Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/c47b46-ccdc-4b5e-862e-bddff197c29d/1/lris-hevk77b78b-tGiPmGBLiq4.mft
File: lris-hevk77b78b-tGiPmGBLiq4.mft (raw, json)
Hash identifier: kRRzThQrZcpagUb8qzDAiMvDU0OeXwHoQYgzBcr7DVI=
Subject key identifier: 5F:E7:6A:F3:88:57:EA:84:F6:51:5C:E5:D8:90:26:4D:FB:AD:39:9F
Authority key identifier: 96:B8:AC:FA:17:AF:93:BE:DB:EF:C6:FE:B4:68:8F:98:60:4B:8A:AE
Certificate issuer: /CN=96b8acfa17af93bedbefc6feb4688f98604b8aae
Certificate serial: 01974E206228F143EAE3CDFAB85F10B3F3ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lris-hevk77b78b-tGiPmGBLiq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/c47b46-ccdc-4b5e-862e-bddff197c29d/1/lris-hevk77b78b-tGiPmGBLiq4.mft
Manifest number: 100A
Signing time: Sun 08 Jun 2025 06:00:34 +0000
Manifest this update: Sun 08 Jun 2025 06:00:34 +0000
Manifest next update: Mon 09 Jun 2025 06:00:34 +0000
Files and hashes: 1: lCUgvhyBp0UKbHxKxUYkrgGL2EY.roa (hash: kCJqfKEC/8AcT5Dn8+T0849c1Ido/6VgqldxnSwXqNg=)
2: lris-hevk77b78b-tGiPmGBLiq4.crl (hash: 77yq+ITjIbK3vCTvE1JQIWCZHlzqryO6Vx9ilPtLeLc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/83/c47b46-ccdc-4b5e-862e-bddff197c29d/1/lris-hevk77b78b-tGiPmGBLiq4.crl
rsync://rpki.ripe.net/repository/DEFAULT/83/c47b46-ccdc-4b5e-862e-bddff197c29d/1/lris-hevk77b78b-tGiPmGBLiq4.mft
rsync://rpki.ripe.net/repository/DEFAULT/lris-hevk77b78b-tGiPmGBLiq4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 06:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:4e:20:62:28:f1:43:ea:e3:cd:fa:b8:5f:10:b3:f3:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=96b8acfa17af93bedbefc6feb4688f98604b8aae
Validity
Not Before: Jun 8 06:00:34 2025 GMT
Not After : Jun 9 06:00:34 2025 GMT
Subject: CN=5fe76af38857ea84f6515ce5d890264dfbad399f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:f2:ec:48:d2:ae:64:44:7d:64:0d:f6:b3:e3:
24:91:98:05:0c:3e:30:ac:e8:13:2e:42:db:3c:a8:
09:af:e7:b9:2a:b1:50:4d:11:ed:ce:38:c4:29:aa:
fb:24:5c:24:c7:d6:3c:a4:42:1b:53:99:a9:a1:83:
2d:8c:9b:83:50:3b:fa:65:12:87:48:7d:21:75:0f:
25:ee:50:ca:a4:f5:da:0b:e2:73:43:4e:f4:31:9e:
33:24:13:7e:9a:cf:ed:be:6c:d6:40:68:d0:43:c3:
c2:7e:02:f8:43:fb:8e:d0:5f:6f:ec:56:25:03:29:
95:80:e2:ef:c0:0b:f0:7a:84:d4:9d:df:9f:3d:f9:
7f:a8:d9:f3:c5:49:ff:5c:85:5f:86:18:ce:30:b4:
a6:d4:79:a8:8e:80:50:c5:45:4d:75:12:89:24:2f:
50:e0:01:56:99:ee:c8:20:0b:46:92:d1:39:ce:a6:
9a:3f:6a:5a:0b:b5:b5:76:5f:bb:66:4e:a8:40:e7:
32:ff:88:5e:d9:cd:e5:09:7a:cc:e9:8f:2c:e2:76:
01:26:21:f7:68:c5:3d:c1:4b:cc:51:af:e6:8d:22:
e7:df:01:a4:0c:c9:f9:a1:e9:dd:e4:39:37:47:c2:
b0:b1:a0:69:92:6c:c6:65:4a:e4:db:b4:d0:53:27:
49:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:E7:6A:F3:88:57:EA:84:F6:51:5C:E5:D8:90:26:4D:FB:AD:39:9F
X509v3 Authority Key Identifier:
keyid:96:B8:AC:FA:17:AF:93:BE:DB:EF:C6:FE:B4:68:8F:98:60:4B:8A:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lris-hevk77b78b-tGiPmGBLiq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/c47b46-ccdc-4b5e-862e-bddff197c29d/1/lris-hevk77b78b-tGiPmGBLiq4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/c47b46-ccdc-4b5e-862e-bddff197c29d/1/lris-hevk77b78b-tGiPmGBLiq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
53:fb:78:c6:f5:23:bd:ad:63:1b:9e:b3:7e:b2:6a:99:1f:ee:
8f:6f:e8:d8:5e:d6:77:12:ea:54:c5:fb:7b:e6:d1:c2:f0:4c:
39:36:1e:6f:80:22:cb:08:c4:c9:79:84:91:fa:be:92:f1:e9:
c9:01:32:9a:24:d8:48:67:7c:84:27:36:2c:c5:5c:5f:f0:78:
a1:ee:92:9b:25:dd:37:34:b9:8d:3a:7d:cc:6e:28:23:17:56:
69:7e:a1:17:dd:fd:51:64:03:80:03:3c:3c:84:e1:24:a9:9f:
3a:ab:9e:1a:d1:44:aa:de:03:60:ea:79:d4:2f:eb:7f:b9:83:
f2:1a:bd:7c:ef:b4:b4:12:2b:9f:a7:54:f2:81:84:f9:08:a9:
35:6f:12:a3:51:a7:78:cc:39:0d:fd:e7:5b:24:e8:33:c2:81:
0e:45:04:0a:96:fb:9f:a7:a4:63:15:a2:1c:2c:e3:a9:e7:97:
ec:49:be:4e:d5:93:9c:98:ae:d4:14:80:13:9a:48:12:e8:ef:
2a:fc:bd:6c:8b:e1:72:af:52:27:a6:e4:b3:eb:74:d8:c5:8b:
5a:8b:8f:79:9f:4d:31:ed:86:41:5f:89:a0:2b:42:dd:b6:96:
ff:9b:3a:09:86:83:43:90:a7:37:4b:94:dd:44:a6:23:a8:12:
6c:01:c7:17
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdOIGIo8UPq4836uF8Qs/PtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2YjhhY2ZhMTdhZjkzYmVkYmVmYzZmZWI0Njg4Zjk4NjA0
YjhhYWUwHhcNMjUwNjA4MDYwMDM0WhcNMjUwNjA5MDYwMDM0WjAzMTEwLwYDVQQD
Eyg1ZmU3NmFmMzg4NTdlYTg0ZjY1MTVjZTVkODkwMjY0ZGZiYWQzOTlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1/LsSNKuZER9ZA32s+MkkZgFDD4w
rOgTLkLbPKgJr+e5KrFQTRHtzjjEKar7JFwkx9Y8pEIbU5mpoYMtjJuDUDv6ZRKH
SH0hdQ8l7lDKpPXaC+JzQ070MZ4zJBN+ms/tvmzWQGjQQ8PCfgL4Q/uO0F9v7FYl
AymVgOLvwAvweoTUnd+fPfl/qNnzxUn/XIVfhhjOMLSm1HmojoBQxUVNdRKJJC9Q
4AFWme7IIAtGktE5zqaaP2paC7W1dl+7Zk6oQOcy/4he2c3lCXrM6Y8s4nYBJiH3
aMU9wUvMUa/mjSLn3wGkDMn5oend5Dk3R8KwsaBpkmzGZUrk27TQUydJZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF/navOIV+qE9lFc5diQJk37rTmfMB8GA1UdIwQY
MBaAFJa4rPoXr5O+2+/G/rRoj5hgS4quMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHJpcy1oZXZrNzdiNzhiLXRHaVBtR0JMaXE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My9jNDdiNDYtY2NkYy00YjVlLTg2MmUt
YmRkZmYxOTdjMjlkLzEvbHJpcy1oZXZrNzdiNzhiLXRHaVBtR0JMaXE0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My9jNDdiNDYtY2NkYy00YjVlLTg2MmUtYmRkZmYxOTdjMjlk
LzEvbHJpcy1oZXZrNzdiNzhiLXRHaVBtR0JMaXE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAU/t4xvUj
va1jG56zfrJqmR/uj2/o2F7WdxLqVMX7e+bRwvBMOTYeb4AiywjEyXmEkfq+kvHp
yQEymiTYSGd8hCc2LMVcX/B4oe6SmyXdNzS5jTp9zG4oIxdWaX6hF939UWQDgAM8
PIThJKmfOqueGtFEqt4DYOp51C/rf7mD8hq9fO+0tBIrn6dU8oGE+QipNW8So1Gn
eMw5Df3nWyToM8KBDkUECpb7n6ekYxWiHCzjqeeX7Em+TtWTnJiu1BSAE5pIEujv
Kvy9bIvhcq9SJ6bks+t02MWLWouPeZ9NMe2GQV+JoCtC3baW/5s6CYaDQ5CnN0uU
3USmI6gSbAHHFw==
-----END CERTIFICATE-----
Generated at Sun Jun 8 16:25:52 2025 by rpki-client