Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/d27ad0-55c2-4904-a8c5-ace180ff9b19/1/lRibFY2NYBG6X5YlLTAmanDT4GY.mft
File: lRibFY2NYBG6X5YlLTAmanDT4GY.mft (raw, json)
Hash identifier: IEK9xRuwbDuzl4mufn3EcIbc2eoGvi6I8cqweXtWUPc=
Subject key identifier: E9:8A:8D:6A:8C:A0:4D:36:AA:09:C5:73:3F:B3:57:80:0D:37:01:5D
Authority key identifier: 95:18:9B:15:8D:8D:60:11:BA:5F:96:25:2D:30:26:6A:70:D3:E0:66
Certificate issuer: /CN=95189b158d8d6011ba5f96252d30266a70d3e066
Certificate serial: 0198D4DFEB82075DB78E6D32A481F7C32A21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lRibFY2NYBG6X5YlLTAmanDT4GY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/d27ad0-55c2-4904-a8c5-ace180ff9b19/1/lRibFY2NYBG6X5YlLTAmanDT4GY.mft
Manifest number: 1649
Signing time: Sat 23 Aug 2025 03:01:41 +0000
Manifest this update: Sat 23 Aug 2025 03:01:41 +0000
Manifest next update: Sun 24 Aug 2025 03:01:41 +0000
Files and hashes: 1: alfL1bRTQjOY-E2KjHP8N4Ulue0.roa (hash: ybSj2AdhAA+9tbRInXwXzkVBfMf3WHllqssGw6/wFUI=)
2: lRibFY2NYBG6X5YlLTAmanDT4GY.crl (hash: kQqm06QIZkMeAw4IaQEm1EBtNRhuHab830duTY+EUe4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/d27ad0-55c2-4904-a8c5-ace180ff9b19/1/lRibFY2NYBG6X5YlLTAmanDT4GY.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/d27ad0-55c2-4904-a8c5-ace180ff9b19/1/lRibFY2NYBG6X5YlLTAmanDT4GY.mft
rsync://rpki.ripe.net/repository/DEFAULT/lRibFY2NYBG6X5YlLTAmanDT4GY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 03:01:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d4:df:eb:82:07:5d:b7:8e:6d:32:a4:81:f7:c3:2a:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=95189b158d8d6011ba5f96252d30266a70d3e066
Validity
Not Before: Aug 23 03:01:41 2025 GMT
Not After : Aug 24 03:01:41 2025 GMT
Subject: CN=e98a8d6a8ca04d36aa09c5733fb357800d37015d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:ac:8a:a5:29:bc:6c:ee:92:24:40:d2:cc:d8:
33:88:19:b1:06:94:81:79:98:f0:85:7f:f0:3d:75:
b1:27:16:b8:77:c0:93:48:86:89:97:25:ed:ec:a3:
ba:11:40:37:8b:3e:12:67:c2:66:21:30:fe:81:8e:
ec:5a:05:8a:3d:93:a5:a6:f4:c5:e3:27:8a:c1:c9:
4a:fd:f6:29:e8:b8:37:84:f8:37:77:9f:a4:c4:0a:
6c:d9:fd:b0:4a:36:86:70:08:de:a4:e3:27:aa:43:
2e:df:01:48:5d:f8:5d:02:02:bb:7a:94:aa:df:5a:
78:f6:2b:8e:13:86:21:3b:c1:6d:66:52:b2:a2:b2:
05:ce:37:a1:e0:cb:2d:73:8a:da:7e:70:78:dc:b1:
38:b9:77:e5:e7:e8:df:3c:19:09:83:cf:54:59:56:
92:30:7e:62:fc:6f:1f:16:b6:06:80:81:eb:bf:5d:
cd:07:84:39:05:e7:d5:32:aa:db:31:b2:4e:4c:ec:
95:37:72:5b:c1:bb:80:f4:8b:f0:94:a0:2b:80:b4:
3a:46:ca:b8:39:48:fc:3f:44:25:47:6a:e0:0c:7a:
12:b1:8b:ff:7e:d3:98:a5:a8:1e:ed:ec:af:d3:29:
ad:c4:af:d8:09:0e:d0:d3:7a:d5:62:fb:aa:88:2a:
06:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:8A:8D:6A:8C:A0:4D:36:AA:09:C5:73:3F:B3:57:80:0D:37:01:5D
X509v3 Authority Key Identifier:
