Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/b80405-d19b-4e0f-ac37-5200fc16ff8c/1/lZI0IMz-4DjNyutDkjEKBZivej4.mft
File: lZI0IMz-4DjNyutDkjEKBZivej4.mft (raw, json)
Hash identifier: tKSU0CwTeBHjDXabPT4++aJmhw3dfeyQRGvwcVs85WM=
Subject key identifier: 3B:32:F4:71:98:CC:5E:29:C4:D3:CA:39:D8:4A:AC:D6:DE:64:AC:20
Authority key identifier: 95:92:34:20:CC:FE:E0:38:CD:CA:EB:43:92:31:0A:05:98:AF:7A:3E
Certificate issuer: /CN=95923420ccfee038cdcaeb4392310a0598af7a3e
Certificate serial: 019D390A4A27B02889135A6F07678D8CAFCC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lZI0IMz-4DjNyutDkjEKBZivej4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/b80405-d19b-4e0f-ac37-5200fc16ff8c/1/lZI0IMz-4DjNyutDkjEKBZivej4.mft
Manifest number: 0497
Signing time: Sun 29 Mar 2026 10:01:08 +0000
Manifest this update: Sun 29 Mar 2026 10:01:08 +0000
Manifest next update: Mon 30 Mar 2026 10:01:08 +0000
Files and hashes: 1: IM21zWEfSOh921Z1zwkT3vvGFfs.roa (hash: W640/PCpAKPhrBYklv0d8kY3i3xSr0Wn6L53wsJDrnQ=)
2: b9vcmhhWmTdDD16HAHP6D8RbDkA.roa (hash: FBfH9P35YtWY9xE6pYzf6Mz1MG4bSL4q1phGJQRtJTw=)
3: lZI0IMz-4DjNyutDkjEKBZivej4.crl (hash: 4uShp2HtBrMcRDzGCSzldt9b6E6gLqiRb7v+t9j6PsQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/b80405-d19b-4e0f-ac37-5200fc16ff8c/1/lZI0IMz-4DjNyutDkjEKBZivej4.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/b80405-d19b-4e0f-ac37-5200fc16ff8c/1/lZI0IMz-4DjNyutDkjEKBZivej4.mft
rsync://rpki.ripe.net/repository/DEFAULT/lZI0IMz-4DjNyutDkjEKBZivej4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 08:48:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:0a:4a:27:b0:28:89:13:5a:6f:07:67:8d:8c:af:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=95923420ccfee038cdcaeb4392310a0598af7a3e
Validity
Not Before: Mar 29 10:01:08 2026 GMT
Not After : Mar 30 10:01:08 2026 GMT
Subject: CN=3b32f47198cc5e29c4d3ca39d84aacd6de64ac20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:02:55:f8:08:b2:93:67:57:5c:76:2b:07:36:
1b:c9:58:1e:e1:69:86:c1:39:4b:29:6b:c2:5d:4b:
8f:4b:c4:a5:8f:38:ed:12:20:01:ef:9a:82:0f:57:
a5:17:09:83:46:6b:dd:02:d5:ab:f4:0e:bc:c3:2a:
96:fa:8a:a4:81:c7:0f:74:57:cc:88:6c:ba:42:b6:
32:9b:c3:e9:fb:2e:3d:79:44:6b:4f:f4:07:7c:ca:
e1:de:58:f9:67:15:ab:cd:cb:cf:7f:c5:91:be:93:
7f:47:3b:38:17:80:a8:3b:b9:fd:c4:2f:14:20:b7:
f2:bb:16:26:6d:f9:b7:9c:75:ef:15:4a:41:5c:d3:
74:91:92:77:86:70:d5:5e:80:b2:be:ba:f0:99:ff:
32:51:d1:4b:c7:e7:2d:a9:cf:54:7a:98:09:fd:90:
d5:37:74:c0:58:7b:bd:c9:84:b4:cd:96:68:40:18:
a1:4a:b1:7e:90:59:76:a1:cd:88:99:91:65:a5:6f:
48:d0:8a:52:96:01:40:ac:d9:85:2b:3f:c2:80:d4:
7a:e4:7e:81:6a:5c:32:65:ab:61:2e:1f:dc:ae:81:
79:88:87:65:c5:63:1d:a7:59:cf:8f:ef:7c:34:d2:
c5:6d:20:7c:e9:17:59:06:f0:0a:86:f8:56:72:d6:
cf:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:32:F4:71:98:CC:5E:29:C4:D3:CA:39:D8:4A:AC:D6:DE:64:AC:20
X509v3 Authority Key Identifier:
keyid:95:92:34:20:CC:FE:E0:38:CD:CA:EB:43:92:31:0A:05:98:AF:7A:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lZI0IMz-4DjNyutDkjEKBZivej4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/b80405-d19b-4e0f-ac37-5200fc16ff8c/1/lZI0IMz-4DjNyutDkjEKBZivej4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/b80405-d19b-4e0f-ac37-5200fc16ff8c/1/lZI0IMz-4DjNyutDkjEKBZivej4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1d:c8:85:40:29:21:78:df:26:54:af:ef:94:53:e3:c0:4e:29:
a8:ec:d6:75:45:36:16:21:33:80:7a:c9:cb:6b:ac:d6:90:1c:
15:a5:f6:78:59:95:14:15:52:bb:be:21:1e:18:76:38:d9:41:
7b:d0:0c:88:a6:58:45:ea:98:86:c4:75:6a:54:35:74:f3:36:
14:e2:b7:63:2c:7d:04:0e:12:d1:bc:ae:45:65:99:ba:96:f0:
c0:c7:08:a5:7c:85:a7:ae:b1:df:72:31:de:78:bb:d5:e4:b3:
d6:39:78:7c:50:3d:79:11:28:51:d5:e0:86:32:38:5a:38:88:
e4:70:e4:c5:aa:64:ce:72:35:dd:0a:ee:b5:fa:c8:21:88:3c:
1a:eb:c4:43:d7:03:76:b6:54:2c:c4:99:d3:7b:7e:40:18:0e:
1c:3d:8d:8c:08:ae:f9:88:a1:59:db:24:07:a1:fb:20:c8:4d:
51:3a:58:fa:36:cc:e4:57:3b:bf:92:25:e9:da:6b:c7:2c:5f:
35:f3:d8:76:cb:e1:e2:70:ee:70:01:6a:d8:db:51:df:c5:4f:
af:01:1a:8b:4c:06:bd:75:6c:0d:48:ab:e3:d5:58:d4:d6:a7:
ba:fa:f3:fa:2b:4c:bf:3f:7e:5a:5e:27:aa:ef:9a:bb:96:38:
8f:01:3a:2e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05CkonsCiJE1pvB2eNjK/MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1OTIzNDIwY2NmZWUwMzhjZGNhZWI0MzkyMzEwYTA1OThh
ZjdhM2UwHhcNMjYwMzI5MTAwMTA4WhcNMjYwMzMwMTAwMTA4WjAzMTEwLwYDVQQD
EygzYjMyZjQ3MTk4Y2M1ZTI5YzRkM2NhMzlkODRhYWNkNmRlNjRhYzIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5gJV+Aiyk2dXXHYrBzYbyVge4WmG
wTlLKWvCXUuPS8SljzjtEiAB75qCD1elFwmDRmvdAtWr9A68wyqW+oqkgccPdFfM
iGy6QrYym8Pp+y49eURrT/QHfMrh3lj5ZxWrzcvPf8WRvpN/Rzs4F4CoO7n9xC8U
ILfyuxYmbfm3nHXvFUpBXNN0kZJ3hnDVXoCyvrrwmf8yUdFLx+ctqc9UepgJ/ZDV
N3TAWHu9yYS0zZZoQBihSrF+kFl2oc2ImZFlpW9I0IpSlgFArNmFKz/CgNR65H6B
alwyZathLh/croF5iIdlxWMdp1nPj+98NNLFbSB86RdZBvAKhvhWctbPbQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDsy9HGYzF4pxNPKOdhKrNbeZKwgMB8GA1UdIwQY
MBaAFJWSNCDM/uA4zcrrQ5IxCgWYr3o+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFpJMElNei00RGpOeXV0RGtqRUtCWml2ZWo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9iODA0MDUtZDE5Yi00ZTBmLWFjMzct
NTIwMGZjMTZmZjhjLzEvbFpJMElNei00RGpOeXV0RGtqRUtCWml2ZWo0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9iODA0MDUtZDE5Yi00ZTBmLWFjMzctNTIwMGZjMTZmZjhj
LzEvbFpJMElNei00RGpOeXV0RGtqRUtCWml2ZWo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHciFQCkh
eN8mVK/vlFPjwE4pqOzWdUU2FiEzgHrJy2us1pAcFaX2eFmVFBVSu74hHhh2ONlB
e9AMiKZYReqYhsR1alQ1dPM2FOK3Yyx9BA4S0byuRWWZupbwwMcIpXyFp66x33Ix
3ni71eSz1jl4fFA9eREoUdXghjI4WjiI5HDkxapkznI13QrutfrIIYg8GuvEQ9cD
drZULMSZ03t+QBgOHD2NjAiu+YihWdskB6H7IMhNUTpY+jbM5Fc7v5Il6dprxyxf
NfPYdsvh4nDucAFq2NtR38VPrwEai0wGvXVsDUir49VY1Nanuvrz+itMvz9+Wl4n
qu+au5Y4jwE6Lg==
-----END CERTIFICATE-----
Generated at Sun Mar 29 19:20:52 2026 by rpki-client