Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/fdd688-3e23-46f4-a073-35b0c96524fa/1/lMhsmzXXghFrLNhYOifOtAO49ho.mft
File: lMhsmzXXghFrLNhYOifOtAO49ho.mft (raw, json)
Hash identifier: lF09PwaCrVafJt2zq9KIZTVLgDKCnZZY6B6kori0JoU=
Subject key identifier: 82:39:96:F3:78:14:12:EB:12:8E:47:1B:CC:DA:4A:FD:C5:D0:8B:9B
Authority key identifier: 94:C8:6C:9B:35:D7:82:11:6B:2C:D8:58:3A:27:CE:B4:03:B8:F6:1A
Certificate issuer: /CN=94c86c9b35d782116b2cd8583a27ceb403b8f61a
Certificate serial: 0198D6984FF89463FA26D53CEB40923089DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lMhsmzXXghFrLNhYOifOtAO49ho.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/fdd688-3e23-46f4-a073-35b0c96524fa/1/lMhsmzXXghFrLNhYOifOtAO49ho.mft
Manifest number: 164A
Signing time: Sat 23 Aug 2025 11:02:42 +0000
Manifest this update: Sat 23 Aug 2025 11:02:42 +0000
Manifest next update: Sun 24 Aug 2025 11:02:42 +0000
Files and hashes: 1: kL5tCodlPmsKcG8VmzS3vTT-EpU.roa (hash: rTcyxkJLmIdGub6lXVfezUyk6BdEW9e85j13e1XiRBA=)
2: lMhsmzXXghFrLNhYOifOtAO49ho.crl (hash: Y3uydxbwovWt8eI5/3Cptm7tnTJalmdjB0DSxlD6Tv8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/fdd688-3e23-46f4-a073-35b0c96524fa/1/lMhsmzXXghFrLNhYOifOtAO49ho.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/fdd688-3e23-46f4-a073-35b0c96524fa/1/lMhsmzXXghFrLNhYOifOtAO49ho.mft
rsync://rpki.ripe.net/repository/DEFAULT/lMhsmzXXghFrLNhYOifOtAO49ho.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 11:02:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d6:98:4f:f8:94:63:fa:26:d5:3c:eb:40:92:30:89:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94c86c9b35d782116b2cd8583a27ceb403b8f61a
Validity
Not Before: Aug 23 11:02:42 2025 GMT
Not After : Aug 24 11:02:42 2025 GMT
Subject: CN=823996f3781412eb128e471bccda4afdc5d08b9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:6f:92:c0:36:ce:f0:86:5d:a3:20:79:cb:a7:
81:d5:23:a8:95:50:d5:fc:5b:01:b0:60:89:27:ee:
5c:70:61:36:75:83:a5:73:d4:c9:96:df:a5:b5:c0:
22:5f:6d:4c:1e:e1:59:3b:52:dc:fa:01:b6:d1:3d:
88:60:a9:6a:c0:e0:60:07:d5:b6:a7:ac:bc:69:b2:
04:ce:fd:f3:86:51:ae:ff:96:7a:14:85:e2:36:ef:
94:73:b5:a8:f3:61:7c:0e:87:a3:b3:df:c4:a5:6f:
97:e6:48:78:2b:dc:88:96:73:7b:8c:78:3a:50:21:
a7:9d:66:a0:4a:ee:65:89:ab:21:59:5d:8b:3a:db:
77:c5:d8:a0:35:9f:0e:25:10:34:2d:51:53:f3:96:
de:d0:44:fd:35:62:40:f3:1a:ec:b4:b5:b9:36:d4:
1a:de:7e:ab:64:76:ce:b1:0e:90:8f:bf:0b:d6:c7:
7a:7d:ab:33:e4:6c:84:c3:dc:e4:4f:19:63:b9:4a:
3e:b6:6f:aa:bb:ea:49:2e:89:a4:27:39:a0:56:e9:
bd:36:96:dd:99:64:52:63:8b:0b:fa:74:04:11:82:
9b:64:16:ad:36:f1:b6:84:06:f5:a1:97:c8:57:5d:
f5:62:51:6c:f5:75:d0:5f:bf:d3:59:75:84:9e:d2:
7f:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:39:96:F3:78:14:12:EB:12:8E:47:1B:CC:DA:4A:FD:C5:D0:8B:9B
X509v3 Authority Key Identifier:
keyid:94:C8:6C:9B:35:D7:82:11:6B:2C:D8:58:3A:27:CE:B4:03:B8:F6:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lMhsmzXXghFrLNhYOifOtAO49ho.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/fdd688-3e23-46f4-a073-35b0c96524fa/1/lMhsmzXXghFrLNhYOifOtAO49ho.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/fdd688-3e23-46f4-a073-35b0c96524fa/1/lMhsmzXXghFrLNhYOifOtAO49ho.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
65:5d:e8:9c:3c:93:98:3d:52:31:59:0e:af:51:0d:a1:d8:90:
92:0a:a0:c9:79:01:e7:b7:98:df:76:4c:3a:05:5a:dc:82:f2:
9e:de:7d:a0:76:a6:5d:ac:32:ee:a8:65:21:6f:43:2e:b1:4d:
63:1a:a3:39:ae:60:e5:c6:68:66:a4:aa:d8:33:21:e7:f6:0e:
e1:82:9f:22:80:44:2f:bb:ad:bf:39:68:11:4b:90:82:b9:0f:
9a:d3:37:06:b2:03:ac:38:0f:83:bc:cf:52:61:18:86:f5:c2:
8a:09:63:0e:4e:a3:6b:96:fa:3e:1f:ea:db:a3:b2:8e:17:38:
2d:55:05:34:aa:ef:28:bc:3d:da:80:7e:75:dd:f1:d5:ba:44:
b6:ce:1b:b0:7a:2f:91:6f:4c:cb:9e:4d:2a:24:5c:bd:33:96:
63:e2:a4:8d:1a:1f:07:ae:5c:d3:f6:c1:2f:0b:c0:cf:92:4a:
58:96:6f:c3:0c:79:bb:b2:2e:ae:8a:7e:ba:f4:68:b3:0b:28:
28:21:27:bb:99:fd:a3:c3:94:b0:57:b5:11:bb:b1:d7:e1:81:
30:04:95:80:35:6a:a6:f7:9d:98:d1:b7:95:73:b1:a5:fa:8a:
7a:80:63:a0:5c:aa:14:a0:ae:2b:08:c8:31:55:c5:a6:f8:1b:
4d:5e:69:27
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWmE/4lGP6JtU860CSMIncMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0Yzg2YzliMzVkNzgyMTE2YjJjZDg1ODNhMjdjZWI0MDNi
OGY2MWEwHhcNMjUwODIzMTEwMjQyWhcNMjUwODI0MTEwMjQyWjAzMTEwLwYDVQQD
Eyg4MjM5OTZmMzc4MTQxMmViMTI4ZTQ3MWJjY2RhNGFmZGM1ZDA4YjliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsm+SwDbO8IZdoyB5y6eB1SOolVDV
/FsBsGCJJ+5ccGE2dYOlc9TJlt+ltcAiX21MHuFZO1Lc+gG20T2IYKlqwOBgB9W2
p6y8abIEzv3zhlGu/5Z6FIXiNu+Uc7Wo82F8Doejs9/EpW+X5kh4K9yIlnN7jHg6
UCGnnWagSu5liashWV2LOtt3xdigNZ8OJRA0LVFT85be0ET9NWJA8xrstLW5NtQa
3n6rZHbOsQ6Qj78L1sd6fasz5GyEw9zkTxljuUo+tm+qu+pJLomkJzmgVum9Npbd
mWRSY4sL+nQEEYKbZBatNvG2hAb1oZfIV131YlFs9XXQX7/TWXWEntJ/+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFII5lvN4FBLrEo5HG8zaSv3F0IubMB8GA1UdIwQY
MBaAFJTIbJs114IRayzYWDonzrQDuPYaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbE1oc216WFhnaEZyTE5oWU9pZk90QU80OWhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9mZGQ2ODgtM2UyMy00NmY0LWEwNzMt
MzViMGM5NjUyNGZhLzEvbE1oc216WFhnaEZyTE5oWU9pZk90QU80OWhvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9mZGQ2ODgtM2UyMy00NmY0LWEwNzMtMzViMGM5NjUyNGZh
LzEvbE1oc216WFhnaEZyTE5oWU9pZk90QU80OWhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZV3onDyT
mD1SMVkOr1ENodiQkgqgyXkB57eY33ZMOgVa3ILynt59oHamXawy7qhlIW9DLrFN
YxqjOa5g5cZoZqSq2DMh5/YO4YKfIoBEL7utvzloEUuQgrkPmtM3BrIDrDgPg7zP
UmEYhvXCigljDk6ja5b6Ph/q26Oyjhc4LVUFNKrvKLw92oB+dd3x1bpEts4bsHov
kW9My55NKiRcvTOWY+KkjRofB65c0/bBLwvAz5JKWJZvwwx5u7Iurop+uvRoswso
KCEnu5n9o8OUsFe1Ebux1+GBMASVgDVqpvedmNG3lXOxpfqKeoBjoFyqFKCuKwjI
MVXFpvgbTV5pJw==
-----END CERTIFICATE-----
Generated at Sat Aug 23 17:19:55 2025 by rpki-client