Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/3aa386-9057-49a0-a229-5e77fa0333a3/1/lsDOn4fZ0nX2yuTcnN-11EN9jOs.mft
File: lsDOn4fZ0nX2yuTcnN-11EN9jOs.mft (raw, json)
Hash identifier: gWisawabxM92WK/nR+kIlgBADBHDXNA9FbD6ZDfHNQY=
Subject key identifier: 41:D8:6C:D4:72:8C:D5:D6:FA:8B:EB:1D:6E:AD:E5:20:E9:66:A2:7B
Authority key identifier: 96:C0:CE:9F:87:D9:D2:75:F6:CA:E4:DC:9C:DF:B5:D4:43:7D:8C:EB
Certificate issuer: /CN=96c0ce9f87d9d275f6cae4dc9cdfb5d4437d8ceb
Certificate serial: 019D3789BF07DB762094DE5122F205E0D800
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lsDOn4fZ0nX2yuTcnN-11EN9jOs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/3aa386-9057-49a0-a229-5e77fa0333a3/1/lsDOn4fZ0nX2yuTcnN-11EN9jOs.mft
Manifest number: 1047
Signing time: Sun 29 Mar 2026 03:01:07 +0000
Manifest this update: Sun 29 Mar 2026 03:01:07 +0000
Manifest next update: Mon 30 Mar 2026 03:01:07 +0000
Files and hashes: 1: drsnkuosbg6qvFQb_xFsNGudfnU.roa (hash: NBvp9SPTa0IGtzv6khJhiENmtNEIw9wGReWShX2mC+o=)
2: lsDOn4fZ0nX2yuTcnN-11EN9jOs.crl (hash: nou+6Q54sDlJ6saV/F+HUWisYJQNy550ZkQg3ai28UI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/50/3aa386-9057-49a0-a229-5e77fa0333a3/1/lsDOn4fZ0nX2yuTcnN-11EN9jOs.crl
rsync://rpki.ripe.net/repository/DEFAULT/50/3aa386-9057-49a0-a229-5e77fa0333a3/1/lsDOn4fZ0nX2yuTcnN-11EN9jOs.mft
rsync://rpki.ripe.net/repository/DEFAULT/lsDOn4fZ0nX2yuTcnN-11EN9jOs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 03:01:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:89:bf:07:db:76:20:94:de:51:22:f2:05:e0:d8:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=96c0ce9f87d9d275f6cae4dc9cdfb5d4437d8ceb
Validity
Not Before: Mar 29 03:01:07 2026 GMT
Not After : Mar 30 03:01:07 2026 GMT
Subject: CN=41d86cd4728cd5d6fa8beb1d6eade520e966a27b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:91:94:4a:3b:75:3b:83:ee:45:9a:97:ad:36:
9e:fd:14:4c:64:b6:8a:e9:d5:d8:5c:0a:f9:b3:a4:
8f:8d:ce:6b:0d:31:9e:6f:7b:cb:bc:b2:f2:e0:7d:
f7:87:e0:ac:80:08:90:16:e5:1a:1d:82:64:08:70:
68:87:3c:3c:b6:1f:d8:2e:08:5e:2b:af:02:7e:d4:
f3:21:9c:e9:f2:6b:32:6a:cb:00:09:02:e3:80:d0:
85:0d:b1:01:58:c5:28:1f:a8:aa:d8:ca:f4:06:a6:
cd:09:75:ec:7a:0b:f5:49:b3:ba:b0:5a:03:28:17:
e6:fc:49:7d:20:f8:d6:c5:f5:13:04:6e:32:eb:b5:
08:9f:ef:a5:dc:f8:3e:07:9e:3b:2a:44:3e:8a:75:
dc:cc:8f:fa:d2:c6:bb:ae:b0:8f:2b:96:44:af:ec:
ee:8b:bf:e6:d7:72:1b:00:09:62:54:2f:60:dc:27:
c9:8c:fb:b4:ae:f5:6a:79:ee:42:c7:8b:53:5b:9b:
b1:c1:87:87:17:15:e3:e0:29:59:63:19:3d:d1:78:
ff:46:df:6a:e9:51:8c:3f:8a:2d:70:e3:f1:8d:93:
3e:97:93:d8:d1:c3:9b:f2:a0:d1:46:8c:e6:2d:88:
f7:e7:47:ce:66:03:ee:75:f0:98:ad:3d:d2:e8:c5:
1b:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:D8:6C:D4:72:8C:D5:D6:FA:8B:EB:1D:6E:AD:E5:20:E9:66:A2:7B
X509v3 Authority Key Identifier:
keyid:96:C0:CE:9F:87:D9:D2:75:F6:CA:E4:DC:9C:DF:B5:D4:43:7D:8C:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lsDOn4fZ0nX2yuTcnN-11EN9jOs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/3aa386-9057-49a0-a229-5e77fa0333a3/1/lsDOn4fZ0nX2yuTcnN-11EN9jOs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/3aa386-9057-49a0-a229-5e77fa0333a3/1/lsDOn4fZ0nX2yuTcnN-11EN9jOs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4e:42:c8:a8:64:0e:69:8b:94:c3:a9:5d:59:01:5a:e0:a9:93:
ec:c9:5c:16:66:a5:37:5e:b5:32:36:75:6f:e7:2f:a2:2b:a0:
af:fa:80:a9:0f:84:6b:71:c5:89:2a:7d:cd:2f:8d:a8:c7:fd:
01:f9:94:88:50:e0:f3:e0:79:39:9a:93:c6:86:cd:6c:26:26:
94:a4:27:28:eb:69:9b:1f:24:25:4f:f2:4c:f1:57:6e:a5:60:
15:bf:70:3f:90:08:e5:32:fe:2a:5c:60:68:46:0c:88:1a:23:
fc:43:37:57:14:b4:9c:07:85:f2:a4:86:74:dc:f3:ab:83:71:
bb:12:67:9f:a5:9f:9b:d8:05:43:d0:7f:5b:b2:b6:fc:35:80:
35:ea:0b:78:5d:82:26:f8:8e:55:cb:11:6b:be:b2:9d:45:20:
56:f4:b6:3b:7f:50:b7:f1:b7:dd:6d:b4:a1:57:b7:9c:1b:a1:
4f:a5:27:ff:a3:d7:31:86:60:b3:84:e3:45:5f:7f:4c:0a:cc:
87:73:1d:13:9c:f9:95:48:03:f3:9f:ee:c2:2c:4b:3b:27:9a:
16:e3:2b:71:a0:cc:91:2e:53:92:c6:b5:20:0a:0d:7b:35:3a:
50:03:f9:1d:9f:c1:58:2c:b4:de:c0:08:14:04:0f:42:56:f6:
b5:8d:63:ea
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03ib8H23YglN5RIvIF4NgAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2YzBjZTlmODdkOWQyNzVmNmNhZTRkYzljZGZiNWQ0NDM3
ZDhjZWIwHhcNMjYwMzI5MDMwMTA3WhcNMjYwMzMwMDMwMTA3WjAzMTEwLwYDVQQD
Eyg0MWQ4NmNkNDcyOGNkNWQ2ZmE4YmViMWQ2ZWFkZTUyMGU5NjZhMjdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArJGUSjt1O4PuRZqXrTae/RRMZLaK
6dXYXAr5s6SPjc5rDTGeb3vLvLLy4H33h+CsgAiQFuUaHYJkCHBohzw8th/YLghe
K68CftTzIZzp8msyassACQLjgNCFDbEBWMUoH6iq2Mr0BqbNCXXsegv1SbO6sFoD
KBfm/El9IPjWxfUTBG4y67UIn++l3Pg+B547KkQ+inXczI/60sa7rrCPK5ZEr+zu
i7/m13IbAAliVC9g3CfJjPu0rvVqee5Cx4tTW5uxwYeHFxXj4ClZYxk90Xj/Rt9q
6VGMP4otcOPxjZM+l5PY0cOb8qDRRozmLYj350fOZgPudfCYrT3S6MUbLwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEHYbNRyjNXW+ovrHW6t5SDpZqJ7MB8GA1UdIwQY
MBaAFJbAzp+H2dJ19srk3JzftdRDfYzrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHNET240ZlowblgyeXVUY25OLTExRU45ak9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC8zYWEzODYtOTA1Ny00OWEwLWEyMjkt
NWU3N2ZhMDMzM2EzLzEvbHNET240ZlowblgyeXVUY25OLTExRU45ak9zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC8zYWEzODYtOTA1Ny00OWEwLWEyMjktNWU3N2ZhMDMzM2Ez
LzEvbHNET240ZlowblgyeXVUY25OLTExRU45ak9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATkLIqGQO
aYuUw6ldWQFa4KmT7MlcFmalN161MjZ1b+cvoiugr/qAqQ+Ea3HFiSp9zS+NqMf9
AfmUiFDg8+B5OZqTxobNbCYmlKQnKOtpmx8kJU/yTPFXbqVgFb9wP5AI5TL+Klxg
aEYMiBoj/EM3VxS0nAeF8qSGdNzzq4NxuxJnn6Wfm9gFQ9B/W7K2/DWANeoLeF2C
JviOVcsRa76ynUUgVvS2O39Qt/G33W20oVe3nBuhT6Un/6PXMYZgs4TjRV9/TArM
h3MdE5z5lUgD85/uwixLOyeaFuMrcaDMkS5Tksa1IAoNezU6UAP5HZ/BWCy03sAI
FAQPQlb2tY1j6g==
-----END CERTIFICATE-----
Generated at Sun Mar 29 13:43:15 2026 by rpki-client