Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/bf70d3-70fa-4a32-809f-2a591c149d7a/1/lhmTYCWfpbNbgpU8Xtl5mSKDQaw.mft
File: lhmTYCWfpbNbgpU8Xtl5mSKDQaw.mft (raw, json)
Hash identifier: mgwUj5lBqkHbMNbywlWFyU93/X1AgdnBsPfBVsSOAxk=
Subject key identifier: 0E:F9:87:14:22:4A:38:40:ED:A8:D1:C0:05:B3:3B:B9:AE:7F:24:35
Authority key identifier: 96:19:93:60:25:9F:A5:B3:5B:82:95:3C:5E:D9:79:99:22:83:41:AC
Certificate issuer: /CN=96199360259fa5b35b82953c5ed97999228341ac
Certificate serial: 019D37F72B2686C378D64890795ABEDFC5FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lhmTYCWfpbNbgpU8Xtl5mSKDQaw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/bf70d3-70fa-4a32-809f-2a591c149d7a/1/lhmTYCWfpbNbgpU8Xtl5mSKDQaw.mft
Manifest number: 15F8
Signing time: Sun 29 Mar 2026 05:00:38 +0000
Manifest this update: Sun 29 Mar 2026 05:00:38 +0000
Manifest next update: Mon 30 Mar 2026 05:00:38 +0000
Files and hashes: 1: lhmTYCWfpbNbgpU8Xtl5mSKDQaw.crl (hash: lSDtBtwAjhNTo/plYvolozJT8HNeHnweDE04Pcr7DvY=)
2: xR-_0CxJhk7opaVLnqtilVW0u5k.roa (hash: smIJQKujLMH2xBq3OokVMe7VXadkyznDo/jDUgPKJpc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/bf70d3-70fa-4a32-809f-2a591c149d7a/1/lhmTYCWfpbNbgpU8Xtl5mSKDQaw.crl
rsync://rpki.ripe.net/repository/DEFAULT/21/bf70d3-70fa-4a32-809f-2a591c149d7a/1/lhmTYCWfpbNbgpU8Xtl5mSKDQaw.mft
rsync://rpki.ripe.net/repository/DEFAULT/lhmTYCWfpbNbgpU8Xtl5mSKDQaw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 05:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:f7:2b:26:86:c3:78:d6:48:90:79:5a:be:df:c5:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=96199360259fa5b35b82953c5ed97999228341ac
Validity
Not Before: Mar 29 05:00:38 2026 GMT
Not After : Mar 30 05:00:38 2026 GMT
Subject: CN=0ef98714224a3840eda8d1c005b33bb9ae7f2435
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:aa:88:b3:56:47:2e:7b:ef:78:89:21:46:c5:
d5:f3:ac:81:30:cd:e4:d9:f4:aa:6f:cf:c2:d2:c9:
09:12:7a:b1:3d:3d:79:b4:fe:31:f6:86:c0:62:7e:
e9:af:b5:71:d2:d0:cb:6c:ac:24:8d:db:09:71:e2:
1d:3a:02:f0:c1:5f:d5:ca:11:7f:65:16:79:45:9a:
52:7a:b9:7a:33:de:c7:82:f5:c6:89:bd:48:86:5c:
c0:89:27:4b:b5:3e:51:15:93:61:70:54:96:7d:3e:
52:a5:b5:44:1a:cc:aa:a6:27:0e:0e:a1:38:19:f6:
c0:5b:d1:98:88:54:f7:d4:66:57:14:1d:94:ce:cb:
2b:ae:d5:6e:59:c4:fb:6a:d6:d6:d8:48:45:c9:22:
2c:3b:15:b1:0c:81:c8:56:3e:2c:e4:ea:da:6b:fa:
d3:5b:01:96:c4:a1:39:24:b4:39:bb:aa:cd:04:62:
a7:86:2a:f2:0a:ac:25:3f:cc:b5:ee:14:df:43:b2:
bf:e7:65:e1:bf:21:a9:51:f6:ae:33:51:24:5a:d8:
6b:82:79:eb:ca:60:e0:04:61:9c:23:c3:d2:5f:60:
3f:e3:f2:41:29:b9:48:a9:38:20:f1:6c:29:07:34:
42:51:f0:8f:cb:51:fb:4a:4f:0a:77:00:90:bb:4e:
f3:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:F9:87:14:22:4A:38:40:ED:A8:D1:C0:05:B3:3B:B9:AE:7F:24:35
X509v3 Authority Key Identifier:
keyid:96:19:93:60:25:9F:A5:B3:5B:82:95:3C:5E:D9:79:99:22:83:41:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lhmTYCWfpbNbgpU8Xtl5mSKDQaw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/bf70d3-70fa-4a32-809f-2a591c149d7a/1/lhmTYCWfpbNbgpU8Xtl5mSKDQaw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/bf70d3-70fa-4a32-809f-2a591c149d7a/1/lhmTYCWfpbNbgpU8Xtl5mSKDQaw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2b:a3:82:7c:e8:af:6e:52:01:13:c9:28:0b:43:3b:6f:6c:6a:
e2:01:2e:52:a3:b1:d0:7a:31:e6:af:4d:ee:c7:76:d4:b9:91:
27:e9:79:85:b8:f4:e9:0c:b1:6d:df:6d:ac:1d:99:cd:fc:87:
65:98:a5:33:e8:d5:db:95:2c:3a:09:6c:06:25:c8:71:7a:95:
8a:bf:2a:a1:2f:a4:e4:0f:36:42:a6:46:2a:25:b8:a9:2c:6e:
f3:fe:32:08:51:76:9e:b0:60:5a:83:d6:b2:da:1f:e5:53:8a:
44:81:76:04:27:aa:0a:b8:81:f3:81:34:4a:bd:bb:c5:9f:2f:
d4:2f:14:3f:56:f2:aa:68:88:00:ea:5f:df:e0:0e:1d:bc:9d:
14:d8:3d:5c:2d:ac:2c:ec:59:a2:2b:2d:7f:d7:e9:b2:60:3b:
66:10:35:6d:d7:07:2e:a3:4d:9c:ff:d8:1d:f0:8f:5f:0a:4e:
21:60:b6:fd:cb:49:be:23:d7:13:84:eb:ba:5d:64:48:87:be:
30:6d:70:e2:8d:63:38:fa:80:89:98:eb:19:01:68:05:d7:f4:
17:a5:dc:b1:16:b8:bd:36:2a:4b:e2:8a:a6:22:a7:cb:09:02:
f8:3d:dc:3c:12:45:c1:bf:1b:e3:f1:3b:9b:61:65:47:72:c8:
84:fb:2f:bd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ039ysmhsN41kiQeVq+38X7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2MTk5MzYwMjU5ZmE1YjM1YjgyOTUzYzVlZDk3OTk5MjI4
MzQxYWMwHhcNMjYwMzI5MDUwMDM4WhcNMjYwMzMwMDUwMDM4WjAzMTEwLwYDVQQD
EygwZWY5ODcxNDIyNGEzODQwZWRhOGQxYzAwNWIzM2JiOWFlN2YyNDM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtqqIs1ZHLnvveIkhRsXV86yBMM3k
2fSqb8/C0skJEnqxPT15tP4x9obAYn7pr7Vx0tDLbKwkjdsJceIdOgLwwV/VyhF/
ZRZ5RZpSerl6M97HgvXGib1IhlzAiSdLtT5RFZNhcFSWfT5SpbVEGsyqpicODqE4
GfbAW9GYiFT31GZXFB2UzssrrtVuWcT7atbW2EhFySIsOxWxDIHIVj4s5Oraa/rT
WwGWxKE5JLQ5u6rNBGKnhiryCqwlP8y17hTfQ7K/52XhvyGpUfauM1EkWthrgnnr
ymDgBGGcI8PSX2A/4/JBKblIqTgg8WwpBzRCUfCPy1H7Sk8KdwCQu07zSwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA75hxQiSjhA7ajRwAWzO7mufyQ1MB8GA1UdIwQY
MBaAFJYZk2Aln6WzW4KVPF7ZeZkig0GsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGhtVFlDV2ZwYk5iZ3BVOFh0bDVtU0tEUWF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9iZjcwZDMtNzBmYS00YTMyLTgwOWYt
MmE1OTFjMTQ5ZDdhLzEvbGhtVFlDV2ZwYk5iZ3BVOFh0bDVtU0tEUWF3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9iZjcwZDMtNzBmYS00YTMyLTgwOWYtMmE1OTFjMTQ5ZDdh
LzEvbGhtVFlDV2ZwYk5iZ3BVOFh0bDVtU0tEUWF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAK6OCfOiv
blIBE8koC0M7b2xq4gEuUqOx0Hox5q9N7sd21LmRJ+l5hbj06Qyxbd9trB2ZzfyH
ZZilM+jV25UsOglsBiXIcXqVir8qoS+k5A82QqZGKiW4qSxu8/4yCFF2nrBgWoPW
stof5VOKRIF2BCeqCriB84E0Sr27xZ8v1C8UP1byqmiIAOpf3+AOHbydFNg9XC2s
LOxZoistf9fpsmA7ZhA1bdcHLqNNnP/YHfCPXwpOIWC2/ctJviPXE4Trul1kSIe+
MG1w4o1jOPqAiZjrGQFoBdf0F6XcsRa4vTYqS+KKpiKnywkC+D3cPBJFwb8b4/E7
m2FlR3LIhPsvvQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:20:23 2026 by rpki-client