Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/6a88ac-efb4-45e4-9199-2abdb21941bc/1/lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.mft
File: lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.mft (raw, json)
Hash identifier: bQhJ3EP4F2XXQOK5YdYZCdsOEinhjyq5795QKVb6WIY=
Subject key identifier: 1D:29:08:7F:A3:7E:68:24:C6:9D:63:4C:7C:EB:63:B7:47:BF:22:1A
Authority key identifier: 96:B8:7E:5F:D1:AA:DC:1B:BE:A3:72:B4:26:9E:EB:D3:93:C5:CD:67
Certificate issuer: /CN=96b87e5fd1aadc1bbea372b4269eebd393c5cd67
Certificate serial: 01975E01C22FCCEBEE73B4279D57898C0024
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/6a88ac-efb4-45e4-9199-2abdb21941bc/1/lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.mft
Manifest number: 0CBE
Signing time: Wed 11 Jun 2025 08:01:02 +0000
Manifest this update: Wed 11 Jun 2025 08:01:02 +0000
Manifest next update: Thu 12 Jun 2025 08:01:02 +0000
Files and hashes: 1: O8xQyf4SlO_QA8u4YHx9nqfuT4c.roa (hash: WyDwMMx1y5LT2GHueRZtXWT+BMFzzrzU6Km40azPSxA=)
2: lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.crl (hash: NHSN9jIVfA45rW8nZgY8BGtzHwqCnuAwLUVSkJGQz84=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1b/6a88ac-efb4-45e4-9199-2abdb21941bc/1/lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.crl
rsync://rpki.ripe.net/repository/DEFAULT/1b/6a88ac-efb4-45e4-9199-2abdb21941bc/1/lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.mft
rsync://rpki.ripe.net/repository/DEFAULT/lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 12 Jun 2025 08:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:5e:01:c2:2f:cc:eb:ee:73:b4:27:9d:57:89:8c:00:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=96b87e5fd1aadc1bbea372b4269eebd393c5cd67
Validity
Not Before: Jun 11 08:01:02 2025 GMT
Not After : Jun 12 08:01:02 2025 GMT
Subject: CN=1d29087fa37e6824c69d634c7ceb63b747bf221a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:6d:0f:3e:a4:8c:65:cf:88:05:5a:ae:e8:ce:
a6:58:bc:cd:95:c9:53:e7:ef:3a:08:81:31:2c:36:
90:04:b8:1d:07:45:a4:8c:40:fc:58:f2:f1:c3:2e:
7c:ae:f3:f3:53:07:3d:3f:41:ab:14:5b:29:ca:ca:
43:86:50:1e:32:49:26:00:5c:c9:4a:cc:20:71:0b:
88:7a:76:62:25:e5:2b:4d:dd:96:66:fa:3b:68:83:
62:02:45:c5:56:bd:e4:79:32:de:6e:95:76:1c:62:
83:7f:79:b8:87:5c:10:59:c0:ee:51:d0:0c:7d:67:
75:bd:c5:3a:b4:0f:48:8d:fa:96:4b:ea:3a:7f:a6:
97:1a:17:c6:8e:00:e7:58:23:38:c4:35:4c:74:a2:
07:77:1f:9d:1a:dd:e9:e9:bd:bb:c8:28:e8:44:69:
a9:74:be:bc:00:0c:a4:40:71:06:ce:d8:b8:c8:88:
f0:fb:87:8d:50:64:cf:8d:31:71:eb:48:3e:b1:da:
e6:e0:53:9c:a8:9f:b1:4e:24:41:ed:72:b3:a7:6c:
7b:63:8a:1e:1e:4c:ca:c8:2f:77:1a:0b:a3:98:81:
82:7e:51:67:4d:8f:0f:16:2c:90:95:c9:90:66:f6:
00:1b:30:ad:e3:a6:44:eb:3b:61:93:5a:03:fc:d2:
a3:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:29:08:7F:A3:7E:68:24:C6:9D:63:4C:7C:EB:63:B7:47:BF:22:1A
