Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/c48b4c-0221-4646-bb72-05cf9db430b3/1/lUZGXKW4bCWgLlLsvwTEz7wHZU0.mft
File: lUZGXKW4bCWgLlLsvwTEz7wHZU0.mft (raw, json)
Hash identifier: C2BG4tnmN4AVrF6vY7b2n+8GyKIzJH3n64zQFya07q4=
Subject key identifier: 8E:7B:E3:C5:40:C7:61:59:E4:49:A8:E7:DD:7C:9B:05:B2:59:9E:70
Authority key identifier: 95:46:46:5C:A5:B8:6C:25:A0:2E:52:EC:BF:04:C4:CF:BC:07:65:4D
Certificate issuer: /CN=9546465ca5b86c25a02e52ecbf04c4cfbc07654d
Certificate serial: 0197C56EE9C755BC2EB8D7021EFE5564D498
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lUZGXKW4bCWgLlLsvwTEz7wHZU0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/c48b4c-0221-4646-bb72-05cf9db430b3/1/lUZGXKW4bCWgLlLsvwTEz7wHZU0.mft
Manifest number: 0407
Signing time: Tue 01 Jul 2025 10:01:09 +0000
Manifest this update: Tue 01 Jul 2025 10:01:09 +0000
Manifest next update: Wed 02 Jul 2025 10:01:09 +0000
Files and hashes: 1: NWUftztBrG96_y2EzypECwRaWiE.roa (hash: iB3abFntFNLTwV5YoQUMjYIpTV58Rd0ggjc38BexLcc=)
2: lUZGXKW4bCWgLlLsvwTEz7wHZU0.crl (hash: Kajk4ZW6RVEJuK06WD3HDESbXCl5MgPxHaVdTBhpKxQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/c48b4c-0221-4646-bb72-05cf9db430b3/1/lUZGXKW4bCWgLlLsvwTEz7wHZU0.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/c48b4c-0221-4646-bb72-05cf9db430b3/1/lUZGXKW4bCWgLlLsvwTEz7wHZU0.mft
rsync://rpki.ripe.net/repository/DEFAULT/lUZGXKW4bCWgLlLsvwTEz7wHZU0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 02 Jul 2025 08:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:c5:6e:e9:c7:55:bc:2e:b8:d7:02:1e:fe:55:64:d4:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9546465ca5b86c25a02e52ecbf04c4cfbc07654d
Validity
Not Before: Jul 1 10:01:09 2025 GMT
Not After : Jul 2 10:01:09 2025 GMT
Subject: CN=8e7be3c540c76159e449a8e7dd7c9b05b2599e70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:d4:9d:96:7b:de:41:c7:43:15:f2:47:2f:da:
e1:9c:10:b5:52:a1:1c:fd:06:e7:89:be:ae:18:94:
22:dd:eb:7c:af:63:42:58:a5:94:64:cb:da:d1:6c:
6a:f6:40:fa:48:32:be:e9:52:c2:34:3d:16:89:6a:
0b:3f:20:d1:c4:de:f6:db:6f:7a:eb:1a:bb:f9:f0:
34:f7:34:81:41:2b:33:da:24:35:9f:2a:bc:d1:6b:
f6:65:07:32:85:e5:f3:1e:77:55:32:3e:84:08:6a:
20:55:35:78:3d:2e:38:a7:b0:be:0f:d8:98:c2:4c:
22:2a:92:b3:2d:cf:10:fe:b9:7b:c6:2e:c9:00:8b:
dd:51:1a:d5:61:32:70:1b:a0:b2:c2:98:f3:50:f8:
ac:1f:82:d8:04:98:97:eb:36:2f:21:97:0f:cf:f5:
84:89:71:a0:9e:27:7c:43:5b:86:3c:fd:41:7d:af:
41:3b:44:21:32:f5:51:30:da:bb:b0:b2:71:9a:a2:
56:bd:cd:8f:b2:9e:98:37:c0:c4:31:46:30:df:0a:
e5:bb:87:b7:2b:b0:50:ab:85:08:6b:66:72:8c:3c:
ad:4b:4d:e9:b4:8c:3b:43:48:46:36:79:64:90:7b:
ee:fa:60:4b:66:93:f6:0d:ec:f4:b2:5d:76:ef:47:
a4:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:7B:E3:C5:40:C7:61:59:E4:49:A8:E7:DD:7C:9B:05:B2:59:9E:70
X509v3 Authority Key Identifier:
keyid:95:46:46:5C:A5:B8:6C:25:A0:2E:52:EC:BF:04:C4:CF:BC:07:65:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lUZGXKW4bCWgLlLsvwTEz7wHZU0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/c48b4c-0221-4646-bb72-05cf9db430b3/1/lUZGXKW4bCWgLlLsvwTEz7wHZU0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/c48b4c-0221-4646-bb72-05cf9db430b3/1/lUZGXKW4bCWgLlLsvwTEz7wHZU0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
11:76:8c:29:50:1f:18:8f:3f:75:10:58:b1:86:01:8e:4f:ff:
3c:d0:ba:f3:3f:de:12:38:0a:a8:db:cd:f4:a1:a1:87:49:3b:
fc:ed:22:ab:9e:a7:84:a1:84:f5:da:bc:3b:50:65:ff:25:89:
2d:65:2f:62:23:98:25:6b:54:49:9c:83:4f:24:5e:75:1b:e4:
86:18:b4:9f:20:d8:41:38:e7:28:80:71:f6:19:cc:fb:e0:92:
0d:97:7d:c0:51:62:e1:b9:93:1b:3c:d3:44:cb:92:3b:6e:6c:
41:a0:18:5d:44:c1:e4:38:de:21:82:67:1d:b5:b4:a2:b1:0b:
79:05:4e:72:bc:17:fe:be:35:2e:35:42:38:82:57:5e:ce:42:
ab:ef:db:c0:a1:68:c7:ea:80:2c:16:63:16:e0:cb:a0:d2:42:
64:60:5e:eb:ef:19:cf:16:df:24:5c:48:80:42:ae:d9:f9:b1:
98:0e:08:45:8d:2b:f7:fd:4d:92:8e:25:2d:96:20:7d:0d:57:
e6:a5:2c:2d:71:59:44:69:1f:77:4d:83:86:30:82:25:f9:7a:
74:5f:74:f8:7a:c6:3c:0d:9f:ae:3f:9c:28:d1:c9:bf:7a:8c:
22:8e:27:ac:51:44:9f:22:73:bd:f6:53:31:ff:5e:8b:89:cc:
c1:c9:5c:d6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfFbunHVbwuuNcCHv5VZNSYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1NDY0NjVjYTViODZjMjVhMDJlNTJlY2JmMDRjNGNmYmMw
NzY1NGQwHhcNMjUwNzAxMTAwMTA5WhcNMjUwNzAyMTAwMTA5WjAzMTEwLwYDVQQD
Eyg4ZTdiZTNjNTQwYzc2MTU5ZTQ0OWE4ZTdkZDdjOWIwNWIyNTk5ZTcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjNSdlnveQcdDFfJHL9rhnBC1UqEc
/Qbnib6uGJQi3et8r2NCWKWUZMva0Wxq9kD6SDK+6VLCND0WiWoLPyDRxN722296
6xq7+fA09zSBQSsz2iQ1nyq80Wv2ZQcyheXzHndVMj6ECGogVTV4PS44p7C+D9iY
wkwiKpKzLc8Q/rl7xi7JAIvdURrVYTJwG6CywpjzUPisH4LYBJiX6zYvIZcPz/WE
iXGgnid8Q1uGPP1Bfa9BO0QhMvVRMNq7sLJxmqJWvc2Psp6YN8DEMUYw3wrlu4e3
K7BQq4UIa2ZyjDytS03ptIw7Q0hGNnlkkHvu+mBLZpP2Dez0sl1270ek+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI5748VAx2FZ5Emo5918mwWyWZ5wMB8GA1UdIwQY
MBaAFJVGRlyluGwloC5S7L8ExM+8B2VNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFVaR1hLVzRiQ1dnTGxMc3Z3VEV6N3dIWlUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9jNDhiNGMtMDIyMS00NjQ2LWJiNzIt
MDVjZjlkYjQzMGIzLzEvbFVaR1hLVzRiQ1dnTGxMc3Z3VEV6N3dIWlUwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9jNDhiNGMtMDIyMS00NjQ2LWJiNzItMDVjZjlkYjQzMGIz
LzEvbFVaR1hLVzRiQ1dnTGxMc3Z3VEV6N3dIWlUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEXaMKVAf
GI8/dRBYsYYBjk//PNC68z/eEjgKqNvN9KGhh0k7/O0iq56nhKGE9dq8O1Bl/yWJ
LWUvYiOYJWtUSZyDTyRedRvkhhi0nyDYQTjnKIBx9hnM++CSDZd9wFFi4bmTGzzT
RMuSO25sQaAYXUTB5DjeIYJnHbW0orELeQVOcrwX/r41LjVCOIJXXs5Cq+/bwKFo
x+qALBZjFuDLoNJCZGBe6+8ZzxbfJFxIgEKu2fmxmA4IRY0r9/1Nko4lLZYgfQ1X
5qUsLXFZRGkfd02DhjCCJfl6dF90+HrGPA2frj+cKNHJv3qMIo4nrFFEnyJzvfZT
Mf9ei4nMwclc1g==
-----END CERTIFICATE-----
Generated at Tue Jul 1 17:58:54 2025 by rpki-client