Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/6a88ac-efb4-45e4-9199-2abdb21941bc/1/lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.mft
File: lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.mft (raw, json)
Hash identifier: tIGnc3/kthKA3u3heg1LfvkO7BSmC78+G5X2YhM36Zg=
Subject key identifier: AA:DD:21:D8:C2:41:34:B8:20:31:EC:CA:7B:CF:53:84:47:79:BE:A0
Authority key identifier: 96:B8:7E:5F:D1:AA:DC:1B:BE:A3:72:B4:26:9E:EB:D3:93:C5:CD:67
Certificate issuer: /CN=96b87e5fd1aadc1bbea372b4269eebd393c5cd67
Certificate serial: 019A56E483265BD28CC44A12F49B482CF03E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/6a88ac-efb4-45e4-9199-2abdb21941bc/1/lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.mft
Manifest number: 0E48
Signing time: Thu 06 Nov 2025 02:00:07 +0000
Manifest this update: Thu 06 Nov 2025 02:00:07 +0000
Manifest next update: Fri 07 Nov 2025 02:00:07 +0000
Files and hashes: 1: O8xQyf4SlO_QA8u4YHx9nqfuT4c.roa (hash: WyDwMMx1y5LT2GHueRZtXWT+BMFzzrzU6Km40azPSxA=)
2: lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.crl (hash: fhkta4/LXg64XsunHQRb4ekrqH8Ws4qXaiZwn+7/3Yo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1b/6a88ac-efb4-45e4-9199-2abdb21941bc/1/lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.crl
rsync://rpki.ripe.net/repository/DEFAULT/1b/6a88ac-efb4-45e4-9199-2abdb21941bc/1/lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.mft
rsync://rpki.ripe.net/repository/DEFAULT/lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 07 Nov 2025 02:00:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:56:e4:83:26:5b:d2:8c:c4:4a:12:f4:9b:48:2c:f0:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=96b87e5fd1aadc1bbea372b4269eebd393c5cd67
Validity
Not Before: Nov 6 02:00:07 2025 GMT
Not After : Nov 7 02:00:07 2025 GMT
Subject: CN=aadd21d8c24134b82031ecca7bcf53844779bea0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:4c:79:42:e6:63:2a:fd:3b:30:9c:16:4c:da:
3d:e2:e7:53:ed:c4:b3:76:b9:4a:18:9d:2f:36:26:
d4:67:c2:5d:9a:21:81:6b:50:99:59:ec:01:66:c5:
03:c0:6e:aa:78:08:9e:b8:06:8e:d7:12:97:cb:17:
d7:8d:0c:9c:bd:b7:83:16:f9:1e:92:b4:70:f0:46:
e0:f1:79:63:df:62:e2:be:1b:4f:58:95:2e:2e:ee:
48:11:92:01:27:df:38:e9:69:28:8c:31:b2:0f:37:
ae:70:3d:22:10:c1:95:d9:ea:9b:93:90:0d:e7:3a:
05:96:09:82:94:40:8f:08:fb:f2:22:02:14:f8:e7:
ad:6e:5f:54:ad:cd:51:4d:c8:95:f2:ac:c3:c4:50:
1e:82:a6:9a:61:c7:d6:d4:89:c8:83:c0:69:7b:3f:
29:11:80:22:22:ac:56:63:67:55:11:9b:f0:f3:f5:
01:74:1f:95:d6:2b:5c:a1:df:59:eb:0a:04:fe:ed:
67:4c:51:f5:a2:c6:a0:1a:e5:bb:fb:84:77:18:4d:
97:c7:9f:06:c8:af:b5:11:18:6d:a8:25:2d:fa:4d:
b2:73:b3:f8:5a:c0:7f:f2:a9:7c:70:3d:de:93:10:
b2:85:87:1f:ba:82:05:71:bf:5c:3e:86:0f:c7:0d:
1d:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:DD:21:D8:C2:41:34:B8:20:31:EC:CA:7B:CF:53:84:47:79:BE:A0
