Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/bf70d3-70fa-4a32-809f-2a591c149d7a/1/lhmTYCWfpbNbgpU8Xtl5mSKDQaw.mft
File: lhmTYCWfpbNbgpU8Xtl5mSKDQaw.mft (raw, json)
Hash identifier: JGRuE9a1Fvj+LqCCgfrKoVZCjcCy7iJzO0aHTWwb/1A=
Subject key identifier: 5C:2B:8A:D2:3A:B2:8C:30:B7:A8:40:AE:83:93:2B:05:4B:22:79:C2
Authority key identifier: 96:19:93:60:25:9F:A5:B3:5B:82:95:3C:5E:D9:79:99:22:83:41:AC
Certificate issuer: /CN=96199360259fa5b35b82953c5ed97999228341ac
Certificate serial: 019A4DE16393E71815097B70621044300458
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lhmTYCWfpbNbgpU8Xtl5mSKDQaw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/bf70d3-70fa-4a32-809f-2a591c149d7a/1/lhmTYCWfpbNbgpU8Xtl5mSKDQaw.mft
Manifest number: 1475
Signing time: Tue 04 Nov 2025 08:00:07 +0000
Manifest this update: Tue 04 Nov 2025 08:00:07 +0000
Manifest next update: Wed 05 Nov 2025 08:00:07 +0000
Files and hashes: 1: 0hGuI9abbnH5IARURiUpnsE2cKk.roa (hash: DuwUAcXW//1k2Md+MdRwDGn9pw5DCw3cr3zSvWu8/Sg=)
2: lhmTYCWfpbNbgpU8Xtl5mSKDQaw.crl (hash: I63u5vxCxOUaXcjSvtzM/00Wx2dAPZzNT1yVBZMLhqU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/bf70d3-70fa-4a32-809f-2a591c149d7a/1/lhmTYCWfpbNbgpU8Xtl5mSKDQaw.crl
rsync://rpki.ripe.net/repository/DEFAULT/21/bf70d3-70fa-4a32-809f-2a591c149d7a/1/lhmTYCWfpbNbgpU8Xtl5mSKDQaw.mft
rsync://rpki.ripe.net/repository/DEFAULT/lhmTYCWfpbNbgpU8Xtl5mSKDQaw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 08:00:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4d:e1:63:93:e7:18:15:09:7b:70:62:10:44:30:04:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=96199360259fa5b35b82953c5ed97999228341ac
Validity
Not Before: Nov 4 08:00:07 2025 GMT
Not After : Nov 5 08:00:07 2025 GMT
Subject: CN=5c2b8ad23ab28c30b7a840ae83932b054b2279c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:58:94:c1:5b:9c:76:33:8d:c7:c4:56:64:c9:
30:ce:9e:cc:87:b7:22:66:07:6e:8c:90:80:f1:6e:
31:24:e2:0f:f5:78:6f:f1:fb:cc:8e:31:4e:38:91:
66:22:ba:48:fc:87:2f:a0:f6:f1:3e:0c:7f:c9:f6:
94:3a:0a:ff:d3:d6:4d:41:d8:7e:de:22:46:7b:73:
4f:0f:59:9a:71:b8:d0:2a:4b:66:4d:3e:76:3e:00:
9a:3b:24:0d:55:1e:5b:d4:42:09:27:20:76:e5:6c:
99:c5:56:b6:48:3c:f5:b9:20:e4:ce:e7:92:d6:19:
05:8a:9e:b3:6d:99:1c:a3:f1:a2:e4:ab:e3:68:3a:
c4:97:c1:ec:ab:10:2a:fe:a3:12:69:f0:f1:f1:ee:
f5:a4:a1:14:d6:68:df:cc:bb:fe:34:ce:70:0b:1d:
d6:13:06:9f:ce:d5:27:de:c0:74:e1:70:06:03:c6:
5e:b0:e5:50:fc:fa:28:6c:bd:a5:0b:5a:4a:ac:d4:
6b:a6:a4:f2:1f:bf:e1:be:06:31:3c:36:9f:c1:65:
b2:88:5a:2a:6e:4e:42:ab:1c:e7:46:d4:69:59:49:
ef:88:6c:f4:0f:3e:3a:4c:77:e1:f2:25:22:3c:bb:
84:9a:63:f8:46:6d:6c:2b:41:3f:60:16:c4:c9:53:
79:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:2B:8A:D2:3A:B2:8C:30:B7:A8:40:AE:83:93:2B:05:4B:22:79:C2
X509v3 Authority Key Identifier:
