Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/b80405-d19b-4e0f-ac37-5200fc16ff8c/1/lZI0IMz-4DjNyutDkjEKBZivej4.mft
File: lZI0IMz-4DjNyutDkjEKBZivej4.mft (raw, json)
Hash identifier: FHgkWeaFOb1yMbdMWRfBkQVDkMRI6CZ79/xUtjFoB10=
Subject key identifier: 29:A0:52:23:8B:A9:D8:3E:9D:1E:C2:D4:EB:07:E9:2A:0D:F6:04:00
Authority key identifier: 95:92:34:20:CC:FE:E0:38:CD:CA:EB:43:92:31:0A:05:98:AF:7A:3E
Certificate issuer: /CN=95923420ccfee038cdcaeb4392310a0598af7a3e
Certificate serial: 019A1760F90EF9F98D013CD37D79A4BF8CD8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lZI0IMz-4DjNyutDkjEKBZivej4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/b80405-d19b-4e0f-ac37-5200fc16ff8c/1/lZI0IMz-4DjNyutDkjEKBZivej4.mft
Manifest number: 02F7
Signing time: Fri 24 Oct 2025 18:00:22 +0000
Manifest this update: Fri 24 Oct 2025 18:00:22 +0000
Manifest next update: Sat 25 Oct 2025 18:00:22 +0000
Files and hashes: 1: F7hFHVt5GnAjfb0AGvjaQBNPnKg.roa (hash: btzZxwXvt98Q7y5uMwpF7P7FoBwM/PNcqw+tRVhi4ns=)
2: fATmKoPkxnFaeIEAAJJ02F6yM_M.roa (hash: 9vZ8Uz6k4By0kjf2AHSVtoIff7eSff80iL0R5CgM+Wc=)
3: lZI0IMz-4DjNyutDkjEKBZivej4.crl (hash: nUG6F4dWJ9SNoQ+5PZUBWSmroib+TGiUIBLzkKznzk0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/b80405-d19b-4e0f-ac37-5200fc16ff8c/1/lZI0IMz-4DjNyutDkjEKBZivej4.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/b80405-d19b-4e0f-ac37-5200fc16ff8c/1/lZI0IMz-4DjNyutDkjEKBZivej4.mft
rsync://rpki.ripe.net/repository/DEFAULT/lZI0IMz-4DjNyutDkjEKBZivej4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 25 Oct 2025 15:30:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:17:60:f9:0e:f9:f9:8d:01:3c:d3:7d:79:a4:bf:8c:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=95923420ccfee038cdcaeb4392310a0598af7a3e
Validity
Not Before: Oct 24 18:00:22 2025 GMT
Not After : Oct 25 18:00:22 2025 GMT
Subject: CN=29a052238ba9d83e9d1ec2d4eb07e92a0df60400
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:a7:88:8e:b5:69:54:dd:3a:b2:a4:4c:5b:e1:
d2:85:b1:8e:26:78:b0:ec:c6:55:bb:43:88:e3:ea:
b7:7c:2c:3e:1f:36:78:12:c9:0d:98:5e:9b:41:07:
7a:bb:63:19:1b:6e:dd:1d:88:e0:aa:85:f8:9c:1f:
62:bc:68:85:de:20:99:05:a4:3b:d4:c9:8e:ea:b1:
99:dd:8e:43:49:d5:d9:93:04:66:bb:ea:07:8a:98:
57:92:78:2e:8b:40:a4:66:4b:1d:e8:d6:25:52:da:
ea:3b:21:30:7d:5b:78:84:52:94:31:02:c2:1c:b8:
0c:7b:41:42:64:67:2a:64:9f:97:d2:81:3a:55:c8:
58:23:9d:94:ab:57:71:98:d0:1d:6b:0f:f0:30:ad:
57:21:bf:37:c8:d2:c8:98:de:0d:64:0f:22:53:69:
05:ad:19:99:33:1c:e1:01:65:74:aa:10:08:23:89:
fe:3c:58:42:f6:96:f6:dc:ad:37:70:d3:5e:df:4b:
72:38:46:78:7a:cc:59:ff:53:52:ba:4f:43:aa:a5:
af:9c:38:32:9b:76:23:27:19:e7:d5:e6:af:ec:59:
c4:90:87:a8:cd:6f:90:9b:1c:52:36:61:e5:8c:77:
6c:ad:d8:4f:43:43:74:8c:80:27:08:12:0b:e0:05:
41:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:A0:52:23:8B:A9:D8:3E:9D:1E:C2:D4:EB:07:E9:2A:0D:F6:04:00
X509v3 Authority Key Identifier:
keyid:95:92:34:20:CC:FE:E0:38:CD:CA:EB:43:92:31:0A:05:98:AF:7A:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lZI0IMz-4DjNyutDkjEKBZivej4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/b80405-d19b-4e0f-ac37-5200fc16ff8c/1/lZI0IMz-4DjNyutDkjEKBZivej4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/b80405-d19b-4e0f-ac37-5200fc16ff8c/1/lZI0IMz-4DjNyutDkjEKBZivej4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
06:7e:ed:b9:07:f6:50:91:b2:ca:ea:24:90:03:57:32:00:ba:
2c:26:06:19:30:86:40:a1:81:66:30:f5:a2:66:c7:42:a2:62:
52:70:9b:9d:c9:64:bc:b0:87:29:9c:6f:27:78:42:82:c7:9d:
e0:f9:02:85:1e:ca:b4:e7:ef:7e:de:15:4c:7a:20:46:de:f4:
12:4b:80:e0:f8:c6:d6:0b:80:9c:74:61:32:c1:d4:8a:28:08:
22:87:e7:bf:29:40:24:b2:b4:33:d1:03:1c:a1:bc:ff:ba:89:
a3:e8:b3:a0:37:cd:0a:d4:81:09:0f:de:cd:ef:9d:d9:81:55:
70:e4:74:54:70:f9:c4:81:eb:cb:1c:df:49:94:5d:df:1d:af:
fe:de:d6:08:40:d3:cf:36:f4:f6:ed:2a:0e:7d:4d:b7:41:ad:
e1:69:c6:f2:47:a4:d0:5a:37:81:77:2b:31:81:01:87:25:42:
43:a4:be:7f:c7:d8:87:48:8c:a9:17:32:f1:5a:e3:3f:60:34:
fa:d8:de:a2:7e:31:fa:a5:42:60:59:3b:9d:d9:4e:41:d7:05:
e5:a7:18:11:75:e2:4b:dd:35:03:57:66:09:47:5b:40:ac:53:
05:1f:7e:c7:a6:52:8d:c1:7f:4c:d9:58:7f:a9:7c:8a:5c:48:
90:41:7b:ca
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoXYPkO+fmNATzTfXmkv4zYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1OTIzNDIwY2NmZWUwMzhjZGNhZWI0MzkyMzEwYTA1OThh
ZjdhM2UwHhcNMjUxMDI0MTgwMDIyWhcNMjUxMDI1MTgwMDIyWjAzMTEwLwYDVQQD
EygyOWEwNTIyMzhiYTlkODNlOWQxZWMyZDRlYjA3ZTkyYTBkZjYwNDAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmqeIjrVpVN06sqRMW+HShbGOJniw
7MZVu0OI4+q3fCw+HzZ4EskNmF6bQQd6u2MZG27dHYjgqoX4nB9ivGiF3iCZBaQ7
1MmO6rGZ3Y5DSdXZkwRmu+oHiphXkngui0CkZksd6NYlUtrqOyEwfVt4hFKUMQLC
HLgMe0FCZGcqZJ+X0oE6VchYI52Uq1dxmNAdaw/wMK1XIb83yNLImN4NZA8iU2kF
rRmZMxzhAWV0qhAII4n+PFhC9pb23K03cNNe30tyOEZ4esxZ/1NSuk9DqqWvnDgy
m3YjJxnn1eav7FnEkIeozW+QmxxSNmHljHdsrdhPQ0N0jIAnCBIL4AVB0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCmgUiOLqdg+nR7C1OsH6SoN9gQAMB8GA1UdIwQY
MBaAFJWSNCDM/uA4zcrrQ5IxCgWYr3o+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFpJMElNei00RGpOeXV0RGtqRUtCWml2ZWo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9iODA0MDUtZDE5Yi00ZTBmLWFjMzct
NTIwMGZjMTZmZjhjLzEvbFpJMElNei00RGpOeXV0RGtqRUtCWml2ZWo0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9iODA0MDUtZDE5Yi00ZTBmLWFjMzctNTIwMGZjMTZmZjhj
LzEvbFpJMElNei00RGpOeXV0RGtqRUtCWml2ZWo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABn7tuQf2
UJGyyuokkANXMgC6LCYGGTCGQKGBZjD1ombHQqJiUnCbnclkvLCHKZxvJ3hCgsed
4PkChR7KtOfvft4VTHogRt70EkuA4PjG1guAnHRhMsHUiigIIofnvylAJLK0M9ED
HKG8/7qJo+izoDfNCtSBCQ/eze+d2YFVcOR0VHD5xIHryxzfSZRd3x2v/t7WCEDT
zzb09u0qDn1Nt0Gt4WnG8kek0Fo3gXcrMYEBhyVCQ6S+f8fYh0iMqRcy8VrjP2A0
+tjeon4x+qVCYFk7ndlOQdcF5acYEXXiS901A1dmCUdbQKxTBR9+x6ZSjcF/TNlY
f6l8ilxIkEF7yg==
-----END CERTIFICATE-----
Generated at Sat Oct 25 00:18:58 2025 by rpki-client