Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/d27ad0-55c2-4904-a8c5-ace180ff9b19/1/lRibFY2NYBG6X5YlLTAmanDT4GY.mft
File: lRibFY2NYBG6X5YlLTAmanDT4GY.mft (raw, json)
Hash identifier: SOpZv/PxwoZSPvxaCDNGQ6WFhghe1BvEij13zciqdpk=
Subject key identifier: F6:DD:54:17:93:3A:30:DD:81:9E:A5:C0:F2:35:C4:73:DA:5F:94:0E
Authority key identifier: 95:18:9B:15:8D:8D:60:11:BA:5F:96:25:2D:30:26:6A:70:D3:E0:66
Certificate issuer: /CN=95189b158d8d6011ba5f96252d30266a70d3e066
Certificate serial: 01992FA2F58FFC23DFE46BDFE1E28A692D37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lRibFY2NYBG6X5YlLTAmanDT4GY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/d27ad0-55c2-4904-a8c5-ace180ff9b19/1/lRibFY2NYBG6X5YlLTAmanDT4GY.mft
Manifest number: 1678
Signing time: Tue 09 Sep 2025 18:00:32 +0000
Manifest this update: Tue 09 Sep 2025 18:00:32 +0000
Manifest next update: Wed 10 Sep 2025 18:00:32 +0000
Files and hashes: 1: alfL1bRTQjOY-E2KjHP8N4Ulue0.roa (hash: ybSj2AdhAA+9tbRInXwXzkVBfMf3WHllqssGw6/wFUI=)
2: lRibFY2NYBG6X5YlLTAmanDT4GY.crl (hash: S0CrXFju7Iqgn60d3kqRxjF/DhVAn1ITOFYoT5wS1vg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/d27ad0-55c2-4904-a8c5-ace180ff9b19/1/lRibFY2NYBG6X5YlLTAmanDT4GY.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/d27ad0-55c2-4904-a8c5-ace180ff9b19/1/lRibFY2NYBG6X5YlLTAmanDT4GY.mft
rsync://rpki.ripe.net/repository/DEFAULT/lRibFY2NYBG6X5YlLTAmanDT4GY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 10 Sep 2025 18:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:2f:a2:f5:8f:fc:23:df:e4:6b:df:e1:e2:8a:69:2d:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=95189b158d8d6011ba5f96252d30266a70d3e066
Validity
Not Before: Sep 9 18:00:32 2025 GMT
Not After : Sep 10 18:00:32 2025 GMT
Subject: CN=f6dd5417933a30dd819ea5c0f235c473da5f940e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:df:21:12:6c:4f:14:bb:dd:5d:6c:4b:92:4f:
42:ed:a5:90:a2:92:49:6b:75:dc:22:1d:8b:b2:7f:
ec:32:91:80:3d:91:33:c0:ab:98:b4:91:0e:73:f3:
08:e5:2e:5a:e2:8f:3e:30:d7:2f:2b:a8:fd:2f:d6:
f6:1c:49:6a:03:3a:b5:be:88:c8:bf:8f:a4:8a:19:
50:67:99:aa:9b:4b:9e:c3:31:8f:fb:8d:a4:ab:11:
1d:34:a4:fb:08:c0:cb:b4:e5:63:46:c1:a0:0e:f4:
52:9f:7a:62:78:4d:42:b2:62:eb:20:55:4c:0b:38:
ae:4e:89:3e:39:34:8f:5a:da:50:ac:9c:32:39:9a:
e2:5a:9a:e0:a3:c1:22:b7:1b:80:95:89:4a:cf:a2:
ca:ea:6f:86:ac:4f:24:d8:7a:08:fa:e7:e3:5b:de:
fa:1c:34:08:d4:e4:9a:2e:7f:16:c2:dd:0b:85:37:
17:a0:e5:9e:72:a0:97:ef:0c:90:98:72:6b:cb:fd:
ed:47:d3:4f:68:13:d7:00:31:96:c8:67:ca:82:7a:
af:1f:f4:2b:56:40:61:8c:59:55:c3:ed:04:b0:49:
a1:3d:24:bb:d0:67:c9:f9:cd:ae:fb:63:19:ac:ec:
74:77:7c:68:a6:fc:eb:e4:a1:e7:da:da:80:55:5a:
5a:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:DD:54:17:93:3A:30:DD:81:9E:A5:C0:F2:35:C4:73:DA:5F:94:0E
X509v3 Authority Key Identifier:
keyid:95:18:9B:15:8D:8D:60:11:BA:5F:96:25:2D:30:26:6A:70:D3:E0:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lRibFY2NYBG6X5YlLTAmanDT4GY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/d27ad0-55c2-4904-a8c5-ace180ff9b19/1/lRibFY2NYBG6X5YlLTAmanDT4GY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/d27ad0-55c2-4904-a8c5-ace180ff9b19/1/lRibFY2NYBG6X5YlLTAmanDT4GY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
42:bd:59:8c:4b:22:af:c6:82:76:84:8f:ee:13:2e:3f:e2:ab:
71:12:ac:5d:bb:51:62:a9:0d:f4:d2:75:00:81:63:d9:36:9a:
19:be:af:8b:3e:83:e6:d5:4e:5c:ca:19:f6:23:9e:07:07:8b:
6b:c7:e2:f8:70:81:c3:73:6c:7d:17:f5:d1:98:cc:f2:f6:c1:
1e:a8:5f:21:9e:cf:2a:d7:65:db:89:78:58:e6:5e:45:8e:44:
a5:41:c5:00:73:92:13:e9:6e:d8:32:73:84:b9:4a:98:68:a1:
64:9d:18:1a:d8:3d:69:6a:54:5c:9a:05:6b:44:98:b9:13:29:
f0:00:df:47:8c:95:c9:ac:02:4e:d1:b8:b7:03:d1:e8:c2:64:
dd:e1:be:8f:43:7e:87:48:6c:63:19:5f:9b:99:75:36:b7:95:
0f:b3:26:eb:ac:dc:1a:5e:99:c4:15:50:1e:e4:32:33:d8:ee:
f2:46:89:e1:fc:96:7d:76:bb:ee:8b:f0:52:15:24:ec:1d:52:
32:06:a6:36:6f:0e:a7:15:3d:15:91:24:53:51:50:fc:72:34:
f0:14:1d:40:dc:ef:ec:59:d1:eb:ff:7e:68:bb:05:e2:f2:56:
e9:af:ed:5a:cb:fe:f3:60:46:4e:3e:1a:80:e2:93:70:a2:5e:
7c:38:11:27
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkvovWP/CPf5Gvf4eKKaS03MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1MTg5YjE1OGQ4ZDYwMTFiYTVmOTYyNTJkMzAyNjZhNzBk
M2UwNjYwHhcNMjUwOTA5MTgwMDMyWhcNMjUwOTEwMTgwMDMyWjAzMTEwLwYDVQQD
EyhmNmRkNTQxNzkzM2EzMGRkODE5ZWE1YzBmMjM1YzQ3M2RhNWY5NDBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq98hEmxPFLvdXWxLkk9C7aWQopJJ
a3XcIh2Lsn/sMpGAPZEzwKuYtJEOc/MI5S5a4o8+MNcvK6j9L9b2HElqAzq1vojI
v4+kihlQZ5mqm0uewzGP+42kqxEdNKT7CMDLtOVjRsGgDvRSn3pieE1CsmLrIFVM
CziuTok+OTSPWtpQrJwyOZriWprgo8EitxuAlYlKz6LK6m+GrE8k2HoI+ufjW976
HDQI1OSaLn8Wwt0LhTcXoOWecqCX7wyQmHJry/3tR9NPaBPXADGWyGfKgnqvH/Qr
VkBhjFlVw+0EsEmhPSS70GfJ+c2u+2MZrOx0d3xopvzr5KHn2tqAVVpaRwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPbdVBeTOjDdgZ6lwPI1xHPaX5QOMB8GA1UdIwQY
MBaAFJUYmxWNjWARul+WJS0wJmpw0+BmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFJpYkZZMk5ZQkc2WDVZbExUQW1hbkRUNEdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9kMjdhZDAtNTVjMi00OTA0LWE4YzUt
YWNlMTgwZmY5YjE5LzEvbFJpYkZZMk5ZQkc2WDVZbExUQW1hbkRUNEdZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9kMjdhZDAtNTVjMi00OTA0LWE4YzUtYWNlMTgwZmY5YjE5
LzEvbFJpYkZZMk5ZQkc2WDVZbExUQW1hbkRUNEdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQr1ZjEsi
r8aCdoSP7hMuP+KrcRKsXbtRYqkN9NJ1AIFj2TaaGb6viz6D5tVOXMoZ9iOeBweL
a8fi+HCBw3NsfRf10ZjM8vbBHqhfIZ7PKtdl24l4WOZeRY5EpUHFAHOSE+lu2DJz
hLlKmGihZJ0YGtg9aWpUXJoFa0SYuRMp8ADfR4yVyawCTtG4twPR6MJk3eG+j0N+
h0hsYxlfm5l1NreVD7Mm66zcGl6ZxBVQHuQyM9ju8kaJ4fyWfXa77ovwUhUk7B1S
MgamNm8OpxU9FZEkU1FQ/HI08BQdQNzv7FnR6/9+aLsF4vJW6a/tWsv+82BGTj4a
gOKTcKJefDgRJw==
-----END CERTIFICATE-----
Generated at Wed Sep 10 03:41:07 2025 by rpki-client