keyid:95:18:9B:15:8D:8D:60:11:BA:5F:96:25:2D:30:26:6A:70:D3:E0:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lRibFY2NYBG6X5YlLTAmanDT4GY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/d27ad0-55c2-4904-a8c5-ace180ff9b19/1/lRibFY2NYBG6X5YlLTAmanDT4GY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/d27ad0-55c2-4904-a8c5-ace180ff9b19/1/lRibFY2NYBG6X5YlLTAmanDT4GY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9a:2e:89:f4:12:94:7e:52:b8:6b:ec:48:ac:ad:94:00:c8:1e:
9f:e7:c1:49:13:db:15:99:6c:0f:80:c5:59:62:d4:a7:e1:ab:
62:85:95:3c:43:3f:fa:2a:60:c8:92:b9:cf:1c:e4:1b:c1:6e:
74:8d:df:d3:1b:9d:23:f5:d2:6e:6c:1a:21:90:66:92:cf:7d:
38:5b:2e:3c:f4:19:fc:8c:ba:82:7e:ab:5c:6b:11:96:97:c7:
34:f2:42:2d:f1:a7:7b:ed:b4:44:76:57:9b:26:7e:09:bc:47:
26:91:0d:9e:9b:b8:62:e0:1b:fa:a9:72:f7:56:18:5f:6f:b1:
92:3c:dd:e7:e9:c3:a4:9e:29:2d:46:19:0a:31:0d:b1:b0:a0:
35:7c:49:71:06:2b:08:01:0c:d8:fe:d8:f1:f2:60:38:68:a3:
19:e1:2d:84:ad:4b:12:84:16:43:ae:9f:3c:ab:9c:e7:ca:5d:
fe:58:32:82:be:fc:b5:60:57:f6:57:3d:5d:88:75:1d:0b:5f:
0f:c3:ec:c3:11:ee:0a:0d:80:6c:67:c4:39:d9:6d:b7:47:18:
30:3d:2f:be:c7:91:83:12:df:f5:43:ab:64:dd:25:c4:b2:87:
cc:a2:a7:cd:1d:82:28:f2:ae:21:3d:1b:a1:20:3d:0a:62:16:
bd:29:d1:03
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjU3+uCB123jm0ypIH3wyohMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1MTg5YjE1OGQ4ZDYwMTFiYTVmOTYyNTJkMzAyNjZhNzBk
M2UwNjYwHhcNMjUwODIzMDMwMTQxWhcNMjUwODI0MDMwMTQxWjAzMTEwLwYDVQQD
EyhlOThhOGQ2YThjYTA0ZDM2YWEwOWM1NzMzZmIzNTc4MDBkMzcwMTVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvKyKpSm8bO6SJEDSzNgziBmxBpSB
eZjwhX/wPXWxJxa4d8CTSIaJlyXt7KO6EUA3iz4SZ8JmITD+gY7sWgWKPZOlpvTF
4yeKwclK/fYp6Lg3hPg3d5+kxAps2f2wSjaGcAjepOMnqkMu3wFIXfhdAgK7epSq
31p49iuOE4YhO8FtZlKyorIFzjeh4Mstc4rafnB43LE4uXfl5+jfPBkJg89UWVaS
MH5i/G8fFrYGgIHrv13NB4Q5BefVMqrbMbJOTOyVN3JbwbuA9IvwlKArgLQ6Rsq4
OUj8P0QlR2rgDHoSsYv/ftOYpage7eyv0ymtxK/YCQ7Q03rVYvuqiCoGJwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOmKjWqMoE02qgnFcz+zV4ANNwFdMB8GA1UdIwQY
MBaAFJUYmxWNjWARul+WJS0wJmpw0+BmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFJpYkZZMk5ZQkc2WDVZbExUQW1hbkRUNEdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9kMjdhZDAtNTVjMi00OTA0LWE4YzUt
YWNlMTgwZmY5YjE5LzEvbFJpYkZZMk5ZQkc2WDVZbExUQW1hbkRUNEdZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9kMjdhZDAtNTVjMi00OTA0LWE4YzUtYWNlMTgwZmY5YjE5
LzEvbFJpYkZZMk5ZQkc2WDVZbExUQW1hbkRUNEdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmi6J9BKU
flK4a+xIrK2UAMgen+fBSRPbFZlsD4DFWWLUp+GrYoWVPEM/+ipgyJK5zxzkG8Fu
dI3f0xudI/XSbmwaIZBmks99OFsuPPQZ/Iy6gn6rXGsRlpfHNPJCLfGne+20RHZX
myZ+CbxHJpENnpu4YuAb+qly91YYX2+xkjzd5+nDpJ4pLUYZCjENsbCgNXxJcQYr
CAEM2P7Y8fJgOGijGeEthK1LEoQWQ66fPKuc58pd/lgygr78tWBX9lc9XYh1HQtf
D8PswxHuCg2AbGfEOdltt0cYMD0vvseRgxLf9UOrZN0lxLKHzKKnzR2CKPKuIT0b
oSA9CmIWvSnRAw==
-----END CERTIFICATE-----
Generated at Sat Aug 23 12:18:48 2025 by rpki-client