Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/c75af4-9d26-4290-b027-a56c52be198c/1/LX893KDLOOx7CMaQKeIPUtxAjxc.mft
File: LX893KDLOOx7CMaQKeIPUtxAjxc.mft (raw, json)
Hash identifier: hJ5nguFzmbHxJDZilIcn/RcZ1BrOjVhAF9ZXeSxd7Sw=
Subject key identifier: 01:8A:ED:6B:F5:84:D1:AC:10:66:55:61:44:54:48:AC:DC:57:49:37
Authority key identifier: 2D:7F:3D:DC:A0:CB:38:EC:7B:08:C6:90:29:E2:0F:52:DC:40:8F:17
Certificate issuer: /CN=2d7f3ddca0cb38ec7b08c69029e20f52dc408f17
Certificate serial: 019A71135614EB26DA7A78C66C219421B8AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LX893KDLOOx7CMaQKeIPUtxAjxc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/c75af4-9d26-4290-b027-a56c52be198c/1/LX893KDLOOx7CMaQKeIPUtxAjxc.mft
Manifest number: 1721
Signing time: Tue 11 Nov 2025 04:01:23 +0000
Manifest this update: Tue 11 Nov 2025 04:01:23 +0000
Manifest next update: Wed 12 Nov 2025 04:01:23 +0000
Files and hashes: 1: LX893KDLOOx7CMaQKeIPUtxAjxc.crl (hash: O8XEaRZgbLsf/Iptv7a7MH2EZVi4hEfQ3UjLjYizFXQ=)
2: NJtD_wJPtwe6yI8QzJv-rd_AAv4.roa (hash: goN8mo/tdm+T4x5aP0V4Y6dre6dhF2ryG392gou/4Qo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/c75af4-9d26-4290-b027-a56c52be198c/1/LX893KDLOOx7CMaQKeIPUtxAjxc.crl
rsync://rpki.ripe.net/repository/DEFAULT/f8/c75af4-9d26-4290-b027-a56c52be198c/1/LX893KDLOOx7CMaQKeIPUtxAjxc.mft
rsync://rpki.ripe.net/repository/DEFAULT/LX893KDLOOx7CMaQKeIPUtxAjxc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 04:01:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:13:56:14:eb:26:da:7a:78:c6:6c:21:94:21:b8:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d7f3ddca0cb38ec7b08c69029e20f52dc408f17
Validity
Not Before: Nov 11 04:01:23 2025 GMT
Not After : Nov 12 04:01:23 2025 GMT
Subject: CN=018aed6bf584d1ac10665561445448acdc574937
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:38:41:46:1c:a8:fa:97:44:2b:af:49:35:6f:
c1:bd:01:51:e9:9b:72:ff:b4:96:11:0c:db:4d:88:
f2:0d:b6:d6:10:6d:a5:c0:e1:ac:26:ff:f2:61:f3:
67:e4:2b:aa:9d:d0:91:50:bd:c5:5f:f2:f9:e1:67:
b4:b0:d0:a6:dc:a2:9e:61:d8:af:25:0e:69:e6:b1:
ea:b8:f4:cb:47:b4:82:fd:0e:6f:5b:eb:9f:54:1a:
20:a0:fe:bc:13:54:ee:3e:ef:d5:27:44:9c:15:2c:
ec:64:b3:2e:2f:22:2c:e6:d9:4e:d5:7c:4f:b6:ef:
b5:d3:91:ea:39:e5:f8:0d:5d:a0:32:f7:90:b8:0f:
4b:5a:5b:ee:4f:c0:c3:50:5c:74:54:89:6a:a6:b6:
05:63:32:31:57:13:ac:70:09:00:65:4c:3b:d3:4c:
67:e4:37:a4:83:8e:a5:a3:1d:da:5b:d0:46:9c:52:
18:e6:fb:ab:6b:01:f8:76:fc:dd:b2:33:ce:72:f3:
3e:a6:6e:c9:63:f4:b6:30:bd:1f:72:7d:3e:e1:98:
a5:39:a9:eb:6c:65:a2:d6:31:94:b8:0d:df:1d:63:
13:be:0c:7b:d4:88:f0:d6:e4:65:fb:7d:5e:56:4f:
2d:b3:f5:2b:7d:47:19:53:2d:22:c7:40:14:96:29:
44:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:8A:ED:6B:F5:84:D1:AC:10:66:55:61:44:54:48:AC:DC:57:49:37
X509v3 Authority Key Identifier:
