Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/320ef9-3541-4321-80ff-f85c60be340d/1/lWmTFkJJYHEcLo7LU2vdArxyT60.mft
File: lWmTFkJJYHEcLo7LU2vdArxyT60.mft (raw, json)
Hash identifier: 4T1dSjeTX+jMNlxhlWl7uNWCS4wqU1nrC6rUE9qRAp4=
Subject key identifier: 03:E7:85:7C:1A:EE:01:77:F5:1D:AB:7C:BF:15:02:DE:4D:B2:D7:C8
Authority key identifier: 95:69:93:16:42:49:60:71:1C:2E:8E:CB:53:6B:DD:02:BC:72:4F:AD
Certificate issuer: /CN=95699316424960711c2e8ecb536bdd02bc724fad
Certificate serial: 0199FAA10F3B5E2AC8E7BC00AA7F1BF967A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lWmTFkJJYHEcLo7LU2vdArxyT60.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/320ef9-3541-4321-80ff-f85c60be340d/1/lWmTFkJJYHEcLo7LU2vdArxyT60.mft
Manifest number: 055A
Signing time: Sun 19 Oct 2025 04:01:23 +0000
Manifest this update: Sun 19 Oct 2025 04:01:23 +0000
Manifest next update: Mon 20 Oct 2025 04:01:23 +0000
Files and hashes: 1: QlwSz5QY3CNReEwoqy5_qdcxp7E.roa (hash: J1QwLI9Oak3umoZp+VK8k+3z4SfC016Ed6Yx+Y0FOX0=)
2: lWmTFkJJYHEcLo7LU2vdArxyT60.crl (hash: tcvxBUfeiWgnamqwyGdicTfKotDx6/jXuyxVbHjXyL0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/320ef9-3541-4321-80ff-f85c60be340d/1/lWmTFkJJYHEcLo7LU2vdArxyT60.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/320ef9-3541-4321-80ff-f85c60be340d/1/lWmTFkJJYHEcLo7LU2vdArxyT60.mft
rsync://rpki.ripe.net/repository/DEFAULT/lWmTFkJJYHEcLo7LU2vdArxyT60.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 04:01:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fa:a1:0f:3b:5e:2a:c8:e7:bc:00:aa:7f:1b:f9:67:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=95699316424960711c2e8ecb536bdd02bc724fad
Validity
Not Before: Oct 19 04:01:23 2025 GMT
Not After : Oct 20 04:01:23 2025 GMT
Subject: CN=03e7857c1aee0177f51dab7cbf1502de4db2d7c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:90:46:c5:23:3f:c2:bd:19:33:6c:cd:2f:24:
35:77:9b:97:8c:f4:90:0a:5a:9b:79:ec:24:4b:d1:
46:3f:3a:fb:f4:8b:2b:f6:15:f7:4a:ca:f5:7b:c1:
48:c0:da:37:7d:56:68:61:fd:e5:34:a6:7f:16:4c:
ab:ac:0b:d6:79:3d:d2:f8:e3:e8:ec:07:8e:f5:cc:
a6:85:bd:7b:78:2a:1c:77:9d:36:ec:97:2e:f4:b8:
ed:47:6d:9f:ed:2c:b5:4e:2b:56:1e:e4:09:30:84:
e0:71:29:5a:46:82:54:cd:5e:e9:c8:e2:a9:78:4e:
49:cc:5b:84:37:72:44:d0:da:07:fa:88:28:dd:f3:
d6:54:45:6b:7f:de:5d:20:5f:1e:62:6b:ae:54:7d:
29:0d:6a:f9:e9:9d:98:ca:ea:92:b6:dc:47:45:71:
fb:97:ff:fb:7c:d7:b4:15:4d:c3:fd:20:42:32:9a:
78:a4:1b:3a:21:57:ef:fe:82:ee:6a:73:aa:c8:be:
7e:15:10:82:27:d6:56:e8:f3:26:5b:b6:62:81:bf:
62:47:20:5e:3a:f6:3c:d4:ee:cd:c0:fc:5b:95:c9:
18:fa:7f:20:c9:6a:93:67:c6:5a:c2:6a:9b:1a:14:
86:5d:ca:90:49:2d:28:1f:37:81:ab:5c:53:a2:9a:
75:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:E7:85:7C:1A:EE:01:77:F5:1D:AB:7C:BF:15:02:DE:4D:B2:D7:C8
X509v3 Authority Key Identifier:
keyid:95:69:93:16:42:49:60:71:1C:2E:8E:CB:53:6B:DD:02:BC:72:4F:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lWmTFkJJYHEcLo7LU2vdArxyT60.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/320ef9-3541-4321-80ff-f85c60be340d/1/lWmTFkJJYHEcLo7LU2vdArxyT60.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/320ef9-3541-4321-80ff-f85c60be340d/1/lWmTFkJJYHEcLo7LU2vdArxyT60.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4a:a9:17:77:c7:44:80:36:90:f1:8d:34:31:5c:0f:52:29:56:
d1:70:30:57:8b:6e:06:6f:d1:8b:4f:9f:3a:7d:c8:d2:71:40:
ef:b4:eb:8e:95:8b:53:51:13:5f:4a:d9:e8:7c:37:34:60:ec:
e3:53:e3:97:cd:48:b0:5c:95:0e:20:85:bb:e6:12:91:60:1d:
17:07:8c:04:42:27:84:94:32:43:fb:be:2c:f2:97:14:e2:5b:
e1:ab:05:76:69:db:eb:1b:f3:ca:46:b9:dc:76:3f:64:be:89:
f8:5c:04:dd:8e:15:2f:81:6e:75:09:ec:8b:49:01:c6:43:98:
0f:d1:d5:85:35:3d:7a:ce:61:a8:11:79:26:76:7a:ad:18:54:
83:dd:20:7d:4b:63:87:e9:57:56:e7:c0:3e:8e:84:33:d6:6d:
bf:5a:4c:8a:ab:d8:41:84:bf:05:8c:95:d5:71:d0:f2:77:24:
ea:37:31:a7:1c:a1:2e:1c:66:41:cf:95:4a:5e:45:2a:11:71:
b1:29:c9:ab:9b:c4:17:89:f0:e5:be:79:e5:bd:d2:dc:c4:1e:
6a:d0:c4:bc:2d:a5:16:b7:e7:9f:ba:b5:71:2d:ae:0f:df:fc:
38:f7:4a:55:fb:a3:46:33:93:13:70:84:19:7f:5c:fb:cd:6e:
6e:35:f8:1d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn6oQ87XirI57wAqn8b+WepMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1Njk5MzE2NDI0OTYwNzExYzJlOGVjYjUzNmJkZDAyYmM3
MjRmYWQwHhcNMjUxMDE5MDQwMTIzWhcNMjUxMDIwMDQwMTIzWjAzMTEwLwYDVQQD
EygwM2U3ODU3YzFhZWUwMTc3ZjUxZGFiN2NiZjE1MDJkZTRkYjJkN2M4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuJBGxSM/wr0ZM2zNLyQ1d5uXjPSQ
ClqbeewkS9FGPzr79Isr9hX3Ssr1e8FIwNo3fVZoYf3lNKZ/FkyrrAvWeT3S+OPo
7AeO9cymhb17eCocd5027Jcu9LjtR22f7Sy1TitWHuQJMITgcSlaRoJUzV7pyOKp
eE5JzFuEN3JE0NoH+ogo3fPWVEVrf95dIF8eYmuuVH0pDWr56Z2YyuqSttxHRXH7
l//7fNe0FU3D/SBCMpp4pBs6IVfv/oLuanOqyL5+FRCCJ9ZW6PMmW7Zigb9iRyBe
OvY81O7NwPxblckY+n8gyWqTZ8ZawmqbGhSGXcqQSS0oHzeBq1xTopp1PwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAPnhXwa7gF39R2rfL8VAt5NstfIMB8GA1UdIwQY
MBaAFJVpkxZCSWBxHC6Oy1Nr3QK8ck+tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFdtVEZrSkpZSEVjTG83TFUydmRBcnh5VDYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS8zMjBlZjktMzU0MS00MzIxLTgwZmYt
Zjg1YzYwYmUzNDBkLzEvbFdtVEZrSkpZSEVjTG83TFUydmRBcnh5VDYwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS8zMjBlZjktMzU0MS00MzIxLTgwZmYtZjg1YzYwYmUzNDBk
LzEvbFdtVEZrSkpZSEVjTG83TFUydmRBcnh5VDYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASqkXd8dE
gDaQ8Y00MVwPUilW0XAwV4tuBm/Ri0+fOn3I0nFA77TrjpWLU1ETX0rZ6Hw3NGDs
41Pjl81IsFyVDiCFu+YSkWAdFweMBEInhJQyQ/u+LPKXFOJb4asFdmnb6xvzyka5
3HY/ZL6J+FwE3Y4VL4FudQnsi0kBxkOYD9HVhTU9es5hqBF5JnZ6rRhUg90gfUtj
h+lXVufAPo6EM9Ztv1pMiqvYQYS/BYyV1XHQ8nck6jcxpxyhLhxmQc+VSl5FKhFx
sSnJq5vEF4nw5b555b3S3MQeatDEvC2lFrfnn7q1cS2uD9/8OPdKVfujRjOTE3CE
GX9c+81ubjX4HQ==
-----END CERTIFICATE-----
Generated at Sun Oct 19 13:10:50 2025 by rpki-client