Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/320ef9-3541-4321-80ff-f85c60be340d/1/lWmTFkJJYHEcLo7LU2vdArxyT60.mft
File: lWmTFkJJYHEcLo7LU2vdArxyT60.mft (raw, json)
Hash identifier: j9axykR1mTlG1M3Inxjws1l67Sc/usrPShYldyMivBY=
Subject key identifier: DF:FA:6F:E4:3A:9B:63:16:0C:84:F2:27:42:F8:65:DD:A1:25:09:A8
Authority key identifier: 95:69:93:16:42:49:60:71:1C:2E:8E:CB:53:6B:DD:02:BC:72:4F:AD
Certificate issuer: /CN=95699316424960711c2e8ecb536bdd02bc724fad
Certificate serial: 019D3788FE116D9321100D6F7197D7F30399
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lWmTFkJJYHEcLo7LU2vdArxyT60.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/320ef9-3541-4321-80ff-f85c60be340d/1/lWmTFkJJYHEcLo7LU2vdArxyT60.mft
Manifest number: 0708
Signing time: Sun 29 Mar 2026 03:00:17 +0000
Manifest this update: Sun 29 Mar 2026 03:00:17 +0000
Manifest next update: Mon 30 Mar 2026 03:00:17 +0000
Files and hashes: 1: lWmTFkJJYHEcLo7LU2vdArxyT60.crl (hash: WWU4Y4S7kv5bdYjEJUcL1tARSyF89oMS3GhbSExU+g4=)
2: t8SQMGrl26r1gRo4N2MntzBn8Fo.roa (hash: KLhgVuuIFKpUzDmtTgaR/z7BuurCfK28TIL8+NxxxH8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/320ef9-3541-4321-80ff-f85c60be340d/1/lWmTFkJJYHEcLo7LU2vdArxyT60.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/320ef9-3541-4321-80ff-f85c60be340d/1/lWmTFkJJYHEcLo7LU2vdArxyT60.mft
rsync://rpki.ripe.net/repository/DEFAULT/lWmTFkJJYHEcLo7LU2vdArxyT60.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 03:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:88:fe:11:6d:93:21:10:0d:6f:71:97:d7:f3:03:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=95699316424960711c2e8ecb536bdd02bc724fad
Validity
Not Before: Mar 29 03:00:17 2026 GMT
Not After : Mar 30 03:00:17 2026 GMT
Subject: CN=dffa6fe43a9b63160c84f22742f865dda12509a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:a2:65:30:92:33:7f:60:c3:93:9a:1f:d1:bb:
54:c0:b7:6c:89:7f:a3:97:3f:dc:b5:c9:00:b3:b2:
57:ba:05:21:a2:c9:dd:a4:65:d6:6a:a8:3e:dd:5f:
f4:d4:99:1c:d9:2c:e7:00:80:9c:45:ee:c3:52:c6:
98:ae:6f:87:53:2c:25:c6:47:b8:89:39:17:b1:69:
f8:1c:9d:07:f9:50:ad:33:c5:73:5d:08:05:29:49:
15:7f:14:e5:5d:5b:e4:b7:ef:8b:14:45:57:9e:d5:
8a:0f:bc:17:f5:ab:d9:6c:00:4f:0c:73:93:6e:68:
fe:52:a6:f3:86:fa:6e:c6:08:17:88:88:5e:94:f9:
10:23:a3:12:2c:b0:d1:39:be:00:24:58:4e:c9:e5:
54:16:51:29:42:3d:ee:b6:4d:bc:82:27:76:8b:53:
89:23:c2:5e:f2:e4:8d:63:49:ae:27:a0:15:79:17:
21:ff:c5:f5:a8:3c:3a:48:5b:7c:d0:37:c2:f2:ad:
b6:74:e3:14:0f:16:53:e7:f3:8e:83:4d:cd:f8:77:
64:6a:42:85:3b:fe:a2:68:25:f6:c3:77:f4:92:a8:
8b:e9:93:d0:55:9a:26:00:2e:6b:68:f2:05:5e:c4:
71:0a:5a:d7:13:29:1c:3d:2b:8f:e1:5a:ce:30:8f:
59:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:FA:6F:E4:3A:9B:63:16:0C:84:F2:27:42:F8:65:DD:A1:25:09:A8
X509v3 Authority Key Identifier:
keyid:95:69:93:16:42:49:60:71:1C:2E:8E:CB:53:6B:DD:02:BC:72:4F:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lWmTFkJJYHEcLo7LU2vdArxyT60.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/320ef9-3541-4321-80ff-f85c60be340d/1/lWmTFkJJYHEcLo7LU2vdArxyT60.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/320ef9-3541-4321-80ff-f85c60be340d/1/lWmTFkJJYHEcLo7LU2vdArxyT60.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
79:9e:5e:19:e3:78:e6:9b:04:4d:a7:40:14:17:20:13:e0:c5:
b5:0d:4f:2a:5e:3d:a3:70:bc:99:df:e5:dc:4f:57:d7:ff:ee:
08:5a:db:fd:ba:ee:a6:db:1c:0f:f4:9c:0d:c9:7c:a0:f6:8f:
58:84:b2:bc:6e:a8:97:22:db:b8:68:f7:e0:c8:dc:f3:89:0c:
87:6e:f9:4a:68:49:38:e1:60:04:c2:e4:20:cf:4f:03:fb:6a:
42:5a:ee:2b:5b:81:97:84:88:0a:cd:8f:c8:7e:22:51:a6:2b:
c5:61:76:4e:c6:2b:e4:ef:ae:04:d3:1b:f1:bb:a9:63:94:e6:
17:34:80:8a:a9:30:38:7d:5d:46:ff:38:00:8b:81:50:53:03:
0c:10:f2:d4:99:e4:b3:7f:6a:27:2d:24:be:79:f3:63:f3:b5:
36:ee:3e:c8:7f:46:22:0c:25:88:1a:d8:40:5c:f9:7b:50:9f:
d4:06:cd:d2:7b:ff:03:45:fc:b4:39:2a:48:a8:1d:d6:ff:a2:
e1:93:60:03:33:2b:3a:f7:2b:49:6a:7b:52:e8:df:e8:82:8b:
3d:9e:43:71:2b:d8:9b:d1:cf:7d:c2:cd:b6:69:14:3e:8d:36:
02:6e:92:1c:c7:e2:64:80:58:9e:fb:4f:db:4c:2e:07:16:cb:
c3:67:48:96
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03iP4RbZMhEA1vcZfX8wOZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1Njk5MzE2NDI0OTYwNzExYzJlOGVjYjUzNmJkZDAyYmM3
MjRmYWQwHhcNMjYwMzI5MDMwMDE3WhcNMjYwMzMwMDMwMDE3WjAzMTEwLwYDVQQD
EyhkZmZhNmZlNDNhOWI2MzE2MGM4NGYyMjc0MmY4NjVkZGExMjUwOWE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1KJlMJIzf2DDk5of0btUwLdsiX+j
lz/ctckAs7JXugUhosndpGXWaqg+3V/01Jkc2SznAICcRe7DUsaYrm+HUywlxke4
iTkXsWn4HJ0H+VCtM8VzXQgFKUkVfxTlXVvkt++LFEVXntWKD7wX9avZbABPDHOT
bmj+UqbzhvpuxggXiIhelPkQI6MSLLDROb4AJFhOyeVUFlEpQj3utk28gid2i1OJ
I8Je8uSNY0muJ6AVeRch/8X1qDw6SFt80DfC8q22dOMUDxZT5/OOg03N+HdkakKF
O/6iaCX2w3f0kqiL6ZPQVZomAC5raPIFXsRxClrXEykcPSuP4VrOMI9ZowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN/6b+Q6m2MWDITyJ0L4Zd2hJQmoMB8GA1UdIwQY
MBaAFJVpkxZCSWBxHC6Oy1Nr3QK8ck+tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFdtVEZrSkpZSEVjTG83TFUydmRBcnh5VDYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS8zMjBlZjktMzU0MS00MzIxLTgwZmYt
Zjg1YzYwYmUzNDBkLzEvbFdtVEZrSkpZSEVjTG83TFUydmRBcnh5VDYwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS8zMjBlZjktMzU0MS00MzIxLTgwZmYtZjg1YzYwYmUzNDBk
LzEvbFdtVEZrSkpZSEVjTG83TFUydmRBcnh5VDYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeZ5eGeN4
5psETadAFBcgE+DFtQ1PKl49o3C8md/l3E9X1//uCFrb/bruptscD/ScDcl8oPaP
WISyvG6olyLbuGj34Mjc84kMh275SmhJOOFgBMLkIM9PA/tqQlruK1uBl4SICs2P
yH4iUaYrxWF2TsYr5O+uBNMb8bupY5TmFzSAiqkwOH1dRv84AIuBUFMDDBDy1Jnk
s39qJy0kvnnzY/O1Nu4+yH9GIgwliBrYQFz5e1Cf1AbN0nv/A0X8tDkqSKgd1v+i
4ZNgAzMrOvcrSWp7Uujf6IKLPZ5DcSvYm9HPfcLNtmkUPo02Am6SHMfiZIBYnvtP
20wuBxbLw2dIlg==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:39:52 2026 by rpki-client