Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/8c27aa-b500-4c96-84ec-f8be495252b0/1/LokBk3Q73yTdIsPtbyizAxouyAY.mft
File: LokBk3Q73yTdIsPtbyizAxouyAY.mft (raw, json)
Hash identifier: ItQqGCd8CGHY1IbP1Z6dv/+ZVwhGXMP/uT1pfxjCLVs=
Subject key identifier: BB:A6:95:B6:3B:4B:66:A2:3D:4D:75:0D:CA:B1:97:04:8A:14:2F:03
Authority key identifier: 2E:89:01:93:74:3B:DF:24:DD:22:C3:ED:6F:28:B3:03:1A:2E:C8:06
Certificate issuer: /CN=2e890193743bdf24dd22c3ed6f28b3031a2ec806
Certificate serial: 019A522CE2382D9E8D412D00FDFE8E92F043
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LokBk3Q73yTdIsPtbyizAxouyAY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/8c27aa-b500-4c96-84ec-f8be495252b0/1/LokBk3Q73yTdIsPtbyizAxouyAY.mft
Manifest number: 129C
Signing time: Wed 05 Nov 2025 04:01:04 +0000
Manifest this update: Wed 05 Nov 2025 04:01:04 +0000
Manifest next update: Thu 06 Nov 2025 04:01:04 +0000
Files and hashes: 1: 6EZjDJryRoANWPhlSHpMG7n7IU8.roa (hash: 9isLxzfXlIyOPcXFup6Ou1baZV3mC8KRz9wBcZ1Igfs=)
2: LokBk3Q73yTdIsPtbyizAxouyAY.crl (hash: uknUa2TE5oFf6+8IEXM9QLN50nQDwzMdVUEMfjEQRws=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e3/8c27aa-b500-4c96-84ec-f8be495252b0/1/LokBk3Q73yTdIsPtbyizAxouyAY.crl
rsync://rpki.ripe.net/repository/DEFAULT/e3/8c27aa-b500-4c96-84ec-f8be495252b0/1/LokBk3Q73yTdIsPtbyizAxouyAY.mft
rsync://rpki.ripe.net/repository/DEFAULT/LokBk3Q73yTdIsPtbyizAxouyAY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 03:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:52:2c:e2:38:2d:9e:8d:41:2d:00:fd:fe:8e:92:f0:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e890193743bdf24dd22c3ed6f28b3031a2ec806
Validity
Not Before: Nov 5 04:01:04 2025 GMT
Not After : Nov 6 04:01:04 2025 GMT
Subject: CN=bba695b63b4b66a23d4d750dcab197048a142f03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:ed:36:3e:6c:bc:2d:71:5f:de:59:63:6e:7e:
87:a9:6a:dd:64:27:c1:34:68:13:72:f5:dd:84:7f:
86:79:1f:17:ce:34:a3:e7:c7:41:0d:1e:1e:98:d9:
a0:9d:93:51:b2:0f:57:da:23:25:cb:ca:9c:00:f8:
ae:22:c2:d8:6c:90:40:95:7b:24:82:20:65:ef:11:
9b:de:1e:9a:f0:0b:45:df:c2:d4:7c:89:f9:f5:92:
4c:0e:ce:79:f6:51:69:93:bb:27:18:52:80:94:a4:
10:2a:30:7d:c8:29:08:3a:ce:99:83:e6:57:ac:22:
bc:0a:e6:61:e7:21:7f:81:82:c6:1c:a7:68:56:b6:
9e:2f:41:33:f6:72:1a:e8:35:86:03:cb:61:e1:c5:
1b:e0:aa:7c:f0:a5:65:bd:dc:3e:6b:77:26:b3:82:
40:77:b9:4b:00:ac:a9:24:39:24:89:26:22:36:eb:
c4:61:94:5b:11:31:78:04:6e:b1:9f:fd:cd:8f:11:
35:66:c3:a8:2f:37:3e:3b:ba:de:54:d0:84:8f:e3:
bc:65:54:2b:9e:e8:3d:90:37:40:96:4a:11:de:b8:
6d:10:01:77:e9:69:ca:0d:5d:ed:68:27:c9:2f:a2:
a7:b5:af:76:52:ff:d6:57:35:ee:19:ce:15:43:19:
12:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:A6:95:B6:3B:4B:66:A2:3D:4D:75:0D:CA:B1:97:04:8A:14:2F:03
X509v3 Authority Key Identifier:
keyid:2E:89:01:93:74:3B:DF:24:DD:22:C3:ED:6F:28:B3:03:1A:2E:C8:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LokBk3Q73yTdIsPtbyizAxouyAY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/8c27aa-b500-4c96-84ec-f8be495252b0/1/LokBk3Q73yTdIsPtbyizAxouyAY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/8c27aa-b500-4c96-84ec-f8be495252b0/1/LokBk3Q73yTdIsPtbyizAxouyAY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
d4:ff:86:6b:09:3a:43:90:e5:ed:3d:1c:56:d3:65:d6:ca:9e:
d1:c0:db:ab:a6:a3:a2:b2:20:dc:34:da:bf:9e:f6:d9:27:d6:
4d:54:51:bb:92:bd:e7:e9:5f:d5:42:00:50:cb:7d:39:10:b7:
03:0e:c8:9f:27:f6:85:7d:c8:fe:99:ad:a7:23:66:28:71:a5:
f5:b4:ab:9d:3c:d5:cc:2a:9b:07:d7:78:30:87:65:f7:df:2a:
88:d8:f9:3b:4d:a2:6b:e7:a3:89:c7:2b:59:c2:18:2e:19:ad:
08:a2:bc:7d:ed:14:fa:5b:c4:97:b6:04:3f:ef:3e:fb:49:5d:
33:42:ce:89:f6:c2:66:62:c9:c8:6f:8b:17:72:66:3e:b3:83:
3c:15:eb:0b:00:ee:47:0a:9d:91:e0:ca:34:83:8e:a6:10:fd:
a5:b7:6d:66:d4:97:6a:cd:9b:c3:b9:7b:84:5f:f9:80:15:a2:
bd:7a:3e:2f:9e:b3:94:db:01:d9:c3:7d:cc:aa:cd:33:f7:09:
9a:50:82:dc:90:bc:6f:c4:8c:80:89:da:17:95:aa:e0:1d:16:
dc:d9:80:27:8f:01:b4:d2:7a:7a:30:3c:f4:6c:4b:48:cc:03:
fa:20:0c:74:62:f4:46:fd:bd:f0:ae:41:e6:e4:6b:60:61:c8:
93:8a:5a:5e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpSLOI4LZ6NQS0A/f6OkvBDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlODkwMTkzNzQzYmRmMjRkZDIyYzNlZDZmMjhiMzAzMWEy
ZWM4MDYwHhcNMjUxMTA1MDQwMTA0WhcNMjUxMTA2MDQwMTA0WjAzMTEwLwYDVQQD
EyhiYmE2OTViNjNiNGI2NmEyM2Q0ZDc1MGRjYWIxOTcwNDhhMTQyZjAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvO02Pmy8LXFf3lljbn6HqWrdZCfB
NGgTcvXdhH+GeR8XzjSj58dBDR4emNmgnZNRsg9X2iMly8qcAPiuIsLYbJBAlXsk
giBl7xGb3h6a8AtF38LUfIn59ZJMDs559lFpk7snGFKAlKQQKjB9yCkIOs6Zg+ZX
rCK8CuZh5yF/gYLGHKdoVraeL0Ez9nIa6DWGA8th4cUb4Kp88KVlvdw+a3cms4JA
d7lLAKypJDkkiSYiNuvEYZRbETF4BG6xn/3NjxE1ZsOoLzc+O7reVNCEj+O8ZVQr
nug9kDdAlkoR3rhtEAF36WnKDV3taCfJL6Knta92Uv/WVzXuGc4VQxkSSwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLumlbY7S2aiPU11DcqxlwSKFC8DMB8GA1UdIwQY
MBaAFC6JAZN0O98k3SLD7W8oswMaLsgGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG9rQmszUTczeVRkSXNQdGJ5aXpBeG91eUFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy84YzI3YWEtYjUwMC00Yzk2LTg0ZWMt
ZjhiZTQ5NTI1MmIwLzEvTG9rQmszUTczeVRkSXNQdGJ5aXpBeG91eUFZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy84YzI3YWEtYjUwMC00Yzk2LTg0ZWMtZjhiZTQ5NTI1MmIw
LzEvTG9rQmszUTczeVRkSXNQdGJ5aXpBeG91eUFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA1P+Gawk6
Q5Dl7T0cVtNl1sqe0cDbq6ajorIg3DTav5722SfWTVRRu5K95+lf1UIAUMt9ORC3
Aw7Inyf2hX3I/pmtpyNmKHGl9bSrnTzVzCqbB9d4MIdl998qiNj5O02ia+ejiccr
WcIYLhmtCKK8fe0U+lvEl7YEP+8++0ldM0LOifbCZmLJyG+LF3JmPrODPBXrCwDu
RwqdkeDKNIOOphD9pbdtZtSXas2bw7l7hF/5gBWivXo+L56zlNsB2cN9zKrNM/cJ
mlCC3JC8b8SMgInaF5Wq4B0W3NmAJ48BtNJ6ejA89GxLSMwD+iAMdGL0Rv298K5B
5uRrYGHIk4paXg==
-----END CERTIFICATE-----
Generated at Wed Nov 5 11:26:17 2025 by rpki-client