Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/bf70d3-70fa-4a32-809f-2a591c149d7a/1/lhmTYCWfpbNbgpU8Xtl5mSKDQaw.mft
File: lhmTYCWfpbNbgpU8Xtl5mSKDQaw.mft (raw, json)
Hash identifier: ZRac9VZtAs3TzMX9/7/gAccZjfp4jbDuNR57RZosN2k=
Subject key identifier: D1:41:C3:33:BB:2F:4C:F4:19:81:9D:BE:67:25:AB:42:71:BF:C8:23
Authority key identifier: 96:19:93:60:25:9F:A5:B3:5B:82:95:3C:5E:D9:79:99:22:83:41:AC
Certificate issuer: /CN=96199360259fa5b35b82953c5ed97999228341ac
Certificate serial: 0198D54E4BD0F73E6481681A14C59D7A24ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lhmTYCWfpbNbgpU8Xtl5mSKDQaw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/bf70d3-70fa-4a32-809f-2a591c149d7a/1/lhmTYCWfpbNbgpU8Xtl5mSKDQaw.mft
Manifest number: 13B2
Signing time: Sat 23 Aug 2025 05:02:14 +0000
Manifest this update: Sat 23 Aug 2025 05:02:14 +0000
Manifest next update: Sun 24 Aug 2025 05:02:14 +0000
Files and hashes: 1: 0hGuI9abbnH5IARURiUpnsE2cKk.roa (hash: DuwUAcXW//1k2Md+MdRwDGn9pw5DCw3cr3zSvWu8/Sg=)
2: lhmTYCWfpbNbgpU8Xtl5mSKDQaw.crl (hash: XN87KYCFd6biieT7wYq7bsS4tyt1Z//mmwQfy5z+WHs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/bf70d3-70fa-4a32-809f-2a591c149d7a/1/lhmTYCWfpbNbgpU8Xtl5mSKDQaw.crl
rsync://rpki.ripe.net/repository/DEFAULT/21/bf70d3-70fa-4a32-809f-2a591c149d7a/1/lhmTYCWfpbNbgpU8Xtl5mSKDQaw.mft
rsync://rpki.ripe.net/repository/DEFAULT/lhmTYCWfpbNbgpU8Xtl5mSKDQaw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d5:4e:4b:d0:f7:3e:64:81:68:1a:14:c5:9d:7a:24:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=96199360259fa5b35b82953c5ed97999228341ac
Validity
Not Before: Aug 23 05:02:14 2025 GMT
Not After : Aug 24 05:02:14 2025 GMT
Subject: CN=d141c333bb2f4cf419819dbe6725ab4271bfc823
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:83:2d:ec:e9:4c:a5:f2:6e:ab:06:f4:5e:13:
10:d0:2a:9f:3a:d1:53:fe:1c:b3:74:d4:5b:3d:8e:
66:23:db:03:e0:d8:29:6f:60:2a:95:e4:b7:49:58:
84:e7:c4:92:78:52:bc:26:7b:df:e5:08:ec:34:0b:
f1:f8:d9:0d:0b:99:13:3a:f6:ab:15:2a:6e:2f:07:
13:c7:46:37:db:e4:04:ab:82:9d:78:dc:44:a4:75:
a8:2c:a6:11:6a:52:b3:c3:9c:bb:9e:3d:34:28:7c:
e0:68:3a:71:6c:f9:bf:43:2d:de:23:16:dc:a4:bf:
fc:5b:d8:2d:18:ca:a0:b2:82:20:92:6b:5a:32:c6:
7e:66:7b:00:21:87:05:f6:6e:3c:ad:bc:45:5f:53:
7f:ac:f6:6c:23:1c:a2:05:41:0f:c5:5f:d3:18:92:
a0:aa:54:07:11:c3:e0:28:4d:53:e4:b3:ce:ab:dd:
68:d7:28:f7:2b:61:dd:ce:88:08:4b:d3:d6:9b:47:
81:70:00:9a:ed:01:61:99:99:31:59:44:9f:1c:84:
6b:e6:a0:df:bc:96:a7:6c:51:3d:8a:b1:a5:31:4b:
61:0d:b3:d3:2c:ba:42:31:e0:d6:39:3c:ed:7b:05:
7d:36:c6:ba:95:13:4e:8d:9f:f7:2a:fc:a2:4c:6d:
29:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:41:C3:33:BB:2F:4C:F4:19:81:9D:BE:67:25:AB:42:71:BF:C8:23
X509v3 Authority Key Identifier:
keyid:96:19:93:60:25:9F:A5:B3:5B:82:95:3C:5E:D9:79:99:22:83:41:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lhmTYCWfpbNbgpU8Xtl5mSKDQaw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/bf70d3-70fa-4a32-809f-2a591c149d7a/1/lhmTYCWfpbNbgpU8Xtl5mSKDQaw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/bf70d3-70fa-4a32-809f-2a591c149d7a/1/lhmTYCWfpbNbgpU8Xtl5mSKDQaw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
61:35:17:bc:1a:a4:9f:62:3f:69:cc:84:a2:fd:22:a8:92:c5:
dd:f8:c8:e5:9d:ec:fa:71:43:37:3f:d7:a5:2a:9a:c3:bb:e1:
f7:10:15:a1:52:39:4c:5d:8c:b6:a0:f5:77:b3:9a:05:ae:7d:
56:c6:7e:b0:df:dc:c0:52:df:a7:54:33:ec:d4:7c:0f:a4:9f:
24:b5:68:26:1a:f9:fe:0e:fb:04:ee:cb:3f:3c:00:3c:e7:57:
99:7f:5d:93:c4:16:7d:32:19:d7:57:d8:dd:94:4d:1b:04:33:
17:f0:1b:c8:5b:82:55:98:de:ac:60:1a:5f:a0:2c:bc:5c:42:
74:9e:20:f4:bc:a3:e8:e1:8a:31:da:ea:41:23:18:2a:04:7a:
ce:20:75:f5:d1:de:98:1d:cc:18:0a:d1:19:a2:29:5b:f1:41:
ec:0f:00:ac:bd:d4:d2:c0:19:87:d5:79:ba:39:05:18:f7:04:
19:61:65:5c:df:9e:8e:98:69:1a:92:71:55:0f:ad:ab:db:a4:
28:7a:ce:50:5a:d8:e6:25:a7:e0:c0:f0:83:8f:31:07:41:c6:
7d:e3:2c:03:38:83:b0:c2:d4:f0:73:18:8f:f1:4b:97:56:48:
f8:7c:85:5b:64:c5:bf:9c:94:43:84:30:a9:49:85:0c:7c:92:
ce:b2:89:51
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVTkvQ9z5kgWgaFMWdeiTtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2MTk5MzYwMjU5ZmE1YjM1YjgyOTUzYzVlZDk3OTk5MjI4
MzQxYWMwHhcNMjUwODIzMDUwMjE0WhcNMjUwODI0MDUwMjE0WjAzMTEwLwYDVQQD
EyhkMTQxYzMzM2JiMmY0Y2Y0MTk4MTlkYmU2NzI1YWI0MjcxYmZjODIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp4Mt7OlMpfJuqwb0XhMQ0CqfOtFT
/hyzdNRbPY5mI9sD4Ngpb2AqleS3SViE58SSeFK8Jnvf5QjsNAvx+NkNC5kTOvar
FSpuLwcTx0Y32+QEq4KdeNxEpHWoLKYRalKzw5y7nj00KHzgaDpxbPm/Qy3eIxbc
pL/8W9gtGMqgsoIgkmtaMsZ+ZnsAIYcF9m48rbxFX1N/rPZsIxyiBUEPxV/TGJKg
qlQHEcPgKE1T5LPOq91o1yj3K2HdzogIS9PWm0eBcACa7QFhmZkxWUSfHIRr5qDf
vJanbFE9irGlMUthDbPTLLpCMeDWOTztewV9Nsa6lRNOjZ/3KvyiTG0plQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNFBwzO7L0z0GYGdvmclq0Jxv8gjMB8GA1UdIwQY
MBaAFJYZk2Aln6WzW4KVPF7ZeZkig0GsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGhtVFlDV2ZwYk5iZ3BVOFh0bDVtU0tEUWF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9iZjcwZDMtNzBmYS00YTMyLTgwOWYt
MmE1OTFjMTQ5ZDdhLzEvbGhtVFlDV2ZwYk5iZ3BVOFh0bDVtU0tEUWF3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9iZjcwZDMtNzBmYS00YTMyLTgwOWYtMmE1OTFjMTQ5ZDdh
LzEvbGhtVFlDV2ZwYk5iZ3BVOFh0bDVtU0tEUWF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYTUXvBqk
n2I/acyEov0iqJLF3fjI5Z3s+nFDNz/XpSqaw7vh9xAVoVI5TF2MtqD1d7OaBa59
VsZ+sN/cwFLfp1Qz7NR8D6SfJLVoJhr5/g77BO7LPzwAPOdXmX9dk8QWfTIZ11fY
3ZRNGwQzF/AbyFuCVZjerGAaX6AsvFxCdJ4g9Lyj6OGKMdrqQSMYKgR6ziB19dHe
mB3MGArRGaIpW/FB7A8ArL3U0sAZh9V5ujkFGPcEGWFlXN+ejphpGpJxVQ+tq9uk
KHrOUFrY5iWn4MDwg48xB0HGfeMsAziDsMLU8HMYj/FLl1ZI+HyFW2TFv5yUQ4Qw
qUmFDHySzrKJUQ==
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:49:32 2025 by rpki-client