Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/5557fc-7653-40a9-99c3-7ea9905c3fbd/1/lhzPqdAsvwWWDjovkHmFnM1urW0.mft
File: lhzPqdAsvwWWDjovkHmFnM1urW0.mft (raw, json)
Hash identifier: jW3ccodxQslAmHINmKi7XPguUzqvwiYUNfHMmOsyElE=
Subject key identifier: 52:B7:69:AB:02:C9:D8:26:F3:B6:7E:FD:A5:AA:D3:43:2E:F9:50:24
Authority key identifier: 96:1C:CF:A9:D0:2C:BF:05:96:0E:3A:2F:90:79:85:9C:CD:6E:AD:6D
Certificate issuer: /CN=961ccfa9d02cbf05960e3a2f9079859ccd6ead6d
Certificate serial: 019A725C97478062F68C7E29E54FE1D70286
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lhzPqdAsvwWWDjovkHmFnM1urW0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/5557fc-7653-40a9-99c3-7ea9905c3fbd/1/lhzPqdAsvwWWDjovkHmFnM1urW0.mft
Manifest number: 1720
Signing time: Tue 11 Nov 2025 10:01:01 +0000
Manifest this update: Tue 11 Nov 2025 10:01:01 +0000
Manifest next update: Wed 12 Nov 2025 10:01:01 +0000
Files and hashes: 1: lhzPqdAsvwWWDjovkHmFnM1urW0.crl (hash: e05OfEL60v/jaQ7MIaWVAk7QNT09tLqvzXmGQFR4e80=)
2: qTElxIuYhBq2Kr2moM3xQmQlUEA.roa (hash: 6HA56HJcMMODNW40FbLFvKXa1rIMDv54m0DX5YcNqN0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/5557fc-7653-40a9-99c3-7ea9905c3fbd/1/lhzPqdAsvwWWDjovkHmFnM1urW0.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/5557fc-7653-40a9-99c3-7ea9905c3fbd/1/lhzPqdAsvwWWDjovkHmFnM1urW0.mft
rsync://rpki.ripe.net/repository/DEFAULT/lhzPqdAsvwWWDjovkHmFnM1urW0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:5c:97:47:80:62:f6:8c:7e:29:e5:4f:e1:d7:02:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=961ccfa9d02cbf05960e3a2f9079859ccd6ead6d
Validity
Not Before: Nov 11 10:01:01 2025 GMT
Not After : Nov 12 10:01:01 2025 GMT
Subject: CN=52b769ab02c9d826f3b67efda5aad3432ef95024
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:a8:67:f1:40:d2:0b:d4:0c:c4:1b:d7:f4:46:
ae:aa:a3:b2:cc:8d:2a:b9:c5:1f:3d:91:7e:cf:8f:
95:d9:f7:cb:92:ee:16:f3:6a:14:e6:79:68:6d:55:
1f:90:4b:b1:7f:dd:81:e9:d8:cb:dc:a2:ca:be:45:
fa:38:6b:67:b8:40:b5:25:bd:d6:a6:7e:6e:18:2a:
47:56:13:4c:27:52:ca:b5:fb:14:41:dc:e7:b3:a0:
7b:5c:39:43:54:c4:9c:0d:45:4a:d1:b2:2a:c3:fb:
93:01:f7:32:a0:f5:a7:fb:a6:7d:0a:01:97:8f:eb:
80:6f:3e:93:96:42:7b:34:10:a8:47:ff:2a:d6:ab:
82:b7:44:10:2c:43:c6:92:7b:cf:61:32:d9:e0:46:
ec:0c:30:a3:b5:9c:4d:8b:d7:89:f7:a1:db:28:e7:
d0:c0:cb:73:01:52:a2:a8:65:c6:f3:0a:36:49:dd:
c5:aa:f8:99:50:e2:56:03:a4:b1:b8:51:5f:b0:4d:
5e:ab:0e:e5:20:41:6f:a5:f9:1a:d3:28:1b:c7:e2:
f5:c7:3e:d2:d8:74:bb:bb:ba:a2:3f:59:54:ca:9a:
92:ef:f9:08:b0:cf:00:38:3b:4a:3b:e1:eb:e6:97:
d9:26:9a:a5:5b:a9:c6:92:54:7f:d7:81:ee:85:30:
b5:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:B7:69:AB:02:C9:D8:26:F3:B6:7E:FD:A5:AA:D3:43:2E:F9:50:24
X509v3 Authority Key Identifier:
keyid:96:1C:CF:A9:D0:2C:BF:05:96:0E:3A:2F:90:79:85:9C:CD:6E:AD:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lhzPqdAsvwWWDjovkHmFnM1urW0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/5557fc-7653-40a9-99c3-7ea9905c3fbd/1/lhzPqdAsvwWWDjovkHmFnM1urW0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/5557fc-7653-40a9-99c3-7ea9905c3fbd/1/lhzPqdAsvwWWDjovkHmFnM1urW0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
26:00:2f:f1:55:50:20:20:8d:3c:23:c3:bf:46:94:1c:39:60:
c7:59:d8:85:14:35:77:7c:ef:1e:fe:6a:65:69:86:2f:f9:7c:
de:b3:2f:d1:87:3d:04:12:7c:50:4f:be:33:3f:12:20:e2:fd:
3b:7c:2e:5d:57:09:20:f0:5a:14:fc:36:1b:70:81:d9:0a:66:
8a:8b:6e:8c:68:92:1f:da:73:fa:5a:1f:7d:97:c3:9a:46:b5:
22:dd:a3:75:99:1b:37:37:fc:c5:f1:1a:7a:9f:ff:05:e9:31:
b0:a8:a9:db:43:1b:44:98:ba:4c:c7:61:60:29:2d:85:a6:95:
0a:db:39:37:79:d5:d8:b1:87:37:4c:a9:26:f8:d0:46:e7:e6:
ff:97:cc:4a:2a:40:27:b3:09:67:ee:f8:94:87:2f:04:63:e5:
64:25:50:1c:03:33:c4:32:2e:a7:17:f7:76:2b:9d:6e:88:ba:
52:3e:1f:3e:b7:ed:4c:61:f1:5c:9e:80:51:14:f1:9e:2c:67:
52:0f:21:b3:65:70:0d:fd:a5:1a:f9:8a:75:80:1d:22:ed:8e:
7a:20:b1:14:c7:60:b1:72:65:e3:1b:41:d4:c9:c0:fa:37:a4:
96:a8:42:f2:f8:4d:69:eb:b7:36:c9:57:b5:cd:ad:d2:32:d3:
7d:7b:9e:62
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXJdHgGL2jH4p5U/h1wKGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2MWNjZmE5ZDAyY2JmMDU5NjBlM2EyZjkwNzk4NTljY2Q2
ZWFkNmQwHhcNMjUxMTExMTAwMTAxWhcNMjUxMTEyMTAwMTAxWjAzMTEwLwYDVQQD
Eyg1MmI3NjlhYjAyYzlkODI2ZjNiNjdlZmRhNWFhZDM0MzJlZjk1MDI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp6hn8UDSC9QMxBvX9EauqqOyzI0q
ucUfPZF+z4+V2ffLku4W82oU5nlobVUfkEuxf92B6djL3KLKvkX6OGtnuEC1Jb3W
pn5uGCpHVhNMJ1LKtfsUQdzns6B7XDlDVMScDUVK0bIqw/uTAfcyoPWn+6Z9CgGX
j+uAbz6TlkJ7NBCoR/8q1quCt0QQLEPGknvPYTLZ4EbsDDCjtZxNi9eJ96HbKOfQ
wMtzAVKiqGXG8wo2Sd3FqviZUOJWA6SxuFFfsE1eqw7lIEFvpfka0ygbx+L1xz7S
2HS7u7qiP1lUypqS7/kIsM8AODtKO+Hr5pfZJpqlW6nGklR/14HuhTC13wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFK3aasCydgm87Z+/aWq00Mu+VAkMB8GA1UdIwQY
MBaAFJYcz6nQLL8Flg46L5B5hZzNbq1tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGh6UHFkQXN2d1dXRGpvdmtIbUZuTTF1clcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi81NTU3ZmMtNzY1My00MGE5LTk5YzMt
N2VhOTkwNWMzZmJkLzEvbGh6UHFkQXN2d1dXRGpvdmtIbUZuTTF1clcwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi81NTU3ZmMtNzY1My00MGE5LTk5YzMtN2VhOTkwNWMzZmJk
LzEvbGh6UHFkQXN2d1dXRGpvdmtIbUZuTTF1clcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJgAv8VVQ
ICCNPCPDv0aUHDlgx1nYhRQ1d3zvHv5qZWmGL/l83rMv0Yc9BBJ8UE++Mz8SIOL9
O3wuXVcJIPBaFPw2G3CB2QpmiotujGiSH9pz+loffZfDmka1It2jdZkbNzf8xfEa
ep//BekxsKip20MbRJi6TMdhYCkthaaVCts5N3nV2LGHN0ypJvjQRufm/5fMSipA
J7MJZ+74lIcvBGPlZCVQHAMzxDIupxf3diudboi6Uj4fPrftTGHxXJ6AURTxnixn
Ug8hs2VwDf2lGvmKdYAdIu2OeiCxFMdgsXJl4xtB1MnA+jeklqhC8vhNaeu3NslX
tc2t0jLTfXueYg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:26:52 2025 by rpki-client