Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/ea6f61-a9d2-4c6b-b717-1db4ed131bc3/1/lRu0kOCd8UZ-TuxD2PIEhM7oOf4.mft
File: lRu0kOCd8UZ-TuxD2PIEhM7oOf4.mft (raw, json)
Hash identifier: +NDHFGFDvHlvRwnHWbau3dj+/iP1rFywbETNZKE5/BA=
Subject key identifier: 29:5C:C6:65:DD:5B:F4:28:81:FC:41:18:30:B7:56:43:BB:2E:28:2D
Authority key identifier: 95:1B:B4:90:E0:9D:F1:46:7E:4E:EC:43:D8:F2:04:84:CE:E8:39:FE
Certificate issuer: /CN=951bb490e09df1467e4eec43d8f20484cee839fe
Certificate serial: 019CB8B9093AD863EECAD4DCBD6019B6C2CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lRu0kOCd8UZ-TuxD2PIEhM7oOf4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/ea6f61-a9d2-4c6b-b717-1db4ed131bc3/1/lRu0kOCd8UZ-TuxD2PIEhM7oOf4.mft
Manifest number: 0CCF
Signing time: Wed 04 Mar 2026 12:01:00 +0000
Manifest this update: Wed 04 Mar 2026 12:01:00 +0000
Manifest next update: Thu 05 Mar 2026 12:01:00 +0000
Files and hashes: 1: kE66fhDE4xBKZgP00aDSZ5wUo8Q.roa (hash: Xz3m7rpESDDSay6iugLcdgSAsdxY3IOPYIq5I7x/X5M=)
2: lRu0kOCd8UZ-TuxD2PIEhM7oOf4.crl (hash: wcFSpGQgMCBqvXVCtT4rVA4cIgoZ1khbj0msgvX9Vnc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/ea6f61-a9d2-4c6b-b717-1db4ed131bc3/1/lRu0kOCd8UZ-TuxD2PIEhM7oOf4.crl
rsync://rpki.ripe.net/repository/DEFAULT/09/ea6f61-a9d2-4c6b-b717-1db4ed131bc3/1/lRu0kOCd8UZ-TuxD2PIEhM7oOf4.mft
rsync://rpki.ripe.net/repository/DEFAULT/lRu0kOCd8UZ-TuxD2PIEhM7oOf4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 05 Mar 2026 12:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:b8:b9:09:3a:d8:63:ee:ca:d4:dc:bd:60:19:b6:c2:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=951bb490e09df1467e4eec43d8f20484cee839fe
Validity
Not Before: Mar 4 12:01:00 2026 GMT
Not After : Mar 5 12:01:00 2026 GMT
Subject: CN=295cc665dd5bf42881fc411830b75643bb2e282d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:bd:e4:58:ea:8a:db:45:52:35:69:f0:2d:16:
7d:de:98:64:bb:c0:4e:f4:aa:ee:25:95:5a:5e:be:
e6:a1:87:bc:f8:87:61:44:26:ed:4a:3d:03:07:52:
03:81:fe:5a:9f:bc:9b:5f:e0:fe:be:4c:1c:d2:b7:
4a:8d:2b:dc:fc:65:5e:bc:20:49:0f:97:ee:b9:f9:
b8:c5:48:5e:34:84:b3:fd:d3:db:a2:75:29:c8:69:
5c:d0:67:92:df:24:5b:d3:03:10:23:7c:51:04:74:
c0:53:84:f0:aa:ae:89:3f:52:10:f3:a7:db:c7:57:
9e:94:69:3f:f0:36:de:b3:3b:69:fb:1e:06:10:6d:
aa:94:52:66:fc:7a:99:5e:6e:9e:c5:92:dd:88:28:
3c:70:90:9b:a5:5f:ad:ce:4a:9c:ef:2c:a6:1a:c8:
31:95:ca:78:d8:92:a0:de:14:42:f1:47:7e:e0:f5:
1c:64:4d:26:b8:b8:92:c8:9c:df:1f:85:24:f6:e3:
03:ca:3d:09:3c:8b:ce:58:d1:f5:e1:ae:3e:99:65:
ab:6b:e6:73:00:66:99:7d:56:dd:a1:6b:79:ff:fc:
f1:2e:06:9f:82:9f:17:00:ba:5d:7d:0e:7f:ac:a1:
69:8c:d3:b3:df:fd:4f:e4:7e:78:41:28:3f:a3:62:
a2:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:5C:C6:65:DD:5B:F4:28:81:FC:41:18:30:B7:56:43:BB:2E:28:2D
X509v3 Authority Key Identifier:
keyid:95:1B:B4:90:E0:9D:F1:46:7E:4E:EC:43:D8:F2:04:84:CE:E8:39:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lRu0kOCd8UZ-TuxD2PIEhM7oOf4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/ea6f61-a9d2-4c6b-b717-1db4ed131bc3/1/lRu0kOCd8UZ-TuxD2PIEhM7oOf4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/ea6f61-a9d2-4c6b-b717-1db4ed131bc3/1/lRu0kOCd8UZ-TuxD2PIEhM7oOf4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
74:7a:f9:ff:c4:3d:b0:d4:71:52:4b:8f:fc:22:a2:8f:1d:9d:
52:7e:61:ed:8d:da:0f:b2:9d:e4:8b:e5:83:30:d6:e3:77:40:
9f:5b:33:73:65:8a:d6:a8:fe:9c:64:0a:3d:c7:7c:da:74:ed:
7c:c4:a6:4e:92:b0:02:c1:8a:2e:86:34:b1:0a:fb:cb:38:02:
e0:b8:98:a9:bb:ba:dc:ed:ab:c5:d4:e3:3d:f4:e0:78:8d:07:
24:a8:6e:19:d7:8d:60:f1:8a:2a:cb:76:74:33:f3:c1:5b:ee:
d9:c8:fc:9c:c2:77:13:8c:39:6f:ee:b6:8c:22:e5:97:3a:22:
24:53:1e:9f:f8:c8:7d:14:72:68:fe:88:44:00:cf:a4:9e:ca:
bc:a1:44:fa:95:1f:bf:b2:ff:00:43:5e:0c:54:90:c5:a1:51:
0f:c4:d1:74:21:3f:34:0c:c7:f9:9b:f9:d3:7d:bb:a4:12:78:
b0:40:21:0b:7a:71:3e:ca:c4:c2:63:62:e8:98:7e:7f:cf:91:
9f:ea:f8:a4:2a:36:c5:5a:07:cf:26:e6:b3:e3:ef:c8:4f:50:
40:c3:72:5d:be:72:25:95:25:df:f0:11:70:91:f7:9b:e9:b4:
fc:54:82:41:7e:b7:14:ad:1b:09:ee:90:e8:bd:ef:7b:78:43:
9d:ad:7e:f2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZy4uQk62GPuytTcvWAZtsLPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1MWJiNDkwZTA5ZGYxNDY3ZTRlZWM0M2Q4ZjIwNDg0Y2Vl
ODM5ZmUwHhcNMjYwMzA0MTIwMTAwWhcNMjYwMzA1MTIwMTAwWjAzMTEwLwYDVQQD
EygyOTVjYzY2NWRkNWJmNDI4ODFmYzQxMTgzMGI3NTY0M2JiMmUyODJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtL3kWOqK20VSNWnwLRZ93phku8BO
9KruJZVaXr7moYe8+IdhRCbtSj0DB1IDgf5an7ybX+D+vkwc0rdKjSvc/GVevCBJ
D5fuufm4xUheNISz/dPbonUpyGlc0GeS3yRb0wMQI3xRBHTAU4Twqq6JP1IQ86fb
x1eelGk/8Dbesztp+x4GEG2qlFJm/HqZXm6exZLdiCg8cJCbpV+tzkqc7yymGsgx
lcp42JKg3hRC8Ud+4PUcZE0muLiSyJzfH4Uk9uMDyj0JPIvOWNH14a4+mWWra+Zz
AGaZfVbdoWt5//zxLgafgp8XALpdfQ5/rKFpjNOz3/1P5H54QSg/o2KiwQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFClcxmXdW/QogfxBGDC3VkO7LigtMB8GA1UdIwQY
MBaAFJUbtJDgnfFGfk7sQ9jyBITO6Dn+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFJ1MGtPQ2Q4VVotVHV4RDJQSUVoTTdvT2Y0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9lYTZmNjEtYTlkMi00YzZiLWI3MTct
MWRiNGVkMTMxYmMzLzEvbFJ1MGtPQ2Q4VVotVHV4RDJQSUVoTTdvT2Y0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS9lYTZmNjEtYTlkMi00YzZiLWI3MTctMWRiNGVkMTMxYmMz
LzEvbFJ1MGtPQ2Q4VVotVHV4RDJQSUVoTTdvT2Y0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdHr5/8Q9
sNRxUkuP/CKijx2dUn5h7Y3aD7Kd5IvlgzDW43dAn1szc2WK1qj+nGQKPcd82nTt
fMSmTpKwAsGKLoY0sQr7yzgC4LiYqbu63O2rxdTjPfTgeI0HJKhuGdeNYPGKKst2
dDPzwVvu2cj8nMJ3E4w5b+62jCLllzoiJFMen/jIfRRyaP6IRADPpJ7KvKFE+pUf
v7L/AENeDFSQxaFRD8TRdCE/NAzH+Zv50327pBJ4sEAhC3pxPsrEwmNi6Jh+f8+R
n+r4pCo2xVoHzybms+PvyE9QQMNyXb5yJZUl3/ARcJH3m+m0/FSCQX63FK0bCe6Q
6L3ve3hDna1+8g==
-----END CERTIFICATE-----
Generated at Wed Mar 4 21:56:21 2026 by rpki-client