Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/033700-f904-422f-a4ac-10240ca0b182/1/lb24W36o8fqvdR52xBR8gbYOmU0.mft
File: lb24W36o8fqvdR52xBR8gbYOmU0.mft (raw, json)
Hash identifier: RAh6QrHipI4YbYGCmOFZmJAzfWmubF7XhiukxU0oecY=
Subject key identifier: 3B:FD:28:D6:9F:DA:03:2F:B7:77:5D:10:C7:19:0F:15:AA:7A:DC:0E
Authority key identifier: 95:BD:B8:5B:7E:A8:F1:FA:AF:75:1E:76:C4:14:7C:81:B6:0E:99:4D
Certificate issuer: /CN=95bdb85b7ea8f1faaf751e76c4147c81b60e994d
Certificate serial: 019A71B7CAB05F1BC7B308DEA3A2A41D5D09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lb24W36o8fqvdR52xBR8gbYOmU0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/033700-f904-422f-a4ac-10240ca0b182/1/lb24W36o8fqvdR52xBR8gbYOmU0.mft
Manifest number: D2
Signing time: Tue 11 Nov 2025 07:01:01 +0000
Manifest this update: Tue 11 Nov 2025 07:01:01 +0000
Manifest next update: Wed 12 Nov 2025 07:01:01 +0000
Files and hashes: 1: 5R1-l58ft4GhxzonN9PpLF0e3rg.roa (hash: ld57U57oSYCdX19ANUoiIqFJmCosw0zLo2ypqpVfq5A=)
2: lb24W36o8fqvdR52xBR8gbYOmU0.crl (hash: m73ZkWHAkT8NXRN5nu4znCusp6geAUQ/M4A4BtWKNyw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ac/033700-f904-422f-a4ac-10240ca0b182/1/lb24W36o8fqvdR52xBR8gbYOmU0.crl
rsync://rpki.ripe.net/repository/DEFAULT/ac/033700-f904-422f-a4ac-10240ca0b182/1/lb24W36o8fqvdR52xBR8gbYOmU0.mft
rsync://rpki.ripe.net/repository/DEFAULT/lb24W36o8fqvdR52xBR8gbYOmU0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:01:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b7:ca:b0:5f:1b:c7:b3:08:de:a3:a2:a4:1d:5d:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=95bdb85b7ea8f1faaf751e76c4147c81b60e994d
Validity
Not Before: Nov 11 07:01:01 2025 GMT
Not After : Nov 12 07:01:01 2025 GMT
Subject: CN=3bfd28d69fda032fb7775d10c7190f15aa7adc0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:d5:5c:ea:f2:24:c0:9e:10:1c:9a:e7:d1:c8:
37:2a:34:0a:4b:9f:13:c1:a2:e6:9b:d9:7b:80:35:
35:7c:2e:98:3a:e1:c6:4a:5c:d3:9a:a1:94:c4:31:
48:07:8d:44:d1:d7:04:01:50:0a:d6:34:96:49:a1:
30:74:35:9b:32:b0:2b:3f:78:0a:bf:24:3c:e6:b0:
71:f5:ad:f8:8e:0a:f3:5f:14:05:85:be:5f:05:2d:
83:51:69:98:a4:62:5b:95:41:57:81:c2:2e:d1:94:
a4:0d:c7:82:9e:cc:37:0f:55:15:e5:63:3b:ee:d8:
38:11:f3:41:2e:e6:ac:a7:ff:c9:e9:c6:62:3d:40:
94:21:12:67:31:ae:76:49:ab:f0:ee:0f:f5:1f:2b:
66:74:24:d9:a8:d5:7a:bf:00:71:af:25:29:63:06:
e4:fd:63:2f:36:50:8d:88:2f:67:99:79:7a:cf:99:
da:26:5a:2c:07:df:ac:ac:7d:13:b2:0d:a3:6c:34:
f0:49:c1:53:d1:6e:eb:29:6f:33:43:56:11:f9:59:
40:78:35:67:ef:3f:1c:f1:ae:d7:aa:ee:fc:d6:73:
f3:f6:1d:3d:81:6f:4b:4e:6f:78:81:6d:60:66:d5:
17:b1:eb:9f:87:dc:d7:1f:de:e8:9b:20:94:59:41:
99:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:FD:28:D6:9F:DA:03:2F:B7:77:5D:10:C7:19:0F:15:AA:7A:DC:0E
X509v3 Authority Key Identifier:
keyid:95:BD:B8:5B:7E:A8:F1:FA:AF:75:1E:76:C4:14:7C:81:B6:0E:99:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lb24W36o8fqvdR52xBR8gbYOmU0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/033700-f904-422f-a4ac-10240ca0b182/1/lb24W36o8fqvdR52xBR8gbYOmU0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/033700-f904-422f-a4ac-10240ca0b182/1/lb24W36o8fqvdR52xBR8gbYOmU0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
68:4e:99:58:df:6c:23:74:d5:19:45:16:7e:6a:f4:a4:3d:58:
7b:c5:c5:37:de:cd:1f:31:f9:8a:d5:ce:99:06:5f:9b:be:9c:
43:e4:7e:f1:bb:ad:5d:5a:bb:d7:24:82:8d:9e:e6:1f:90:aa:
c8:b5:21:83:18:ff:db:11:fc:4c:95:56:d0:6f:85:b0:b6:3b:
fa:c0:91:80:e9:a0:2a:dc:b1:ec:fd:63:63:2d:f7:7c:49:bb:
52:f9:b8:06:82:c1:55:48:3e:86:a4:25:77:20:89:20:8b:f2:
34:1a:4f:79:3f:a8:b0:aa:f2:95:a7:3a:93:d7:c7:00:eb:5d:
b2:73:e4:9a:7f:7b:50:a7:2e:7f:cb:83:bf:fb:06:b1:ff:5e:
0c:20:de:bf:8f:b5:a8:00:5d:6f:10:ba:dc:85:1b:ef:89:bd:
cd:24:6e:a4:4c:94:5c:5a:8a:5e:35:3c:40:e0:34:67:4f:d8:
58:b8:9f:13:ed:63:39:21:a1:d3:b4:f9:c9:09:a3:77:08:82:
09:1d:d9:4e:a3:20:c6:4a:6e:4e:8a:43:6a:7c:f3:33:84:dd:
75:4f:e1:40:d5:2d:e7:0b:a3:6c:9e:43:3b:ae:a0:ef:99:cd:
6f:39:2e:00:1c:37:7d:ac:a7:5b:c7:67:d9:cd:c2:fc:9f:e9:
5b:05:97:ed
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt8qwXxvHswjeo6KkHV0JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1YmRiODViN2VhOGYxZmFhZjc1MWU3NmM0MTQ3YzgxYjYw
ZTk5NGQwHhcNMjUxMTExMDcwMTAxWhcNMjUxMTEyMDcwMTAxWjAzMTEwLwYDVQQD
EygzYmZkMjhkNjlmZGEwMzJmYjc3NzVkMTBjNzE5MGYxNWFhN2FkYzBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAptVc6vIkwJ4QHJrn0cg3KjQKS58T
waLmm9l7gDU1fC6YOuHGSlzTmqGUxDFIB41E0dcEAVAK1jSWSaEwdDWbMrArP3gK
vyQ85rBx9a34jgrzXxQFhb5fBS2DUWmYpGJblUFXgcIu0ZSkDceCnsw3D1UV5WM7
7tg4EfNBLuasp//J6cZiPUCUIRJnMa52Savw7g/1HytmdCTZqNV6vwBxryUpYwbk
/WMvNlCNiC9nmXl6z5naJlosB9+srH0Tsg2jbDTwScFT0W7rKW8zQ1YR+VlAeDVn
7z8c8a7Xqu781nPz9h09gW9LTm94gW1gZtUXseufh9zXH97omyCUWUGZ2wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDv9KNaf2gMvt3ddEMcZDxWqetwOMB8GA1UdIwQY
MBaAFJW9uFt+qPH6r3UedsQUfIG2DplNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGIyNFczNm84ZnF2ZFI1MnhCUjhnYllPbVUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy8wMzM3MDAtZjkwNC00MjJmLWE0YWMt
MTAyNDBjYTBiMTgyLzEvbGIyNFczNm84ZnF2ZFI1MnhCUjhnYllPbVUwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy8wMzM3MDAtZjkwNC00MjJmLWE0YWMtMTAyNDBjYTBiMTgy
LzEvbGIyNFczNm84ZnF2ZFI1MnhCUjhnYllPbVUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaE6ZWN9s
I3TVGUUWfmr0pD1Ye8XFN97NHzH5itXOmQZfm76cQ+R+8butXVq71ySCjZ7mH5Cq
yLUhgxj/2xH8TJVW0G+FsLY7+sCRgOmgKtyx7P1jYy33fEm7Uvm4BoLBVUg+hqQl
dyCJIIvyNBpPeT+osKrylac6k9fHAOtdsnPkmn97UKcuf8uDv/sGsf9eDCDev4+1
qABdbxC63IUb74m9zSRupEyUXFqKXjU8QOA0Z0/YWLifE+1jOSGh07T5yQmjdwiC
CR3ZTqMgxkpuTopDanzzM4TddU/hQNUt5wujbJ5DO66g75nNbzkuABw3faynW8dn
2c3C/J/pWwWX7Q==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:19:33 2025 by rpki-client