Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/c47b46-ccdc-4b5e-862e-bddff197c29d/1/lris-hevk77b78b-tGiPmGBLiq4.mft
File: lris-hevk77b78b-tGiPmGBLiq4.mft (raw, json)
Hash identifier: IXPYyiBFBAGanDNQpDPQ9QSrnASFcmgi17iAhCrDNgs=
Subject key identifier: D1:1A:AD:F9:0A:A1:0B:5C:96:7A:E7:C7:20:63:DB:47:2A:02:B6:36
Authority key identifier: 96:B8:AC:FA:17:AF:93:BE:DB:EF:C6:FE:B4:68:8F:98:60:4B:8A:AE
Certificate issuer: /CN=96b8acfa17af93bedbefc6feb4688f98604b8aae
Certificate serial: 019A71B91F6710EE919FAF9760EC30B3F7B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lris-hevk77b78b-tGiPmGBLiq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/c47b46-ccdc-4b5e-862e-bddff197c29d/1/lris-hevk77b78b-tGiPmGBLiq4.mft
Manifest number: 11AA
Signing time: Tue 11 Nov 2025 07:02:28 +0000
Manifest this update: Tue 11 Nov 2025 07:02:28 +0000
Manifest next update: Wed 12 Nov 2025 07:02:28 +0000
Files and hashes: 1: lCUgvhyBp0UKbHxKxUYkrgGL2EY.roa (hash: kCJqfKEC/8AcT5Dn8+T0849c1Ido/6VgqldxnSwXqNg=)
2: lris-hevk77b78b-tGiPmGBLiq4.crl (hash: kSt+2uTo/mlD9jsngXez8lk5X2K04iDGdfnsOtui0Xw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/83/c47b46-ccdc-4b5e-862e-bddff197c29d/1/lris-hevk77b78b-tGiPmGBLiq4.crl
rsync://rpki.ripe.net/repository/DEFAULT/83/c47b46-ccdc-4b5e-862e-bddff197c29d/1/lris-hevk77b78b-tGiPmGBLiq4.mft
rsync://rpki.ripe.net/repository/DEFAULT/lris-hevk77b78b-tGiPmGBLiq4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:02:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b9:1f:67:10:ee:91:9f:af:97:60:ec:30:b3:f7:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=96b8acfa17af93bedbefc6feb4688f98604b8aae
Validity
Not Before: Nov 11 07:02:28 2025 GMT
Not After : Nov 12 07:02:28 2025 GMT
Subject: CN=d11aadf90aa10b5c967ae7c72063db472a02b636
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:50:46:1d:ac:ea:3a:10:1f:7c:17:b0:9c:08:
64:2b:f6:d8:79:d8:16:c5:c5:55:47:1d:bb:d9:bc:
33:71:d8:ee:70:1a:f0:48:3e:ca:0c:bc:91:35:1d:
da:d0:d4:a2:92:e4:0e:f9:72:60:99:f0:40:5d:70:
22:c4:73:16:db:50:4d:f9:fb:7e:5c:32:22:2a:39:
10:81:82:a4:83:94:b7:7e:84:f9:2b:60:0a:b8:1b:
66:1e:88:90:69:96:1a:d2:39:cc:5b:39:ce:35:21:
1a:80:be:6d:46:31:c5:da:6e:b1:21:31:4b:ea:44:
ba:ad:62:f8:fb:92:12:61:04:f5:96:b4:a6:fa:88:
60:b6:50:3b:50:a4:c2:83:a0:5a:30:f8:b8:54:a9:
b0:ff:a4:a0:c5:0b:da:4a:5e:4e:f0:52:81:35:b2:
5b:56:d2:54:4b:a9:80:ed:74:dc:41:3b:31:24:db:
4a:99:4b:13:c2:fd:cf:6a:a6:7b:64:92:59:4f:a1:
92:5f:f6:e0:25:6f:53:c0:65:29:ac:f3:26:94:4e:
11:e5:60:79:21:17:3d:12:26:bf:9b:f9:9a:76:8c:
68:5e:1d:fe:ac:a2:1d:c3:ba:0f:9b:83:e1:5f:99:
e4:47:f5:d3:46:c6:59:e3:22:42:f3:f6:09:c5:ab:
43:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:1A:AD:F9:0A:A1:0B:5C:96:7A:E7:C7:20:63:DB:47:2A:02:B6:36
X509v3 Authority Key Identifier:
keyid:96:B8:AC:FA:17:AF:93:BE:DB:EF:C6:FE:B4:68:8F:98:60:4B:8A:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lris-hevk77b78b-tGiPmGBLiq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/c47b46-ccdc-4b5e-862e-bddff197c29d/1/lris-hevk77b78b-tGiPmGBLiq4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/c47b46-ccdc-4b5e-862e-bddff197c29d/1/lris-hevk77b78b-tGiPmGBLiq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1b:ed:15:d1:ce:64:c3:e3:ac:87:6a:e1:41:6c:64:fd:fa:b9:
df:a3:f1:bc:a3:2e:fe:99:ad:ee:7e:93:21:7d:d6:51:75:40:
2c:29:88:7e:75:56:b7:a7:eb:e4:c1:31:d1:06:cd:35:a0:22:
23:e0:e1:a9:4d:b2:fe:a0:26:a4:79:59:f7:63:b9:58:e6:d8:
2b:21:6b:ca:dc:6c:e4:37:d8:f6:76:1f:a8:95:33:76:ab:d4:
78:9b:7b:b5:3e:b9:62:c0:4b:07:3d:18:22:70:00:f1:12:f9:
d8:a6:b1:46:52:37:e5:60:2e:51:d6:ce:27:47:65:b8:b4:f5:
19:26:e4:9e:ef:bd:93:4f:b6:1f:de:fb:f0:8d:3e:eb:5f:1d:
7e:71:7c:59:c4:b3:96:8b:de:cd:cb:8c:5c:bb:7a:cb:a8:7d:
88:e7:2f:77:a1:85:c5:c7:9a:7e:a3:d4:12:ec:46:88:0c:51:
e3:29:f3:1c:9e:6b:87:7d:3c:0b:f7:ad:07:51:cc:06:ce:e0:
25:7a:ac:13:22:f5:c3:8a:71:18:a4:2d:c3:08:3c:00:e1:fe:
73:1f:9e:94:94:f0:8a:6b:fa:73:58:40:11:86:6e:2e:3d:b1:
25:c2:34:6d:0f:b2:b3:ac:5a:d5:4a:9a:76:5f:f0:90:12:a9:
32:dd:80:b6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuR9nEO6Rn6+XYOwws/e0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2YjhhY2ZhMTdhZjkzYmVkYmVmYzZmZWI0Njg4Zjk4NjA0
YjhhYWUwHhcNMjUxMTExMDcwMjI4WhcNMjUxMTEyMDcwMjI4WjAzMTEwLwYDVQQD
EyhkMTFhYWRmOTBhYTEwYjVjOTY3YWU3YzcyMDYzZGI0NzJhMDJiNjM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5FBGHazqOhAffBewnAhkK/bYedgW
xcVVRx272bwzcdjucBrwSD7KDLyRNR3a0NSikuQO+XJgmfBAXXAixHMW21BN+ft+
XDIiKjkQgYKkg5S3foT5K2AKuBtmHoiQaZYa0jnMWznONSEagL5tRjHF2m6xITFL
6kS6rWL4+5ISYQT1lrSm+ohgtlA7UKTCg6BaMPi4VKmw/6SgxQvaSl5O8FKBNbJb
VtJUS6mA7XTcQTsxJNtKmUsTwv3PaqZ7ZJJZT6GSX/bgJW9TwGUprPMmlE4R5WB5
IRc9Eia/m/madoxoXh3+rKIdw7oPm4PhX5nkR/XTRsZZ4yJC8/YJxatDJQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNEarfkKoQtclnrnxyBj20cqArY2MB8GA1UdIwQY
MBaAFJa4rPoXr5O+2+/G/rRoj5hgS4quMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHJpcy1oZXZrNzdiNzhiLXRHaVBtR0JMaXE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My9jNDdiNDYtY2NkYy00YjVlLTg2MmUt
YmRkZmYxOTdjMjlkLzEvbHJpcy1oZXZrNzdiNzhiLXRHaVBtR0JMaXE0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My9jNDdiNDYtY2NkYy00YjVlLTg2MmUtYmRkZmYxOTdjMjlk
LzEvbHJpcy1oZXZrNzdiNzhiLXRHaVBtR0JMaXE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAG+0V0c5k
w+Osh2rhQWxk/fq536PxvKMu/pmt7n6TIX3WUXVALCmIfnVWt6fr5MEx0QbNNaAi
I+DhqU2y/qAmpHlZ92O5WObYKyFrytxs5DfY9nYfqJUzdqvUeJt7tT65YsBLBz0Y
InAA8RL52KaxRlI35WAuUdbOJ0dluLT1GSbknu+9k0+2H9778I0+618dfnF8WcSz
lovezcuMXLt6y6h9iOcvd6GFxceafqPUEuxGiAxR4ynzHJ5rh308C/etB1HMBs7g
JXqsEyL1w4pxGKQtwwg8AOH+cx+elJTwimv6c1hAEYZuLj2xJcI0bQ+ys6xa1Uqa
dl/wkBKpMt2Atg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:04:43 2025 by rpki-client