Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/320ef9-3541-4321-80ff-f85c60be340d/1/lWmTFkJJYHEcLo7LU2vdArxyT60.mft
File: lWmTFkJJYHEcLo7LU2vdArxyT60.mft (raw, json)
Hash identifier: jrQMPqWQCZ8W6f5bT/aaCHl/Qek6YCU9+G8NvPAOJKY=
Subject key identifier: 5C:49:D1:AB:3B:98:25:0D:43:B2:41:77:91:E1:9E:16:A7:08:9D:8E
Authority key identifier: 95:69:93:16:42:49:60:71:1C:2E:8E:CB:53:6B:DD:02:BC:72:4F:AD
Certificate issuer: /CN=95699316424960711c2e8ecb536bdd02bc724fad
Certificate serial: 019A706E3D4B06E49633506A380B0717E2A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lWmTFkJJYHEcLo7LU2vdArxyT60.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/320ef9-3541-4321-80ff-f85c60be340d/1/lWmTFkJJYHEcLo7LU2vdArxyT60.mft
Manifest number: 0597
Signing time: Tue 11 Nov 2025 01:01:04 +0000
Manifest this update: Tue 11 Nov 2025 01:01:04 +0000
Manifest next update: Wed 12 Nov 2025 01:01:04 +0000
Files and hashes: 1: QlwSz5QY3CNReEwoqy5_qdcxp7E.roa (hash: J1QwLI9Oak3umoZp+VK8k+3z4SfC016Ed6Yx+Y0FOX0=)
2: lWmTFkJJYHEcLo7LU2vdArxyT60.crl (hash: CLjiYEy6KvkqUZqjB3e72Yl5EUclipM+tgwDatHIk+8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/320ef9-3541-4321-80ff-f85c60be340d/1/lWmTFkJJYHEcLo7LU2vdArxyT60.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/320ef9-3541-4321-80ff-f85c60be340d/1/lWmTFkJJYHEcLo7LU2vdArxyT60.mft
rsync://rpki.ripe.net/repository/DEFAULT/lWmTFkJJYHEcLo7LU2vdArxyT60.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 01:01:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:70:6e:3d:4b:06:e4:96:33:50:6a:38:0b:07:17:e2:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=95699316424960711c2e8ecb536bdd02bc724fad
Validity
Not Before: Nov 11 01:01:04 2025 GMT
Not After : Nov 12 01:01:04 2025 GMT
Subject: CN=5c49d1ab3b98250d43b2417791e19e16a7089d8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:f1:b4:40:84:a8:e4:4d:8f:a3:a0:78:03:7d:
f9:63:dc:8c:01:72:17:d1:4a:c1:2c:ec:61:c1:8c:
4b:47:de:f0:b8:64:df:63:3f:2c:ed:ea:b5:75:af:
d4:18:70:31:d2:3c:cc:db:9e:ef:a5:55:1d:48:fb:
c3:6e:7d:db:7c:46:96:d8:aa:bf:2c:7f:7a:28:cf:
e1:c4:8e:8e:b3:55:27:7d:2f:37:7f:80:42:e3:e9:
94:ac:56:11:f7:2c:c5:3e:82:2e:50:32:f5:72:82:
bc:8d:47:bb:da:55:85:af:48:45:ba:cd:b8:af:f6:
55:53:55:8e:88:74:d2:e4:37:b4:88:57:52:ab:a1:
01:04:ca:9d:88:34:b6:d2:83:81:ea:44:bc:37:ce:
86:95:63:cb:28:86:0f:01:b0:8f:66:9e:b6:94:6d:
1d:59:ad:db:94:a1:da:65:f8:9e:dd:b1:cd:84:ea:
50:de:d1:7a:9b:93:d5:d6:a3:1d:a1:c8:45:f5:e0:
8b:da:3d:ae:88:0c:a0:d7:d3:7d:ca:b7:9d:1e:a5:
76:c2:9c:ff:fd:fb:f1:e4:ea:e6:a4:59:2c:d0:99:
5b:92:20:a4:76:9f:d7:16:ee:4f:6a:a6:4d:51:cb:
c8:c4:d0:73:5e:df:5c:de:77:1e:28:74:e2:07:8a:
db:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:49:D1:AB:3B:98:25:0D:43:B2:41:77:91:E1:9E:16:A7:08:9D:8E
X509v3 Authority Key Identifier:
keyid:95:69:93:16:42:49:60:71:1C:2E:8E:CB:53:6B:DD:02:BC:72:4F:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lWmTFkJJYHEcLo7LU2vdArxyT60.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/320ef9-3541-4321-80ff-f85c60be340d/1/lWmTFkJJYHEcLo7LU2vdArxyT60.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/320ef9-3541-4321-80ff-f85c60be340d/1/lWmTFkJJYHEcLo7LU2vdArxyT60.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
80:60:66:e1:89:9b:2b:5e:f9:b7:06:49:5f:8f:7d:8e:08:72:
b6:3f:ba:8e:b5:3e:9d:e0:6b:01:52:5e:b5:f6:37:73:ad:67:
c7:e1:e7:1d:8f:ed:c4:22:de:ba:fd:df:7b:97:c9:0f:e7:07:
94:33:5b:b8:80:94:f8:29:49:89:5b:e3:51:75:39:9f:79:cd:
5e:eb:36:af:fc:24:b2:ee:9a:8b:62:96:9d:36:d0:3a:a7:a5:
fe:b8:4a:42:f0:03:19:65:92:f4:16:09:c3:3f:94:50:29:66:
07:ff:1f:2f:a7:95:a9:8e:2a:e1:9f:7d:65:03:6b:a0:d3:76:
2e:80:a5:70:8e:0d:7b:1f:1a:87:f9:11:da:d2:7c:2a:bd:7e:
24:6b:58:73:85:ff:9b:07:18:c1:e6:a0:68:bd:55:34:69:6e:
8b:a1:3e:43:68:99:47:cf:5a:36:46:dd:0d:2f:a0:49:e2:75:
34:ee:44:90:98:bc:49:d6:00:0f:41:64:a0:42:68:4c:34:e1:
ad:b4:c9:7f:c0:68:63:c1:7b:ae:6f:d8:7b:51:77:bb:28:69:
60:9a:e3:07:1d:10:95:b2:2f:e3:8b:2f:54:bd:8f:b4:eb:b9:
5b:1a:42:42:be:1e:10:bf:f3:c8:a8:38:1f:bd:a0:c6:26:01:
59:6e:79:d5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpwbj1LBuSWM1BqOAsHF+KjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1Njk5MzE2NDI0OTYwNzExYzJlOGVjYjUzNmJkZDAyYmM3
MjRmYWQwHhcNMjUxMTExMDEwMTA0WhcNMjUxMTEyMDEwMTA0WjAzMTEwLwYDVQQD
Eyg1YzQ5ZDFhYjNiOTgyNTBkNDNiMjQxNzc5MWUxOWUxNmE3MDg5ZDhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzvG0QISo5E2Po6B4A335Y9yMAXIX
0UrBLOxhwYxLR97wuGTfYz8s7eq1da/UGHAx0jzM257vpVUdSPvDbn3bfEaW2Kq/
LH96KM/hxI6Os1UnfS83f4BC4+mUrFYR9yzFPoIuUDL1coK8jUe72lWFr0hFus24
r/ZVU1WOiHTS5De0iFdSq6EBBMqdiDS20oOB6kS8N86GlWPLKIYPAbCPZp62lG0d
Wa3blKHaZfie3bHNhOpQ3tF6m5PV1qMdochF9eCL2j2uiAyg19N9yredHqV2wpz/
/fvx5OrmpFks0JlbkiCkdp/XFu5PaqZNUcvIxNBzXt9c3nceKHTiB4rb4wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFxJ0as7mCUNQ7JBd5HhnhanCJ2OMB8GA1UdIwQY
MBaAFJVpkxZCSWBxHC6Oy1Nr3QK8ck+tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFdtVEZrSkpZSEVjTG83TFUydmRBcnh5VDYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS8zMjBlZjktMzU0MS00MzIxLTgwZmYt
Zjg1YzYwYmUzNDBkLzEvbFdtVEZrSkpZSEVjTG83TFUydmRBcnh5VDYwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS8zMjBlZjktMzU0MS00MzIxLTgwZmYtZjg1YzYwYmUzNDBk
LzEvbFdtVEZrSkpZSEVjTG83TFUydmRBcnh5VDYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgGBm4Ymb
K175twZJX499jghytj+6jrU+neBrAVJetfY3c61nx+HnHY/txCLeuv3fe5fJD+cH
lDNbuICU+ClJiVvjUXU5n3nNXus2r/wksu6ai2KWnTbQOqel/rhKQvADGWWS9BYJ
wz+UUClmB/8fL6eVqY4q4Z99ZQNroNN2LoClcI4Nex8ah/kR2tJ8Kr1+JGtYc4X/
mwcYweagaL1VNGlui6E+Q2iZR89aNkbdDS+gSeJ1NO5EkJi8SdYAD0FkoEJoTDTh
rbTJf8BoY8F7rm/Ye1F3uyhpYJrjBx0QlbIv44svVL2PtOu5WxpCQr4eEL/zyKg4
H72gxiYBWW551Q==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:48:02 2025 by rpki-client