keyid:96:19:93:60:25:9F:A5:B3:5B:82:95:3C:5E:D9:79:99:22:83:41:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lhmTYCWfpbNbgpU8Xtl5mSKDQaw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/bf70d3-70fa-4a32-809f-2a591c149d7a/1/lhmTYCWfpbNbgpU8Xtl5mSKDQaw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/bf70d3-70fa-4a32-809f-2a591c149d7a/1/lhmTYCWfpbNbgpU8Xtl5mSKDQaw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7c:40:74:9e:de:4e:a6:2e:96:4c:dd:d4:67:c4:b2:0e:c5:df:
86:12:93:f6:28:ae:c3:56:68:cb:81:eb:16:c2:f6:45:dc:6a:
eb:61:d5:a5:cf:71:e6:2d:df:e2:e0:a2:44:2c:94:ae:c2:1f:
84:46:8a:2c:9c:d6:ab:7e:56:a9:a9:0a:a4:04:0a:be:c7:af:
a8:80:20:a4:72:1d:88:fd:20:02:8c:f3:4b:c6:4f:87:c1:dc:
03:fc:34:6c:51:e0:44:bf:e1:60:28:3b:f5:00:3e:9e:41:03:
6e:2c:c8:5d:21:30:2f:0a:72:60:b9:61:b4:db:d1:4e:e1:5b:
ba:91:ca:5a:f4:ac:e1:e9:7a:75:a4:99:f1:67:d8:59:84:66:
a6:01:1f:23:e4:9d:8a:a6:65:86:c7:49:7f:18:fa:30:b0:32:
9d:dd:21:47:30:10:eb:66:56:18:e9:a5:24:c4:0a:d4:26:b4:
57:17:2d:38:85:da:c6:71:9f:9c:e3:ec:28:b8:ff:63:a0:19:
3e:b6:74:23:3e:2e:38:98:10:53:f7:77:db:7d:89:4f:19:c9:
49:d0:64:d1:b1:33:51:14:9a:0a:47:9e:69:a4:9e:6c:25:47:
38:d4:62:91:d3:82:bd:1c:53:a0:a2:8b:71:bd:7f:f5:9a:8a:
fa:43:e9:d1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpN4WOT5xgVCXtwYhBEMARYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2MTk5MzYwMjU5ZmE1YjM1YjgyOTUzYzVlZDk3OTk5MjI4
MzQxYWMwHhcNMjUxMTA0MDgwMDA3WhcNMjUxMTA1MDgwMDA3WjAzMTEwLwYDVQQD
Eyg1YzJiOGFkMjNhYjI4YzMwYjdhODQwYWU4MzkzMmIwNTRiMjI3OWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwliUwVucdjONx8RWZMkwzp7Mh7ci
ZgdujJCA8W4xJOIP9Xhv8fvMjjFOOJFmIrpI/IcvoPbxPgx/yfaUOgr/09ZNQdh+
3iJGe3NPD1macbjQKktmTT52PgCaOyQNVR5b1EIJJyB25WyZxVa2SDz1uSDkzueS
1hkFip6zbZkco/Gi5KvjaDrEl8HsqxAq/qMSafDx8e71pKEU1mjfzLv+NM5wCx3W
EwafztUn3sB04XAGA8ZesOVQ/PoobL2lC1pKrNRrpqTyH7/hvgYxPDafwWWyiFoq
bk5CqxznRtRpWUnviGz0Dz46THfh8iUiPLuEmmP4Rm1sK0E/YBbEyVN5MwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFwritI6sowwt6hAroOTKwVLInnCMB8GA1UdIwQY
MBaAFJYZk2Aln6WzW4KVPF7ZeZkig0GsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGhtVFlDV2ZwYk5iZ3BVOFh0bDVtU0tEUWF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9iZjcwZDMtNzBmYS00YTMyLTgwOWYt
MmE1OTFjMTQ5ZDdhLzEvbGhtVFlDV2ZwYk5iZ3BVOFh0bDVtU0tEUWF3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9iZjcwZDMtNzBmYS00YTMyLTgwOWYtMmE1OTFjMTQ5ZDdh
LzEvbGhtVFlDV2ZwYk5iZ3BVOFh0bDVtU0tEUWF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfEB0nt5O
pi6WTN3UZ8SyDsXfhhKT9iiuw1Zoy4HrFsL2Rdxq62HVpc9x5i3f4uCiRCyUrsIf
hEaKLJzWq35WqakKpAQKvsevqIAgpHIdiP0gAozzS8ZPh8HcA/w0bFHgRL/hYCg7
9QA+nkEDbizIXSEwLwpyYLlhtNvRTuFbupHKWvSs4el6daSZ8WfYWYRmpgEfI+Sd
iqZlhsdJfxj6MLAynd0hRzAQ62ZWGOmlJMQK1Ca0VxctOIXaxnGfnOPsKLj/Y6AZ
PrZ0Iz4uOJgQU/d3232JTxnJSdBk0bEzURSaCkeeaaSebCVHONRikdOCvRxToKKL
cb1/9ZqK+kPp0Q==
-----END CERTIFICATE-----
Generated at Tue Nov 4 17:58:27 2025 by rpki-client