Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/bf70d3-70fa-4a32-809f-2a591c149d7a/1/lhmTYCWfpbNbgpU8Xtl5mSKDQaw.mft
File: lhmTYCWfpbNbgpU8Xtl5mSKDQaw.mft (raw, json)
Hash identifier: 61127yOjoN9wplPeGcoFuNffkdIgnbWQJT8SQngXn8Q=
Subject key identifier: AA:CD:54:BE:A5:03:EA:8A:28:18:C2:0D:37:51:E5:8F:F8:AF:B0:75
Authority key identifier: 96:19:93:60:25:9F:A5:B3:5B:82:95:3C:5E:D9:79:99:22:83:41:AC
Certificate issuer: /CN=96199360259fa5b35b82953c5ed97999228341ac
Certificate serial: 0197B77C563D090CC1F9A968544122539884
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lhmTYCWfpbNbgpU8Xtl5mSKDQaw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/bf70d3-70fa-4a32-809f-2a591c149d7a/1/lhmTYCWfpbNbgpU8Xtl5mSKDQaw.mft
Manifest number: 131E
Signing time: Sat 28 Jun 2025 17:01:08 +0000
Manifest this update: Sat 28 Jun 2025 17:01:08 +0000
Manifest next update: Sun 29 Jun 2025 17:01:08 +0000
Files and hashes: 1: 0hGuI9abbnH5IARURiUpnsE2cKk.roa (hash: DuwUAcXW//1k2Md+MdRwDGn9pw5DCw3cr3zSvWu8/Sg=)
2: lhmTYCWfpbNbgpU8Xtl5mSKDQaw.crl (hash: WTm00kEsn5DWO6BfFUOQRAd7uuqTp8OlPOIwLVeYq7s=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/bf70d3-70fa-4a32-809f-2a591c149d7a/1/lhmTYCWfpbNbgpU8Xtl5mSKDQaw.crl
rsync://rpki.ripe.net/repository/DEFAULT/21/bf70d3-70fa-4a32-809f-2a591c149d7a/1/lhmTYCWfpbNbgpU8Xtl5mSKDQaw.mft
rsync://rpki.ripe.net/repository/DEFAULT/lhmTYCWfpbNbgpU8Xtl5mSKDQaw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 15:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b7:7c:56:3d:09:0c:c1:f9:a9:68:54:41:22:53:98:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=96199360259fa5b35b82953c5ed97999228341ac
Validity
Not Before: Jun 28 17:01:08 2025 GMT
Not After : Jun 29 17:01:08 2025 GMT
Subject: CN=aacd54bea503ea8a2818c20d3751e58ff8afb075
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:07:52:6e:7b:01:df:2c:ca:14:77:57:48:0d:
81:b3:49:db:09:eb:26:dc:09:73:de:4b:18:e0:95:
65:09:5f:e9:24:8a:e0:88:d6:c8:35:49:5c:88:08:
fc:5e:d6:c4:89:86:8f:de:a1:41:ae:07:97:50:95:
16:2f:91:9c:5d:02:38:bf:91:20:53:87:a6:1c:8b:
2d:d0:1f:f8:84:ae:83:cc:54:3b:2e:ef:ce:93:61:
2a:ca:19:f8:47:16:23:db:8d:ba:78:8c:f4:60:fb:
07:5b:12:eb:bd:03:1e:97:a9:b9:c5:61:b2:ff:90:
c4:a5:28:04:8a:09:59:66:49:6c:e4:b3:04:c4:e2:
a0:8f:ee:d0:85:2b:28:07:00:73:42:95:e4:4e:51:
38:52:61:d5:29:27:77:7d:f7:fe:2f:d9:dc:11:3b:
50:ca:e7:81:17:55:7e:61:74:1c:dd:ee:28:27:1c:
7f:22:69:58:11:de:06:c8:6b:12:78:a9:97:7c:fb:
92:ca:72:d8:28:6c:2a:58:8d:f8:8c:5e:bb:89:a4:
47:84:c0:74:d3:81:50:9a:82:53:44:f5:18:4b:77:
3d:e9:84:87:c3:cd:07:fb:94:6d:ad:2d:07:47:d5:
71:79:ab:f7:53:2e:ac:de:61:d2:58:d4:c6:b4:3e:
21:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:CD:54:BE:A5:03:EA:8A:28:18:C2:0D:37:51:E5:8F:F8:AF:B0:75
X509v3 Authority Key Identifier:
keyid:96:19:93:60:25:9F:A5:B3:5B:82:95:3C:5E:D9:79:99:22:83:41:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lhmTYCWfpbNbgpU8Xtl5mSKDQaw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/bf70d3-70fa-4a32-809f-2a591c149d7a/1/lhmTYCWfpbNbgpU8Xtl5mSKDQaw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/bf70d3-70fa-4a32-809f-2a591c149d7a/1/lhmTYCWfpbNbgpU8Xtl5mSKDQaw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b5:94:23:64:99:01:e7:e8:45:63:c2:71:13:4b:48:da:ed:c3:
55:15:ff:5f:d3:96:9d:67:51:25:6b:ed:8a:eb:e2:dc:ba:c0:
b8:02:b6:7a:d6:59:e1:f3:4b:bf:66:f9:d9:0e:86:ce:ed:c9:
55:59:62:ec:c7:31:aa:2a:c0:b4:af:3b:cf:d0:72:7a:af:99:
80:53:f6:51:af:6e:2f:52:84:40:7f:98:72:e6:d3:e2:80:1a:
1b:8e:0f:a2:3e:ee:cb:a5:9d:0d:b1:c5:83:82:0b:15:ed:5f:
f4:84:24:73:42:11:05:78:9e:ca:ad:2d:83:4f:d0:56:3f:69:
3c:eb:3f:a7:c3:1d:d0:50:d5:7a:f4:29:9e:d0:92:d1:5b:7a:
8c:30:d1:33:88:49:54:ef:cd:cf:71:f2:eb:47:7a:90:57:99:
d8:5a:06:f1:99:e2:07:92:c5:ca:52:18:8a:2d:23:2f:f6:ea:
d2:05:73:1e:db:b6:64:39:9e:ff:38:9c:d6:cc:b4:c2:57:6a:
2a:4a:e2:d6:13:1b:af:01:52:01:fe:a4:84:1f:17:02:cf:5b:
4f:79:7e:a1:b7:14:95:1c:0d:97:85:41:2d:5e:e5:2f:2e:ae:
1b:69:8b:bb:e1:e2:01:51:80:25:87:1e:19:b3:2d:ed:3b:d4:
ba:bf:e9:78
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3fFY9CQzB+aloVEEiU5iEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2MTk5MzYwMjU5ZmE1YjM1YjgyOTUzYzVlZDk3OTk5MjI4
MzQxYWMwHhcNMjUwNjI4MTcwMTA4WhcNMjUwNjI5MTcwMTA4WjAzMTEwLwYDVQQD
EyhhYWNkNTRiZWE1MDNlYThhMjgxOGMyMGQzNzUxZTU4ZmY4YWZiMDc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiwdSbnsB3yzKFHdXSA2Bs0nbCesm
3Alz3ksY4JVlCV/pJIrgiNbINUlciAj8XtbEiYaP3qFBrgeXUJUWL5GcXQI4v5Eg
U4emHIst0B/4hK6DzFQ7Lu/Ok2Eqyhn4RxYj2426eIz0YPsHWxLrvQMel6m5xWGy
/5DEpSgEiglZZkls5LMExOKgj+7QhSsoBwBzQpXkTlE4UmHVKSd3fff+L9ncETtQ
yueBF1V+YXQc3e4oJxx/ImlYEd4GyGsSeKmXfPuSynLYKGwqWI34jF67iaRHhMB0
04FQmoJTRPUYS3c96YSHw80H+5RtrS0HR9Vxeav3Uy6s3mHSWNTGtD4hCQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKrNVL6lA+qKKBjCDTdR5Y/4r7B1MB8GA1UdIwQY
MBaAFJYZk2Aln6WzW4KVPF7ZeZkig0GsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGhtVFlDV2ZwYk5iZ3BVOFh0bDVtU0tEUWF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9iZjcwZDMtNzBmYS00YTMyLTgwOWYt
MmE1OTFjMTQ5ZDdhLzEvbGhtVFlDV2ZwYk5iZ3BVOFh0bDVtU0tEUWF3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9iZjcwZDMtNzBmYS00YTMyLTgwOWYtMmE1OTFjMTQ5ZDdh
LzEvbGhtVFlDV2ZwYk5iZ3BVOFh0bDVtU0tEUWF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtZQjZJkB
5+hFY8JxE0tI2u3DVRX/X9OWnWdRJWvtiuvi3LrAuAK2etZZ4fNLv2b52Q6Gzu3J
VVli7McxqirAtK87z9Byeq+ZgFP2Ua9uL1KEQH+YcubT4oAaG44Poj7uy6WdDbHF
g4ILFe1f9IQkc0IRBXieyq0tg0/QVj9pPOs/p8Md0FDVevQpntCS0Vt6jDDRM4hJ
VO/Nz3Hy60d6kFeZ2FoG8ZniB5LFylIYii0jL/bq0gVzHtu2ZDme/zic1sy0wldq
Kkri1hMbrwFSAf6khB8XAs9bT3l+obcUlRwNl4VBLV7lLy6uG2mLu+HiAVGAJYce
GbMt7TvUur/peA==
-----END CERTIFICATE-----
Generated at Sat Jun 28 21:56:51 2025 by rpki-client