Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/c48b4c-0221-4646-bb72-05cf9db430b3/1/lUZGXKW4bCWgLlLsvwTEz7wHZU0.mft
File: lUZGXKW4bCWgLlLsvwTEz7wHZU0.mft (raw, json)
Hash identifier: epWMy7zCOVGVzHlNkuuAJP6BY4q72DCU0M2MTDcmjrA=
Subject key identifier: B6:7A:9E:67:E4:2A:9E:98:A1:C8:F9:21:4D:5A:3E:FB:93:0C:61:59
Authority key identifier: 95:46:46:5C:A5:B8:6C:25:A0:2E:52:EC:BF:04:C4:CF:BC:07:65:4D
Certificate issuer: /CN=9546465ca5b86c25a02e52ecbf04c4cfbc07654d
Certificate serial: 0199FB46084771254119F7150833B02AADF0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lUZGXKW4bCWgLlLsvwTEz7wHZU0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/c48b4c-0221-4646-bb72-05cf9db430b3/1/lUZGXKW4bCWgLlLsvwTEz7wHZU0.mft
Manifest number: 052C
Signing time: Sun 19 Oct 2025 07:01:34 +0000
Manifest this update: Sun 19 Oct 2025 07:01:34 +0000
Manifest next update: Mon 20 Oct 2025 07:01:34 +0000
Files and hashes: 1: NWUftztBrG96_y2EzypECwRaWiE.roa (hash: iB3abFntFNLTwV5YoQUMjYIpTV58Rd0ggjc38BexLcc=)
2: lUZGXKW4bCWgLlLsvwTEz7wHZU0.crl (hash: 40xxiYlquCm9kZttejtmtOugMSEOCd9OV/SP2UIlx/U=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/c48b4c-0221-4646-bb72-05cf9db430b3/1/lUZGXKW4bCWgLlLsvwTEz7wHZU0.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/c48b4c-0221-4646-bb72-05cf9db430b3/1/lUZGXKW4bCWgLlLsvwTEz7wHZU0.mft
rsync://rpki.ripe.net/repository/DEFAULT/lUZGXKW4bCWgLlLsvwTEz7wHZU0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fb:46:08:47:71:25:41:19:f7:15:08:33:b0:2a:ad:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9546465ca5b86c25a02e52ecbf04c4cfbc07654d
Validity
Not Before: Oct 19 07:01:34 2025 GMT
Not After : Oct 20 07:01:34 2025 GMT
Subject: CN=b67a9e67e42a9e98a1c8f9214d5a3efb930c6159
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:1e:48:98:c0:11:db:29:99:36:4a:f5:6a:12:
67:fb:3f:78:d0:06:b3:75:06:02:d9:f8:d1:d3:74:
61:85:99:30:90:60:1a:db:3a:d9:5b:3e:e7:0b:e4:
0c:0a:c7:03:aa:ec:c0:04:b0:e7:8a:dc:e4:c9:ed:
1d:8d:ce:77:e8:26:99:ae:9f:79:3a:50:0f:c5:13:
d7:0d:0b:12:2d:59:da:66:6d:dc:fd:d0:6c:df:5d:
be:65:dc:a3:2f:2d:fc:d3:4d:f7:d5:98:b0:2d:40:
58:c2:e9:19:0f:98:79:a1:a8:f9:3d:81:5a:37:51:
fe:75:55:f5:83:24:56:c1:f0:ce:11:95:e3:1d:65:
6e:d1:eb:f2:7b:cd:0a:2b:2c:38:70:68:b5:79:8d:
95:fb:cc:ab:50:8d:80:89:a7:68:27:d9:4d:7c:16:
26:8d:25:3b:78:a9:44:0a:fd:7e:49:d1:e4:98:6f:
e4:5c:29:c6:9a:11:b5:21:71:c8:34:51:f1:79:6e:
54:a9:1e:7e:a1:b3:e6:12:20:0d:54:46:53:c3:57:
a1:d7:64:ef:97:31:c1:4c:40:11:ad:6c:71:c9:80:
72:fe:0a:08:5b:9c:05:c0:a9:68:58:23:62:50:e5:
dc:f2:e9:ce:78:50:92:db:6d:38:d1:40:fe:5b:38:
6d:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:7A:9E:67:E4:2A:9E:98:A1:C8:F9:21:4D:5A:3E:FB:93:0C:61:59
X509v3 Authority Key Identifier:
keyid:95:46:46:5C:A5:B8:6C:25:A0:2E:52:EC:BF:04:C4:CF:BC:07:65:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lUZGXKW4bCWgLlLsvwTEz7wHZU0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/c48b4c-0221-4646-bb72-05cf9db430b3/1/lUZGXKW4bCWgLlLsvwTEz7wHZU0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/c48b4c-0221-4646-bb72-05cf9db430b3/1/lUZGXKW4bCWgLlLsvwTEz7wHZU0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9d:6a:c9:cd:67:5d:ac:5c:d6:cb:d4:ff:aa:b9:c1:13:57:4c:
55:94:75:f2:9f:a6:cd:86:fc:71:a1:92:15:67:f6:5b:a3:8f:
68:01:32:c0:60:a9:b3:d7:97:39:2c:50:af:34:5b:33:c6:0b:
7c:29:2f:69:52:02:a3:52:f2:26:62:a7:cd:eb:50:1f:b1:a9:
04:4d:fd:ce:b5:fe:89:a8:81:70:ef:22:38:7c:fc:64:b7:5f:
e5:40:a7:59:22:a9:df:e6:74:3f:23:c9:fa:33:a6:33:27:b3:
9a:01:64:1f:e3:52:83:08:6f:99:34:7c:4e:69:c7:12:35:e3:
61:16:e7:4b:35:c7:af:b7:50:96:e1:9c:e0:48:d5:01:fd:59:
23:aa:87:2c:72:d2:0b:61:a5:20:48:40:e3:a3:34:1c:d8:fc:
c1:26:37:88:81:8e:0b:2e:99:20:62:8f:80:c6:f3:8d:31:60:
ab:73:2b:da:92:72:90:3e:34:69:39:6b:56:74:5c:04:d4:21:
ce:5c:10:f8:be:2a:2f:4e:64:22:3e:88:3b:ff:38:17:c7:8e:
d1:d4:b4:63:47:5c:d2:ed:ef:06:0a:4f:b3:4a:d3:7b:93:57:
dc:54:b4:9a:1d:07:8e:f7:a6:40:bb:61:e0:90:19:4c:f6:1e:
90:c7:45:2a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn7RghHcSVBGfcVCDOwKq3wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1NDY0NjVjYTViODZjMjVhMDJlNTJlY2JmMDRjNGNmYmMw
NzY1NGQwHhcNMjUxMDE5MDcwMTM0WhcNMjUxMDIwMDcwMTM0WjAzMTEwLwYDVQQD
EyhiNjdhOWU2N2U0MmE5ZTk4YTFjOGY5MjE0ZDVhM2VmYjkzMGM2MTU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzh5ImMAR2ymZNkr1ahJn+z940Aaz
dQYC2fjR03RhhZkwkGAa2zrZWz7nC+QMCscDquzABLDnitzkye0djc536CaZrp95
OlAPxRPXDQsSLVnaZm3c/dBs312+ZdyjLy3800331ZiwLUBYwukZD5h5oaj5PYFa
N1H+dVX1gyRWwfDOEZXjHWVu0evye80KKyw4cGi1eY2V+8yrUI2AiadoJ9lNfBYm
jSU7eKlECv1+SdHkmG/kXCnGmhG1IXHINFHxeW5UqR5+obPmEiANVEZTw1eh12Tv
lzHBTEARrWxxyYBy/goIW5wFwKloWCNiUOXc8unOeFCS22040UD+WzhtOwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLZ6nmfkKp6Yocj5IU1aPvuTDGFZMB8GA1UdIwQY
MBaAFJVGRlyluGwloC5S7L8ExM+8B2VNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFVaR1hLVzRiQ1dnTGxMc3Z3VEV6N3dIWlUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9jNDhiNGMtMDIyMS00NjQ2LWJiNzIt
MDVjZjlkYjQzMGIzLzEvbFVaR1hLVzRiQ1dnTGxMc3Z3VEV6N3dIWlUwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9jNDhiNGMtMDIyMS00NjQ2LWJiNzItMDVjZjlkYjQzMGIz
LzEvbFVaR1hLVzRiQ1dnTGxMc3Z3VEV6N3dIWlUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnWrJzWdd
rFzWy9T/qrnBE1dMVZR18p+mzYb8caGSFWf2W6OPaAEywGCps9eXOSxQrzRbM8YL
fCkvaVICo1LyJmKnzetQH7GpBE39zrX+iaiBcO8iOHz8ZLdf5UCnWSKp3+Z0PyPJ
+jOmMyezmgFkH+NSgwhvmTR8TmnHEjXjYRbnSzXHr7dQluGc4EjVAf1ZI6qHLHLS
C2GlIEhA46M0HNj8wSY3iIGOCy6ZIGKPgMbzjTFgq3Mr2pJykD40aTlrVnRcBNQh
zlwQ+L4qL05kIj6IO/84F8eO0dS0Y0dc0u3vBgpPs0rTe5NX3FS0mh0HjvemQLth
4JAZTPYekMdFKg==
-----END CERTIFICATE-----
Generated at Sun Oct 19 13:10:51 2025 by rpki-client