Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/05ab16-2228-488e-b152-eb0921895714/1/lgxteH5rXrZCSN2aehBlsQU_dFg.mft
File: lgxteH5rXrZCSN2aehBlsQU_dFg.mft (raw, json)
Hash identifier: OBXffefhnSJKpk0q0paqYA4dhfMor1wq3MUPuLR6228=
Subject key identifier: 7E:E4:EE:12:F2:B5:3C:70:D6:A5:B6:8A:A2:07:16:57:29:0B:C5:CB
Authority key identifier: 96:0C:6D:78:7E:6B:5E:B6:42:48:DD:9A:7A:10:65:B1:05:3F:74:58
Certificate issuer: /CN=960c6d787e6b5eb64248dd9a7a1065b1053f7458
Certificate serial: 019D389C41FC6FC244570A9747CC496B58F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lgxteH5rXrZCSN2aehBlsQU_dFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/05ab16-2228-488e-b152-eb0921895714/1/lgxteH5rXrZCSN2aehBlsQU_dFg.mft
Manifest number: 0FEF
Signing time: Sun 29 Mar 2026 08:00:57 +0000
Manifest this update: Sun 29 Mar 2026 08:00:57 +0000
Manifest next update: Mon 30 Mar 2026 08:00:57 +0000
Files and hashes: 1: aS1ACilZRTqrbOcoV0BzU5rsa0s.roa (hash: 9Yo0a2cgZRu9PRv1j6tfX41H+k9FzWqSbGbTCe992JA=)
2: lgxteH5rXrZCSN2aehBlsQU_dFg.crl (hash: Cnh4YPL24/7W25rVxVV+RNS1SNMyzg0nAnkiMb6bWG4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/05ab16-2228-488e-b152-eb0921895714/1/lgxteH5rXrZCSN2aehBlsQU_dFg.crl
rsync://rpki.ripe.net/repository/DEFAULT/90/05ab16-2228-488e-b152-eb0921895714/1/lgxteH5rXrZCSN2aehBlsQU_dFg.mft
rsync://rpki.ripe.net/repository/DEFAULT/lgxteH5rXrZCSN2aehBlsQU_dFg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:9c:41:fc:6f:c2:44:57:0a:97:47:cc:49:6b:58:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=960c6d787e6b5eb64248dd9a7a1065b1053f7458
Validity
Not Before: Mar 29 08:00:57 2026 GMT
Not After : Mar 30 08:00:57 2026 GMT
Subject: CN=7ee4ee12f2b53c70d6a5b68aa2071657290bc5cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:e9:27:b7:4e:b5:c3:9b:93:bf:eb:5b:2c:7d:
9e:ea:1a:20:41:24:40:a5:d0:80:ac:aa:33:b4:a6:
e3:1e:c4:1e:dc:2f:2d:d1:88:f6:3a:69:1a:7e:72:
33:0a:e2:04:ee:d3:76:a3:e8:18:af:f1:dc:19:2e:
3e:0a:07:55:d5:4f:36:be:a0:72:19:49:7c:cd:61:
0f:ed:45:91:4e:a4:fe:95:db:54:13:e8:02:45:a0:
e0:19:52:7c:a6:eb:31:d7:bd:e0:99:28:8a:fb:c2:
55:52:73:ba:6b:1b:d8:46:1b:07:aa:5f:3d:9d:24:
22:9e:d8:69:04:8b:c8:8f:cd:5e:c8:59:8f:34:9e:
2c:2e:83:d7:59:4d:87:20:f0:94:8d:20:1a:55:f9:
7a:c6:49:8f:00:a9:02:23:1b:f3:9c:66:bf:43:bd:
b7:e3:77:9e:af:48:e7:a4:30:5a:10:93:7d:6d:3f:
67:5e:da:af:59:7b:e6:e5:5d:2b:15:8c:fc:41:f5:
2d:48:6a:dd:62:85:cd:ea:ba:38:6a:a4:7a:ea:2f:
64:21:b8:57:88:40:d6:97:c9:aa:32:d4:23:af:f7:
ef:b1:93:67:82:81:4d:3e:e5:f5:f8:57:f0:d2:74:
5d:d9:3d:df:42:87:79:02:55:6e:a0:e2:6a:30:08:
a9:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:E4:EE:12:F2:B5:3C:70:D6:A5:B6:8A:A2:07:16:57:29:0B:C5:CB
X509v3 Authority Key Identifier:
keyid:96:0C:6D:78:7E:6B:5E:B6:42:48:DD:9A:7A:10:65:B1:05:3F:74:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lgxteH5rXrZCSN2aehBlsQU_dFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/05ab16-2228-488e-b152-eb0921895714/1/lgxteH5rXrZCSN2aehBlsQU_dFg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/05ab16-2228-488e-b152-eb0921895714/1/lgxteH5rXrZCSN2aehBlsQU_dFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
04:9c:46:84:82:84:c6:74:bf:33:dd:5b:1d:ac:32:ef:5c:d9:
13:8f:23:c1:f6:de:7b:01:b1:e0:cb:21:98:66:ec:ae:2c:61:
69:ad:fd:d4:79:ce:3d:2b:60:32:6e:58:ac:a6:8f:81:94:2f:
99:ec:50:18:2e:c5:28:73:63:da:09:02:0e:71:8c:f6:e9:47:
e1:2a:5f:3f:e2:be:8d:85:29:57:df:58:ee:76:2c:43:b0:c5:
65:33:c7:b8:96:17:aa:6a:0c:da:a7:fa:55:19:aa:69:f3:7b:
13:53:7f:27:54:b5:bc:dc:be:8b:65:79:52:6a:28:c2:94:1b:
76:6c:a2:2a:ee:4f:fc:f8:63:9f:81:db:4d:8c:ce:b1:4e:7f:
40:04:a9:80:7d:b3:3c:06:36:21:a1:e2:a3:b6:2d:4e:4c:30:
4e:a1:1e:f4:f9:5f:20:97:fd:eb:87:59:64:2f:62:02:55:e6:
d7:69:fb:58:55:9b:f7:e3:2b:b7:c2:e9:0d:cb:4e:6c:4a:5d:
91:55:40:db:df:44:9e:89:37:ec:44:26:8e:72:e1:82:e1:11:
a2:85:df:31:4f:f5:dd:59:2a:cb:51:10:e4:03:08:93:a2:3e:
71:77:5e:b5:a6:ab:b6:40:a8:aa:fd:51:11:5a:0b:23:ee:c3:
fa:ff:5f:92
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04nEH8b8JEVwqXR8xJa1j3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2MGM2ZDc4N2U2YjVlYjY0MjQ4ZGQ5YTdhMTA2NWIxMDUz
Zjc0NTgwHhcNMjYwMzI5MDgwMDU3WhcNMjYwMzMwMDgwMDU3WjAzMTEwLwYDVQQD
Eyg3ZWU0ZWUxMmYyYjUzYzcwZDZhNWI2OGFhMjA3MTY1NzI5MGJjNWNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsOknt061w5uTv+tbLH2e6hogQSRA
pdCArKoztKbjHsQe3C8t0Yj2OmkafnIzCuIE7tN2o+gYr/HcGS4+CgdV1U82vqBy
GUl8zWEP7UWRTqT+ldtUE+gCRaDgGVJ8pusx173gmSiK+8JVUnO6axvYRhsHql89
nSQinthpBIvIj81eyFmPNJ4sLoPXWU2HIPCUjSAaVfl6xkmPAKkCIxvznGa/Q723
43eer0jnpDBaEJN9bT9nXtqvWXvm5V0rFYz8QfUtSGrdYoXN6ro4aqR66i9kIbhX
iEDWl8mqMtQjr/fvsZNngoFNPuX1+Ffw0nRd2T3fQod5AlVuoOJqMAiplwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH7k7hLytTxw1qW2iqIHFlcpC8XLMB8GA1UdIwQY
MBaAFJYMbXh+a162QkjdmnoQZbEFP3RYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGd4dGVINXJYclpDU04yYWVoQmxzUVVfZEZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC8wNWFiMTYtMjIyOC00ODhlLWIxNTIt
ZWIwOTIxODk1NzE0LzEvbGd4dGVINXJYclpDU04yYWVoQmxzUVVfZEZnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC8wNWFiMTYtMjIyOC00ODhlLWIxNTItZWIwOTIxODk1NzE0
LzEvbGd4dGVINXJYclpDU04yYWVoQmxzUVVfZEZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABJxGhIKE
xnS/M91bHawy71zZE48jwfbeewGx4MshmGbsrixhaa391HnOPStgMm5YrKaPgZQv
mexQGC7FKHNj2gkCDnGM9ulH4SpfP+K+jYUpV99Y7nYsQ7DFZTPHuJYXqmoM2qf6
VRmqafN7E1N/J1S1vNy+i2V5UmoowpQbdmyiKu5P/Phjn4HbTYzOsU5/QASpgH2z
PAY2IaHio7YtTkwwTqEe9PlfIJf964dZZC9iAlXm12n7WFWb9+Mrt8LpDctObEpd
kVVA299Enok37EQmjnLhguERooXfMU/13Vkqy1EQ5AMIk6I+cXdetaartkCoqv1R
EVoLI+7D+v9fkg==
-----END CERTIFICATE-----
Generated at Sun Mar 29 14:00:48 2026 by rpki-client