Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/6a88ac-efb4-45e4-9199-2abdb21941bc/1/lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.mft
File: lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.mft (raw, json)
Hash identifier: PfPtkVV6stzgVofADQvNJMSjZu57vCYNhJl0aoQk1uA=
Subject key identifier: 2D:34:30:CB:03:50:69:D6:2F:D1:62:7E:43:86:FE:2E:2F:11:18:3E
Authority key identifier: 96:B8:7E:5F:D1:AA:DC:1B:BE:A3:72:B4:26:9E:EB:D3:93:C5:CD:67
Certificate issuer: /CN=96b87e5fd1aadc1bbea372b4269eebd393c5cd67
Certificate serial: 019A0F708C23DA398264F586314E7B2D8B54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/6a88ac-efb4-45e4-9199-2abdb21941bc/1/lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.mft
Manifest number: 0E23
Signing time: Thu 23 Oct 2025 05:00:25 +0000
Manifest this update: Thu 23 Oct 2025 05:00:25 +0000
Manifest next update: Fri 24 Oct 2025 05:00:25 +0000
Files and hashes: 1: O8xQyf4SlO_QA8u4YHx9nqfuT4c.roa (hash: WyDwMMx1y5LT2GHueRZtXWT+BMFzzrzU6Km40azPSxA=)
2: lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.crl (hash: WH3LlWj0egPj5QV+uRt7NodKnjFsPh+gYRXlHHOb36Q=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1b/6a88ac-efb4-45e4-9199-2abdb21941bc/1/lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.crl
rsync://rpki.ripe.net/repository/DEFAULT/1b/6a88ac-efb4-45e4-9199-2abdb21941bc/1/lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.mft
rsync://rpki.ripe.net/repository/DEFAULT/lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 23 Oct 2025 22:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:0f:70:8c:23:da:39:82:64:f5:86:31:4e:7b:2d:8b:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=96b87e5fd1aadc1bbea372b4269eebd393c5cd67
Validity
Not Before: Oct 23 05:00:25 2025 GMT
Not After : Oct 24 05:00:25 2025 GMT
Subject: CN=2d3430cb035069d62fd1627e4386fe2e2f11183e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:45:ca:11:b0:7c:35:18:7c:52:1c:c6:21:67:
bf:c8:9c:7a:b4:12:6f:8a:92:19:09:ab:d8:d9:97:
c8:eb:72:7c:e1:36:dd:2e:48:5a:3d:7d:51:6d:bc:
eb:4e:8f:a0:a7:e0:97:b9:68:03:48:18:8e:28:d2:
31:31:17:d7:96:45:f0:ce:03:63:76:ff:ab:dd:cb:
2b:98:72:48:3a:fd:0d:bc:8f:a9:a4:4d:5d:83:5d:
18:de:4c:37:f5:81:6e:83:63:f5:f2:b3:08:65:2b:
ab:46:a8:3d:31:83:48:1f:bf:bd:8e:db:4b:61:ef:
3b:f4:9f:f5:73:4c:d5:eb:f8:5a:21:55:3c:75:3d:
a8:af:e9:84:d9:a2:2f:e1:6f:b8:b2:28:4d:dc:ca:
2c:5a:0e:b2:2f:ba:44:71:0e:db:e5:0c:b3:22:7a:
66:2a:01:45:8a:29:de:75:dd:02:c3:8d:19:5c:55:
95:e4:23:8a:44:ad:5d:5a:5e:81:f3:3e:3f:6d:9c:
2f:1a:fb:32:ff:4c:1e:32:e0:bf:5c:e1:83:37:48:
d1:d8:f0:ba:02:b7:bf:3d:32:6b:55:62:66:90:8a:
44:ff:5e:a8:fc:11:8d:ac:3d:83:25:5d:04:e5:bf:
24:c9:eb:cb:46:2d:8b:20:2a:95:e5:7b:44:51:10:
83:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:34:30:CB:03:50:69:D6:2F:D1:62:7E:43:86:FE:2E:2F:11:18:3E
