Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/bf70d3-70fa-4a32-809f-2a591c149d7a/1/lhmTYCWfpbNbgpU8Xtl5mSKDQaw.mft
File: lhmTYCWfpbNbgpU8Xtl5mSKDQaw.mft (raw, json)
Hash identifier: N0gJUSoPtu6HnS4dQglPOsiEbb3rirCl93SwdYu/KnE=
Subject key identifier: 22:09:E9:B5:85:59:5E:95:65:BA:05:7B:06:08:71:9B:65:23:05:99
Authority key identifier: 96:19:93:60:25:9F:A5:B3:5B:82:95:3C:5E:D9:79:99:22:83:41:AC
Certificate issuer: /CN=96199360259fa5b35b82953c5ed97999228341ac
Certificate serial: 0199FCC6554C7DB8DEAEC1776749C4F1DFD1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lhmTYCWfpbNbgpU8Xtl5mSKDQaw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/bf70d3-70fa-4a32-809f-2a591c149d7a/1/lhmTYCWfpbNbgpU8Xtl5mSKDQaw.mft
Manifest number: 144B
Signing time: Sun 19 Oct 2025 14:01:20 +0000
Manifest this update: Sun 19 Oct 2025 14:01:20 +0000
Manifest next update: Mon 20 Oct 2025 14:01:20 +0000
Files and hashes: 1: 0hGuI9abbnH5IARURiUpnsE2cKk.roa (hash: DuwUAcXW//1k2Md+MdRwDGn9pw5DCw3cr3zSvWu8/Sg=)
2: lhmTYCWfpbNbgpU8Xtl5mSKDQaw.crl (hash: vuxbWkYVWLiGo/dWHoDOC1p/YDQiujAmArcCnOWSDHw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/bf70d3-70fa-4a32-809f-2a591c149d7a/1/lhmTYCWfpbNbgpU8Xtl5mSKDQaw.crl
rsync://rpki.ripe.net/repository/DEFAULT/21/bf70d3-70fa-4a32-809f-2a591c149d7a/1/lhmTYCWfpbNbgpU8Xtl5mSKDQaw.mft
rsync://rpki.ripe.net/repository/DEFAULT/lhmTYCWfpbNbgpU8Xtl5mSKDQaw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fc:c6:55:4c:7d:b8:de:ae:c1:77:67:49:c4:f1:df:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=96199360259fa5b35b82953c5ed97999228341ac
Validity
Not Before: Oct 19 14:01:20 2025 GMT
Not After : Oct 20 14:01:20 2025 GMT
Subject: CN=2209e9b585595e9565ba057b0608719b65230599
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:91:5a:cf:3d:3f:9b:e7:90:07:e4:c3:88:a8:
18:78:0f:76:07:d9:eb:6a:17:65:60:a3:f4:e9:67:
58:9d:1f:d7:fc:14:4f:7f:5f:85:bd:a3:3c:ce:f8:
ef:d8:76:a6:f5:c8:44:c6:d8:d5:50:81:15:7b:db:
1a:a9:51:bd:7f:21:f3:64:2f:d0:00:04:b0:23:72:
3d:92:a5:c3:90:3e:02:20:a3:24:db:8a:8b:13:5a:
17:bd:0b:66:95:66:39:85:f1:0b:85:f5:1b:ee:f9:
b0:b0:46:4b:c9:92:6b:37:13:4b:57:ae:31:ac:6b:
0b:da:bd:bc:e1:92:23:30:5e:d3:5e:30:8c:9d:57:
5e:df:da:ac:9b:08:a1:e2:01:0f:3d:f1:8e:db:f9:
c6:55:13:bc:be:cd:5a:95:b9:21:3d:40:2e:15:c4:
d5:f4:23:5e:d7:bc:be:dc:9c:d5:b5:08:62:84:c3:
55:4d:e5:f5:a8:d4:80:15:62:d9:cc:ca:1d:42:4e:
c7:98:f0:4e:05:90:21:a4:31:f0:f1:c7:a6:be:78:
e2:ce:db:11:57:0e:69:2e:e5:31:0a:47:dd:df:a2:
eb:54:2d:cc:8d:d0:0a:95:72:2b:21:d1:36:1d:1d:
db:13:26:bd:c2:29:44:1a:77:d4:7d:69:b4:a0:2b:
4e:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:09:E9:B5:85:59:5E:95:65:BA:05:7B:06:08:71:9B:65:23:05:99
X509v3 Authority Key Identifier:
keyid:96:19:93:60:25:9F:A5:B3:5B:82:95:3C:5E:D9:79:99:22:83:41:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lhmTYCWfpbNbgpU8Xtl5mSKDQaw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/bf70d3-70fa-4a32-809f-2a591c149d7a/1/lhmTYCWfpbNbgpU8Xtl5mSKDQaw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/bf70d3-70fa-4a32-809f-2a591c149d7a/1/lhmTYCWfpbNbgpU8Xtl5mSKDQaw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0f:39:2c:49:03:f0:6f:c4:32:7d:e9:23:fe:81:13:79:ef:b5:
09:42:f8:1b:e4:50:2e:3e:7d:cd:0f:06:74:e9:00:f6:8a:4f:
a2:f7:bb:c6:23:41:4e:fa:38:e8:22:89:7d:82:3c:40:a6:56:
8e:7d:51:1c:0b:78:02:65:89:57:63:86:66:1f:32:b2:42:ba:
e3:48:1c:2e:87:b4:b0:23:44:cf:49:65:a2:3f:c1:f1:63:04:
f7:4f:d8:c6:35:db:86:71:ea:21:fe:2b:dc:2a:cf:1c:53:93:
bd:45:96:33:48:f9:27:70:15:21:bf:52:f7:6d:e5:c3:cb:44:
ba:f0:dc:b6:4a:20:1c:b8:55:1a:f7:47:f6:7b:38:48:9b:b1:
67:1f:e4:c3:54:03:2f:6d:b1:17:13:12:bd:83:85:60:14:f9:
91:f3:0d:44:d8:a6:8a:11:50:cc:70:ed:97:12:8e:fd:d2:e8:
9b:99:67:95:35:b8:33:1b:a0:17:f2:08:be:ba:41:03:fc:a6:
73:74:53:9b:7f:60:bb:e6:1c:22:73:92:a3:4a:58:61:84:f2:
9e:2e:7f:b7:a7:9b:d1:4d:60:da:07:75:6d:65:fe:0d:ef:cf:
fc:04:55:e5:b9:88:2b:31:f3:67:42:c9:b3:6e:35:d8:2f:1b:
12:ba:fe:7f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8xlVMfbjersF3Z0nE8d/RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2MTk5MzYwMjU5ZmE1YjM1YjgyOTUzYzVlZDk3OTk5MjI4
MzQxYWMwHhcNMjUxMDE5MTQwMTIwWhcNMjUxMDIwMTQwMTIwWjAzMTEwLwYDVQQD
EygyMjA5ZTliNTg1NTk1ZTk1NjViYTA1N2IwNjA4NzE5YjY1MjMwNTk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx5Fazz0/m+eQB+TDiKgYeA92B9nr
ahdlYKP06WdYnR/X/BRPf1+FvaM8zvjv2Ham9chExtjVUIEVe9saqVG9fyHzZC/Q
AASwI3I9kqXDkD4CIKMk24qLE1oXvQtmlWY5hfELhfUb7vmwsEZLyZJrNxNLV64x
rGsL2r284ZIjMF7TXjCMnVde39qsmwih4gEPPfGO2/nGVRO8vs1albkhPUAuFcTV
9CNe17y+3JzVtQhihMNVTeX1qNSAFWLZzModQk7HmPBOBZAhpDHw8cemvnjiztsR
Vw5pLuUxCkfd36LrVC3MjdAKlXIrIdE2HR3bEya9wilEGnfUfWm0oCtOUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCIJ6bWFWV6VZboFewYIcZtlIwWZMB8GA1UdIwQY
MBaAFJYZk2Aln6WzW4KVPF7ZeZkig0GsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGhtVFlDV2ZwYk5iZ3BVOFh0bDVtU0tEUWF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9iZjcwZDMtNzBmYS00YTMyLTgwOWYt
MmE1OTFjMTQ5ZDdhLzEvbGhtVFlDV2ZwYk5iZ3BVOFh0bDVtU0tEUWF3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9iZjcwZDMtNzBmYS00YTMyLTgwOWYtMmE1OTFjMTQ5ZDdh
LzEvbGhtVFlDV2ZwYk5iZ3BVOFh0bDVtU0tEUWF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADzksSQPw
b8Qyfekj/oETee+1CUL4G+RQLj59zQ8GdOkA9opPove7xiNBTvo46CKJfYI8QKZW
jn1RHAt4AmWJV2OGZh8yskK640gcLoe0sCNEz0lloj/B8WME90/YxjXbhnHqIf4r
3CrPHFOTvUWWM0j5J3AVIb9S923lw8tEuvDctkogHLhVGvdH9ns4SJuxZx/kw1QD
L22xFxMSvYOFYBT5kfMNRNimihFQzHDtlxKO/dLom5lnlTW4MxugF/IIvrpBA/ym
c3RTm39gu+YcInOSo0pYYYTyni5/t6eb0U1g2gd1bWX+De/P/ARV5bmIKzHzZ0LJ
s2412C8bErr+fw==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:37:45 2025 by rpki-client