Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/9f3bfa-ef3b-4361-b311-6705dc2e3aaa/1/lfdgXoUMnb8X2vC6OONvzGPCy_o.mft
File: lfdgXoUMnb8X2vC6OONvzGPCy_o.mft (raw, json)
Hash identifier: fYAt6d25g5Ex2YfPg71XP09BRvN3mYezATOSe+cxu0o=
Subject key identifier: 2C:5B:0C:92:6E:54:B6:60:CA:74:79:25:E4:93:04:92:1A:63:5D:A1
Authority key identifier: 95:F7:60:5E:85:0C:9D:BF:17:DA:F0:BA:38:E3:6F:CC:63:C2:CB:FA
Certificate issuer: /CN=95f7605e850c9dbf17daf0ba38e36fcc63c2cbfa
Certificate serial: 0199228CCCB7944902787672651B3C67E526
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lfdgXoUMnb8X2vC6OONvzGPCy_o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/9f3bfa-ef3b-4361-b311-6705dc2e3aaa/1/lfdgXoUMnb8X2vC6OONvzGPCy_o.mft
Manifest number: 1671
Signing time: Sun 07 Sep 2025 05:01:16 +0000
Manifest this update: Sun 07 Sep 2025 05:01:16 +0000
Manifest next update: Mon 08 Sep 2025 05:01:16 +0000
Files and hashes: 1: 5-Dy59i1_U0ZRMyz_6apK6err6E.roa (hash: HTKVf7q+nYn6Qr/j/qsCTy9hUzuLpJ7dJx3pfn4b6GM=)
2: lfdgXoUMnb8X2vC6OONvzGPCy_o.crl (hash: JyDbB8HzKGqxZfsR9Tb947NITGW9rRvfL6I1ffj6kWc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/9f3bfa-ef3b-4361-b311-6705dc2e3aaa/1/lfdgXoUMnb8X2vC6OONvzGPCy_o.crl
rsync://rpki.ripe.net/repository/DEFAULT/34/9f3bfa-ef3b-4361-b311-6705dc2e3aaa/1/lfdgXoUMnb8X2vC6OONvzGPCy_o.mft
rsync://rpki.ripe.net/repository/DEFAULT/lfdgXoUMnb8X2vC6OONvzGPCy_o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 05:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:22:8c:cc:b7:94:49:02:78:76:72:65:1b:3c:67:e5:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=95f7605e850c9dbf17daf0ba38e36fcc63c2cbfa
Validity
Not Before: Sep 7 05:01:16 2025 GMT
Not After : Sep 8 05:01:16 2025 GMT
Subject: CN=2c5b0c926e54b660ca747925e49304921a635da1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:c6:82:ac:3b:a2:ea:df:d0:d8:77:a8:eb:7d:
01:c0:6b:6b:a1:92:92:0a:e0:58:45:a1:09:5e:0c:
e4:92:4d:fc:05:b0:b0:c9:48:5b:ee:cd:64:a3:37:
e6:cf:36:41:71:71:49:ce:3e:1c:5d:c1:90:ab:38:
9d:cc:a0:27:51:bf:8d:f2:84:4d:4c:f6:d2:cf:83:
0d:3b:0d:68:49:3f:67:eb:0a:91:61:1a:04:f8:63:
5c:b5:70:35:3e:7f:d9:79:6e:b6:dc:ff:b6:5d:36:
b6:31:b9:f3:ab:21:0c:a4:0f:72:db:84:ab:c3:60:
dd:d5:e8:77:9d:c0:06:2d:bc:ea:77:c9:fd:6f:b4:
7e:7c:5d:14:d0:6d:71:90:c7:c1:98:67:ef:93:45:
09:b1:02:cb:bb:ce:e8:23:50:e2:75:be:5a:9d:22:
d4:0f:9c:5e:09:82:3a:29:95:63:ff:69:3c:d0:23:
b4:fd:05:9a:d9:98:3e:93:b8:10:9a:cb:a9:31:19:
3f:00:12:7e:60:9e:39:05:2d:0c:f4:7f:e8:98:a9:
c2:b2:cc:3c:95:be:e6:d2:a4:64:6b:7f:88:25:96:
3a:13:c1:ce:10:17:01:c3:f9:ad:5f:dd:05:c5:eb:
8d:22:38:38:8f:10:b0:9d:13:d6:7e:c9:d9:18:ef:
3e:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:5B:0C:92:6E:54:B6:60:CA:74:79:25:E4:93:04:92:1A:63:5D:A1
X509v3 Authority Key Identifier:
keyid:95:F7:60:5E:85:0C:9D:BF:17:DA:F0:BA:38:E3:6F:CC:63:C2:CB:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lfdgXoUMnb8X2vC6OONvzGPCy_o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/9f3bfa-ef3b-4361-b311-6705dc2e3aaa/1/lfdgXoUMnb8X2vC6OONvzGPCy_o.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/9f3bfa-ef3b-4361-b311-6705dc2e3aaa/1/lfdgXoUMnb8X2vC6OONvzGPCy_o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3f:e5:de:80:df:d3:9e:a9:2b:bf:8d:28:e9:2b:43:fb:90:16:
33:d4:98:ed:9b:f3:9e:42:56:9b:88:9b:a8:81:e2:2d:cf:1b:
6f:46:24:5b:10:eb:ca:bb:bd:3d:2e:4b:71:cc:10:fd:26:11:
10:f0:9e:12:db:10:86:41:fc:4e:76:fc:76:0e:1e:74:8b:27:
b1:1e:c6:cd:a7:b7:66:a2:cf:fc:1f:6c:b5:81:a5:77:5f:63:
04:70:51:c2:36:86:aa:c7:51:f0:2c:8b:4e:8c:b8:0c:52:36:
2e:ba:03:69:35:b3:de:b2:84:20:95:72:f3:c2:c2:58:2d:5c:
5d:c0:85:50:a0:64:28:60:84:cd:6a:5a:f6:4d:65:a7:98:0f:
5e:e0:f8:04:26:cb:36:30:af:91:74:84:a6:be:9c:b0:73:27:
f1:21:b2:6d:ed:77:17:1a:e0:79:46:b9:e8:b8:79:27:f8:02:
97:2f:8a:23:15:6f:50:12:70:34:e9:61:6e:1e:9c:be:eb:01:
02:13:4a:83:ed:f3:7f:2b:52:e3:b8:ce:fd:0d:a8:aa:1b:27:
d6:90:1d:b8:57:91:08:6c:90:21:19:2e:c0:07:97:7e:28:da:
44:8e:72:19:ad:74:fd:88:66:99:aa:d9:61:78:ca:27:1f:18:
fd:6f:34:03
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkijMy3lEkCeHZyZRs8Z+UmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1Zjc2MDVlODUwYzlkYmYxN2RhZjBiYTM4ZTM2ZmNjNjNj
MmNiZmEwHhcNMjUwOTA3MDUwMTE2WhcNMjUwOTA4MDUwMTE2WjAzMTEwLwYDVQQD
EygyYzViMGM5MjZlNTRiNjYwY2E3NDc5MjVlNDkzMDQ5MjFhNjM1ZGExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAscaCrDui6t/Q2Heo630BwGtroZKS
CuBYRaEJXgzkkk38BbCwyUhb7s1kozfmzzZBcXFJzj4cXcGQqzidzKAnUb+N8oRN
TPbSz4MNOw1oST9n6wqRYRoE+GNctXA1Pn/ZeW623P+2XTa2MbnzqyEMpA9y24Sr
w2Dd1eh3ncAGLbzqd8n9b7R+fF0U0G1xkMfBmGfvk0UJsQLLu87oI1Didb5anSLU
D5xeCYI6KZVj/2k80CO0/QWa2Zg+k7gQmsupMRk/ABJ+YJ45BS0M9H/omKnCssw8
lb7m0qRka3+IJZY6E8HOEBcBw/mtX90FxeuNIjg4jxCwnRPWfsnZGO8+BwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCxbDJJuVLZgynR5JeSTBJIaY12hMB8GA1UdIwQY
MBaAFJX3YF6FDJ2/F9rwujjjb8xjwsv6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGZkZ1hvVU1uYjhYMnZDNk9PTnZ6R1BDeV9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC85ZjNiZmEtZWYzYi00MzYxLWIzMTEt
NjcwNWRjMmUzYWFhLzEvbGZkZ1hvVU1uYjhYMnZDNk9PTnZ6R1BDeV9vLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC85ZjNiZmEtZWYzYi00MzYxLWIzMTEtNjcwNWRjMmUzYWFh
LzEvbGZkZ1hvVU1uYjhYMnZDNk9PTnZ6R1BDeV9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAP+XegN/T
nqkrv40o6StD+5AWM9SY7ZvznkJWm4ibqIHiLc8bb0YkWxDryru9PS5LccwQ/SYR
EPCeEtsQhkH8Tnb8dg4edIsnsR7Gzae3ZqLP/B9stYGld19jBHBRwjaGqsdR8CyL
Toy4DFI2LroDaTWz3rKEIJVy88LCWC1cXcCFUKBkKGCEzWpa9k1lp5gPXuD4BCbL
NjCvkXSEpr6csHMn8SGybe13FxrgeUa56Lh5J/gCly+KIxVvUBJwNOlhbh6cvusB
AhNKg+3zfytS47jO/Q2oqhsn1pAduFeRCGyQIRkuwAeXfijaRI5yGa10/YhmmarZ
YXjKJx8Y/W80Aw==
-----END CERTIFICATE-----
Generated at Sun Sep 7 10:08:18 2025 by rpki-client