keyid:2D:7F:3D:DC:A0:CB:38:EC:7B:08:C6:90:29:E2:0F:52:DC:40:8F:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LX893KDLOOx7CMaQKeIPUtxAjxc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/c75af4-9d26-4290-b027-a56c52be198c/1/LX893KDLOOx7CMaQKeIPUtxAjxc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/c75af4-9d26-4290-b027-a56c52be198c/1/LX893KDLOOx7CMaQKeIPUtxAjxc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4d:2f:c0:cc:3a:90:75:63:ef:16:b5:b4:88:71:62:86:97:66:
a2:71:07:9c:0a:73:5c:17:16:59:1e:cc:96:ba:a5:67:05:0e:
dc:63:bf:a2:d1:63:70:39:5c:c4:fd:ef:2e:65:1f:fb:c7:23:
2b:c1:8f:33:2a:da:3d:f9:d3:56:b5:7e:5b:4c:38:6b:67:46:
4c:16:b3:b9:43:ab:4b:44:0a:86:57:de:0f:b6:b8:ba:c0:b6:
9d:c3:8b:db:d7:eb:41:52:09:79:d2:85:71:54:d5:e1:37:93:
e4:81:e8:40:10:1f:e6:c1:79:ca:87:3b:06:eb:a6:e5:af:78:
da:87:48:2c:38:32:3c:9e:07:bb:bb:94:90:03:07:c2:88:cd:
54:25:28:f8:57:5f:4c:7a:09:72:3c:9e:62:85:9b:90:7b:46:
77:1e:0f:5c:45:30:f9:96:d0:56:68:84:d7:b0:07:a7:cb:40:
69:b1:95:59:a4:be:3d:d8:9f:56:a5:86:e8:aa:41:ee:19:c8:
bd:d3:ac:c0:73:83:93:10:c4:c5:83:87:e3:fb:71:fd:fa:cc:
68:bf:59:1f:da:7d:68:c4:9c:dc:5f:bd:ef:6e:f7:10:14:c3:
77:a9:3c:48:f9:19:c3:e6:d1:e3:d7:55:4e:04:cc:57:d7:0e:
0c:47:9d:a2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxE1YU6ybaenjGbCGUIbiqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkN2YzZGRjYTBjYjM4ZWM3YjA4YzY5MDI5ZTIwZjUyZGM0
MDhmMTcwHhcNMjUxMTExMDQwMTIzWhcNMjUxMTEyMDQwMTIzWjAzMTEwLwYDVQQD
EygwMThhZWQ2YmY1ODRkMWFjMTA2NjU1NjE0NDU0NDhhY2RjNTc0OTM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlDhBRhyo+pdEK69JNW/BvQFR6Zty
/7SWEQzbTYjyDbbWEG2lwOGsJv/yYfNn5CuqndCRUL3FX/L54We0sNCm3KKeYdiv
JQ5p5rHquPTLR7SC/Q5vW+ufVBogoP68E1TuPu/VJ0ScFSzsZLMuLyIs5tlO1XxP
tu+105HqOeX4DV2gMveQuA9LWlvuT8DDUFx0VIlqprYFYzIxVxOscAkAZUw700xn
5Dekg46lox3aW9BGnFIY5vurawH4dvzdsjPOcvM+pm7JY/S2ML0fcn0+4ZilOanr
bGWi1jGUuA3fHWMTvgx71Ijw1uRl+31eVk8ts/UrfUcZUy0ix0AUlilEcwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAGK7Wv1hNGsEGZVYURUSKzcV0k3MB8GA1UdIwQY
MBaAFC1/PdygyzjsewjGkCniD1LcQI8XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFg4OTNLRExPT3g3Q01hUUtlSVBVdHhBanhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9jNzVhZjQtOWQyNi00MjkwLWIwMjct
YTU2YzUyYmUxOThjLzEvTFg4OTNLRExPT3g3Q01hUUtlSVBVdHhBanhjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9jNzVhZjQtOWQyNi00MjkwLWIwMjctYTU2YzUyYmUxOThj
LzEvTFg4OTNLRExPT3g3Q01hUUtlSVBVdHhBanhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATS/AzDqQ
dWPvFrW0iHFihpdmonEHnApzXBcWWR7MlrqlZwUO3GO/otFjcDlcxP3vLmUf+8cj
K8GPMyraPfnTVrV+W0w4a2dGTBazuUOrS0QKhlfeD7a4usC2ncOL29frQVIJedKF
cVTV4TeT5IHoQBAf5sF5yoc7Buum5a942odILDgyPJ4Hu7uUkAMHwojNVCUo+Fdf
THoJcjyeYoWbkHtGdx4PXEUw+ZbQVmiE17AHp8tAabGVWaS+PdifVqWG6KpB7hnI
vdOswHODkxDExYOH4/tx/frMaL9ZH9p9aMSc3F+97273EBTDd6k8SPkZw+bR49dV
TgTMV9cODEedog==
-----END CERTIFICATE-----
Generated at Tue Nov 11 13:18:22 2025 by rpki-client