Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/7929f4-ec35-4d9c-92a8-0eb45ef62d8d/1/LxW3OnwtEx7BTr2QcXGLVMP7ppI.mft
File: LxW3OnwtEx7BTr2QcXGLVMP7ppI.mft (raw, json)
Hash identifier: mfCYjOy0bP0CKjkoSuxqU80M+7kvXnvpnaAEyXAWlaw=
Subject key identifier: 1D:0E:E3:F0:2F:9A:7F:18:32:35:47:17:D2:3D:5D:62:9A:24:4B:66
Authority key identifier: 2F:15:B7:3A:7C:2D:13:1E:C1:4E:BD:90:71:71:8B:54:C3:FB:A6:92
Certificate issuer: /CN=2f15b73a7c2d131ec14ebd9071718b54c3fba692
Certificate serial: 019A71B9334B7FEA8E7B6A407E3BD3205827
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LxW3OnwtEx7BTr2QcXGLVMP7ppI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/7929f4-ec35-4d9c-92a8-0eb45ef62d8d/1/LxW3OnwtEx7BTr2QcXGLVMP7ppI.mft
Manifest number: 0433
Signing time: Tue 11 Nov 2025 07:02:33 +0000
Manifest this update: Tue 11 Nov 2025 07:02:33 +0000
Manifest next update: Wed 12 Nov 2025 07:02:33 +0000
Files and hashes: 1: LxW3OnwtEx7BTr2QcXGLVMP7ppI.crl (hash: YHVjZFPeJ0NW3dbggjI0imRkrlmaWoNgP0x5yE2WcK0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/7929f4-ec35-4d9c-92a8-0eb45ef62d8d/1/LxW3OnwtEx7BTr2QcXGLVMP7ppI.crl
rsync://rpki.ripe.net/repository/DEFAULT/b2/7929f4-ec35-4d9c-92a8-0eb45ef62d8d/1/LxW3OnwtEx7BTr2QcXGLVMP7ppI.mft
rsync://rpki.ripe.net/repository/DEFAULT/LxW3OnwtEx7BTr2QcXGLVMP7ppI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:02:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b9:33:4b:7f:ea:8e:7b:6a:40:7e:3b:d3:20:58:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f15b73a7c2d131ec14ebd9071718b54c3fba692
Validity
Not Before: Nov 11 07:02:33 2025 GMT
Not After : Nov 12 07:02:33 2025 GMT
Subject: CN=1d0ee3f02f9a7f1832354717d23d5d629a244b66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:c2:62:b5:20:f3:30:33:e9:20:f6:fe:3a:03:
5a:ff:29:2a:84:57:18:59:c0:fb:b2:ed:ca:ef:ac:
d2:4b:4d:41:91:f7:35:06:f6:f9:98:32:d8:99:a7:
f3:f1:d5:93:bf:97:5a:8e:30:42:8d:ee:4b:b1:f4:
10:17:ef:1e:3f:71:24:66:36:02:75:21:2a:63:e6:
25:4d:43:ed:09:f7:64:8a:83:d5:07:69:fc:d7:14:
0c:35:14:53:4e:90:b0:8e:b5:d3:08:9d:35:01:e7:
60:da:15:34:b0:01:1c:24:5d:fb:51:ab:4c:ae:f3:
20:e4:00:ac:ff:4b:e5:7d:c8:a2:7c:4f:c4:50:58:
68:b7:f2:0b:02:a3:d6:71:43:2f:9b:39:3c:f3:c5:
f9:df:40:32:bc:a1:34:d6:7b:f8:41:f2:65:52:24:
3c:22:41:31:4b:4f:3d:ca:db:ee:23:b3:a4:17:72:
8c:12:91:85:d5:80:2a:f8:22:6a:fc:f8:d4:66:fa:
59:97:24:ce:32:61:fb:87:c1:00:09:07:99:62:04:
d7:d2:26:43:8d:e8:50:46:29:3b:cc:ec:5c:8c:12:
d1:e3:b4:6e:dc:15:90:0f:ac:6e:61:c0:5d:d5:96:
ef:b2:12:c5:22:af:71:c6:8d:b6:60:8d:c0:be:dc:
17:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:0E:E3:F0:2F:9A:7F:18:32:35:47:17:D2:3D:5D:62:9A:24:4B:66
X509v3 Authority Key Identifier:
keyid:2F:15:B7:3A:7C:2D:13:1E:C1:4E:BD:90:71:71:8B:54:C3:FB:A6:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LxW3OnwtEx7BTr2QcXGLVMP7ppI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/7929f4-ec35-4d9c-92a8-0eb45ef62d8d/1/LxW3OnwtEx7BTr2QcXGLVMP7ppI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/7929f4-ec35-4d9c-92a8-0eb45ef62d8d/1/LxW3OnwtEx7BTr2QcXGLVMP7ppI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
43:af:98:50:bd:e5:83:8b:c8:69:d9:c8:66:12:9b:39:79:b2:
18:d9:35:cd:7a:1c:dd:23:0d:73:c6:10:81:0d:a8:94:c5:32:
e4:81:23:08:64:c1:25:d8:65:08:07:44:d3:1b:2f:fa:5e:0a:
c2:ed:29:51:71:c9:50:57:4f:ee:d3:88:53:1d:d1:2b:21:11:
bf:8c:3a:cb:7f:02:33:5b:72:d8:1b:ae:bb:8e:5b:a6:46:32:
80:6f:25:bb:d8:33:41:21:76:c9:a2:87:c4:69:33:f0:04:16:
1c:de:4f:e9:3b:b2:6a:73:2a:7d:61:dd:22:aa:b2:a4:ea:de:
01:40:3b:b8:1e:df:df:2c:60:fb:72:66:e7:37:d2:c1:26:4b:
9d:2c:45:6a:74:b4:10:3c:4b:a7:24:b2:ac:10:e0:45:a0:0f:
19:d5:5b:96:6c:fc:8e:93:25:6c:40:f8:18:84:52:4f:e8:02:
ec:14:24:06:cf:29:95:6c:d8:7e:b6:a4:44:76:5f:89:47:56:
51:2d:a4:f9:cb:70:66:d9:bc:2e:e8:ef:93:b0:94:c3:03:d6:
93:d2:29:14:a6:c4:a3:1a:b2:ba:00:e8:4a:f6:6b:39:0c:aa:
a4:aa:d6:a8:56:f8:55:b2:a1:5b:01:a6:4d:27:2a:33:ab:e8:
0b:e9:b8:b1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuTNLf+qOe2pAfjvTIFgnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmMTViNzNhN2MyZDEzMWVjMTRlYmQ5MDcxNzE4YjU0YzNm
YmE2OTIwHhcNMjUxMTExMDcwMjMzWhcNMjUxMTEyMDcwMjMzWjAzMTEwLwYDVQQD
EygxZDBlZTNmMDJmOWE3ZjE4MzIzNTQ3MTdkMjNkNWQ2MjlhMjQ0YjY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzMJitSDzMDPpIPb+OgNa/ykqhFcY
WcD7su3K76zSS01Bkfc1Bvb5mDLYmafz8dWTv5dajjBCje5LsfQQF+8eP3EkZjYC
dSEqY+YlTUPtCfdkioPVB2n81xQMNRRTTpCwjrXTCJ01Aedg2hU0sAEcJF37UatM
rvMg5ACs/0vlfciifE/EUFhot/ILAqPWcUMvmzk888X530AyvKE01nv4QfJlUiQ8
IkExS089ytvuI7OkF3KMEpGF1YAq+CJq/PjUZvpZlyTOMmH7h8EACQeZYgTX0iZD
jehQRik7zOxcjBLR47Ru3BWQD6xuYcBd1ZbvshLFIq9xxo22YI3AvtwXcwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB0O4/Avmn8YMjVHF9I9XWKaJEtmMB8GA1UdIwQY
MBaAFC8Vtzp8LRMewU69kHFxi1TD+6aSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHhXM09ud3RFeDdCVHIyUWNYR0xWTVA3cHBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83OTI5ZjQtZWMzNS00ZDljLTkyYTgt
MGViNDVlZjYyZDhkLzEvTHhXM09ud3RFeDdCVHIyUWNYR0xWTVA3cHBJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83OTI5ZjQtZWMzNS00ZDljLTkyYTgtMGViNDVlZjYyZDhk
LzEvTHhXM09ud3RFeDdCVHIyUWNYR0xWTVA3cHBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQ6+YUL3l
g4vIadnIZhKbOXmyGNk1zXoc3SMNc8YQgQ2olMUy5IEjCGTBJdhlCAdE0xsv+l4K
wu0pUXHJUFdP7tOIUx3RKyERv4w6y38CM1ty2Buuu45bpkYygG8lu9gzQSF2yaKH
xGkz8AQWHN5P6TuyanMqfWHdIqqypOreAUA7uB7f3yxg+3Jm5zfSwSZLnSxFanS0
EDxLpySyrBDgRaAPGdVblmz8jpMlbED4GIRST+gC7BQkBs8plWzYfrakRHZfiUdW
US2k+ctwZtm8Lujvk7CUwwPWk9IpFKbEoxqyugDoSvZrOQyqpKrWqFb4VbKhWwGm
TScqM6voC+m4sQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:39:02 2025 by rpki-client