Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/c1f20e-d94f-43c5-bb8d-ad3629b202c0/1/lSGiYvUHXiSys8m2nIr0DimIoeQ.mft
File: lSGiYvUHXiSys8m2nIr0DimIoeQ.mft (raw, json)
Hash identifier: Nb8fRxj8D0rtOe/dD04uJ1CzYsekIp3pnAZT/MQd4K8=
Subject key identifier: 29:CB:8B:26:C0:DF:5D:F1:B6:AD:AE:01:09:3D:1D:E5:84:3F:4C:42
Authority key identifier: 95:21:A2:62:F5:07:5E:24:B2:B3:C9:B6:9C:8A:F4:0E:29:88:A1:E4
Certificate issuer: /CN=9521a262f5075e24b2b3c9b69c8af40e2988a1e4
Certificate serial: 019A0110C91ABB7E822B43ECAEFAB93B49CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lSGiYvUHXiSys8m2nIr0DimIoeQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/c1f20e-d94f-43c5-bb8d-ad3629b202c0/1/lSGiYvUHXiSys8m2nIr0DimIoeQ.mft
Manifest number: 0405
Signing time: Mon 20 Oct 2025 10:01:08 +0000
Manifest this update: Mon 20 Oct 2025 10:01:08 +0000
Manifest next update: Tue 21 Oct 2025 10:01:08 +0000
Files and hashes: 1: Lpcsk8pQMiEPT6ApZhOXx9JAafQ.roa (hash: UQY6sisXum2gKK35fkWx14SykCBKN5d6dEz3tT5FKwk=)
2: lSGiYvUHXiSys8m2nIr0DimIoeQ.crl (hash: pwEk9yXE8Aa66JNOCjr/foDOejmJ0ZGUZXVJfRnpLjA=)
3: mRm5Pcaeh7ARiuQSZaTaFIQzlV4.roa (hash: SRjDoFDtCZGIa81wKDyuCO8n9PzLXPSishWYuw7XCOM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/12/c1f20e-d94f-43c5-bb8d-ad3629b202c0/1/lSGiYvUHXiSys8m2nIr0DimIoeQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/12/c1f20e-d94f-43c5-bb8d-ad3629b202c0/1/lSGiYvUHXiSys8m2nIr0DimIoeQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/lSGiYvUHXiSys8m2nIr0DimIoeQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 10:01:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:01:10:c9:1a:bb:7e:82:2b:43:ec:ae:fa:b9:3b:49:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9521a262f5075e24b2b3c9b69c8af40e2988a1e4
Validity
Not Before: Oct 20 10:01:08 2025 GMT
Not After : Oct 21 10:01:08 2025 GMT
Subject: CN=29cb8b26c0df5df1b6adae01093d1de5843f4c42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:f5:e5:94:40:b9:d1:3f:d5:be:f0:98:29:54:
f2:6d:c2:21:20:70:59:5d:82:a6:78:41:a6:63:d7:
ae:98:a6:09:28:be:32:35:f5:5f:ea:a2:a2:96:23:
5b:e2:a7:a3:1f:80:31:3d:60:9f:ac:76:96:c5:16:
97:66:12:6c:89:ff:fa:9a:f8:74:74:86:10:f1:d8:
a8:b5:70:cf:8d:86:00:7a:b6:66:71:61:d7:bc:3c:
f2:9f:81:af:47:51:2e:1b:04:91:e1:e2:4e:e8:78:
aa:99:d4:01:8b:45:7d:f4:d4:3e:45:a5:33:02:cf:
37:60:90:17:c3:8d:65:d1:b0:d5:06:76:88:a8:c1:
a3:1e:90:1b:22:6b:5b:55:49:83:e7:48:b3:60:85:
e0:8c:dd:77:7a:56:71:09:a4:f1:4f:ce:f6:1d:cd:
c2:38:4d:67:07:dc:b5:f5:d1:fe:09:aa:1e:f9:ec:
cf:e9:03:fa:67:1f:eb:0b:d7:d7:b5:64:1d:19:55:
d9:c9:b3:96:76:9c:48:ea:4b:b6:cd:92:9c:a2:93:
99:ef:49:cc:82:fa:22:dd:e1:a2:2d:56:2d:30:95:
56:13:a2:3f:75:ca:89:f1:93:de:3e:3b:a4:6c:20:
3b:40:b8:23:1d:c9:47:57:ab:69:a8:ae:ac:20:cb:
b6:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:CB:8B:26:C0:DF:5D:F1:B6:AD:AE:01:09:3D:1D:E5:84:3F:4C:42
X509v3 Authority Key Identifier:
keyid:95:21:A2:62:F5:07:5E:24:B2:B3:C9:B6:9C:8A:F4:0E:29:88:A1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lSGiYvUHXiSys8m2nIr0DimIoeQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/c1f20e-d94f-43c5-bb8d-ad3629b202c0/1/lSGiYvUHXiSys8m2nIr0DimIoeQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/c1f20e-d94f-43c5-bb8d-ad3629b202c0/1/lSGiYvUHXiSys8m2nIr0DimIoeQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
06:83:8b:7f:25:fa:7e:7d:17:33:75:3f:6b:38:ee:18:bd:3e:
4e:36:3b:5a:38:41:e2:c0:f1:a3:4f:09:55:15:2e:c3:ce:d5:
5f:91:41:09:ac:15:37:2f:86:3e:67:03:c0:28:43:ca:3b:1f:
e2:43:f4:7a:d9:0e:61:94:1d:cf:7a:7a:21:58:be:57:9c:46:
98:09:6a:b4:bf:f5:fa:1c:99:11:9b:f0:0b:33:29:c1:3c:51:
8c:ae:34:93:47:bb:da:89:2a:a4:9b:5b:3a:d3:08:5f:7a:8a:
bf:17:9a:04:6e:8e:e6:17:14:a1:57:a1:ae:69:c9:d1:17:d7:
c7:69:ce:0f:ce:c9:3b:b0:74:26:47:79:0b:8c:80:96:c7:64:
04:51:8a:6c:e6:b8:1c:71:8c:88:03:cc:5b:37:b6:de:c1:ba:
b9:08:4d:ea:bb:31:a1:1c:7b:76:57:9c:c0:77:23:d0:fd:bb:
1d:8a:f8:1d:9f:15:e1:fb:98:fc:e0:fb:e0:af:b5:6e:bb:d7:
9e:67:89:83:1b:1d:60:7b:77:fa:04:f5:cb:dd:34:66:79:2d:
76:e5:84:75:30:cf:68:b0:12:87:3c:90:92:d4:a5:4a:cd:cd:
96:ce:fa:77:80:ea:f5:ac:41:98:71:71:1e:97:be:62:ac:0d:
bc:aa:72:ba
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoBEMkau36CK0Psrvq5O0nMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1MjFhMjYyZjUwNzVlMjRiMmIzYzliNjljOGFmNDBlMjk4
OGExZTQwHhcNMjUxMDIwMTAwMTA4WhcNMjUxMDIxMTAwMTA4WjAzMTEwLwYDVQQD
EygyOWNiOGIyNmMwZGY1ZGYxYjZhZGFlMDEwOTNkMWRlNTg0M2Y0YzQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnfXllEC50T/VvvCYKVTybcIhIHBZ
XYKmeEGmY9eumKYJKL4yNfVf6qKiliNb4qejH4AxPWCfrHaWxRaXZhJsif/6mvh0
dIYQ8diotXDPjYYAerZmcWHXvDzyn4GvR1EuGwSR4eJO6HiqmdQBi0V99NQ+RaUz
As83YJAXw41l0bDVBnaIqMGjHpAbImtbVUmD50izYIXgjN13elZxCaTxT872Hc3C
OE1nB9y19dH+Caoe+ezP6QP6Zx/rC9fXtWQdGVXZybOWdpxI6ku2zZKcopOZ70nM
gvoi3eGiLVYtMJVWE6I/dcqJ8ZPePjukbCA7QLgjHclHV6tpqK6sIMu2gwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCnLiybA313xtq2uAQk9HeWEP0xCMB8GA1UdIwQY
MBaAFJUhomL1B14ksrPJtpyK9A4piKHkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFNHaVl2VUhYaVN5czhtMm5JcjBEaW1Jb2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9jMWYyMGUtZDk0Zi00M2M1LWJiOGQt
YWQzNjI5YjIwMmMwLzEvbFNHaVl2VUhYaVN5czhtMm5JcjBEaW1Jb2VRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9jMWYyMGUtZDk0Zi00M2M1LWJiOGQtYWQzNjI5YjIwMmMw
LzEvbFNHaVl2VUhYaVN5czhtMm5JcjBEaW1Jb2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABoOLfyX6
fn0XM3U/azjuGL0+TjY7WjhB4sDxo08JVRUuw87VX5FBCawVNy+GPmcDwChDyjsf
4kP0etkOYZQdz3p6IVi+V5xGmAlqtL/1+hyZEZvwCzMpwTxRjK40k0e72okqpJtb
OtMIX3qKvxeaBG6O5hcUoVehrmnJ0RfXx2nOD87JO7B0Jkd5C4yAlsdkBFGKbOa4
HHGMiAPMWze23sG6uQhN6rsxoRx7dlecwHcj0P27HYr4HZ8V4fuY/OD74K+1brvX
nmeJgxsdYHt3+gT1y900ZnktduWEdTDPaLAShzyQktSlSs3Nls76d4Dq9axBmHFx
Hpe+YqwNvKpyug==
-----END CERTIFICATE-----
Generated at Mon Oct 20 18:34:00 2025 by rpki-client