Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/f9d0e9-bda4-42b2-8e7a-d60f44a934b1/1/lf0DtfNbMXtNMv8aSywXuzdsIeE.mft
File: lf0DtfNbMXtNMv8aSywXuzdsIeE.mft (raw, json)
Hash identifier: 29JeVyETjjBBgdHpULPXgUJ5W7iIon80FW6LpQpOs2U=
Subject key identifier: D3:76:87:CB:D9:DC:C7:52:CD:64:C0:E8:A2:A6:03:E9:0D:A8:C2:56
Authority key identifier: 95:FD:03:B5:F3:5B:31:7B:4D:32:FF:1A:4B:2C:17:BB:37:6C:21:E1
Certificate issuer: /CN=95fd03b5f35b317b4d32ff1a4b2c17bb376c21e1
Certificate serial: 019D382E85EF276679EFCF8C89E7B3AE7656
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lf0DtfNbMXtNMv8aSywXuzdsIeE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/f9d0e9-bda4-42b2-8e7a-d60f44a934b1/1/lf0DtfNbMXtNMv8aSywXuzdsIeE.mft
Manifest number: 149C
Signing time: Sun 29 Mar 2026 06:01:06 +0000
Manifest this update: Sun 29 Mar 2026 06:01:06 +0000
Manifest next update: Mon 30 Mar 2026 06:01:06 +0000
Files and hashes: 1: lf0DtfNbMXtNMv8aSywXuzdsIeE.crl (hash: VZePtcU61i3FbM4bmFuLUxSuLA9+yUQIVjKJh8ZI7DM=)
2: lkOGQ8G7v7KQ2Y0qWOrKVoZYTms.roa (hash: d0roMsqX9vnomDLuPDxCBkqVZxb8IXHny4aGCS66Mnk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/f9d0e9-bda4-42b2-8e7a-d60f44a934b1/1/lf0DtfNbMXtNMv8aSywXuzdsIeE.crl
rsync://rpki.ripe.net/repository/DEFAULT/34/f9d0e9-bda4-42b2-8e7a-d60f44a934b1/1/lf0DtfNbMXtNMv8aSywXuzdsIeE.mft
rsync://rpki.ripe.net/repository/DEFAULT/lf0DtfNbMXtNMv8aSywXuzdsIeE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 06:01:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:2e:85:ef:27:66:79:ef:cf:8c:89:e7:b3:ae:76:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=95fd03b5f35b317b4d32ff1a4b2c17bb376c21e1
Validity
Not Before: Mar 29 06:01:06 2026 GMT
Not After : Mar 30 06:01:06 2026 GMT
Subject: CN=d37687cbd9dcc752cd64c0e8a2a603e90da8c256
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:c3:7d:10:86:db:d3:4b:c4:46:5c:ca:f7:34:
07:4b:fa:b7:a6:e0:31:f7:66:f1:48:4f:17:10:68:
9c:87:31:5e:bd:31:e7:b6:68:c4:e4:68:40:bf:c8:
00:b2:69:ac:5d:cf:7e:86:f6:6d:26:5f:26:87:6c:
73:d1:79:44:8b:f8:df:de:61:03:c2:59:5e:a2:e9:
c1:e7:34:ce:1e:0c:84:f6:10:20:57:88:50:d2:f0:
4f:ba:3c:7b:c5:3f:c0:aa:c8:72:c7:66:74:5f:0c:
74:a5:51:a1:36:77:15:de:ce:cf:5b:67:8c:9f:28:
a5:50:75:af:62:97:e1:c3:87:e9:31:65:74:54:d8:
44:5f:86:e7:5d:fc:ce:60:15:df:0b:13:0b:0e:59:
5b:f7:64:65:0d:a1:e8:15:42:30:e3:8a:50:ec:4b:
fd:44:13:33:43:03:ec:8b:95:d1:38:3d:c5:01:c5:
22:a3:d0:ad:74:8b:28:18:7d:4b:cc:e9:73:5b:97:
46:bc:d3:13:09:a2:b1:a4:45:26:90:39:76:8d:c4:
13:e8:7a:e6:72:3f:ce:3a:f5:9c:09:72:a4:d9:9b:
ed:ef:8e:4e:ef:7c:61:1c:c4:94:58:af:a9:7b:c4:
70:7f:d8:17:12:60:26:da:74:a5:00:de:25:7f:6f:
fa:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:76:87:CB:D9:DC:C7:52:CD:64:C0:E8:A2:A6:03:E9:0D:A8:C2:56
X509v3 Authority Key Identifier:
keyid:95:FD:03:B5:F3:5B:31:7B:4D:32:FF:1A:4B:2C:17:BB:37:6C:21:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lf0DtfNbMXtNMv8aSywXuzdsIeE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/f9d0e9-bda4-42b2-8e7a-d60f44a934b1/1/lf0DtfNbMXtNMv8aSywXuzdsIeE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/f9d0e9-bda4-42b2-8e7a-d60f44a934b1/1/lf0DtfNbMXtNMv8aSywXuzdsIeE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
79:79:e5:95:2e:5a:ba:eb:3d:2f:dc:49:ed:a5:60:3f:34:fd:
bf:51:d5:7c:0f:ed:68:3f:75:1f:f7:e5:3f:2e:d3:c3:e7:7b:
c4:45:3b:b3:9e:31:bc:3f:fe:69:8c:51:4d:93:a1:5d:b7:6e:
4a:22:6a:b9:de:46:81:3a:a5:fc:0d:2a:9c:02:0e:12:84:20:
cd:b7:0b:96:d4:0b:fb:79:00:09:58:9d:12:cd:f2:66:74:54:
ad:03:2a:3b:46:05:6d:3f:c1:a3:f2:a7:48:19:42:f5:53:a1:
a0:03:10:d2:d4:9a:6b:c2:da:ba:06:51:bb:5f:28:6e:a3:b0:
7b:38:c2:94:6b:e9:db:35:da:db:8e:f8:97:06:8e:7b:38:dd:
f0:6a:06:27:c8:0c:e2:bf:ab:da:b6:a9:40:ab:a9:47:76:71:
f8:e9:2d:1a:aa:df:b7:08:61:b4:eb:19:96:af:e6:f4:c8:8e:
02:f4:b8:ac:54:97:21:58:79:2c:7c:19:09:a0:88:5f:03:70:
5e:2b:98:55:35:07:b4:1d:48:06:4b:7f:65:08:6f:02:74:c7:
24:0d:96:67:37:bc:16:d6:40:b4:d7:33:a7:98:90:dd:11:5d:
d7:f2:5d:d3:db:7f:c7:66:af:a7:f8:22:2f:fe:c1:78:91:43:
92:e3:03:5b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04LoXvJ2Z578+MieezrnZWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1ZmQwM2I1ZjM1YjMxN2I0ZDMyZmYxYTRiMmMxN2JiMzc2
YzIxZTEwHhcNMjYwMzI5MDYwMTA2WhcNMjYwMzMwMDYwMTA2WjAzMTEwLwYDVQQD
EyhkMzc2ODdjYmQ5ZGNjNzUyY2Q2NGMwZThhMmE2MDNlOTBkYThjMjU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArMN9EIbb00vERlzK9zQHS/q3puAx
92bxSE8XEGichzFevTHntmjE5GhAv8gAsmmsXc9+hvZtJl8mh2xz0XlEi/jf3mED
wlleounB5zTOHgyE9hAgV4hQ0vBPujx7xT/Aqshyx2Z0Xwx0pVGhNncV3s7PW2eM
nyilUHWvYpfhw4fpMWV0VNhEX4bnXfzOYBXfCxMLDllb92RlDaHoFUIw44pQ7Ev9
RBMzQwPsi5XROD3FAcUio9CtdIsoGH1LzOlzW5dGvNMTCaKxpEUmkDl2jcQT6Hrm
cj/OOvWcCXKk2Zvt745O73xhHMSUWK+pe8Rwf9gXEmAm2nSlAN4lf2/6wQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNN2h8vZ3MdSzWTA6KKmA+kNqMJWMB8GA1UdIwQY
MBaAFJX9A7XzWzF7TTL/GkssF7s3bCHhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGYwRHRmTmJNWHROTXY4YVN5d1h1emRzSWVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9mOWQwZTktYmRhNC00MmIyLThlN2Et
ZDYwZjQ0YTkzNGIxLzEvbGYwRHRmTmJNWHROTXY4YVN5d1h1emRzSWVFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9mOWQwZTktYmRhNC00MmIyLThlN2EtZDYwZjQ0YTkzNGIx
LzEvbGYwRHRmTmJNWHROTXY4YVN5d1h1emRzSWVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeXnllS5a
uus9L9xJ7aVgPzT9v1HVfA/taD91H/flPy7Tw+d7xEU7s54xvD/+aYxRTZOhXbdu
SiJqud5GgTql/A0qnAIOEoQgzbcLltQL+3kACVidEs3yZnRUrQMqO0YFbT/Bo/Kn
SBlC9VOhoAMQ0tSaa8LaugZRu18obqOwezjClGvp2zXa2474lwaOezjd8GoGJ8gM
4r+r2rapQKupR3Zx+OktGqrftwhhtOsZlq/m9MiOAvS4rFSXIVh5LHwZCaCIXwNw
XiuYVTUHtB1IBkt/ZQhvAnTHJA2WZze8FtZAtNczp5iQ3RFd1/Jd09t/x2avp/gi
L/7BeJFDkuMDWw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:13:20 2026 by rpki-client