Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/9f3bfa-ef3b-4361-b311-6705dc2e3aaa/1/lfdgXoUMnb8X2vC6OONvzGPCy_o.mft
File: lfdgXoUMnb8X2vC6OONvzGPCy_o.mft (raw, json)
Hash identifier: kjeNl9NWHHZfJCJbsdFhg7DFsncE3LV7InZXyb5zh3k=
Subject key identifier: C8:94:26:91:FC:1E:59:57:18:69:F3:FA:AB:4D:00:9B:CB:DA:6E:B6
Authority key identifier: 95:F7:60:5E:85:0C:9D:BF:17:DA:F0:BA:38:E3:6F:CC:63:C2:CB:FA
Certificate issuer: /CN=95f7605e850c9dbf17daf0ba38e36fcc63c2cbfa
Certificate serial: 0199FCC6865C476ABA620C4BE69D7C3430E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lfdgXoUMnb8X2vC6OONvzGPCy_o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/9f3bfa-ef3b-4361-b311-6705dc2e3aaa/1/lfdgXoUMnb8X2vC6OONvzGPCy_o.mft
Manifest number: 16E2
Signing time: Sun 19 Oct 2025 14:01:32 +0000
Manifest this update: Sun 19 Oct 2025 14:01:32 +0000
Manifest next update: Mon 20 Oct 2025 14:01:32 +0000
Files and hashes: 1: 5-Dy59i1_U0ZRMyz_6apK6err6E.roa (hash: HTKVf7q+nYn6Qr/j/qsCTy9hUzuLpJ7dJx3pfn4b6GM=)
2: lfdgXoUMnb8X2vC6OONvzGPCy_o.crl (hash: P+bkj2bpZ+EU8DIVgpc426aM7Ne36FiJ7LxD/nZSlMg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/9f3bfa-ef3b-4361-b311-6705dc2e3aaa/1/lfdgXoUMnb8X2vC6OONvzGPCy_o.crl
rsync://rpki.ripe.net/repository/DEFAULT/34/9f3bfa-ef3b-4361-b311-6705dc2e3aaa/1/lfdgXoUMnb8X2vC6OONvzGPCy_o.mft
rsync://rpki.ripe.net/repository/DEFAULT/lfdgXoUMnb8X2vC6OONvzGPCy_o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fc:c6:86:5c:47:6a:ba:62:0c:4b:e6:9d:7c:34:30:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=95f7605e850c9dbf17daf0ba38e36fcc63c2cbfa
Validity
Not Before: Oct 19 14:01:32 2025 GMT
Not After : Oct 20 14:01:32 2025 GMT
Subject: CN=c8942691fc1e59571869f3faab4d009bcbda6eb6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:46:6f:56:fd:8a:c2:11:0a:47:33:89:ea:ac:
3c:4f:08:63:33:58:69:1e:b0:56:ab:1a:98:44:ea:
6c:da:6e:a7:44:07:6e:5b:6e:d7:a4:3b:ab:57:17:
6a:ff:98:f2:79:4e:c7:01:86:49:8f:a9:93:02:05:
bf:c9:b3:3b:d3:84:ff:7a:f0:1c:bb:a5:10:6b:73:
a9:0b:77:20:f4:c7:56:19:a4:2b:e5:98:4c:db:b3:
f9:bf:f0:1b:e6:2d:ff:60:03:89:22:8d:5e:b8:55:
bf:d8:38:0b:3b:08:4c:ae:ba:31:59:d2:59:47:cc:
c0:8c:7a:3e:6b:3b:02:f6:f5:85:06:f9:be:f4:e9:
26:c2:1e:ba:ca:b1:3e:4b:e3:3d:8a:0b:7d:15:f4:
b4:ae:9d:35:d2:60:ad:73:02:0e:87:82:bc:60:65:
f4:94:e5:f1:00:66:c2:79:8e:75:48:3b:f8:76:8b:
d5:63:cf:0e:05:90:8b:79:40:df:4f:c5:58:45:6d:
2b:79:b2:8a:7d:bb:ef:83:68:e4:8e:67:38:bb:d5:
35:4f:98:e1:f3:c6:cc:3a:1a:06:cb:44:6c:91:2d:
aa:a1:60:05:7d:2d:21:ae:9b:07:3f:5f:bd:26:95:
93:7c:45:20:f1:13:f0:f2:84:b7:11:88:83:ec:51:
31:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:94:26:91:FC:1E:59:57:18:69:F3:FA:AB:4D:00:9B:CB:DA:6E:B6
X509v3 Authority Key Identifier:
keyid:95:F7:60:5E:85:0C:9D:BF:17:DA:F0:BA:38:E3:6F:CC:63:C2:CB:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lfdgXoUMnb8X2vC6OONvzGPCy_o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/9f3bfa-ef3b-4361-b311-6705dc2e3aaa/1/lfdgXoUMnb8X2vC6OONvzGPCy_o.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/9f3bfa-ef3b-4361-b311-6705dc2e3aaa/1/lfdgXoUMnb8X2vC6OONvzGPCy_o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a1:34:26:75:83:fc:0d:af:33:8f:b8:a4:ee:8a:91:cd:8c:d2:
1d:6e:7e:d5:42:69:b9:33:16:1d:3b:29:3c:f0:39:3e:29:23:
bb:0b:30:59:3a:5c:84:ec:b6:12:3c:94:1c:00:3d:09:8a:05:
30:3f:96:88:48:7b:63:87:71:6d:93:ed:a0:53:27:fb:69:ee:
e0:b1:4b:1d:0e:60:f0:87:1c:a3:3a:7a:9d:8c:0b:65:42:53:
08:f2:6e:ee:39:f3:a1:b7:d0:6c:33:88:b4:e3:21:74:b5:3e:
93:e6:38:0b:a4:f1:87:22:32:a3:7c:9a:ad:cd:58:f7:8e:68:
0b:2d:0e:2b:8b:e8:a5:9b:de:00:09:6c:62:70:7e:ae:f8:18:
49:84:57:c3:38:b5:53:37:5f:bd:62:db:63:da:fa:5e:c4:12:
e7:49:0b:90:8e:71:d4:4e:c4:ea:bf:99:e0:96:6a:18:a2:85:
74:53:eb:ff:99:f2:3e:53:af:76:89:b0:61:28:33:3d:6b:cd:
d2:00:2a:57:9f:a8:fb:8b:4f:6b:37:71:1e:f5:d8:3f:ae:99:
37:c1:41:e2:0d:3d:0f:0b:f7:e6:fc:ef:48:29:56:b4:9b:02:
3f:01:3e:8a:35:d0:4e:20:41:6c:eb:02:f0:95:d1:f7:f5:d2:
8b:c5:d1:77
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8xoZcR2q6YgxL5p18NDDiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1Zjc2MDVlODUwYzlkYmYxN2RhZjBiYTM4ZTM2ZmNjNjNj
MmNiZmEwHhcNMjUxMDE5MTQwMTMyWhcNMjUxMDIwMTQwMTMyWjAzMTEwLwYDVQQD
EyhjODk0MjY5MWZjMWU1OTU3MTg2OWYzZmFhYjRkMDA5YmNiZGE2ZWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzkZvVv2KwhEKRzOJ6qw8TwhjM1hp
HrBWqxqYROps2m6nRAduW27XpDurVxdq/5jyeU7HAYZJj6mTAgW/ybM704T/evAc
u6UQa3OpC3cg9MdWGaQr5ZhM27P5v/Ab5i3/YAOJIo1euFW/2DgLOwhMrroxWdJZ
R8zAjHo+azsC9vWFBvm+9Okmwh66yrE+S+M9igt9FfS0rp010mCtcwIOh4K8YGX0
lOXxAGbCeY51SDv4dovVY88OBZCLeUDfT8VYRW0rebKKfbvvg2jkjmc4u9U1T5jh
88bMOhoGy0RskS2qoWAFfS0hrpsHP1+9JpWTfEUg8RPw8oS3EYiD7FExxQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMiUJpH8HllXGGnz+qtNAJvL2m62MB8GA1UdIwQY
MBaAFJX3YF6FDJ2/F9rwujjjb8xjwsv6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGZkZ1hvVU1uYjhYMnZDNk9PTnZ6R1BDeV9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC85ZjNiZmEtZWYzYi00MzYxLWIzMTEt
NjcwNWRjMmUzYWFhLzEvbGZkZ1hvVU1uYjhYMnZDNk9PTnZ6R1BDeV9vLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC85ZjNiZmEtZWYzYi00MzYxLWIzMTEtNjcwNWRjMmUzYWFh
LzEvbGZkZ1hvVU1uYjhYMnZDNk9PTnZ6R1BDeV9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoTQmdYP8
Da8zj7ik7oqRzYzSHW5+1UJpuTMWHTspPPA5PikjuwswWTpchOy2EjyUHAA9CYoF
MD+WiEh7Y4dxbZPtoFMn+2nu4LFLHQ5g8Iccozp6nYwLZUJTCPJu7jnzobfQbDOI
tOMhdLU+k+Y4C6TxhyIyo3yarc1Y945oCy0OK4vopZveAAlsYnB+rvgYSYRXwzi1
UzdfvWLbY9r6XsQS50kLkI5x1E7E6r+Z4JZqGKKFdFPr/5nyPlOvdomwYSgzPWvN
0gAqV5+o+4tPazdxHvXYP66ZN8FB4g09Dwv35vzvSClWtJsCPwE+ijXQTiBBbOsC
8JXR9/XSi8XRdw==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:39:36 2025 by rpki-client