Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/320ef9-3541-4321-80ff-f85c60be340d/1/lWmTFkJJYHEcLo7LU2vdArxyT60.mft
File: lWmTFkJJYHEcLo7LU2vdArxyT60.mft (raw, json)
Hash identifier: CtnyCms9sn37nMv3pnLNiOzTQZvYTCYuUCTDX+G3guw=
Subject key identifier: 38:A3:5A:99:E0:0F:ED:CD:2D:2B:51:C9:C4:03:51:5E:61:28:18:10
Authority key identifier: 95:69:93:16:42:49:60:71:1C:2E:8E:CB:53:6B:DD:02:BC:72:4F:AD
Certificate issuer: /CN=95699316424960711c2e8ecb536bdd02bc724fad
Certificate serial: 0197C4CA48D4B7C017FD23C0A16AAEB1B48B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lWmTFkJJYHEcLo7LU2vdArxyT60.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/320ef9-3541-4321-80ff-f85c60be340d/1/lWmTFkJJYHEcLo7LU2vdArxyT60.mft
Manifest number: 0435
Signing time: Tue 01 Jul 2025 07:01:20 +0000
Manifest this update: Tue 01 Jul 2025 07:01:20 +0000
Manifest next update: Wed 02 Jul 2025 07:01:20 +0000
Files and hashes: 1: QlwSz5QY3CNReEwoqy5_qdcxp7E.roa (hash: J1QwLI9Oak3umoZp+VK8k+3z4SfC016Ed6Yx+Y0FOX0=)
2: lWmTFkJJYHEcLo7LU2vdArxyT60.crl (hash: H8O6hNjdawPWI3uCMRIkWzdYjgTnaIhUhlcGvtPDPSc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/320ef9-3541-4321-80ff-f85c60be340d/1/lWmTFkJJYHEcLo7LU2vdArxyT60.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/320ef9-3541-4321-80ff-f85c60be340d/1/lWmTFkJJYHEcLo7LU2vdArxyT60.mft
rsync://rpki.ripe.net/repository/DEFAULT/lWmTFkJJYHEcLo7LU2vdArxyT60.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 02 Jul 2025 07:01:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:c4:ca:48:d4:b7:c0:17:fd:23:c0:a1:6a:ae:b1:b4:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=95699316424960711c2e8ecb536bdd02bc724fad
Validity
Not Before: Jul 1 07:01:20 2025 GMT
Not After : Jul 2 07:01:20 2025 GMT
Subject: CN=38a35a99e00fedcd2d2b51c9c403515e61281810
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:6c:b2:92:94:f6:aa:3a:cb:b4:51:01:4b:a4:
e6:79:21:2a:13:c2:99:14:76:55:1b:20:6f:3b:9d:
7d:63:9d:f0:39:c5:46:cc:41:40:a8:fb:de:e5:d9:
ff:77:9d:bf:ca:a0:e5:a9:5f:12:67:de:7f:9f:97:
77:30:5d:63:a9:89:f5:2f:1d:cb:99:87:28:cd:d8:
ea:ae:a7:31:ca:19:7b:d9:30:55:25:d0:e7:1f:31:
db:4c:7a:b4:29:44:e5:9b:a4:da:67:2b:2c:24:b7:
a2:3b:58:4f:10:f9:c4:34:f7:81:4a:8d:9d:89:72:
aa:45:89:fa:56:ca:93:9e:9a:90:24:aa:92:0f:63:
47:d9:2e:23:5b:6f:3c:72:2e:12:c5:23:88:46:ec:
bc:08:89:24:1d:0f:65:96:33:a1:c0:a8:87:9e:2c:
b8:30:13:16:54:a0:9f:eb:09:0f:c5:c6:ce:a9:f4:
19:e2:b4:af:c2:a0:23:2f:ce:af:bb:e2:bd:30:b6:
26:08:34:87:19:c0:db:08:59:aa:25:83:1c:98:8b:
fc:7e:23:c6:21:97:77:ca:4f:e8:3e:a5:89:a4:40:
43:39:d8:4d:7f:c1:81:94:18:4d:b4:7e:3b:9d:5c:
97:49:4a:f6:ef:be:5f:2c:ee:57:de:f1:16:02:59:
44:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:A3:5A:99:E0:0F:ED:CD:2D:2B:51:C9:C4:03:51:5E:61:28:18:10
X509v3 Authority Key Identifier:
