Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/3c2956-df9d-4048-b011-d8e98b85aea4/1/lNFhWT2oFcrFjTR5ZS0EhIDSZxM.mft
File: lNFhWT2oFcrFjTR5ZS0EhIDSZxM.mft (raw, json)
Hash identifier: e5qhwIHdfe8nFocZ5pcUK4dP8ZsHz8XZacPZ3W6YXh4=
Subject key identifier: 91:89:A2:14:40:52:B4:D1:F1:0F:95:F5:F8:D7:9A:7D:69:A3:40:64
Authority key identifier: 94:D1:61:59:3D:A8:15:CA:C5:8D:34:79:65:2D:04:84:80:D2:67:13
Certificate issuer: /CN=94d161593da815cac58d3479652d048480d26713
Certificate serial: 019D389C53E5B63C534F32507FF5B85C6273
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lNFhWT2oFcrFjTR5ZS0EhIDSZxM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/3c2956-df9d-4048-b011-d8e98b85aea4/1/lNFhWT2oFcrFjTR5ZS0EhIDSZxM.mft
Manifest number: 1890
Signing time: Sun 29 Mar 2026 08:01:02 +0000
Manifest this update: Sun 29 Mar 2026 08:01:02 +0000
Manifest next update: Mon 30 Mar 2026 08:01:02 +0000
Files and hashes: 1: NMR7KZn1Z_LDb0FIsWed94Of3O8.roa (hash: UuPG/G90OEoV3EyjWzry/XA+lmqTIoigWKSMDTb4YCw=)
2: lNFhWT2oFcrFjTR5ZS0EhIDSZxM.crl (hash: diWbw7JuaF0G9TlppNPaFVpTi3rnNxecjOpoi0N6JAE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2e/3c2956-df9d-4048-b011-d8e98b85aea4/1/lNFhWT2oFcrFjTR5ZS0EhIDSZxM.crl
rsync://rpki.ripe.net/repository/DEFAULT/2e/3c2956-df9d-4048-b011-d8e98b85aea4/1/lNFhWT2oFcrFjTR5ZS0EhIDSZxM.mft
rsync://rpki.ripe.net/repository/DEFAULT/lNFhWT2oFcrFjTR5ZS0EhIDSZxM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:9c:53:e5:b6:3c:53:4f:32:50:7f:f5:b8:5c:62:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94d161593da815cac58d3479652d048480d26713
Validity
Not Before: Mar 29 08:01:02 2026 GMT
Not After : Mar 30 08:01:02 2026 GMT
Subject: CN=9189a2144052b4d1f10f95f5f8d79a7d69a34064
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:7d:d3:5c:22:b5:9e:db:46:68:cb:c3:d6:66:
ca:5a:41:8f:13:8a:99:59:c6:2a:09:a9:32:34:12:
a3:a8:d6:ae:19:a2:b0:e8:7a:eb:4a:cc:7d:4d:01:
65:5a:55:8e:4d:e0:a2:f0:3e:7e:04:7d:68:34:ab:
ca:ff:a9:64:39:38:0b:e2:5c:09:64:9a:9b:e1:44:
4e:05:0b:5a:95:b8:bc:de:32:91:16:21:c8:7d:be:
a7:60:5c:65:59:db:00:91:ba:7c:3d:63:90:40:18:
8d:19:aa:5c:17:37:7c:36:e8:fb:dd:10:a8:99:83:
1d:2e:71:35:bf:a1:ab:73:4b:d2:2d:32:97:a4:ec:
6d:7f:e4:10:4f:dc:91:40:18:a6:68:70:c4:de:b1:
23:fe:b7:c8:3f:0b:86:0a:9e:d6:ae:71:2e:cf:5f:
6d:f3:81:f5:81:a8:54:9b:6e:be:59:42:33:1a:40:
1b:8d:41:5f:be:02:9e:42:eb:60:08:fc:f5:6f:ba:
c0:70:0a:f3:53:cc:7f:1c:2b:d2:a8:02:c5:9d:c0:
e2:29:4c:61:95:ea:65:3b:fd:25:dc:10:bc:7c:d4:
f4:b7:b5:6c:e7:9c:a3:03:5e:a3:d7:10:30:d9:af:
98:92:6a:ab:fd:30:f2:dd:83:e7:ae:e0:92:06:f1:
65:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:89:A2:14:40:52:B4:D1:F1:0F:95:F5:F8:D7:9A:7D:69:A3:40:64
X509v3 Authority Key Identifier:
keyid:94:D1:61:59:3D:A8:15:CA:C5:8D:34:79:65:2D:04:84:80:D2:67:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lNFhWT2oFcrFjTR5ZS0EhIDSZxM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/3c2956-df9d-4048-b011-d8e98b85aea4/1/lNFhWT2oFcrFjTR5ZS0EhIDSZxM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/3c2956-df9d-4048-b011-d8e98b85aea4/1/lNFhWT2oFcrFjTR5ZS0EhIDSZxM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
73:21:74:7f:63:91:e2:22:2f:2e:05:5b:2b:c4:a1:fb:fe:64:
d6:89:e8:37:b6:be:e6:0b:aa:19:58:19:20:08:12:f3:ac:32:
eb:d0:d8:d8:be:b0:c1:48:db:47:5b:3a:c9:61:fd:f3:2d:aa:
ff:1d:64:7f:da:eb:db:30:8f:e2:58:7a:56:f6:d8:85:c8:06:
62:58:8b:20:e6:2e:f4:b3:62:44:17:b2:bf:b3:57:71:9a:1f:
16:98:4b:fc:8c:82:1f:e9:07:b2:07:48:11:b9:4b:75:3a:41:
1b:3a:15:84:e4:12:b8:67:e4:b1:e2:fd:bd:4c:e1:ad:69:87:
a7:85:76:32:c6:4b:c2:53:69:85:ad:66:1c:78:de:a5:4f:1b:
25:f0:b5:8b:56:44:b5:39:d1:85:6b:1b:ff:12:5b:6d:fc:53:
36:8b:f1:70:ea:43:d1:c7:44:30:bf:e5:ac:d7:c3:63:0a:d2:
aa:f0:cc:e6:f1:68:39:4e:8d:b3:01:cb:b9:5d:95:57:2b:b3:
2d:23:c0:9c:3a:bb:b7:60:9c:6c:66:ef:34:78:88:b9:84:20:
7d:aa:00:42:97:1e:d8:a7:39:40:99:fe:ad:12:03:9a:16:26:
e7:6b:80:2e:d0:cc:46:a5:83:27:18:83:d6:9e:4d:1b:9f:07:
ba:36:56:6d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04nFPltjxTTzJQf/W4XGJzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0ZDE2MTU5M2RhODE1Y2FjNThkMzQ3OTY1MmQwNDg0ODBk
MjY3MTMwHhcNMjYwMzI5MDgwMTAyWhcNMjYwMzMwMDgwMTAyWjAzMTEwLwYDVQQD
Eyg5MTg5YTIxNDQwNTJiNGQxZjEwZjk1ZjVmOGQ3OWE3ZDY5YTM0MDY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzn3TXCK1nttGaMvD1mbKWkGPE4qZ
WcYqCakyNBKjqNauGaKw6HrrSsx9TQFlWlWOTeCi8D5+BH1oNKvK/6lkOTgL4lwJ
ZJqb4UROBQtalbi83jKRFiHIfb6nYFxlWdsAkbp8PWOQQBiNGapcFzd8Nuj73RCo
mYMdLnE1v6Grc0vSLTKXpOxtf+QQT9yRQBimaHDE3rEj/rfIPwuGCp7WrnEuz19t
84H1gahUm26+WUIzGkAbjUFfvgKeQutgCPz1b7rAcArzU8x/HCvSqALFncDiKUxh
leplO/0l3BC8fNT0t7Vs55yjA16j1xAw2a+Ykmqr/TDy3YPnruCSBvFlkQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJGJohRAUrTR8Q+V9fjXmn1po0BkMB8GA1UdIwQY
MBaAFJTRYVk9qBXKxY00eWUtBISA0mcTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbE5GaFdUMm9GY3JGalRSNVpTMEVoSURTWnhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS8zYzI5NTYtZGY5ZC00MDQ4LWIwMTEt
ZDhlOThiODVhZWE0LzEvbE5GaFdUMm9GY3JGalRSNVpTMEVoSURTWnhNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS8zYzI5NTYtZGY5ZC00MDQ4LWIwMTEtZDhlOThiODVhZWE0
LzEvbE5GaFdUMm9GY3JGalRSNVpTMEVoSURTWnhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcyF0f2OR
4iIvLgVbK8Sh+/5k1onoN7a+5guqGVgZIAgS86wy69DY2L6wwUjbR1s6yWH98y2q
/x1kf9rr2zCP4lh6VvbYhcgGYliLIOYu9LNiRBeyv7NXcZofFphL/IyCH+kHsgdI
EblLdTpBGzoVhOQSuGfkseL9vUzhrWmHp4V2MsZLwlNpha1mHHjepU8bJfC1i1ZE
tTnRhWsb/xJbbfxTNovxcOpD0cdEML/lrNfDYwrSqvDM5vFoOU6NswHLuV2VVyuz
LSPAnDq7t2CcbGbvNHiIuYQgfaoAQpce2Kc5QJn+rRIDmhYm52uALtDMRqWDJxiD
1p5NG58HujZWbQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 14:55:00 2026 by rpki-client