X509v3 Authority Key Identifier:
keyid:96:B8:7E:5F:D1:AA:DC:1B:BE:A3:72:B4:26:9E:EB:D3:93:C5:CD:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/6a88ac-efb4-45e4-9199-2abdb21941bc/1/lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/6a88ac-efb4-45e4-9199-2abdb21941bc/1/lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8e:7f:d2:7f:6f:1d:a3:e5:7a:f4:ce:42:f5:b4:99:37:ab:a8:
62:83:e4:31:54:06:c9:a1:d0:cb:7d:27:17:e2:23:cb:96:ce:
b7:fb:00:a7:47:42:6e:53:c4:fe:a3:bd:36:99:c7:c2:a6:50:
86:44:77:b7:a2:36:38:f3:3d:6f:f3:9b:c9:d8:15:9d:8b:d7:
b4:c5:da:3d:79:a4:12:aa:2d:c5:f3:13:04:3d:b3:54:47:26:
e7:04:03:ba:84:3a:b9:fe:d4:f2:da:ec:a0:a1:83:9c:2f:39:
74:a7:77:c6:ba:3f:c6:7f:4f:27:9f:b0:a1:3e:fb:cb:bb:6b:
f5:ab:f1:20:93:82:fc:36:51:f2:c8:99:51:f2:e3:12:9d:b8:
96:97:07:67:cf:65:a0:46:29:5a:00:1e:18:b1:68:d7:54:9c:
9d:88:ab:fc:07:31:e7:f4:62:9f:fa:5f:5e:09:3a:52:b7:38:
f0:5b:f2:18:b6:99:87:b7:fd:83:2d:d2:a7:0b:c0:8c:0b:69:
6a:88:4a:21:8f:4d:76:a5:c5:d0:20:20:38:42:4d:59:9b:fb:
6e:7b:20:a1:d7:9c:ec:21:59:2f:04:31:d8:27:35:aa:10:69:
d2:5a:89:d5:ac:24:b6:96:57:29:48:dc:2a:b8:d8:ab:26:c2:
f6:df:e1:b4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpW5IMmW9KMxEoS9JtILPA+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2Yjg3ZTVmZDFhYWRjMWJiZWEzNzJiNDI2OWVlYmQzOTNj
NWNkNjcwHhcNMjUxMTA2MDIwMDA3WhcNMjUxMTA3MDIwMDA3WjAzMTEwLwYDVQQD
EyhhYWRkMjFkOGMyNDEzNGI4MjAzMWVjY2E3YmNmNTM4NDQ3NzliZWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwEx5QuZjKv07MJwWTNo94udT7cSz
drlKGJ0vNibUZ8JdmiGBa1CZWewBZsUDwG6qeAieuAaO1xKXyxfXjQycvbeDFvke
krRw8Ebg8Xlj32LivhtPWJUuLu5IEZIBJ9846WkojDGyDzeucD0iEMGV2eqbk5AN
5zoFlgmClECPCPvyIgIU+Oetbl9Urc1RTciV8qzDxFAegqaaYcfW1InIg8Bpez8p
EYAiIqxWY2dVEZvw8/UBdB+V1itcod9Z6woE/u1nTFH1osagGuW7+4R3GE2Xx58G
yK+1ERhtqCUt+k2yc7P4WsB/8ql8cD3ekxCyhYcfuoIFcb9cPoYPxw0dewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKrdIdjCQTS4IDHsynvPU4RHeb6gMB8GA1UdIwQY
MBaAFJa4fl/RqtwbvqNytCae69OTxc1nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHJoLVg5R3EzQnUtbzNLMEpwN3IwNVBGeldjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi82YTg4YWMtZWZiNC00NWU0LTkxOTkt
MmFiZGIyMTk0MWJjLzEvbHJoLVg5R3EzQnUtbzNLMEpwN3IwNVBGeldjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi82YTg4YWMtZWZiNC00NWU0LTkxOTktMmFiZGIyMTk0MWJj
LzEvbHJoLVg5R3EzQnUtbzNLMEpwN3IwNVBGeldjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjn/Sf28d
o+V69M5C9bSZN6uoYoPkMVQGyaHQy30nF+Ijy5bOt/sAp0dCblPE/qO9NpnHwqZQ
hkR3t6I2OPM9b/ObydgVnYvXtMXaPXmkEqotxfMTBD2zVEcm5wQDuoQ6uf7U8trs
oKGDnC85dKd3xro/xn9PJ5+woT77y7tr9avxIJOC/DZR8siZUfLjEp24lpcHZ89l
oEYpWgAeGLFo11ScnYir/Acx5/Rin/pfXgk6Urc48FvyGLaZh7f9gy3SpwvAjAtp
aohKIY9NdqXF0CAgOEJNWZv7bnsgodec7CFZLwQx2Cc1qhBp0lqJ1awktpZXKUjc
KrjYqybC9t/htA==
-----END CERTIFICATE-----
Generated at Thu Nov 6 07:33:09 2025 by rpki-client