keyid:95:69:93:16:42:49:60:71:1C:2E:8E:CB:53:6B:DD:02:BC:72:4F:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lWmTFkJJYHEcLo7LU2vdArxyT60.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/320ef9-3541-4321-80ff-f85c60be340d/1/lWmTFkJJYHEcLo7LU2vdArxyT60.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/320ef9-3541-4321-80ff-f85c60be340d/1/lWmTFkJJYHEcLo7LU2vdArxyT60.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2e:33:19:0c:5d:94:11:96:55:a4:e9:e7:de:1d:35:d8:83:66:
a9:11:e8:b6:88:2e:8d:dd:96:e1:b4:fe:17:8f:8d:6a:04:07:
96:01:5b:60:cc:95:b2:06:79:d3:7f:98:75:51:fb:a0:39:bb:
dc:f6:20:da:55:54:b0:b3:64:78:23:4d:8f:6f:bc:25:95:cc:
2c:35:d5:4a:0e:39:b7:d4:ea:70:d4:cb:bc:d8:f4:ae:25:6d:
23:80:aa:c8:fb:1d:19:e9:fa:83:26:f7:78:a4:4e:cf:80:eb:
83:ef:ce:f9:b0:a7:c2:46:61:8a:67:ad:61:65:51:d1:ed:eb:
dd:81:c2:97:11:de:8b:94:29:55:bb:1e:8f:44:62:63:40:f1:
92:e6:86:f5:dd:0c:67:eb:26:17:1f:66:34:a9:ce:44:9c:d1:
b2:f3:e4:64:b5:78:e0:7f:8b:86:fd:a0:76:e1:4a:db:aa:91:
96:54:2d:88:82:cf:0a:51:43:86:fb:10:cb:cb:c1:50:2d:f6:
b8:08:21:59:fa:be:7e:94:32:e4:7f:ed:70:c0:02:58:88:48:
bb:bb:c2:6c:01:72:9c:94:e8:8f:57:21:ba:db:76:29:ce:ac:
04:9d:58:fb:d9:71:41:bc:d6:16:f9:25:00:fe:6d:a1:c0:0d:
4b:19:a6:58
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfEykjUt8AX/SPAoWqusbSLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1Njk5MzE2NDI0OTYwNzExYzJlOGVjYjUzNmJkZDAyYmM3
MjRmYWQwHhcNMjUwNzAxMDcwMTIwWhcNMjUwNzAyMDcwMTIwWjAzMTEwLwYDVQQD
EygzOGEzNWE5OWUwMGZlZGNkMmQyYjUxYzljNDAzNTE1ZTYxMjgxODEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyWyykpT2qjrLtFEBS6TmeSEqE8KZ
FHZVGyBvO519Y53wOcVGzEFAqPve5dn/d52/yqDlqV8SZ95/n5d3MF1jqYn1Lx3L
mYcozdjqrqcxyhl72TBVJdDnHzHbTHq0KUTlm6TaZyssJLeiO1hPEPnENPeBSo2d
iXKqRYn6VsqTnpqQJKqSD2NH2S4jW288ci4SxSOIRuy8CIkkHQ9lljOhwKiHniy4
MBMWVKCf6wkPxcbOqfQZ4rSvwqAjL86vu+K9MLYmCDSHGcDbCFmqJYMcmIv8fiPG
IZd3yk/oPqWJpEBDOdhNf8GBlBhNtH47nVyXSUr2775fLO5X3vEWAllEAwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDijWpngD+3NLStRycQDUV5hKBgQMB8GA1UdIwQY
MBaAFJVpkxZCSWBxHC6Oy1Nr3QK8ck+tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFdtVEZrSkpZSEVjTG83TFUydmRBcnh5VDYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS8zMjBlZjktMzU0MS00MzIxLTgwZmYt
Zjg1YzYwYmUzNDBkLzEvbFdtVEZrSkpZSEVjTG83TFUydmRBcnh5VDYwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS8zMjBlZjktMzU0MS00MzIxLTgwZmYtZjg1YzYwYmUzNDBk
LzEvbFdtVEZrSkpZSEVjTG83TFUydmRBcnh5VDYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALjMZDF2U
EZZVpOnn3h012INmqRHotogujd2W4bT+F4+NagQHlgFbYMyVsgZ503+YdVH7oDm7
3PYg2lVUsLNkeCNNj2+8JZXMLDXVSg45t9TqcNTLvNj0riVtI4CqyPsdGen6gyb3
eKROz4Drg+/O+bCnwkZhimetYWVR0e3r3YHClxHei5QpVbsej0RiY0DxkuaG9d0M
Z+smFx9mNKnORJzRsvPkZLV44H+Lhv2gduFK26qRllQtiILPClFDhvsQy8vBUC32
uAghWfq+fpQy5H/tcMACWIhIu7vCbAFynJToj1chutt2Kc6sBJ1Y+9lxQbzWFvkl
AP5tocANSxmmWA==
-----END CERTIFICATE-----
Generated at Tue Jul 1 14:05:14 2025 by rpki-client