Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/14e920-14a7-41cf-bdd7-57786951b78f/1/Lg1AUXqHO33CrrKNDtai-ZOj100.mft
File: Lg1AUXqHO33CrrKNDtai-ZOj100.mft (raw, json)
Hash identifier: wFisB+vRwdn4e4FhYtTLqJJiG2MHybDuQAt7af65B/c=
Subject key identifier: BE:7A:28:8D:BD:3F:A2:B3:66:C0:4C:92:FC:70:3F:7D:3A:4E:6B:8B
Authority key identifier: 2E:0D:40:51:7A:87:3B:7D:C2:AE:B2:8D:0E:D6:A2:F9:93:A3:D7:4D
Certificate issuer: /CN=2e0d40517a873b7dc2aeb28d0ed6a2f993a3d74d
Certificate serial: 019A0F705EBBE0F823E335A3112657B30A33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Lg1AUXqHO33CrrKNDtai-ZOj100.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/14e920-14a7-41cf-bdd7-57786951b78f/1/Lg1AUXqHO33CrrKNDtai-ZOj100.mft
Manifest number: 13D2
Signing time: Thu 23 Oct 2025 05:00:13 +0000
Manifest this update: Thu 23 Oct 2025 05:00:13 +0000
Manifest next update: Fri 24 Oct 2025 05:00:13 +0000
Files and hashes: 1: Lg1AUXqHO33CrrKNDtai-ZOj100.crl (hash: qlSpOc6QQW9I1/NU8vgk96yBCO1RDx+JYfRByhribm4=)
2: g5xnqTmVEZ7ZlTEWt6r937lOqAI.roa (hash: W28IbFUf6cfPKtxTT1Bs+8ajjdC7s7Nv39N6DzwHNwU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/14e920-14a7-41cf-bdd7-57786951b78f/1/Lg1AUXqHO33CrrKNDtai-ZOj100.crl
rsync://rpki.ripe.net/repository/DEFAULT/38/14e920-14a7-41cf-bdd7-57786951b78f/1/Lg1AUXqHO33CrrKNDtai-ZOj100.mft
rsync://rpki.ripe.net/repository/DEFAULT/Lg1AUXqHO33CrrKNDtai-ZOj100.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 23 Oct 2025 22:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:0f:70:5e:bb:e0:f8:23:e3:35:a3:11:26:57:b3:0a:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e0d40517a873b7dc2aeb28d0ed6a2f993a3d74d
Validity
Not Before: Oct 23 05:00:13 2025 GMT
Not After : Oct 24 05:00:13 2025 GMT
Subject: CN=be7a288dbd3fa2b366c04c92fc703f7d3a4e6b8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:d3:d5:36:0b:77:59:aa:ed:4d:ab:15:2c:48:
ec:53:42:91:53:62:ef:f6:c6:a7:91:7c:1c:5d:5f:
3d:e7:b0:d8:53:6d:b0:bd:32:02:3b:d1:1f:d7:70:
af:5c:17:5f:14:ed:b8:5e:9b:a0:95:36:04:56:5e:
77:e5:ed:d8:da:82:ba:14:96:d5:c0:39:d4:a8:62:
d9:7a:9f:2c:33:17:9d:eb:30:5e:84:5c:3c:9c:83:
90:8f:d9:ad:5b:56:c1:9f:8b:fe:e3:3b:a1:ef:db:
50:64:71:aa:c3:8e:24:12:26:fe:17:12:ce:64:cb:
63:77:b7:3c:43:c9:c4:b5:41:f7:16:da:8f:0e:38:
d1:84:ee:93:b8:de:9d:d8:b5:ff:f7:d8:ae:8c:f5:
ae:06:68:71:bf:50:46:13:b2:09:87:96:5c:29:37:
ec:da:a0:93:13:1d:6d:6b:fb:fd:e8:3a:f0:4f:25:
cf:2a:b7:a0:7c:6a:37:e6:d0:aa:f1:ef:d2:02:fd:
62:46:79:a7:7b:7a:d0:b8:33:22:86:97:a0:a5:7a:
6f:33:b8:ea:93:ec:e1:b6:9a:fa:e9:02:1d:a8:b5:
56:8c:32:d6:71:04:99:7b:a0:f7:28:10:ec:32:2c:
ac:42:82:79:b8:59:a5:19:91:e3:2a:61:40:3c:6e:
f6:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:7A:28:8D:BD:3F:A2:B3:66:C0:4C:92:FC:70:3F:7D:3A:4E:6B:8B
X509v3 Authority Key Identifier:
keyid:2E:0D:40:51:7A:87:3B:7D:C2:AE:B2:8D:0E:D6:A2:F9:93:A3:D7:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Lg1AUXqHO33CrrKNDtai-ZOj100.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/14e920-14a7-41cf-bdd7-57786951b78f/1/Lg1AUXqHO33CrrKNDtai-ZOj100.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/14e920-14a7-41cf-bdd7-57786951b78f/1/Lg1AUXqHO33CrrKNDtai-ZOj100.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
af:53:28:34:73:89:91:f0:13:be:08:bd:f8:86:dd:33:ae:00:
10:f1:44:c4:78:65:fc:4d:2f:ec:dc:00:ed:17:0b:6c:84:96:
ca:09:dd:36:64:a7:0b:19:5e:36:ae:2d:c7:43:06:d5:a3:ec:
c5:d4:81:8d:65:bd:f4:39:ac:64:7a:e4:40:11:13:4c:92:28:
bc:81:a1:1a:be:b1:ae:44:e1:85:4e:52:7d:ab:9e:11:b0:94:
6d:fd:e6:fd:12:a5:79:c2:36:8a:e3:04:b9:3f:10:24:2b:91:
c4:c8:64:7f:90:15:b1:4c:c1:5d:f4:81:4b:1a:b9:b5:24:fe:
f2:2b:8c:52:45:20:50:d4:a3:4e:b4:68:24:ad:b9:aa:a7:37:
26:02:38:a5:cf:de:ce:7c:78:59:74:f7:cd:47:c7:4a:16:6b:
72:61:4d:db:c7:7d:c0:90:7e:8d:33:28:bd:9e:c8:c6:a8:12:
e4:9c:05:64:14:8c:86:01:46:a1:68:6f:4a:5f:a2:37:2d:31:
45:64:42:76:11:22:3b:9a:a8:61:c5:0f:1f:44:32:5f:be:ae:
5c:c2:5c:ec:a4:fc:12:35:79:de:47:24:ad:d1:f2:90:4e:9a:
45:0d:17:68:19:9e:c0:89:1c:b9:de:fe:ac:bc:78:19:32:53:
cc:49:3f:3c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoPcF674Pgj4zWjESZXswozMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlMGQ0MDUxN2E4NzNiN2RjMmFlYjI4ZDBlZDZhMmY5OTNh
M2Q3NGQwHhcNMjUxMDIzMDUwMDEzWhcNMjUxMDI0MDUwMDEzWjAzMTEwLwYDVQQD
EyhiZTdhMjg4ZGJkM2ZhMmIzNjZjMDRjOTJmYzcwM2Y3ZDNhNGU2YjhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxtPVNgt3WartTasVLEjsU0KRU2Lv
9sankXwcXV8957DYU22wvTICO9Ef13CvXBdfFO24XpuglTYEVl535e3Y2oK6FJbV
wDnUqGLZep8sMxed6zBehFw8nIOQj9mtW1bBn4v+4zuh79tQZHGqw44kEib+FxLO
ZMtjd7c8Q8nEtUH3FtqPDjjRhO6TuN6d2LX/99iujPWuBmhxv1BGE7IJh5ZcKTfs
2qCTEx1ta/v96DrwTyXPKregfGo35tCq8e/SAv1iRnmne3rQuDMihpegpXpvM7jq
k+zhtpr66QIdqLVWjDLWcQSZe6D3KBDsMiysQoJ5uFmlGZHjKmFAPG72SwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL56KI29P6KzZsBMkvxwP306TmuLMB8GA1UdIwQY
MBaAFC4NQFF6hzt9wq6yjQ7WovmTo9dNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGcxQVVYcUhPMzNDcnJLTkR0YWktWk9qMTAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8xNGU5MjAtMTRhNy00MWNmLWJkZDct
NTc3ODY5NTFiNzhmLzEvTGcxQVVYcUhPMzNDcnJLTkR0YWktWk9qMTAwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8xNGU5MjAtMTRhNy00MWNmLWJkZDctNTc3ODY5NTFiNzhm
LzEvTGcxQVVYcUhPMzNDcnJLTkR0YWktWk9qMTAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAr1MoNHOJ
kfATvgi9+IbdM64AEPFExHhl/E0v7NwA7RcLbISWygndNmSnCxleNq4tx0MG1aPs
xdSBjWW99DmsZHrkQBETTJIovIGhGr6xrkThhU5SfaueEbCUbf3m/RKlecI2iuME
uT8QJCuRxMhkf5AVsUzBXfSBSxq5tST+8iuMUkUgUNSjTrRoJK25qqc3JgI4pc/e
znx4WXT3zUfHShZrcmFN28d9wJB+jTMovZ7IxqgS5JwFZBSMhgFGoWhvSl+iNy0x
RWRCdhEiO5qoYcUPH0QyX76uXMJc7KT8EjV53kckrdHykE6aRQ0XaBmewIkcud7+
rLx4GTJTzEk/PA==
-----END CERTIFICATE-----
Generated at Thu Oct 23 07:23:39 2025 by rpki-client