:c9:f4:cc:fb:05:28:
76:60:30:c3:be:77:bd:7e:b4:a6:24:e7:52:56:2c:
b7:8d:13:a8:67:96:d9:66:be:ed:62:fa:14:f4:67:
70:58:ca:91:1f:15:5e:66:71:bf:bd:f9:bc:7d:2d:
99:b6:75:ae:2a:dc:98:ba:81:c8:9d:77:02:72:83:
20:a6:da:f6:b1:f8:c1:a8:d3:6a:6e:69:55:93:dc:
ca:53:98:70:f1:be:35:34:9d:f4:04:85:ba:e3:7f:
be:13:83:6d:8d:c9:f2:dc:cf:23:19:b5:7f:3d:74:
a9:14:90:70:e2:38:a7:d0:0c:be:df:8c:ff:a0:02:
12:47:8f:22:cf:0a:bc:09:cf:35:ca:24:d5:b6:43:
e6:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:F3:DE:E9:D8:11:25:D7:99:89:32:FF:A7:0A:B4:87:FA:2F:4D:C0
X509v3 Authority Key Identifier:
keyid:96:B8:7E:5F:D1:AA:DC:1B:BE:A3:72:B4:26:9E:EB:D3:93:C5:CD:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/6a88ac-efb4-45e4-9199-2abdb21941bc/1/lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/6a88ac-efb4-45e4-9199-2abdb21941bc/1/lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
84:ff:3e:ce:2b:77:40:84:20:1a:d1:ae:69:9c:48:55:97:ee:
e5:0e:01:17:5e:88:ca:77:e9:e8:f7:dc:de:84:4b:7d:8f:a7:
c0:59:b1:0c:2f:35:cb:d0:f7:6f:7c:e7:c8:e7:62:c0:ee:72:
ce:6c:b9:bf:d3:8d:e9:c9:d5:4e:f8:93:ae:08:09:4b:fb:db:
80:d3:72:7a:48:0f:b0:a9:ec:79:48:8e:77:ff:b2:c6:ec:42:
36:47:97:00:e3:f9:46:e6:d6:3b:52:d6:85:5f:cb:9d:25:70:
7c:b9:0f:c0:61:63:cd:78:45:fd:9a:8c:2a:bd:54:66:ef:35:
ef:a1:2f:2e:d0:a5:9a:96:e0:19:a3:b2:5b:f0:b5:48:bd:aa:
e9:2e:aa:5e:e4:2f:e2:01:c9:49:b9:4a:0d:21:9b:3e:93:8b:
b6:56:f1:da:da:cf:8f:85:f6:2c:42:7a:2d:9e:d7:f0:5a:b9:
10:98:49:32:d4:ff:da:66:7b:79:d6:c1:4e:54:d7:a0:e9:89:
e2:28:7f:3c:88:fc:e3:9c:83:3f:a8:10:d3:fd:be:c5:3f:44:
bc:5e:9d:cb:66:e9:c9:3d:2a:0e:d4:40:98:53:1d:75:82:d7:
e6:ba:5f:be:da:bb:7d:fe:79:6f:0d:7c:46:c9:63:23:84:74:
1d:e5:d3:8c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiLRgdzll8vrcjVT4AA0hfNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2Yjg3ZTVmZDFhYWRjMWJiZWEzNzJiNDI2OWVlYmQzOTNj
NWNkNjcwHhcNMjUwODA4MjAwMTE4WhcNMjUwODA5MjAwMTE4WjAzMTEwLwYDVQQD
EygyM2YzZGVlOWQ4MTEyNWQ3OTk4OTMyZmZhNzBhYjQ4N2ZhMmY0ZGMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3QfolDizctupiQhYzW7PtKgE6+Lc
bdS6xqqE648fVMhawfA0UlaLITH8I3z0ohBk53F3EjowoH+UssMHTAWJMgwtM6Ok
6YdMnDMNMTSzBAzj0NXnxatKZXD1uu3tkczvVRadViz9EkC/9aWfD81BuMXJ9Mz7
BSh2YDDDvne9frSmJOdSViy3jROoZ5bZZr7tYvoU9GdwWMqRHxVeZnG/vfm8fS2Z
tnWuKtyYuoHInXcCcoMgptr2sfjBqNNqbmlVk9zKU5hw8b41NJ30BIW643++E4Nt
jcny3M8jGbV/PXSpFJBw4jin0Ay+34z/oAISR48izwq8Cc81yiTVtkPmoQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCPz3unYESXXmYky/6cKtIf6L03AMB8GA1UdIwQY
MBaAFJa4fl/RqtwbvqNytCae69OTxc1nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHJoLVg5R3EzQnUtbzNLMEpwN3IwNVBGeldjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi82YTg4YWMtZWZiNC00NWU0LTkxOTkt
MmFiZGIyMTk0MWJjLzEvbHJoLVg5R3EzQnUtbzNLMEpwN3IwNVBGeldjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi82YTg4YWMtZWZiNC00NWU0LTkxOTktMmFiZGIyMTk0MWJj
LzEvbHJoLVg5R3EzQnUtbzNLMEpwN3IwNVBGeldjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhP8+zit3
QIQgGtGuaZxIVZfu5Q4BF16Iynfp6Pfc3oRLfY+nwFmxDC81y9D3b3znyOdiwO5y
zmy5v9ON6cnVTviTrggJS/vbgNNyekgPsKnseUiOd/+yxuxCNkeXAOP5RubWO1LW
hV/LnSVwfLkPwGFjzXhF/ZqMKr1UZu8176EvLtClmpbgGaOyW/C1SL2q6S6qXuQv
4gHJSblKDSGbPpOLtlbx2trPj4X2LEJ6LZ7X8Fq5EJhJMtT/2mZ7edbBTlTXoOmJ
4ih/PIj845yDP6gQ0/2+xT9EvF6dy2bpyT0qDtRAmFMddYLX5rpfvtq7ff55bw18
RsljI4R0HeXTjA==
-----END CERTIFICATE-----
Generated at Sat Aug 9 01:14:27 2025 by rpki-client