Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/ccd96e-133e-45b7-88b7-e2ae055eced1/1/Lfh3mjyC8A_BRDXufY0LjW3YIE4.mft
File: Lfh3mjyC8A_BRDXufY0LjW3YIE4.mft (raw, json)
Hash identifier: Q4XBf+srjis+lLv88LRhzbZXJx+KUhhm9m2Zhta/lEI=
Subject key identifier: AD:07:77:CD:A2:9E:B0:B7:3F:18:44:DA:D8:94:4C:6C:CB:FF:D1:68
Authority key identifier: 2D:F8:77:9A:3C:82:F0:0F:C1:44:35:EE:7D:8D:0B:8D:6D:D8:20:4E
Certificate issuer: /CN=2df8779a3c82f00fc14435ee7d8d0b8d6dd8204e
Certificate serial: 019A240A4B959B53581471EFF7D09777C2CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Lfh3mjyC8A_BRDXufY0LjW3YIE4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/ccd96e-133e-45b7-88b7-e2ae055eced1/1/Lfh3mjyC8A_BRDXufY0LjW3YIE4.mft
Manifest number: 16FA
Signing time: Mon 27 Oct 2025 05:00:45 +0000
Manifest this update: Mon 27 Oct 2025 05:00:45 +0000
Manifest next update: Tue 28 Oct 2025 05:00:45 +0000
Files and hashes: 1: LDfn0M5v99IHnOQFUNXp12Nf90k.roa (hash: do0pH7tAz4W21wYBRY5jEznU82Zdd3DteyiFEbjbCqA=)
2: Lfh3mjyC8A_BRDXufY0LjW3YIE4.crl (hash: iVoU/Xs8z60olAkqQitzP+IwLCSYLX/WSMfEt5V67B0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a9/ccd96e-133e-45b7-88b7-e2ae055eced1/1/Lfh3mjyC8A_BRDXufY0LjW3YIE4.crl
rsync://rpki.ripe.net/repository/DEFAULT/a9/ccd96e-133e-45b7-88b7-e2ae055eced1/1/Lfh3mjyC8A_BRDXufY0LjW3YIE4.mft
rsync://rpki.ripe.net/repository/DEFAULT/Lfh3mjyC8A_BRDXufY0LjW3YIE4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 27 Oct 2025 23:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:24:0a:4b:95:9b:53:58:14:71:ef:f7:d0:97:77:c2:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2df8779a3c82f00fc14435ee7d8d0b8d6dd8204e
Validity
Not Before: Oct 27 05:00:45 2025 GMT
Not After : Oct 28 05:00:45 2025 GMT
Subject: CN=ad0777cda29eb0b73f1844dad8944c6ccbffd168
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:e8:94:e2:9d:6a:3b:9e:22:5d:84:e1:a4:e5:
f1:74:8b:c1:c7:c9:84:97:6e:fc:1f:a9:da:ee:55:
dd:25:ee:5c:e7:3f:c2:0c:98:ab:80:44:43:7d:76:
c7:40:4c:46:4f:f8:0f:52:25:4b:57:d7:b7:39:8f:
cf:22:6e:64:0c:40:03:f7:0b:66:e0:4d:92:ab:cd:
eb:0b:aa:dc:a1:e5:0a:3f:41:16:0a:40:ed:81:1b:
dc:a1:da:a4:04:cd:0b:b2:ed:e2:0e:60:91:3e:1e:
30:47:d3:a7:e3:55:82:cf:b7:52:e1:bb:19:e0:16:
ef:c3:67:74:ca:db:b1:64:43:de:7d:56:70:b6:27:
80:ab:57:01:67:e9:d6:31:e3:d3:9e:b3:8b:88:ec:
f6:49:b1:e5:12:3e:f9:e9:02:f5:8e:2a:b7:5d:3a:
9b:88:23:d1:86:68:14:40:10:f8:ee:1f:30:97:43:
05:e3:a1:5e:27:1a:ed:cf:1e:a6:a9:64:a8:04:b9:
98:3b:26:fb:94:0d:c2:da:90:61:51:a2:ee:a7:c1:
83:2a:53:50:9e:c8:d3:7a:fa:b8:ee:b9:ea:02:4e:
0d:ad:a7:f3:b1:2d:e7:be:4b:ef:d0:19:97:b1:e3:
03:b0:8d:95:9d:33:13:c0:59:f0:f9:e6:1f:e2:c1:
e5:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:07:77:CD:A2:9E:B0:B7:3F:18:44:DA:D8:94:4C:6C:CB:FF:D1:68
X509v3 Authority Key Identifier:
keyid:2D:F8:77:9A:3C:82:F0:0F:C1:44:35:EE:7D:8D:0B:8D:6D:D8:20:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Lfh3mjyC8A_BRDXufY0LjW3YIE4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/ccd96e-133e-45b7-88b7-e2ae055eced1/1/Lfh3mjyC8A_BRDXufY0LjW3YIE4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/ccd96e-133e-45b7-88b7-e2ae055eced1/1/Lfh3mjyC8A_BRDXufY0LjW3YIE4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7b:6b:cb:47:a9:d2:f3:3b:e1:86:f0:57:6a:33:35:79:6b:7f:
56:9c:b4:4f:87:24:a9:9a:7f:26:42:65:0b:be:a0:9c:51:01:
1a:01:0e:44:3a:a7:ee:df:4a:79:9b:a9:e0:75:db:3a:73:79:
9f:b8:59:e4:17:3f:47:61:02:a0:cc:b6:fe:41:44:b4:d8:3a:
74:cc:58:19:4e:ba:a1:df:b4:41:38:9b:b8:11:8a:bc:f0:51:
b1:64:f5:d0:a4:6f:f7:c9:eb:25:a6:a0:f8:b9:95:2f:16:ec:
5f:3a:17:cb:54:10:48:0b:12:6c:be:40:55:af:c7:2d:63:da:
20:0c:ec:95:45:71:28:62:42:3c:94:0e:7f:ce:3c:4c:fa:d1:
70:ed:33:5e:c1:e0:11:92:0f:e8:93:d2:ba:8b:2c:8c:32:5b:
c1:4b:1d:35:98:aa:ab:ad:fe:8b:1f:32:2c:c6:c8:1a:59:e0:
22:ae:1d:67:26:b9:20:49:e4:79:53:8f:96:36:47:d9:62:a1:
9c:d7:b7:0d:d0:8d:57:e7:79:5a:bd:01:bc:80:ff:a5:bb:6c:
9d:70:37:02:23:85:41:8a:ef:8d:11:3b:ed:48:a4:ed:dd:41:
06:d9:0f:91:b6:24:40:60:34:ad:0e:b3:23:a5:b4:76:06:6e:
92:05:52:94
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZokCkuVm1NYFHHv99CXd8LMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkZjg3NzlhM2M4MmYwMGZjMTQ0MzVlZTdkOGQwYjhkNmRk
ODIwNGUwHhcNMjUxMDI3MDUwMDQ1WhcNMjUxMDI4MDUwMDQ1WjAzMTEwLwYDVQQD
EyhhZDA3NzdjZGEyOWViMGI3M2YxODQ0ZGFkODk0NGM2Y2NiZmZkMTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApuiU4p1qO54iXYThpOXxdIvBx8mE
l278H6na7lXdJe5c5z/CDJirgERDfXbHQExGT/gPUiVLV9e3OY/PIm5kDEAD9wtm
4E2Sq83rC6rcoeUKP0EWCkDtgRvcodqkBM0Lsu3iDmCRPh4wR9On41WCz7dS4bsZ
4Bbvw2d0ytuxZEPefVZwtieAq1cBZ+nWMePTnrOLiOz2SbHlEj756QL1jiq3XTqb
iCPRhmgUQBD47h8wl0MF46FeJxrtzx6mqWSoBLmYOyb7lA3C2pBhUaLup8GDKlNQ
nsjTevq47rnqAk4NrafzsS3nvkvv0BmXseMDsI2VnTMTwFnw+eYf4sHlwwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK0Hd82inrC3PxhE2tiUTGzL/9FoMB8GA1UdIwQY
MBaAFC34d5o8gvAPwUQ17n2NC41t2CBOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGZoM21qeUM4QV9CUkRYdWZZMExqVzNZSUU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9jY2Q5NmUtMTMzZS00NWI3LTg4Yjct
ZTJhZTA1NWVjZWQxLzEvTGZoM21qeUM4QV9CUkRYdWZZMExqVzNZSUU0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS9jY2Q5NmUtMTMzZS00NWI3LTg4YjctZTJhZTA1NWVjZWQx
LzEvTGZoM21qeUM4QV9CUkRYdWZZMExqVzNZSUU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAe2vLR6nS
8zvhhvBXajM1eWt/Vpy0T4ckqZp/JkJlC76gnFEBGgEORDqn7t9KeZup4HXbOnN5
n7hZ5Bc/R2ECoMy2/kFEtNg6dMxYGU66od+0QTibuBGKvPBRsWT10KRv98nrJaag
+LmVLxbsXzoXy1QQSAsSbL5AVa/HLWPaIAzslUVxKGJCPJQOf848TPrRcO0zXsHg
EZIP6JPSuossjDJbwUsdNZiqq63+ix8yLMbIGlngIq4dZya5IEnkeVOPljZH2WKh
nNe3DdCNV+d5Wr0BvID/pbtsnXA3AiOFQYrvjRE77Uik7d1BBtkPkbYkQGA0rQ6z
I6W0dgZukgVSlA==
-----END CERTIFICATE-----
Generated at Mon Oct 27 07:08:24 2025 by rpki-client