Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/5557fc-7653-40a9-99c3-7ea9905c3fbd/1/lhzPqdAsvwWWDjovkHmFnM1urW0.mft
File: lhzPqdAsvwWWDjovkHmFnM1urW0.mft (raw, json)
Hash identifier: w/AHbqYbfnKsEEC+V3EsF0Wq3maVGoQQlMrRbx2yIu8=
Subject key identifier: D4:B7:56:27:F2:56:14:66:92:14:98:36:B8:2F:99:92:48:E0:BF:27
Authority key identifier: 96:1C:CF:A9:D0:2C:BF:05:96:0E:3A:2F:90:79:85:9C:CD:6E:AD:6D
Certificate issuer: /CN=961ccfa9d02cbf05960e3a2f9079859ccd6ead6d
Certificate serial: 019D371B6C0EAC5AAA6F6DAB900D77252183
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lhzPqdAsvwWWDjovkHmFnM1urW0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/5557fc-7653-40a9-99c3-7ea9905c3fbd/1/lhzPqdAsvwWWDjovkHmFnM1urW0.mft
Manifest number: 1890
Signing time: Sun 29 Mar 2026 01:00:37 +0000
Manifest this update: Sun 29 Mar 2026 01:00:37 +0000
Manifest next update: Mon 30 Mar 2026 01:00:37 +0000
Files and hashes: 1: lhzPqdAsvwWWDjovkHmFnM1urW0.crl (hash: ojqiivte/edrdzurAxJphfs3UFOuWQ7l4J9gNhv6ifE=)
2: w0kB1zEMHJSO_FqxY-PIC1zhJaM.roa (hash: Jo7kfxvYvl4YezCWXB8JTsC1u0CS/mCRNmsNeTUMvRs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/5557fc-7653-40a9-99c3-7ea9905c3fbd/1/lhzPqdAsvwWWDjovkHmFnM1urW0.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/5557fc-7653-40a9-99c3-7ea9905c3fbd/1/lhzPqdAsvwWWDjovkHmFnM1urW0.mft
rsync://rpki.ripe.net/repository/DEFAULT/lhzPqdAsvwWWDjovkHmFnM1urW0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 01:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:1b:6c:0e:ac:5a:aa:6f:6d:ab:90:0d:77:25:21:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=961ccfa9d02cbf05960e3a2f9079859ccd6ead6d
Validity
Not Before: Mar 29 01:00:37 2026 GMT
Not After : Mar 30 01:00:37 2026 GMT
Subject: CN=d4b75627f256146692149836b82f999248e0bf27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:fe:be:b0:02:76:cf:85:33:25:38:9f:e0:a9:
3c:68:dc:7c:0a:46:38:0b:f9:f5:1c:1c:4f:65:da:
91:f8:93:84:97:e4:fa:92:a0:ff:65:c8:2b:3d:6a:
01:e9:13:76:4d:b7:f8:c7:74:90:dd:7c:82:de:f2:
cb:e7:4e:c8:3b:98:81:46:04:f3:34:3e:f1:81:ff:
ac:96:50:d9:5d:96:90:e6:e7:cb:b9:d2:e0:db:90:
8a:b5:35:93:5b:a2:86:47:17:4a:c6:05:3c:7a:07:
f7:51:4a:c2:65:e1:be:07:6a:8f:2c:3c:3e:6e:27:
30:8c:88:75:1e:26:5a:6a:08:01:b1:54:a3:e5:62:
56:26:cb:c9:fc:4b:c3:2e:b0:1e:5f:02:6e:d6:a9:
aa:d8:21:15:b4:b4:4c:21:6a:85:ad:65:88:2a:d4:
fe:b1:0e:e1:70:ae:06:a0:b7:57:3f:07:c2:9e:a2:
77:45:30:ee:5d:85:9d:9f:5b:d3:43:ae:5f:86:9d:
01:77:f5:6e:09:7a:db:63:7d:e2:2e:d2:0d:eb:5f:
cd:aa:e9:56:1c:40:b7:4c:fe:da:5d:6b:e9:ca:96:
d8:4f:62:92:68:fd:c1:1f:d5:c1:57:76:83:41:b8:
f2:0a:37:47:4c:fd:56:4a:78:57:9c:38:4e:03:b3:
30:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:B7:56:27:F2:56:14:66:92:14:98:36:B8:2F:99:92:48:E0:BF:27
X509v3 Authority Key Identifier:
keyid:96:1C:CF:A9:D0:2C:BF:05:96:0E:3A:2F:90:79:85:9C:CD:6E:AD:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lhzPqdAsvwWWDjovkHmFnM1urW0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/5557fc-7653-40a9-99c3-7ea9905c3fbd/1/lhzPqdAsvwWWDjovkHmFnM1urW0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/5557fc-7653-40a9-99c3-7ea9905c3fbd/1/lhzPqdAsvwWWDjovkHmFnM1urW0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6d:17:2e:01:6b:4c:5e:16:ce:45:f1:84:71:7e:ba:fb:54:ae:
11:9e:32:d1:57:2c:7c:5e:5f:11:a9:89:f7:53:7e:e7:17:92:
1a:4f:28:16:cb:c2:3e:a2:8a:4f:a2:6f:10:52:24:5e:b9:af:
22:c7:cb:18:11:76:24:33:15:ea:1b:9b:67:03:fc:3f:b4:3d:
bd:e4:60:bf:06:bc:17:e5:2d:b5:ca:14:c9:70:aa:3b:38:91:
2c:56:15:32:6c:48:16:e2:c4:b1:cc:81:a2:a2:9f:fc:0b:81:
73:e1:93:7e:d9:5d:4a:21:2c:81:23:aa:d9:1e:8a:7d:21:20:
59:25:4d:c4:d2:cb:24:e9:cb:96:3a:44:0f:69:8e:1f:a0:43:
e7:3f:f1:55:78:b1:3d:cb:00:5e:2d:7c:c6:09:d5:d5:3f:41:
af:0b:e6:27:26:65:1f:d9:a3:5b:87:0e:43:d6:e1:35:82:cf:
1f:e5:5d:60:e0:04:b0:a3:60:c9:6b:de:58:48:19:98:47:6f:
77:6c:0b:2a:a9:fd:d8:ce:f3:66:ec:3c:cd:8f:7a:2c:31:9b:
4d:b9:2f:66:37:99:91:96:ba:17:ff:51:f9:e6:ea:31:9b:46:
ca:7a:6a:46:ad:f5:94:03:1b:b2:95:2e:8e:c8:4b:f0:94:e8:
e8:c6:5a:2c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03G2wOrFqqb22rkA13JSGDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2MWNjZmE5ZDAyY2JmMDU5NjBlM2EyZjkwNzk4NTljY2Q2
ZWFkNmQwHhcNMjYwMzI5MDEwMDM3WhcNMjYwMzMwMDEwMDM3WjAzMTEwLwYDVQQD
EyhkNGI3NTYyN2YyNTYxNDY2OTIxNDk4MzZiODJmOTk5MjQ4ZTBiZjI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5f6+sAJ2z4UzJTif4Kk8aNx8CkY4
C/n1HBxPZdqR+JOEl+T6kqD/ZcgrPWoB6RN2Tbf4x3SQ3XyC3vLL507IO5iBRgTz
ND7xgf+sllDZXZaQ5ufLudLg25CKtTWTW6KGRxdKxgU8egf3UUrCZeG+B2qPLDw+
bicwjIh1HiZaaggBsVSj5WJWJsvJ/EvDLrAeXwJu1qmq2CEVtLRMIWqFrWWIKtT+
sQ7hcK4GoLdXPwfCnqJ3RTDuXYWdn1vTQ65fhp0Bd/VuCXrbY33iLtIN61/NqulW
HEC3TP7aXWvpypbYT2KSaP3BH9XBV3aDQbjyCjdHTP1WSnhXnDhOA7MwrQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNS3VifyVhRmkhSYNrgvmZJI4L8nMB8GA1UdIwQY
MBaAFJYcz6nQLL8Flg46L5B5hZzNbq1tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGh6UHFkQXN2d1dXRGpvdmtIbUZuTTF1clcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi81NTU3ZmMtNzY1My00MGE5LTk5YzMt
N2VhOTkwNWMzZmJkLzEvbGh6UHFkQXN2d1dXRGpvdmtIbUZuTTF1clcwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi81NTU3ZmMtNzY1My00MGE5LTk5YzMtN2VhOTkwNWMzZmJk
LzEvbGh6UHFkQXN2d1dXRGpvdmtIbUZuTTF1clcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbRcuAWtM
XhbORfGEcX66+1SuEZ4y0VcsfF5fEamJ91N+5xeSGk8oFsvCPqKKT6JvEFIkXrmv
IsfLGBF2JDMV6hubZwP8P7Q9veRgvwa8F+UttcoUyXCqOziRLFYVMmxIFuLEscyB
oqKf/AuBc+GTftldSiEsgSOq2R6KfSEgWSVNxNLLJOnLljpED2mOH6BD5z/xVXix
PcsAXi18xgnV1T9BrwvmJyZlH9mjW4cOQ9bhNYLPH+VdYOAEsKNgyWveWEgZmEdv
d2wLKqn92M7zZuw8zY96LDGbTbkvZjeZkZa6F/9R+ebqMZtGynpqRq31lAMbspUu
jshL8JTo6MZaLA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:29:54 2026 by rpki-client