Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/be730a-27e6-4136-b2c5-cae40384c6bf/1/LZKAom-DFWYViyYXyV0Z0zjuFdM.mft
File: LZKAom-DFWYViyYXyV0Z0zjuFdM.mft (raw, json)
Hash identifier: vfU1Caz90a0kl07MlD9dGO3XHUzMs72iUxBrlYnRDXg=
Subject key identifier: B1:47:6F:2D:68:2C:74:E3:B5:9B:EA:D6:B9:82:E5:B0:76:E7:81:69
Authority key identifier: 2D:92:80:A2:6F:83:15:66:15:8B:26:17:C9:5D:19:D3:38:EE:15:D3
Certificate issuer: /CN=2d9280a26f831566158b2617c95d19d338ee15d3
Certificate serial: 019A725C80C4CEBA63117AB2891A49734BD4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LZKAom-DFWYViyYXyV0Z0zjuFdM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/be730a-27e6-4136-b2c5-cae40384c6bf/1/LZKAom-DFWYViyYXyV0Z0zjuFdM.mft
Manifest number: 0434
Signing time: Tue 11 Nov 2025 10:00:56 +0000
Manifest this update: Tue 11 Nov 2025 10:00:56 +0000
Manifest next update: Wed 12 Nov 2025 10:00:56 +0000
Files and hashes: 1: LZKAom-DFWYViyYXyV0Z0zjuFdM.crl (hash: Xdy+ZLH1UrkA9/JZzRoXPNfPDJaYOAGHa6aKvq51Om0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/be730a-27e6-4136-b2c5-cae40384c6bf/1/LZKAom-DFWYViyYXyV0Z0zjuFdM.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/be730a-27e6-4136-b2c5-cae40384c6bf/1/LZKAom-DFWYViyYXyV0Z0zjuFdM.mft
rsync://rpki.ripe.net/repository/DEFAULT/LZKAom-DFWYViyYXyV0Z0zjuFdM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:5c:80:c4:ce:ba:63:11:7a:b2:89:1a:49:73:4b:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d9280a26f831566158b2617c95d19d338ee15d3
Validity
Not Before: Nov 11 10:00:56 2025 GMT
Not After : Nov 12 10:00:56 2025 GMT
Subject: CN=b1476f2d682c74e3b59bead6b982e5b076e78169
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:17:d7:dc:2c:e2:2d:e8:ce:35:68:f8:f4:c7:
40:d7:7f:4a:8f:5a:f8:95:84:e3:cd:41:e1:a7:02:
d6:e9:7a:20:36:55:e6:3e:49:84:2b:3c:6e:fc:e7:
6a:bf:d2:33:5f:00:bf:44:98:13:34:78:bc:ce:de:
b3:4e:31:af:c3:fb:55:67:c0:b0:5e:4f:ee:6e:b5:
b5:21:37:46:e7:0d:57:6d:6a:2a:43:d1:7a:ba:5e:
5f:13:1a:e6:e7:1e:af:6b:f0:f4:36:48:09:fe:05:
1e:6f:1a:ff:22:b5:ee:f2:4d:2a:25:4c:85:66:68:
8e:a6:91:b9:fd:1a:6c:ba:31:31:b8:3f:23:d7:1c:
be:36:05:de:48:a9:a7:34:a8:bd:d3:77:22:6c:76:
d1:89:b4:fd:96:57:46:20:13:06:f0:df:ca:ef:a7:
aa:9c:c5:0e:55:6b:c4:1c:35:f4:ce:5b:bf:c4:ab:
4c:75:2c:9d:30:ab:2e:2f:bc:67:3b:6a:d6:c1:47:
d9:6f:56:47:69:c6:3f:bc:ed:c4:00:ca:e0:7f:cd:
26:12:f2:b8:af:29:15:ff:b5:fb:88:f7:f4:20:c7:
07:f9:46:f0:2a:d0:39:01:b9:5f:28:65:5f:79:67:
54:0a:4c:0b:60:ec:ad:38:54:62:c9:28:54:32:de:
3b:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:47:6F:2D:68:2C:74:E3:B5:9B:EA:D6:B9:82:E5:B0:76:E7:81:69
X509v3 Authority Key Identifier:
keyid:2D:92:80:A2:6F:83:15:66:15:8B:26:17:C9:5D:19:D3:38:EE:15:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LZKAom-DFWYViyYXyV0Z0zjuFdM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/be730a-27e6-4136-b2c5-cae40384c6bf/1/LZKAom-DFWYViyYXyV0Z0zjuFdM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/be730a-27e6-4136-b2c5-cae40384c6bf/1/LZKAom-DFWYViyYXyV0Z0zjuFdM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6f:18:3d:d6:45:e0:d1:91:d7:0c:c8:43:31:08:b4:ff:7a:95:
8b:b0:1a:9b:72:9d:97:bd:65:52:75:5b:e8:98:ab:7d:a1:12:
42:e0:27:ac:14:5e:e6:95:7e:d4:9b:0c:ed:25:c4:8a:16:49:
40:1c:37:42:a6:f3:21:eb:0b:d7:7c:4c:9b:c1:d2:27:56:9f:
74:d6:78:39:5c:e4:30:d1:0b:f5:73:dc:85:e0:49:6f:77:1c:
37:2c:1e:11:37:38:53:7d:58:c2:43:a7:95:9d:0c:75:ef:2d:
d6:8d:b2:0b:4d:13:ed:67:d4:58:c0:a0:50:be:90:c5:cd:56:
28:81:de:db:48:3c:15:9f:c5:d7:5d:42:e3:ec:83:95:a4:71:
ba:de:ea:6e:29:d1:48:e9:9e:72:6a:ea:29:a1:a1:26:42:34:
72:6d:c1:32:59:3f:77:0a:f5:e4:ee:7c:b6:15:4d:97:4f:da:
a1:21:f7:f3:1f:57:9b:3a:9d:44:02:8e:b2:a4:c8:45:0d:04:
01:1a:60:68:bb:3c:f0:b3:5b:90:4c:77:76:f4:c2:d3:1c:1f:
a5:82:77:a5:2b:b5:2d:cf:40:cc:38:17:52:a5:21:a5:f6:38:
45:14:a1:f9:e7:88:2d:bc:02:72:12:6d:80:9a:72:0d:4a:c9:
09:06:03:17
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXIDEzrpjEXqyiRpJc0vUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkOTI4MGEyNmY4MzE1NjYxNThiMjYxN2M5NWQxOWQzMzhl
ZTE1ZDMwHhcNMjUxMTExMTAwMDU2WhcNMjUxMTEyMTAwMDU2WjAzMTEwLwYDVQQD
EyhiMTQ3NmYyZDY4MmM3NGUzYjU5YmVhZDZiOTgyZTViMDc2ZTc4MTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArBfX3CziLejONWj49MdA139Kj1r4
lYTjzUHhpwLW6XogNlXmPkmEKzxu/Odqv9IzXwC/RJgTNHi8zt6zTjGvw/tVZ8Cw
Xk/ubrW1ITdG5w1XbWoqQ9F6ul5fExrm5x6va/D0NkgJ/gUebxr/IrXu8k0qJUyF
ZmiOppG5/RpsujExuD8j1xy+NgXeSKmnNKi903cibHbRibT9lldGIBMG8N/K76eq
nMUOVWvEHDX0zlu/xKtMdSydMKsuL7xnO2rWwUfZb1ZHacY/vO3EAMrgf80mEvK4
rykV/7X7iPf0IMcH+UbwKtA5AblfKGVfeWdUCkwLYOytOFRiyShUMt47jwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLFHby1oLHTjtZvq1rmC5bB254FpMB8GA1UdIwQY
MBaAFC2SgKJvgxVmFYsmF8ldGdM47hXTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFpLQW9tLURGV1lWaXlZWHlWMFowemp1RmRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny9iZTczMGEtMjdlNi00MTM2LWIyYzUt
Y2FlNDAzODRjNmJmLzEvTFpLQW9tLURGV1lWaXlZWHlWMFowemp1RmRNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny9iZTczMGEtMjdlNi00MTM2LWIyYzUtY2FlNDAzODRjNmJm
LzEvTFpLQW9tLURGV1lWaXlZWHlWMFowemp1RmRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbxg91kXg
0ZHXDMhDMQi0/3qVi7Aam3Kdl71lUnVb6JirfaESQuAnrBRe5pV+1JsM7SXEihZJ
QBw3QqbzIesL13xMm8HSJ1afdNZ4OVzkMNEL9XPcheBJb3ccNyweETc4U31YwkOn
lZ0Mde8t1o2yC00T7WfUWMCgUL6Qxc1WKIHe20g8FZ/F111C4+yDlaRxut7qbinR
SOmecmrqKaGhJkI0cm3BMlk/dwr15O58thVNl0/aoSH38x9XmzqdRAKOsqTIRQ0E
ARpgaLs88LNbkEx3dvTC0xwfpYJ3pSu1Lc9AzDgXUqUhpfY4RRSh+eeILbwCchJt
gJpyDUrJCQYDFw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:45:36 2025 by rpki-client