Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/31fa99-c853-4d02-b53d-d250e45b1620/1/lywzrtjvsmnTdEgT0oxTYJLnzzg.mft
File: lywzrtjvsmnTdEgT0oxTYJLnzzg.mft (raw, json)
Hash identifier: Y5/euY/pmk0Af05OyBs1EixD8ANwof4odW3go7DvnNI=
Subject key identifier: 56:C4:C5:55:E6:4D:30:A2:D5:A8:93:14:2E:38:63:3F:94:BE:F0:DE
Authority key identifier: 97:2C:33:AE:D8:EF:B2:69:D3:74:48:13:D2:8C:53:60:92:E7:CF:38
Certificate issuer: /CN=972c33aed8efb269d3744813d28c536092e7cf38
Certificate serial: 019A4EF58B7780776EF2738EFCE21D8C0C10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lywzrtjvsmnTdEgT0oxTYJLnzzg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/31fa99-c853-4d02-b53d-d250e45b1620/1/lywzrtjvsmnTdEgT0oxTYJLnzzg.mft
Manifest number: 0CDE
Signing time: Tue 04 Nov 2025 13:01:46 +0000
Manifest this update: Tue 04 Nov 2025 13:01:46 +0000
Manifest next update: Wed 05 Nov 2025 13:01:46 +0000
Files and hashes: 1: ABgvtVRWI6brZz3FziMb4rv0_78.roa (hash: xcpeYC06fvzRoHxarxnxi+ZpU9v7tXYglNgTbxJJFa4=)
2: lywzrtjvsmnTdEgT0oxTYJLnzzg.crl (hash: 9bbennpGIih2l3zKggiA/FGq4rDVKsOTz/RmiByWn14=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ac/31fa99-c853-4d02-b53d-d250e45b1620/1/lywzrtjvsmnTdEgT0oxTYJLnzzg.crl
rsync://rpki.ripe.net/repository/DEFAULT/ac/31fa99-c853-4d02-b53d-d250e45b1620/1/lywzrtjvsmnTdEgT0oxTYJLnzzg.mft
rsync://rpki.ripe.net/repository/DEFAULT/lywzrtjvsmnTdEgT0oxTYJLnzzg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 13:01:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:f5:8b:77:80:77:6e:f2:73:8e:fc:e2:1d:8c:0c:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=972c33aed8efb269d3744813d28c536092e7cf38
Validity
Not Before: Nov 4 13:01:46 2025 GMT
Not After : Nov 5 13:01:46 2025 GMT
Subject: CN=56c4c555e64d30a2d5a893142e38633f94bef0de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:6e:44:b4:cb:59:94:b2:df:e5:cd:53:d1:06:
9f:72:0b:14:79:6b:61:11:18:aa:cb:c8:a1:5c:cd:
c4:cd:01:b3:f1:b7:19:55:f9:ca:1a:3e:d4:fe:ed:
25:60:af:04:09:6c:a5:92:1c:20:ad:7c:64:fe:eb:
02:1d:06:91:ad:df:37:76:3d:0d:25:5f:4b:66:8d:
a9:c5:a4:04:cc:7a:fd:8d:f2:cd:22:c0:e3:e6:68:
2f:d4:bf:be:cf:8a:c5:6a:3a:96:f5:0e:71:04:2a:
6c:66:a9:3e:27:fe:e3:78:db:21:98:74:10:34:63:
70:2a:14:5d:20:be:30:ae:69:41:ea:1a:f6:ef:8f:
18:e3:44:1d:09:62:21:68:ee:ac:d0:fa:48:0f:4d:
d3:a1:bc:5e:48:96:7e:18:67:d4:f5:7c:bc:f2:29:
31:53:f0:b6:f7:c3:77:1c:d3:72:fc:f4:22:5f:13:
30:2e:69:2c:4c:72:f3:ce:3b:46:c9:38:e5:fe:66:
08:fd:d0:fd:02:e7:53:4a:5e:ed:c4:7a:18:66:fb:
1e:59:4e:02:84:fe:03:f5:36:fd:23:c9:c0:69:0a:
80:30:3e:20:29:37:cb:d0:10:f0:76:4a:46:5d:36:
78:02:b2:31:db:4d:7e:1a:66:67:50:28:09:d7:ac:
8a:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:C4:C5:55:E6:4D:30:A2:D5:A8:93:14:2E:38:63:3F:94:BE:F0:DE
X509v3 Authority Key Identifier:
keyid:97:2C:33:AE:D8:EF:B2:69:D3:74:48:13:D2:8C:53:60:92:E7:CF:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lywzrtjvsmnTdEgT0oxTYJLnzzg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/31fa99-c853-4d02-b53d-d250e45b1620/1/lywzrtjvsmnTdEgT0oxTYJLnzzg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/31fa99-c853-4d02-b53d-d250e45b1620/1/lywzrtjvsmnTdEgT0oxTYJLnzzg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
39:52:22:c9:cb:78:1c:e9:36:0b:b5:43:59:61:24:6c:25:5a:
ce:dc:55:82:5b:32:22:0f:d3:5a:67:36:3e:c2:af:62:6f:95:
b3:3a:25:05:d1:b5:1c:c2:63:f9:4d:e5:c1:b9:e3:6b:51:9a:
86:e9:c1:8c:02:11:71:d0:fc:f6:8b:92:ae:9c:74:8a:41:29:
27:48:23:da:05:5e:b9:ff:a8:7c:53:86:f0:68:0e:ae:a5:c6:
1e:81:ad:e0:d5:80:c7:a2:46:ee:55:49:dc:99:35:1a:14:89:
39:2b:a1:c6:38:f4:0b:6b:4a:e7:69:03:40:33:4b:8e:e7:0f:
e7:9c:f5:6c:34:b4:13:21:68:8b:6f:dd:a4:a7:a6:df:ed:bd:
2d:55:5b:4d:39:f8:4d:7d:28:5e:b2:92:b4:c3:fe:8d:f1:47:
1a:c4:39:56:c6:bd:15:33:5e:09:90:88:1f:11:c0:a4:f5:06:
1c:0c:68:0e:e2:a8:66:45:75:a9:a5:58:38:0c:94:18:4b:82:
a2:14:df:7f:f0:2b:b1:fd:30:df:4e:ac:d7:e1:56:3a:39:6c:
7c:83:f8:85:50:ce:8c:3c:c4:cb:58:d3:5b:c7:df:b1:8d:f7:
61:31:0b:e3:45:18:e2:f3:2b:5a:27:59:ac:2c:0b:28:cd:6c:
06:3a:3a:4d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9Yt3gHdu8nOO/OIdjAwQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3MmMzM2FlZDhlZmIyNjlkMzc0NDgxM2QyOGM1MzYwOTJl
N2NmMzgwHhcNMjUxMTA0MTMwMTQ2WhcNMjUxMTA1MTMwMTQ2WjAzMTEwLwYDVQQD
Eyg1NmM0YzU1NWU2NGQzMGEyZDVhODkzMTQyZTM4NjMzZjk0YmVmMGRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwW5EtMtZlLLf5c1T0QafcgsUeWth
ERiqy8ihXM3EzQGz8bcZVfnKGj7U/u0lYK8ECWylkhwgrXxk/usCHQaRrd83dj0N
JV9LZo2pxaQEzHr9jfLNIsDj5mgv1L++z4rFajqW9Q5xBCpsZqk+J/7jeNshmHQQ
NGNwKhRdIL4wrmlB6hr2748Y40QdCWIhaO6s0PpID03TobxeSJZ+GGfU9Xy88ikx
U/C298N3HNNy/PQiXxMwLmksTHLzzjtGyTjl/mYI/dD9AudTSl7txHoYZvseWU4C
hP4D9Tb9I8nAaQqAMD4gKTfL0BDwdkpGXTZ4ArIx201+GmZnUCgJ16yKaQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFbExVXmTTCi1aiTFC44Yz+UvvDeMB8GA1UdIwQY
MBaAFJcsM67Y77Jp03RIE9KMU2CS5884MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHl3enJ0anZzbW5UZEVnVDBveFRZSkxuenpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy8zMWZhOTktYzg1My00ZDAyLWI1M2Qt
ZDI1MGU0NWIxNjIwLzEvbHl3enJ0anZzbW5UZEVnVDBveFRZSkxuenpnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy8zMWZhOTktYzg1My00ZDAyLWI1M2QtZDI1MGU0NWIxNjIw
LzEvbHl3enJ0anZzbW5UZEVnVDBveFRZSkxuenpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOVIiyct4
HOk2C7VDWWEkbCVaztxVglsyIg/TWmc2PsKvYm+VszolBdG1HMJj+U3lwbnja1Ga
hunBjAIRcdD89ouSrpx0ikEpJ0gj2gVeuf+ofFOG8GgOrqXGHoGt4NWAx6JG7lVJ
3Jk1GhSJOSuhxjj0C2tK52kDQDNLjucP55z1bDS0EyFoi2/dpKem3+29LVVbTTn4
TX0oXrKStMP+jfFHGsQ5Vsa9FTNeCZCIHxHApPUGHAxoDuKoZkV1qaVYOAyUGEuC
ohTff/Arsf0w306s1+FWOjlsfIP4hVDOjDzEy1jTW8ffsY33YTEL40UY4vMrWidZ
rCwLKM1sBjo6TQ==
-----END CERTIFICATE-----
Generated at Tue Nov 4 20:58:17 2025 by rpki-client