Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/687cd5-6345-4f64-be46-ede70c8ed513/1/LKyEzuxXs1-jlTSuIwCa6oICOao.mft
File: LKyEzuxXs1-jlTSuIwCa6oICOao.mft (raw, json)
Hash identifier: G0kOts0E6zQsupopdPRnCAlnnbPonuqRrBEKWJADJ6Q=
Subject key identifier: AB:AC:B4:0A:8D:0F:C5:9A:4C:D1:CD:6D:A3:57:82:1B:2B:3D:4B:54
Authority key identifier: 2C:AC:84:CE:EC:57:B3:5F:A3:95:34:AE:23:00:9A:EA:82:02:39:AA
Certificate issuer: /CN=2cac84ceec57b35fa39534ae23009aea820239aa
Certificate serial: 0198541F7BEBB4EF6BD5D1E9A2138618573B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LKyEzuxXs1-jlTSuIwCa6oICOao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/687cd5-6345-4f64-be46-ede70c8ed513/1/LKyEzuxXs1-jlTSuIwCa6oICOao.mft
Manifest number: 082C
Signing time: Tue 29 Jul 2025 03:00:06 +0000
Manifest this update: Tue 29 Jul 2025 03:00:06 +0000
Manifest next update: Wed 30 Jul 2025 03:00:06 +0000
Files and hashes: 1: LKyEzuxXs1-jlTSuIwCa6oICOao.crl (hash: deO6PsOwS+Ymll5fr7wjIGREUQJ7wqE9e2FgJAQasqE=)
2: cj0dff8EdsGG8DaopETeofzcldw.roa (hash: 06o/5+ZmJQt03Z2LLNo5k4a7U1bSw5gDTRAuW+tjkok=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/04/687cd5-6345-4f64-be46-ede70c8ed513/1/LKyEzuxXs1-jlTSuIwCa6oICOao.crl
rsync://rpki.ripe.net/repository/DEFAULT/04/687cd5-6345-4f64-be46-ede70c8ed513/1/LKyEzuxXs1-jlTSuIwCa6oICOao.mft
rsync://rpki.ripe.net/repository/DEFAULT/LKyEzuxXs1-jlTSuIwCa6oICOao.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 29 Jul 2025 23:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:54:1f:7b:eb:b4:ef:6b:d5:d1:e9:a2:13:86:18:57:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2cac84ceec57b35fa39534ae23009aea820239aa
Validity
Not Before: Jul 29 03:00:06 2025 GMT
Not After : Jul 30 03:00:06 2025 GMT
Subject: CN=abacb40a8d0fc59a4cd1cd6da357821b2b3d4b54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:3f:b9:10:f7:77:6f:21:e2:50:b5:65:7e:ce:
e5:56:a8:78:38:88:24:ed:d6:40:9c:39:51:c2:f3:
df:db:b6:02:c2:b2:f7:79:ed:ef:95:73:31:46:ed:
69:40:6d:64:da:84:45:31:2b:4f:6a:1b:fa:fe:e7:
8d:b8:e8:be:1d:bb:f7:91:2f:09:6a:79:1e:a1:a4:
eb:94:35:a9:43:b2:70:37:e2:2c:05:a4:ff:ad:91:
17:a6:a2:5e:c4:6d:b6:2c:e5:d3:b6:d3:96:31:fa:
ec:7f:cc:b7:ef:f9:e6:c0:d0:9a:4d:0c:0e:45:60:
d0:e0:71:79:4c:06:75:93:1b:ac:f5:87:5d:7b:6b:
cb:68:30:3f:07:db:78:df:a3:00:4b:3c:60:c9:59:
15:a6:e1:34:b5:2e:30:e3:eb:c9:0c:e0:0a:e1:c2:
9a:ec:e3:99:a1:1a:82:ab:13:cb:95:bd:6c:d2:16:
40:dd:76:3e:82:6b:6c:87:c6:41:be:39:b7:71:2c:
32:31:3c:93:e0:d9:bb:fa:da:3a:a2:0b:db:02:75:
03:10:db:0a:1c:ac:6d:a4:1d:a9:6a:1a:cc:0c:14:
66:76:5a:ae:6f:e1:46:eb:23:7a:fe:d6:d9:8c:2b:
4f:8a:7a:02:ab:68:29:c2:4c:16:b1:18:75:73:e4:
a7:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:AC:B4:0A:8D:0F:C5:9A:4C:D1:CD:6D:A3:57:82:1B:2B:3D:4B:54
X509v3 Authority Key Identifier:
keyid:2C:AC:84:CE:EC:57:B3:5F:A3:95:34:AE:23:00:9A:EA:82:02:39:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LKyEzuxXs1-jlTSuIwCa6oICOao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/687cd5-6345-4f64-be46-ede70c8ed513/1/LKyEzuxXs1-jlTSuIwCa6oICOao.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/687cd5-6345-4f64-be46-ede70c8ed513/1/LKyEzuxXs1-jlTSuIwCa6oICOao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
13:9d:f2:38:96:87:38:f9:81:5f:cc:06:f0:48:52:db:da:91:
f1:94:58:96:b5:3d:f4:73:ac:b1:60:a8:f5:f9:17:11:ae:4a:
93:6f:15:f5:9e:4f:47:a7:a2:f9:fc:ff:44:7b:c7:5f:8f:10:
3f:0b:99:01:1d:4a:01:8b:ba:96:ed:7b:07:e4:51:35:a2:51:
8f:99:08:54:68:07:c7:48:07:03:53:32:d1:ab:0e:86:c8:ca:
3d:40:22:a2:10:b1:31:5e:41:a2:b6:c8:c9:cd:5c:54:01:07:
4f:85:e3:5e:cf:56:8a:61:12:94:b4:00:48:7b:af:87:f6:d1:
fc:64:25:ad:13:0e:84:59:d5:87:b8:bf:fc:05:d6:a3:1b:e0:
6c:5d:6b:e4:9d:d0:3c:b5:d7:8f:46:72:d7:3e:cb:e1:06:63:
79:0d:ee:86:7d:09:14:01:bb:47:b6:bc:ba:98:99:34:ef:44:
05:ec:40:16:9e:77:16:9f:97:17:fe:4e:86:09:58:27:ea:fe:
a2:cd:db:9d:67:4f:f6:5b:7a:40:1f:a9:64:d4:fb:ea:72:77:
72:6a:0a:62:c3:95:8d:2b:41:cc:fd:b2:20:98:de:1f:ed:03:
83:bd:2d:ad:bc:3c:90:01:76:6c:68:c5:d8:a3:b9:ba:00:3a:
bd:04:34:1e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhUH3vrtO9r1dHpohOGGFc7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjYWM4NGNlZWM1N2IzNWZhMzk1MzRhZTIzMDA5YWVhODIw
MjM5YWEwHhcNMjUwNzI5MDMwMDA2WhcNMjUwNzMwMDMwMDA2WjAzMTEwLwYDVQQD
EyhhYmFjYjQwYThkMGZjNTlhNGNkMWNkNmRhMzU3ODIxYjJiM2Q0YjU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoD+5EPd3byHiULVlfs7lVqh4OIgk
7dZAnDlRwvPf27YCwrL3ee3vlXMxRu1pQG1k2oRFMStPahv6/ueNuOi+Hbv3kS8J
ankeoaTrlDWpQ7JwN+IsBaT/rZEXpqJexG22LOXTttOWMfrsf8y37/nmwNCaTQwO
RWDQ4HF5TAZ1kxus9Ydde2vLaDA/B9t436MASzxgyVkVpuE0tS4w4+vJDOAK4cKa
7OOZoRqCqxPLlb1s0hZA3XY+gmtsh8ZBvjm3cSwyMTyT4Nm7+to6ogvbAnUDENsK
HKxtpB2pahrMDBRmdlqub+FG6yN6/tbZjCtPinoCq2gpwkwWsRh1c+SnwwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKustAqND8WaTNHNbaNXghsrPUtUMB8GA1UdIwQY
MBaAFCyshM7sV7Nfo5U0riMAmuqCAjmqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTEt5RXp1eFhzMS1qbFRTdUl3Q2E2b0lDT2FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC82ODdjZDUtNjM0NS00ZjY0LWJlNDYt
ZWRlNzBjOGVkNTEzLzEvTEt5RXp1eFhzMS1qbFRTdUl3Q2E2b0lDT2FvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC82ODdjZDUtNjM0NS00ZjY0LWJlNDYtZWRlNzBjOGVkNTEz
LzEvTEt5RXp1eFhzMS1qbFRTdUl3Q2E2b0lDT2FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAE53yOJaH
OPmBX8wG8EhS29qR8ZRYlrU99HOssWCo9fkXEa5Kk28V9Z5PR6ei+fz/RHvHX48Q
PwuZAR1KAYu6lu17B+RRNaJRj5kIVGgHx0gHA1My0asOhsjKPUAiohCxMV5BorbI
yc1cVAEHT4XjXs9WimESlLQASHuvh/bR/GQlrRMOhFnVh7i//AXWoxvgbF1r5J3Q
PLXXj0Zy1z7L4QZjeQ3uhn0JFAG7R7a8upiZNO9EBexAFp53Fp+XF/5OhglYJ+r+
os3bnWdP9lt6QB+pZNT76nJ3cmoKYsOVjStBzP2yIJjeH+0Dg70trbw8kAF2bGjF
2KO5ugA6vQQ0Hg==
-----END CERTIFICATE-----
Generated at Tue Jul 29 07:33:02 2025 by rpki-client