X509v3 Authority Key Identifier:
keyid:96:B8:7E:5F:D1:AA:DC:1B:BE:A3:72:B4:26:9E:EB:D3:93:C5:CD:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/6a88ac-efb4-45e4-9199-2abdb21941bc/1/lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/6a88ac-efb4-45e4-9199-2abdb21941bc/1/lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
54:41:11:d2:57:cb:aa:2c:00:8c:bb:8b:52:e0:99:42:9f:bc:
e5:bc:b1:05:e7:57:6e:87:bb:d9:7d:47:89:ed:b1:0e:31:0f:
00:c8:ce:8a:35:6b:56:35:32:b0:cd:f1:55:e3:f7:31:42:74:
b8:da:55:f3:bc:d0:5c:49:03:0a:ba:45:a9:14:f1:62:8d:71:
80:62:68:d3:c3:57:53:ca:72:1c:28:92:ab:8c:c3:0e:43:bd:
19:ae:8a:db:9d:a4:4d:bf:9e:31:5a:3d:d3:f0:74:17:dc:99:
c6:ce:de:c8:47:98:09:9f:80:fb:d4:27:99:63:4f:55:c2:2a:
93:56:81:c1:66:a6:3d:79:50:5d:43:de:97:e1:c7:9f:38:e6:
6e:3c:a5:2d:f3:cf:b0:d6:cd:74:17:9c:02:3d:d6:ce:3d:d5:
fe:dd:16:04:c8:0f:69:ee:66:3e:ac:e4:5d:9a:e0:41:7e:b5:
31:8b:30:93:d5:a6:05:87:b0:3b:d7:df:15:6d:d9:2c:1a:23:
05:3c:80:0b:f7:53:54:74:97:4e:e1:1d:cb:0d:55:7b:c3:ea:
57:c3:c6:21:3f:7a:ab:d1:e8:91:a6:0a:00:3a:a6:81:92:f7:
b4:0e:33:aa:01:e3:61:48:38:eb:d0:1b:11:c5:15:4a:76:92:
aa:b4:ad:35
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdeAcIvzOvuc7QnnVeJjAAkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2Yjg3ZTVmZDFhYWRjMWJiZWEzNzJiNDI2OWVlYmQzOTNj
NWNkNjcwHhcNMjUwNjExMDgwMTAyWhcNMjUwNjEyMDgwMTAyWjAzMTEwLwYDVQQD
EygxZDI5MDg3ZmEzN2U2ODI0YzY5ZDYzNGM3Y2ViNjNiNzQ3YmYyMjFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsG0PPqSMZc+IBVqu6M6mWLzNlclT
5+86CIExLDaQBLgdB0WkjED8WPLxwy58rvPzUwc9P0GrFFspyspDhlAeMkkmAFzJ
SswgcQuIenZiJeUrTd2WZvo7aINiAkXFVr3keTLebpV2HGKDf3m4h1wQWcDuUdAM
fWd1vcU6tA9IjfqWS+o6f6aXGhfGjgDnWCM4xDVMdKIHdx+dGt3p6b27yCjoRGmp
dL68AAykQHEGzti4yIjw+4eNUGTPjTFx60g+sdrm4FOcqJ+xTiRB7XKzp2x7Y4oe
HkzKyC93GgujmIGCflFnTY8PFiyQlcmQZvYAGzCt46ZE6zthk1oD/NKjnQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB0pCH+jfmgkxp1jTHzrY7dHvyIaMB8GA1UdIwQY
MBaAFJa4fl/RqtwbvqNytCae69OTxc1nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHJoLVg5R3EzQnUtbzNLMEpwN3IwNVBGeldjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi82YTg4YWMtZWZiNC00NWU0LTkxOTkt
MmFiZGIyMTk0MWJjLzEvbHJoLVg5R3EzQnUtbzNLMEpwN3IwNVBGeldjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi82YTg4YWMtZWZiNC00NWU0LTkxOTktMmFiZGIyMTk0MWJj
LzEvbHJoLVg5R3EzQnUtbzNLMEpwN3IwNVBGeldjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVEER0lfL
qiwAjLuLUuCZQp+85byxBedXboe72X1Hie2xDjEPAMjOijVrVjUysM3xVeP3MUJ0
uNpV87zQXEkDCrpFqRTxYo1xgGJo08NXU8pyHCiSq4zDDkO9Ga6K252kTb+eMVo9
0/B0F9yZxs7eyEeYCZ+A+9QnmWNPVcIqk1aBwWamPXlQXUPel+HHnzjmbjylLfPP
sNbNdBecAj3Wzj3V/t0WBMgPae5mPqzkXZrgQX61MYswk9WmBYewO9ffFW3ZLBoj
BTyAC/dTVHSXTuEdyw1Ve8PqV8PGIT96q9HokaYKADqmgZL3tA4zqgHjYUg469Ab
EcUVSnaSqrStNQ==
-----END CERTIFICATE-----
Generated at Wed Jun 11 11:12:20 2025 by rpki-client