Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/ccd96e-133e-45b7-88b7-e2ae055eced1/1/Lfh3mjyC8A_BRDXufY0LjW3YIE4.mft
File: Lfh3mjyC8A_BRDXufY0LjW3YIE4.mft (raw, json)
Hash identifier: sj0Ga0VneIxOGPJdaNsQIICOha2BQQC4Xx+fpYECLZo=
Subject key identifier: 9D:62:35:0F:FC:B2:B0:70:B3:60:B9:B7:CD:86:A5:94:CD:FE:3F:6D
Authority key identifier: 2D:F8:77:9A:3C:82:F0:0F:C1:44:35:EE:7D:8D:0B:8D:6D:D8:20:4E
Certificate issuer: /CN=2df8779a3c82f00fc14435ee7d8d0b8d6dd8204e
Certificate serial: 019DCE2BA6C8A0327B80BB4D904E28A68A5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Lfh3mjyC8A_BRDXufY0LjW3YIE4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/ccd96e-133e-45b7-88b7-e2ae055eced1/1/Lfh3mjyC8A_BRDXufY0LjW3YIE4.mft
Manifest number: 18E0
Signing time: Mon 27 Apr 2026 09:01:00 +0000
Manifest this update: Mon 27 Apr 2026 09:01:00 +0000
Manifest next update: Tue 28 Apr 2026 09:01:00 +0000
Files and hashes: 1: Lfh3mjyC8A_BRDXufY0LjW3YIE4.crl (hash: KdoP4WRlFh93VjFffoURQgdvuwmi3kHSjX/8uo8254w=)
2: SdYBPf9hyZeCBZ0CXzRVluMGnGU.roa (hash: hgdsfyjTVsGnv4VajpzC0ZJUGOBghoLM7l+xd5EQZGI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a9/ccd96e-133e-45b7-88b7-e2ae055eced1/1/Lfh3mjyC8A_BRDXufY0LjW3YIE4.crl
rsync://rpki.ripe.net/repository/DEFAULT/a9/ccd96e-133e-45b7-88b7-e2ae055eced1/1/Lfh3mjyC8A_BRDXufY0LjW3YIE4.mft
rsync://rpki.ripe.net/repository/DEFAULT/Lfh3mjyC8A_BRDXufY0LjW3YIE4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Apr 2026 09:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:ce:2b:a6:c8:a0:32:7b:80:bb:4d:90:4e:28:a6:8a:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2df8779a3c82f00fc14435ee7d8d0b8d6dd8204e
Validity
Not Before: Apr 27 09:01:00 2026 GMT
Not After : Apr 28 09:01:00 2026 GMT
Subject: CN=9d62350ffcb2b070b360b9b7cd86a594cdfe3f6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:fe:41:4a:81:2f:0f:ce:44:8d:a5:ec:12:f4:
19:da:08:3c:f1:68:06:e4:d6:0b:7d:25:00:fd:65:
66:ec:7b:73:95:c4:6a:54:03:82:da:55:34:5d:0c:
b6:e4:d1:bd:7a:af:2a:14:63:aa:26:55:eb:c9:6d:
5d:ba:71:fe:e6:b5:a2:dd:93:10:b4:33:dd:31:de:
94:62:53:bd:fb:d5:a9:5c:56:5f:1d:a7:7d:77:04:
83:4b:39:f4:34:e6:dd:4d:1c:59:e5:fc:fe:a0:84:
1b:8e:7c:44:6b:da:b5:d4:0e:bd:3d:c7:cc:be:b1:
88:47:40:44:0a:09:f7:58:3e:4f:bc:d4:c4:11:62:
84:af:d0:ef:6a:82:45:96:ec:69:d7:3b:99:b5:d2:
f6:9e:cb:e5:46:2a:26:78:2e:ae:9f:ea:41:d0:6c:
18:6d:bb:b6:97:24:b5:5d:65:c7:b3:45:00:5f:5b:
0e:14:43:28:8b:88:61:78:a7:5a:42:df:8b:cb:a9:
3d:89:98:6f:da:bb:f0:c3:df:8b:91:20:30:0d:31:
1e:7b:87:82:d3:46:e8:4e:3d:35:f7:a0:4d:8c:b1:
cb:37:5f:83:a4:74:c8:8c:9e:d2:7a:5d:b4:17:97:
fa:76:6a:26:66:e4:27:2d:25:d1:86:a1:ab:19:04:
2c:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:62:35:0F:FC:B2:B0:70:B3:60:B9:B7:CD:86:A5:94:CD:FE:3F:6D
X509v3 Authority Key Identifier:
keyid:2D:F8:77:9A:3C:82:F0:0F:C1:44:35:EE:7D:8D:0B:8D:6D:D8:20:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Lfh3mjyC8A_BRDXufY0LjW3YIE4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/ccd96e-133e-45b7-88b7-e2ae055eced1/1/Lfh3mjyC8A_BRDXufY0LjW3YIE4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/ccd96e-133e-45b7-88b7-e2ae055eced1/1/Lfh3mjyC8A_BRDXufY0LjW3YIE4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
17:b0:ce:f9:68:86:a5:61:29:63:71:2d:86:84:3a:88:7e:dd:
ec:75:e9:b9:10:7f:0b:89:69:e0:a4:db:75:4e:39:3a:db:93:
b1:30:13:bd:a3:00:68:60:a8:7c:a6:bc:2d:e1:29:2b:7e:0c:
61:3f:79:f8:c0:1f:4c:5e:df:c1:c1:de:c5:46:49:aa:de:9e:
f0:6f:0f:ea:32:e5:7f:e8:7d:5e:fe:b8:39:e3:5d:b4:19:1f:
2d:37:52:1d:4b:f3:1c:b8:71:d2:5f:59:e6:45:ec:f6:cf:5b:
32:8f:03:79:c9:2c:9f:4c:63:73:d9:79:85:67:ad:ae:c1:71:
a4:78:cd:7f:ad:a3:b7:7d:47:0e:99:8c:8e:68:c4:8a:b4:6b:
cb:3b:1c:b8:54:9a:24:f6:17:f8:35:6e:a4:f9:75:99:81:40:
f0:e9:05:e2:2e:07:92:54:0b:be:7f:6f:2a:8b:3c:09:e4:e0:
6b:68:d4:5b:31:d5:d2:75:17:18:85:c3:89:c3:03:a2:f2:e2:
ff:a3:9d:da:2e:44:96:2d:5c:9e:ef:14:d2:fc:42:0d:2f:e8:
c7:6a:f0:b3:ef:4c:e7:ac:73:ad:73:8b:4b:2e:cd:04:14:89:
6b:2d:eb:a0:76:bc:2c:aa:39:c2:d3:2a:71:23:ae:3d:e7:cb:
17:b3:be:17
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ3OK6bIoDJ7gLtNkE4opopdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkZjg3NzlhM2M4MmYwMGZjMTQ0MzVlZTdkOGQwYjhkNmRk
ODIwNGUwHhcNMjYwNDI3MDkwMTAwWhcNMjYwNDI4MDkwMTAwWjAzMTEwLwYDVQQD
Eyg5ZDYyMzUwZmZjYjJiMDcwYjM2MGI5YjdjZDg2YTU5NGNkZmUzZjZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1P5BSoEvD85EjaXsEvQZ2gg88WgG
5NYLfSUA/WVm7HtzlcRqVAOC2lU0XQy25NG9eq8qFGOqJlXryW1dunH+5rWi3ZMQ
tDPdMd6UYlO9+9WpXFZfHad9dwSDSzn0NObdTRxZ5fz+oIQbjnxEa9q11A69PcfM
vrGIR0BECgn3WD5PvNTEEWKEr9DvaoJFluxp1zuZtdL2nsvlRiomeC6un+pB0GwY
bbu2lyS1XWXHs0UAX1sOFEMoi4hheKdaQt+Ly6k9iZhv2rvww9+LkSAwDTEee4eC
00boTj0196BNjLHLN1+DpHTIjJ7Sel20F5f6dmomZuQnLSXRhqGrGQQskQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ1iNQ/8srBws2C5t82GpZTN/j9tMB8GA1UdIwQY
MBaAFC34d5o8gvAPwUQ17n2NC41t2CBOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGZoM21qeUM4QV9CUkRYdWZZMExqVzNZSUU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9jY2Q5NmUtMTMzZS00NWI3LTg4Yjct
ZTJhZTA1NWVjZWQxLzEvTGZoM21qeUM4QV9CUkRYdWZZMExqVzNZSUU0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS9jY2Q5NmUtMTMzZS00NWI3LTg4YjctZTJhZTA1NWVjZWQx
LzEvTGZoM21qeUM4QV9CUkRYdWZZMExqVzNZSUU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAF7DO+WiG
pWEpY3EthoQ6iH7d7HXpuRB/C4lp4KTbdU45OtuTsTATvaMAaGCofKa8LeEpK34M
YT95+MAfTF7fwcHexUZJqt6e8G8P6jLlf+h9Xv64OeNdtBkfLTdSHUvzHLhx0l9Z
5kXs9s9bMo8Decksn0xjc9l5hWetrsFxpHjNf62jt31HDpmMjmjEirRryzscuFSa
JPYX+DVupPl1mYFA8OkF4i4HklQLvn9vKos8CeTga2jUWzHV0nUXGIXDicMDovLi
/6Od2i5Eli1cnu8U0vxCDS/ox2rws+9M56xzrXOLSy7NBBSJay3roHa8LKo5wtMq
cSOuPefLF7O+Fw==
-----END CERTIFICATE-----
Generated at Mon Apr 27 19:06:28 2026 by rpki-client