Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/df3a15-2e49-4d8e-855a-1c2758651efa/1/lxx4swX7ScvUAF1EJ8H2LGpFWmg.mft
File: lxx4swX7ScvUAF1EJ8H2LGpFWmg.mft (raw, json)
Hash identifier: PIIjakzeVMdhyHXifKZBHLwQuGghEPunATOalPoL8Gk=
Subject key identifier: C0:C7:4A:F2:DC:AC:BC:06:B5:D3:03:14:86:24:B6:69:AB:2F:7A:A2
Authority key identifier: 97:1C:78:B3:05:FB:49:CB:D4:00:5D:44:27:C1:F6:2C:6A:45:5A:68
Certificate issuer: /CN=971c78b305fb49cbd4005d4427c1f62c6a455a68
Certificate serial: 019A71130C211BB522E0DEEA4A1E4968B1A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lxx4swX7ScvUAF1EJ8H2LGpFWmg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/df3a15-2e49-4d8e-855a-1c2758651efa/1/lxx4swX7ScvUAF1EJ8H2LGpFWmg.mft
Manifest number: 171F
Signing time: Tue 11 Nov 2025 04:01:04 +0000
Manifest this update: Tue 11 Nov 2025 04:01:04 +0000
Manifest next update: Wed 12 Nov 2025 04:01:04 +0000
Files and hashes: 1: Fs8XEPRvhs2sBrhxNlZzi8XKons.roa (hash: C0hFaordL7p5SUJfrTELAa9KIVrov4I7azhDmZ9FUrw=)
2: lxx4swX7ScvUAF1EJ8H2LGpFWmg.crl (hash: CZ1+DkSeaI0jUjNhpOJuDYf7bclePOPb0u3JOG1HQwY=)
3: sId5K04MuNzDrV7JjoafXNRATrU.roa (hash: c9K2d3wbOg2QoEGGWWmmlRXcKof1alf7zD4SEHKIWBQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ef/df3a15-2e49-4d8e-855a-1c2758651efa/1/lxx4swX7ScvUAF1EJ8H2LGpFWmg.crl
rsync://rpki.ripe.net/repository/DEFAULT/ef/df3a15-2e49-4d8e-855a-1c2758651efa/1/lxx4swX7ScvUAF1EJ8H2LGpFWmg.mft
rsync://rpki.ripe.net/repository/DEFAULT/lxx4swX7ScvUAF1EJ8H2LGpFWmg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 04:01:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:13:0c:21:1b:b5:22:e0:de:ea:4a:1e:49:68:b1:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=971c78b305fb49cbd4005d4427c1f62c6a455a68
Validity
Not Before: Nov 11 04:01:04 2025 GMT
Not After : Nov 12 04:01:04 2025 GMT
Subject: CN=c0c74af2dcacbc06b5d303148624b669ab2f7aa2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:00:18:12:62:6c:5c:6a:7e:83:df:45:07:68:
da:77:97:7c:ba:81:3e:de:f6:20:a3:4c:35:f4:57:
90:98:fa:8b:10:83:00:3f:eb:96:6f:bb:5c:8b:cf:
27:b0:68:67:c7:08:4e:ce:ff:79:79:3b:8d:1d:56:
58:d0:a9:f8:b8:ec:84:75:12:b9:a8:30:1e:d4:3e:
fc:6a:bb:84:0a:e4:69:14:a3:f5:18:bf:74:43:8a:
26:5f:9d:ad:ec:48:08:f1:b4:2c:90:3e:e3:e6:57:
fe:b7:cf:52:e8:9b:aa:37:aa:18:c4:2b:2b:59:eb:
f8:37:84:05:27:0d:33:1f:37:1f:24:75:34:f6:7e:
38:e9:b0:14:df:73:1a:05:4c:cf:74:ea:5f:c2:a1:
68:bf:68:4b:1d:a6:21:62:d6:d4:88:9f:64:5b:9c:
a9:f2:14:93:7b:5b:ea:b0:7d:ba:c7:23:77:85:f8:
96:45:5c:65:b7:5f:9b:01:8d:7f:41:a8:ba:c2:29:
46:ed:7b:b3:35:23:09:c0:f1:72:56:c9:b2:af:ed:
00:80:28:22:d3:bc:5e:54:53:8b:83:18:e7:f1:85:
8b:a2:25:a2:4a:73:31:b8:3b:df:59:b6:95:4e:93:
aa:6b:ba:22:f1:9f:28:7f:50:aa:6f:27:1a:5d:da:
7b:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:C7:4A:F2:DC:AC:BC:06:B5:D3:03:14:86:24:B6:69:AB:2F:7A:A2
X509v3 Authority Key Identifier:
keyid:97:1C:78:B3:05:FB:49:CB:D4:00:5D:44:27:C1:F6:2C:6A:45:5A:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lxx4swX7ScvUAF1EJ8H2LGpFWmg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/df3a15-2e49-4d8e-855a-1c2758651efa/1/lxx4swX7ScvUAF1EJ8H2LGpFWmg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/df3a15-2e49-4d8e-855a-1c2758651efa/1/lxx4swX7ScvUAF1EJ8H2LGpFWmg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8b:94:c6:fe:87:c0:f9:c3:f2:bf:3a:59:98:4d:50:83:8b:c8:
65:a9:8d:bf:e8:8a:04:8e:8a:da:4a:4b:f1:14:56:0b:e1:fd:
ab:ff:6a:f9:c9:1c:72:15:1b:6c:7a:54:6b:9a:48:46:42:a8:
0c:77:ad:13:36:af:ec:39:56:33:c9:52:6a:f8:ad:80:3b:fd:
e2:66:ed:b2:9f:42:ec:9e:85:07:b6:64:2f:be:50:72:cd:43:
46:3c:b8:ee:9c:db:b8:83:4f:0e:ea:49:db:37:1d:9e:d4:5c:
1e:bd:26:c0:5c:ca:90:87:42:dd:27:37:ce:64:10:55:a9:a0:
e0:c4:a7:3b:7e:fd:63:33:aa:ce:45:82:fd:36:5f:1a:68:ae:
69:07:da:27:ee:d8:96:45:7b:cc:71:45:9e:65:09:d9:82:0a:
38:2e:5a:7c:90:e5:7a:f6:e1:07:4c:40:3f:9c:3b:a7:1e:5f:
2b:03:a2:e3:6c:2e:5d:a8:de:2a:09:58:8c:5f:81:cc:7f:1a:
13:5f:78:3d:05:27:4b:79:44:67:5e:6c:3a:da:ad:6a:88:56:
09:cf:d8:c3:a9:8b:c3:de:15:82:f5:37:b4:54:05:15:b7:ad:
78:17:3f:af:2e:e6:5e:56:42:e8:37:4f:68:f2:37:b1:88:70:
86:e1:41:62
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxEwwhG7Ui4N7qSh5JaLGlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3MWM3OGIzMDVmYjQ5Y2JkNDAwNWQ0NDI3YzFmNjJjNmE0
NTVhNjgwHhcNMjUxMTExMDQwMTA0WhcNMjUxMTEyMDQwMTA0WjAzMTEwLwYDVQQD
EyhjMGM3NGFmMmRjYWNiYzA2YjVkMzAzMTQ4NjI0YjY2OWFiMmY3YWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqgAYEmJsXGp+g99FB2jad5d8uoE+
3vYgo0w19FeQmPqLEIMAP+uWb7tci88nsGhnxwhOzv95eTuNHVZY0Kn4uOyEdRK5
qDAe1D78aruECuRpFKP1GL90Q4omX52t7EgI8bQskD7j5lf+t89S6JuqN6oYxCsr
Wev4N4QFJw0zHzcfJHU09n446bAU33MaBUzPdOpfwqFov2hLHaYhYtbUiJ9kW5yp
8hSTe1vqsH26xyN3hfiWRVxlt1+bAY1/Qai6wilG7XuzNSMJwPFyVsmyr+0AgCgi
07xeVFOLgxjn8YWLoiWiSnMxuDvfWbaVTpOqa7oi8Z8of1CqbycaXdp7IQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMDHSvLcrLwGtdMDFIYktmmrL3qiMB8GA1UdIwQY
MBaAFJcceLMF+0nL1ABdRCfB9ixqRVpoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHh4NHN3WDdTY3ZVQUYxRUo4SDJMR3BGV21nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi9kZjNhMTUtMmU0OS00ZDhlLTg1NWEt
MWMyNzU4NjUxZWZhLzEvbHh4NHN3WDdTY3ZVQUYxRUo4SDJMR3BGV21nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi9kZjNhMTUtMmU0OS00ZDhlLTg1NWEtMWMyNzU4NjUxZWZh
LzEvbHh4NHN3WDdTY3ZVQUYxRUo4SDJMR3BGV21nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAi5TG/ofA
+cPyvzpZmE1Qg4vIZamNv+iKBI6K2kpL8RRWC+H9q/9q+ckcchUbbHpUa5pIRkKo
DHetEzav7DlWM8lSavitgDv94mbtsp9C7J6FB7ZkL75Qcs1DRjy47pzbuINPDupJ
2zcdntRcHr0mwFzKkIdC3Sc3zmQQVamg4MSnO379YzOqzkWC/TZfGmiuaQfaJ+7Y
lkV7zHFFnmUJ2YIKOC5afJDlevbhB0xAP5w7px5fKwOi42wuXajeKglYjF+BzH8a
E194PQUnS3lEZ15sOtqtaohWCc/Yw6mLw94VgvU3tFQFFbeteBc/ry7mXlZC6DdP
aPI3sYhwhuFBYg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:48:17 2025 by rpki-client