X509v3 Authority Key Identifier:
keyid:96:B8:7E:5F:D1:AA:DC:1B:BE:A3:72:B4:26:9E:EB:D3:93:C5:CD:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/6a88ac-efb4-45e4-9199-2abdb21941bc/1/lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/6a88ac-efb4-45e4-9199-2abdb21941bc/1/lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
c9:f5:aa:db:d6:84:1f:fc:2b:b6:3d:b3:29:a4:4c:49:d1:ff:
4c:e4:a5:0c:59:59:1b:a6:78:bf:85:1a:7e:68:c5:ce:9b:93:
a6:06:27:79:c5:61:52:84:2a:d0:94:4f:4f:25:e2:d5:35:d1:
ee:d1:4d:b6:a8:0d:92:80:1e:0c:4b:c9:76:20:41:8e:cf:b0:
97:7f:8f:ef:f3:52:bb:7b:63:2d:e2:9b:e5:8d:9c:6b:d0:b9:
de:c2:59:62:13:6e:9a:ff:fe:79:d7:86:24:b4:d9:dc:b6:4e:
3d:81:0b:ec:b8:66:aa:76:40:95:1b:41:77:ae:71:6d:e7:bc:
c3:aa:c4:b1:04:84:c1:16:40:67:e4:1d:0d:8e:5d:9a:48:9b:
44:42:29:11:b3:ed:77:b8:11:8c:69:a5:60:95:a2:6b:62:1e:
df:98:3f:4d:ca:c8:c6:af:aa:a6:69:d9:da:c6:3e:b1:32:1f:
ae:0b:c8:ae:5c:24:2c:75:0b:05:c3:7f:42:6b:bb:bd:c1:b0:
ca:10:18:74:2d:7d:10:95:92:37:81:2e:1f:8f:0c:ca:28:d2:
9f:a8:be:0f:5a:f0:01:12:09:64:47:b3:4f:a8:34:e2:8b:c3:
3a:ab:20:9b:2a:1b:0a:36:95:81:fa:9b:c6:e1:a2:4e:d3:59:
b2:50:13:df
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoPcIwj2jmCZPWGMU57LYtUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2Yjg3ZTVmZDFhYWRjMWJiZWEzNzJiNDI2OWVlYmQzOTNj
NWNkNjcwHhcNMjUxMDIzMDUwMDI1WhcNMjUxMDI0MDUwMDI1WjAzMTEwLwYDVQQD
EygyZDM0MzBjYjAzNTA2OWQ2MmZkMTYyN2U0Mzg2ZmUyZTJmMTExODNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0UXKEbB8NRh8UhzGIWe/yJx6tBJv
ipIZCavY2ZfI63J84TbdLkhaPX1RbbzrTo+gp+CXuWgDSBiOKNIxMRfXlkXwzgNj
dv+r3csrmHJIOv0NvI+ppE1dg10Y3kw39YFug2P18rMIZSurRqg9MYNIH7+9jttL
Ye879J/1c0zV6/haIVU8dT2or+mE2aIv4W+4sihN3MosWg6yL7pEcQ7b5QyzInpm
KgFFiinedd0Cw40ZXFWV5COKRK1dWl6B8z4/bZwvGvsy/0weMuC/XOGDN0jR2PC6
Are/PTJrVWJmkIpE/16o/BGNrD2DJV0E5b8kyevLRi2LICqV5XtEURCDGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC00MMsDUGnWL9FifkOG/i4vERg+MB8GA1UdIwQY
MBaAFJa4fl/RqtwbvqNytCae69OTxc1nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHJoLVg5R3EzQnUtbzNLMEpwN3IwNVBGeldjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi82YTg4YWMtZWZiNC00NWU0LTkxOTkt
MmFiZGIyMTk0MWJjLzEvbHJoLVg5R3EzQnUtbzNLMEpwN3IwNVBGeldjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi82YTg4YWMtZWZiNC00NWU0LTkxOTktMmFiZGIyMTk0MWJj
LzEvbHJoLVg5R3EzQnUtbzNLMEpwN3IwNVBGeldjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAyfWq29aE
H/wrtj2zKaRMSdH/TOSlDFlZG6Z4v4UafmjFzpuTpgYnecVhUoQq0JRPTyXi1TXR
7tFNtqgNkoAeDEvJdiBBjs+wl3+P7/NSu3tjLeKb5Y2ca9C53sJZYhNumv/+edeG
JLTZ3LZOPYEL7LhmqnZAlRtBd65xbee8w6rEsQSEwRZAZ+QdDY5dmkibREIpEbPt
d7gRjGmlYJWia2Ie35g/TcrIxq+qpmnZ2sY+sTIfrgvIrlwkLHULBcN/Qmu7vcGw
yhAYdC19EJWSN4EuH48MyijSn6i+D1rwARIJZEezT6g04ovDOqsgmyobCjaVgfqb
xuGiTtNZslAT3w==
-----END CERTIFICATE-----
Generated at Thu Oct 23 07:22:32 2025 by rpki-client