Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/bf70d3-70fa-4a32-809f-2a591c149d7a/1/lhmTYCWfpbNbgpU8Xtl5mSKDQaw.mft
File: lhmTYCWfpbNbgpU8Xtl5mSKDQaw.mft (raw, json)
Hash identifier: 4bExq/OKDLvdgGEbP8cNzaubxEaLuI0irwrJOFMfvGI=
Subject key identifier: 4A:F8:86:A7:27:32:94:9C:14:44:EC:9D:B5:92:D3:47:E5:8A:BE:73
Authority key identifier: 96:19:93:60:25:9F:A5:B3:5B:82:95:3C:5E:D9:79:99:22:83:41:AC
Certificate issuer: /CN=96199360259fa5b35b82953c5ed97999228341ac
Certificate serial: 019A72933EC8F30EECF884C59A75A8BB07F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lhmTYCWfpbNbgpU8Xtl5mSKDQaw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/bf70d3-70fa-4a32-809f-2a591c149d7a/1/lhmTYCWfpbNbgpU8Xtl5mSKDQaw.mft
Manifest number: 1488
Signing time: Tue 11 Nov 2025 11:00:43 +0000
Manifest this update: Tue 11 Nov 2025 11:00:43 +0000
Manifest next update: Wed 12 Nov 2025 11:00:43 +0000
Files and hashes: 1: 0hGuI9abbnH5IARURiUpnsE2cKk.roa (hash: DuwUAcXW//1k2Md+MdRwDGn9pw5DCw3cr3zSvWu8/Sg=)
2: lhmTYCWfpbNbgpU8Xtl5mSKDQaw.crl (hash: RpmZ8Sak6173nr4Vd9D+1FeZvSTCSfeQHp2p/EgQbcA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/bf70d3-70fa-4a32-809f-2a591c149d7a/1/lhmTYCWfpbNbgpU8Xtl5mSKDQaw.crl
rsync://rpki.ripe.net/repository/DEFAULT/21/bf70d3-70fa-4a32-809f-2a591c149d7a/1/lhmTYCWfpbNbgpU8Xtl5mSKDQaw.mft
rsync://rpki.ripe.net/repository/DEFAULT/lhmTYCWfpbNbgpU8Xtl5mSKDQaw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:93:3e:c8:f3:0e:ec:f8:84:c5:9a:75:a8:bb:07:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=96199360259fa5b35b82953c5ed97999228341ac
Validity
Not Before: Nov 11 11:00:43 2025 GMT
Not After : Nov 12 11:00:43 2025 GMT
Subject: CN=4af886a72732949c1444ec9db592d347e58abe73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:0a:e5:c9:b2:40:74:a0:4d:d1:d5:0c:4f:72:
eb:b9:09:86:85:85:f5:a5:7f:bc:6a:11:44:15:01:
b1:f2:75:af:df:c3:1e:83:92:5f:89:d5:f8:43:18:
a4:c0:e1:36:bd:43:77:a6:ff:ab:67:f4:0e:e1:19:
fe:ac:96:d6:00:cd:97:dd:b2:00:2f:df:a6:eb:2b:
9d:66:2a:45:c8:d8:f5:0e:af:03:61:8b:34:e9:b4:
d3:57:3d:72:fd:52:ec:10:b5:fc:ee:e2:c3:dc:2a:
9e:dd:b7:65:b0:06:a2:a0:fa:72:15:36:e8:19:a4:
b4:25:d6:1d:74:c4:45:65:ed:53:16:11:f7:32:c2:
86:5a:44:a6:e0:b2:2e:f0:aa:65:17:18:c8:e3:fc:
03:e1:8a:62:d4:f7:fe:ba:a8:7f:6e:3d:35:fe:3a:
7c:00:08:5b:da:dc:f1:07:6a:d8:6a:87:f7:4f:ac:
6e:6f:be:77:95:58:ee:99:09:43:f8:67:87:27:ef:
87:14:54:7e:3a:c9:8b:15:03:0f:b0:b1:ab:43:27:
84:ca:bf:94:c1:b0:91:9d:97:14:86:cd:86:6d:8e:
74:02:f2:c6:e2:03:36:f6:46:bc:84:a8:27:aa:b0:
f6:af:b1:3d:01:19:ab:e3:4c:aa:16:90:80:39:50:
cd:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:F8:86:A7:27:32:94:9C:14:44:EC:9D:B5:92:D3:47:E5:8A:BE:73
X509v3 Authority Key Identifier:
keyid:96:19:93:60:25:9F:A5:B3:5B:82:95:3C:5E:D9:79:99:22:83:41:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lhmTYCWfpbNbgpU8Xtl5mSKDQaw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/bf70d3-70fa-4a32-809f-2a591c149d7a/1/lhmTYCWfpbNbgpU8Xtl5mSKDQaw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/bf70d3-70fa-4a32-809f-2a591c149d7a/1/lhmTYCWfpbNbgpU8Xtl5mSKDQaw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7d:87:7a:98:f1:d6:88:b8:12:cb:cf:d2:5b:94:cb:9a:c0:54:
b9:46:57:ae:18:2f:b4:0c:35:ef:db:64:a4:88:ea:00:0a:9a:
7b:46:7b:d3:ea:30:45:0e:d4:5c:bf:b3:79:21:46:27:e3:49:
f0:ae:9d:a1:3e:bc:f9:d4:69:3e:51:f1:b1:57:a3:4d:31:65:
31:5e:4c:7a:c3:8a:1b:7c:ee:03:ff:db:d9:e3:81:ee:ff:06:
43:50:4c:45:29:98:70:94:13:0a:78:87:7d:0e:9f:58:ab:d4:
24:67:d4:8b:4f:9c:16:ad:da:49:ee:80:94:61:26:2a:e9:6a:
2d:21:8e:c7:25:91:32:e4:83:7e:18:3a:32:89:73:24:cf:f4:
02:38:c5:e9:cd:9e:5b:f7:d0:aa:07:42:f1:e3:d2:c7:a9:bc:
6d:08:83:6a:df:32:da:a0:03:15:92:0f:2d:6b:a8:5b:34:b1:
16:86:3e:0c:4f:2f:8c:98:5e:ca:fd:cd:54:67:07:61:94:59:
f2:ed:cd:f7:8a:18:2e:38:ae:b9:36:4b:25:e4:bb:5c:d8:9b:
52:f3:55:c6:49:29:c8:b0:23:3c:70:98:85:54:b6:ca:1c:00:
57:b5:9e:e8:ae:b9:98:15:4f:24:22:49:3b:59:f6:95:7f:51:
44:2f:e5:73
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpykz7I8w7s+ITFmnWouwf1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2MTk5MzYwMjU5ZmE1YjM1YjgyOTUzYzVlZDk3OTk5MjI4
MzQxYWMwHhcNMjUxMTExMTEwMDQzWhcNMjUxMTEyMTEwMDQzWjAzMTEwLwYDVQQD
Eyg0YWY4ODZhNzI3MzI5NDljMTQ0NGVjOWRiNTkyZDM0N2U1OGFiZTczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkwrlybJAdKBN0dUMT3LruQmGhYX1
pX+8ahFEFQGx8nWv38Meg5JfidX4QxikwOE2vUN3pv+rZ/QO4Rn+rJbWAM2X3bIA
L9+m6yudZipFyNj1Dq8DYYs06bTTVz1y/VLsELX87uLD3Cqe3bdlsAaioPpyFTbo
GaS0JdYddMRFZe1TFhH3MsKGWkSm4LIu8KplFxjI4/wD4Ypi1Pf+uqh/bj01/jp8
AAhb2tzxB2rYaof3T6xub753lVjumQlD+GeHJ++HFFR+OsmLFQMPsLGrQyeEyr+U
wbCRnZcUhs2GbY50AvLG4gM29ka8hKgnqrD2r7E9ARmr40yqFpCAOVDNNwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEr4hqcnMpScFETsnbWS00flir5zMB8GA1UdIwQY
MBaAFJYZk2Aln6WzW4KVPF7ZeZkig0GsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGhtVFlDV2ZwYk5iZ3BVOFh0bDVtU0tEUWF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9iZjcwZDMtNzBmYS00YTMyLTgwOWYt
MmE1OTFjMTQ5ZDdhLzEvbGhtVFlDV2ZwYk5iZ3BVOFh0bDVtU0tEUWF3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9iZjcwZDMtNzBmYS00YTMyLTgwOWYtMmE1OTFjMTQ5ZDdh
LzEvbGhtVFlDV2ZwYk5iZ3BVOFh0bDVtU0tEUWF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfYd6mPHW
iLgSy8/SW5TLmsBUuUZXrhgvtAw179tkpIjqAAqae0Z70+owRQ7UXL+zeSFGJ+NJ
8K6doT68+dRpPlHxsVejTTFlMV5MesOKG3zuA//b2eOB7v8GQ1BMRSmYcJQTCniH
fQ6fWKvUJGfUi0+cFq3aSe6AlGEmKulqLSGOxyWRMuSDfhg6MolzJM/0AjjF6c2e
W/fQqgdC8ePSx6m8bQiDat8y2qADFZIPLWuoWzSxFoY+DE8vjJheyv3NVGcHYZRZ
8u3N94oYLjiuuTZLJeS7XNibUvNVxkkpyLAjPHCYhVS2yhwAV7We6K65mBVPJCJJ
O1n2lX9RRC/lcw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:08:40 2025 by rpki-client