Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/d27ad0-55c2-4904-a8c5-ace180ff9b19/1/lRibFY2NYBG6X5YlLTAmanDT4GY.mft
File: lRibFY2NYBG6X5YlLTAmanDT4GY.mft (raw, json)
Hash identifier: ILjQdhkO9CAsDQt3mSLdcr2AJk8UXCl89N8INP+L3hg=
Subject key identifier: B5:FA:70:A4:E9:8A:94:14:DA:2C:3E:46:DA:51:9B:E3:19:1A:4D:11
Authority key identifier: 95:18:9B:15:8D:8D:60:11:BA:5F:96:25:2D:30:26:6A:70:D3:E0:66
Certificate issuer: /CN=95189b158d8d6011ba5f96252d30266a70d3e066
Certificate serial: 019A2AB08C427A92B17A59C6111BC3C7A458
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lRibFY2NYBG6X5YlLTAmanDT4GY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/d27ad0-55c2-4904-a8c5-ace180ff9b19/1/lRibFY2NYBG6X5YlLTAmanDT4GY.mft
Manifest number: 16FA
Signing time: Tue 28 Oct 2025 12:00:04 +0000
Manifest this update: Tue 28 Oct 2025 12:00:04 +0000
Manifest next update: Wed 29 Oct 2025 12:00:04 +0000
Files and hashes: 1: alfL1bRTQjOY-E2KjHP8N4Ulue0.roa (hash: ybSj2AdhAA+9tbRInXwXzkVBfMf3WHllqssGw6/wFUI=)
2: lRibFY2NYBG6X5YlLTAmanDT4GY.crl (hash: ZwXYUnLE0nMLwWIre8PNrTN9XPo62Dumlc75NlE0pfw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/d27ad0-55c2-4904-a8c5-ace180ff9b19/1/lRibFY2NYBG6X5YlLTAmanDT4GY.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/d27ad0-55c2-4904-a8c5-ace180ff9b19/1/lRibFY2NYBG6X5YlLTAmanDT4GY.mft
rsync://rpki.ripe.net/repository/DEFAULT/lRibFY2NYBG6X5YlLTAmanDT4GY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 12:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:2a:b0:8c:42:7a:92:b1:7a:59:c6:11:1b:c3:c7:a4:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=95189b158d8d6011ba5f96252d30266a70d3e066
Validity
Not Before: Oct 28 12:00:04 2025 GMT
Not After : Oct 29 12:00:04 2025 GMT
Subject: CN=b5fa70a4e98a9414da2c3e46da519be3191a4d11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:9e:aa:17:a9:cc:bb:ab:86:87:62:a0:b6:ce:
84:84:53:05:36:95:21:d4:51:0f:87:45:c1:6e:af:
87:17:77:51:e8:74:95:ee:a0:3b:b0:28:6e:4f:7f:
75:8a:8c:37:6f:0a:e3:cf:d8:12:32:26:1a:8b:89:
d6:7f:8e:af:fc:c8:e6:8d:e5:db:1a:ef:6f:a1:7d:
5d:5d:65:e9:5c:d0:7f:c3:de:23:99:1d:43:12:28:
02:19:9f:65:52:a2:a2:89:20:14:2e:15:6b:8f:e8:
c5:0b:65:0b:f3:86:f7:92:47:3f:13:38:58:f6:78:
48:b6:89:d0:03:11:75:44:84:80:e9:a5:b9:f3:8b:
d9:a6:63:1a:20:1b:74:a9:15:02:25:b7:01:7d:23:
b0:47:fe:f2:18:34:0f:ea:37:4f:55:a8:61:d4:fd:
1b:80:4a:ac:58:e8:32:9f:d3:4e:db:c8:7c:a0:d6:
d2:31:3b:55:e4:54:fe:0f:4c:64:7d:86:cf:d1:19:
78:b0:58:bd:a7:0e:25:4c:c0:7c:30:fd:37:1f:c4:
40:4c:aa:35:88:c6:1a:40:40:c6:53:ec:68:79:4c:
7c:74:58:68:6b:37:56:9f:c2:3d:d5:d5:4a:10:bc:
54:b4:9d:bf:bc:01:60:28:49:f0:7a:6f:13:f9:72:
40:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:FA:70:A4:E9:8A:94:14:DA:2C:3E:46:DA:51:9B:E3:19:1A:4D:11
X509v3 Authority Key Identifier:
keyid:95:18:9B:15:8D:8D:60:11:BA:5F:96:25:2D:30:26:6A:70:D3:E0:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lRibFY2NYBG6X5YlLTAmanDT4GY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/d27ad0-55c2-4904-a8c5-ace180ff9b19/1/lRibFY2NYBG6X5YlLTAmanDT4GY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/d27ad0-55c2-4904-a8c5-ace180ff9b19/1/lRibFY2NYBG6X5YlLTAmanDT4GY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
42:ec:8d:a4:69:3e:00:26:9f:4a:f0:f5:6d:5c:fa:54:41:ef:
23:ff:15:b8:91:45:84:0a:4a:ef:ed:5e:37:7c:ad:f2:bc:9c:
04:41:8e:05:79:e4:20:fa:d4:78:4a:08:47:6d:e1:8b:42:2e:
d7:85:e1:06:8e:c4:42:cc:72:80:d9:31:45:0a:fe:f4:57:d0:
bb:6e:b4:01:cc:3d:e8:a0:92:bd:19:c6:53:f9:6b:21:b2:99:
e3:05:2b:4b:e9:31:c0:fe:3f:4c:75:8a:4c:c1:13:7d:78:7a:
02:bb:d6:c5:9c:d7:bb:e6:a8:8a:99:7e:61:62:e5:ae:de:ce:
fd:72:4d:6c:71:ed:23:90:36:c2:18:f1:09:80:f8:d8:45:2a:
a0:54:54:46:e7:ae:84:bb:80:a1:17:da:0f:2e:0b:a7:7b:94:
c0:20:2b:c4:86:e8:ef:e9:3b:29:76:4c:5c:0f:15:20:3e:f6:
2f:ef:bc:2d:37:f7:9c:30:bf:6d:f1:0b:b8:17:91:b7:0f:63:
6c:2e:f6:10:e5:64:ce:86:16:c2:15:5b:67:90:0f:4a:de:8c:
1b:f1:1e:61:99:dc:0b:97:95:fb:66:8a:21:af:cc:3f:6a:ae:
60:c5:d8:71:f5:fd:e6:ce:e0:a1:3d:cb:4e:19:f1:fb:08:57:
73:d4:60:58
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoqsIxCepKxelnGERvDx6RYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1MTg5YjE1OGQ4ZDYwMTFiYTVmOTYyNTJkMzAyNjZhNzBk
M2UwNjYwHhcNMjUxMDI4MTIwMDA0WhcNMjUxMDI5MTIwMDA0WjAzMTEwLwYDVQQD
EyhiNWZhNzBhNGU5OGE5NDE0ZGEyYzNlNDZkYTUxOWJlMzE5MWE0ZDExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqZ6qF6nMu6uGh2Kgts6EhFMFNpUh
1FEPh0XBbq+HF3dR6HSV7qA7sChuT391iow3bwrjz9gSMiYai4nWf46v/MjmjeXb
Gu9voX1dXWXpXNB/w94jmR1DEigCGZ9lUqKiiSAULhVrj+jFC2UL84b3kkc/EzhY
9nhItonQAxF1RISA6aW584vZpmMaIBt0qRUCJbcBfSOwR/7yGDQP6jdPVahh1P0b
gEqsWOgyn9NO28h8oNbSMTtV5FT+D0xkfYbP0Rl4sFi9pw4lTMB8MP03H8RATKo1
iMYaQEDGU+xoeUx8dFhoazdWn8I91dVKELxUtJ2/vAFgKEnwem8T+XJAlQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLX6cKTpipQU2iw+RtpRm+MZGk0RMB8GA1UdIwQY
MBaAFJUYmxWNjWARul+WJS0wJmpw0+BmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFJpYkZZMk5ZQkc2WDVZbExUQW1hbkRUNEdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9kMjdhZDAtNTVjMi00OTA0LWE4YzUt
YWNlMTgwZmY5YjE5LzEvbFJpYkZZMk5ZQkc2WDVZbExUQW1hbkRUNEdZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9kMjdhZDAtNTVjMi00OTA0LWE4YzUtYWNlMTgwZmY5YjE5
LzEvbFJpYkZZMk5ZQkc2WDVZbExUQW1hbkRUNEdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQuyNpGk+
ACafSvD1bVz6VEHvI/8VuJFFhApK7+1eN3yt8rycBEGOBXnkIPrUeEoIR23hi0Iu
14XhBo7EQsxygNkxRQr+9FfQu260Acw96KCSvRnGU/lrIbKZ4wUrS+kxwP4/THWK
TMETfXh6ArvWxZzXu+aoipl+YWLlrt7O/XJNbHHtI5A2whjxCYD42EUqoFRURueu
hLuAoRfaDy4Lp3uUwCArxIbo7+k7KXZMXA8VID72L++8LTf3nDC/bfELuBeRtw9j
bC72EOVkzoYWwhVbZ5APSt6MG/EeYZncC5eV+2aKIa/MP2quYMXYcfX95s7goT3L
Thnx+whXc9RgWA==
-----END CERTIFICATE-----
Generated at Tue Oct 28 15:08:01 2025 by rpki-client