Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/82e876-c997-4605-87aa-8ac4a21938b4/1/lHMg0DCTAXjm987vkdKrh4TT3BY.mft
File: lHMg0DCTAXjm987vkdKrh4TT3BY.mft (raw, json)
Hash identifier: cRnh+V2UavdYJD6AhxhHc0LXjhjSzvoPY1ttltNx3H8=
Subject key identifier: 49:50:67:11:7D:66:16:9F:8C:9C:5B:6F:2B:9B:CC:C8:12:16:F6:04
Authority key identifier: 94:73:20:D0:30:93:01:78:E6:F7:CE:EF:91:D2:AB:87:84:D3:DC:16
Certificate issuer: /CN=947320d030930178e6f7ceef91d2ab8784d3dc16
Certificate serial: 019CE5233FE79C517BD2DD57C3229A852CBF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lHMg0DCTAXjm987vkdKrh4TT3BY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/82e876-c997-4605-87aa-8ac4a21938b4/1/lHMg0DCTAXjm987vkdKrh4TT3BY.mft
Manifest number: 1496
Signing time: Fri 13 Mar 2026 03:00:18 +0000
Manifest this update: Fri 13 Mar 2026 03:00:18 +0000
Manifest next update: Sat 14 Mar 2026 03:00:18 +0000
Files and hashes: 1: 15WLZBLgJ9g9rpon7ikwmnOpu2o.roa (hash: cDtWR/sWDEjocXdbWFuLldw8hA+RRTGqd9G5Qgigc2g=)
2: L4FVL-IOve6YhBWZ8jz8Nor0cv4.roa (hash: IchcC27uPlsKIbmA49GFEPAY66Qr3a8M8fgjbxbsGQs=)
3: j7qwhPrSo-8ueCrFJo_GWwM93Tg.roa (hash: gJyu32k59hXhVllwZCm02crtrLnwlpxMsqibTEWrODw=)
4: jb81OuVJup1PLJeMNccOVNPoCJ8.roa (hash: deKoWNZnlpwFwiqew1tUzp1N8o/V+tWA//EpRC0uV3s=)
5: kEA4tj_KkVDLvM2DWnwX5k8m6BI.roa (hash: pnHIraVgBAZPz/3bw02SbdT0VFhTYaLYb8ZPwjAg3r4=)
6: lHMg0DCTAXjm987vkdKrh4TT3BY.crl (hash: 6haRpfE5Bax0UlybJYZlzWNAvBTKWhPhlLdqJnwdcZg=)
7: q-8ltpoThmmPBuTuT5C4cGm14Tk.roa (hash: 5hF8BW/BSTiPn3vyhPttnkUg4VDyaJiwZYhFxh/LtpA=)
8: zjv8SZhQ9gV8oRmS9YUAJhkKaT8.roa (hash: 9mmbxYMsoWHE5kxulUQxb1ol9WOyJhGIh77y7/oMRtM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/84/82e876-c997-4605-87aa-8ac4a21938b4/1/lHMg0DCTAXjm987vkdKrh4TT3BY.crl
rsync://rpki.ripe.net/repository/DEFAULT/84/82e876-c997-4605-87aa-8ac4a21938b4/1/lHMg0DCTAXjm987vkdKrh4TT3BY.mft
rsync://rpki.ripe.net/repository/DEFAULT/lHMg0DCTAXjm987vkdKrh4TT3BY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 14 Mar 2026 03:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:e5:23:3f:e7:9c:51:7b:d2:dd:57:c3:22:9a:85:2c:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=947320d030930178e6f7ceef91d2ab8784d3dc16
Validity
Not Before: Mar 13 03:00:18 2026 GMT
Not After : Mar 14 03:00:18 2026 GMT
Subject: CN=495067117d66169f8c9c5b6f2b9bccc81216f604
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:53:92:94:1a:cb:d3:7e:ed:2a:c5:9a:0d:17:
47:29:8d:5f:68:94:15:02:85:27:03:e2:81:94:e5:
31:b0:30:a8:98:6a:83:88:19:91:de:2d:89:41:11:
f8:be:9e:a2:7d:a6:0e:15:07:83:b1:58:0d:7b:2b:
8a:20:b8:68:4a:02:a0:8c:9b:f9:af:c6:f9:86:17:
07:f4:61:79:a5:6c:d5:a2:ee:87:1b:1a:a0:f6:7a:
ca:f7:0c:c0:5b:65:f0:01:48:85:25:ea:43:10:aa:
6f:8e:4e:af:e9:bd:50:e2:9d:0a:fe:df:94:a4:cf:
cc:b2:b7:db:b7:c6:fe:09:2e:77:ee:17:2a:bb:c9:
21:c8:41:f5:f1:7c:63:bb:67:f3:19:1b:f7:f5:07:
ab:36:7c:3d:fd:11:3f:18:a7:87:60:18:fb:c8:23:
ea:c3:ee:da:e9:90:c0:88:8e:fa:df:a4:a2:d7:c5:
fd:df:5c:5c:a0:0a:39:1e:18:e4:44:71:f2:54:99:
9c:f3:fe:76:b2:79:8c:02:24:7d:31:d0:29:b7:b3:
3c:58:f4:19:c9:10:bb:aa:e6:1c:a3:4d:82:f8:95:
93:41:a8:ad:9b:d2:7d:33:b1:32:8d:c0:3c:a9:6e:
d2:1a:56:6c:50:be:b8:fb:20:46:6a:48:35:0d:f3:
29:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:50:67:11:7D:66:16:9F:8C:9C:5B:6F:2B:9B:CC:C8:12:16:F6:04
X509v3 Authority Key Identifier:
keyid:94:73:20:D0:30:93:01:78:E6:F7:CE:EF:91:D2:AB:87:84:D3:DC:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lHMg0DCTAXjm987vkdKrh4TT3BY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/82e876-c997-4605-87aa-8ac4a21938b4/1/lHMg0DCTAXjm987vkdKrh4TT3BY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/82e876-c997-4605-87aa-8ac4a21938b4/1/lHMg0DCTAXjm987vkdKrh4TT3BY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
31:2c:c0:0e:a2:b0:69:0a:79:8a:b2:a8:1b:a2:57:55:7b:58:
6a:4a:9d:30:0b:c6:6e:b0:6f:6c:0b:43:d6:07:68:1b:d3:ed:
92:38:b8:d6:fc:d8:d1:3a:71:a6:a7:8b:ae:35:17:fc:48:0c:
50:34:c8:88:df:d0:b5:51:12:ba:4e:18:29:93:6e:e1:96:70:
ac:8e:85:fc:f9:b4:c1:95:c5:bc:f9:49:c0:0d:30:6c:28:a2:
5f:67:27:a0:35:3e:6e:08:16:9d:97:0c:f1:ba:c7:2c:74:ea:
8c:61:07:b5:15:b2:38:6d:9a:12:ef:3c:8e:08:67:67:70:b0:
3b:07:b8:61:93:f2:73:84:c2:b8:8a:5e:20:cb:a0:ab:27:c8:
b5:2d:ee:f7:de:c8:4f:64:57:92:a4:9b:3d:aa:d6:3c:1a:78:
08:1d:c3:ef:dd:0c:d9:d3:25:e3:c8:50:24:31:0a:2a:67:b8:
08:78:d7:f0:97:c1:17:1f:92:e2:b6:47:30:9d:79:7c:26:d8:
4f:a3:8c:04:c5:8e:6f:59:52:db:bb:68:66:4a:22:b7:0f:60:
e0:cb:fb:e1:8e:22:f7:9e:76:bf:48:41:4e:93:67:2d:91:6a:
e2:ed:62:8a:91:93:1a:53:3a:03:88:82:93:eb:6f:42:dc:51:
86:8c:ad:24
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZzlIz/nnFF70t1XwyKahSy/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0NzMyMGQwMzA5MzAxNzhlNmY3Y2VlZjkxZDJhYjg3ODRk
M2RjMTYwHhcNMjYwMzEzMDMwMDE4WhcNMjYwMzE0MDMwMDE4WjAzMTEwLwYDVQQD
Eyg0OTUwNjcxMTdkNjYxNjlmOGM5YzViNmYyYjliY2NjODEyMTZmNjA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1VOSlBrL037tKsWaDRdHKY1faJQV
AoUnA+KBlOUxsDComGqDiBmR3i2JQRH4vp6ifaYOFQeDsVgNeyuKILhoSgKgjJv5
r8b5hhcH9GF5pWzVou6HGxqg9nrK9wzAW2XwAUiFJepDEKpvjk6v6b1Q4p0K/t+U
pM/Msrfbt8b+CS537hcqu8khyEH18Xxju2fzGRv39QerNnw9/RE/GKeHYBj7yCPq
w+7a6ZDAiI7636Si18X931xcoAo5HhjkRHHyVJmc8/52snmMAiR9MdApt7M8WPQZ
yRC7quYco02C+JWTQaitm9J9M7EyjcA8qW7SGlZsUL64+yBGakg1DfMpRQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFElQZxF9ZhafjJxbbyubzMgSFvYEMB8GA1UdIwQY
MBaAFJRzINAwkwF45vfO75HSq4eE09wWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEhNZzBEQ1RBWGptOTg3dmtkS3JoNFRUM0JZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC84MmU4NzYtYzk5Ny00NjA1LTg3YWEt
OGFjNGEyMTkzOGI0LzEvbEhNZzBEQ1RBWGptOTg3dmtkS3JoNFRUM0JZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC84MmU4NzYtYzk5Ny00NjA1LTg3YWEtOGFjNGEyMTkzOGI0
LzEvbEhNZzBEQ1RBWGptOTg3dmtkS3JoNFRUM0JZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMSzADqKw
aQp5irKoG6JXVXtYakqdMAvGbrBvbAtD1gdoG9Ptkji41vzY0TpxpqeLrjUX/EgM
UDTIiN/QtVESuk4YKZNu4ZZwrI6F/Pm0wZXFvPlJwA0wbCiiX2cnoDU+bggWnZcM
8brHLHTqjGEHtRWyOG2aEu88jghnZ3CwOwe4YZPyc4TCuIpeIMugqyfItS3u997I
T2RXkqSbParWPBp4CB3D790M2dMl48hQJDEKKme4CHjX8JfBFx+S4rZHMJ15fCbY
T6OMBMWOb1lS27toZkoitw9g4Mv74Y4i9552v0hBTpNnLZFq4u1iipGTGlM6A4iC
k+tvQtxRhoytJA==
-----END CERTIFICATE-----
Generated at Fri Mar 13 12:18:28 2026 by rpki-client