Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/a4cd0d-af14-49c3-9481-35479c54dcbd/1/L-QXNib0YCZA6NTpa1ShoJar54s.mft
File: L-QXNib0YCZA6NTpa1ShoJar54s.mft (raw, json)
Hash identifier: YH/p+VJ4HUzkACbW/bLk1+//DNGn1r+FSbFhUvZC0KM=
Subject key identifier: D9:89:F3:E6:1B:77:79:A9:41:5B:95:4B:77:F9:23:1A:FC:5A:02:45
Authority key identifier: 2F:E4:17:36:26:F4:60:26:40:E8:D4:E9:6B:54:A1:A0:96:AB:E7:8B
Certificate issuer: /CN=2fe4173626f4602640e8d4e96b54a1a096abe78b
Certificate serial: 019D38D331A59D2086A93747C5173FD51F3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L-QXNib0YCZA6NTpa1ShoJar54s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/a4cd0d-af14-49c3-9481-35479c54dcbd/1/L-QXNib0YCZA6NTpa1ShoJar54s.mft
Manifest number: 137D
Signing time: Sun 29 Mar 2026 09:00:58 +0000
Manifest this update: Sun 29 Mar 2026 09:00:58 +0000
Manifest next update: Mon 30 Mar 2026 09:00:58 +0000
Files and hashes: 1: DQDusfxjlUfsx_jYQ2_QIlod900.roa (hash: w5lQk1AHZADVNhIU1Bs+67ehT2OLHgD2oIHKthafOJo=)
2: L-QXNib0YCZA6NTpa1ShoJar54s.crl (hash: YXFcnbs3tXbN6HMDrwY2IoyqM4SXf5P/gZmKgxKOSTc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b3/a4cd0d-af14-49c3-9481-35479c54dcbd/1/L-QXNib0YCZA6NTpa1ShoJar54s.crl
rsync://rpki.ripe.net/repository/DEFAULT/b3/a4cd0d-af14-49c3-9481-35479c54dcbd/1/L-QXNib0YCZA6NTpa1ShoJar54s.mft
rsync://rpki.ripe.net/repository/DEFAULT/L-QXNib0YCZA6NTpa1ShoJar54s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:d3:31:a5:9d:20:86:a9:37:47:c5:17:3f:d5:1f:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fe4173626f4602640e8d4e96b54a1a096abe78b
Validity
Not Before: Mar 29 09:00:58 2026 GMT
Not After : Mar 30 09:00:58 2026 GMT
Subject: CN=d989f3e61b7779a9415b954b77f9231afc5a0245
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:c2:e2:a6:f2:55:22:d6:f6:a4:63:ce:c4:62:
ba:7d:b1:44:81:76:4b:53:b5:0b:4d:75:cd:f3:19:
22:89:92:52:26:48:c9:56:f1:aa:78:84:d0:33:ff:
72:97:13:1d:c7:f9:0c:bc:d3:65:42:2d:36:d5:36:
1c:3a:88:31:3d:ce:40:ae:ba:91:46:16:a0:54:12:
06:b5:3d:ed:eb:8e:3e:cf:87:93:d6:f0:5f:7b:5f:
a6:f3:7b:9b:51:2a:a3:c2:3b:dc:93:7c:f8:64:3e:
db:89:97:e2:50:e6:bf:78:68:4c:35:ea:01:cb:70:
e2:71:3c:21:e1:42:04:57:fc:cc:3c:fa:1a:09:8c:
02:61:52:48:aa:5f:b6:a3:9c:cd:f0:a8:d7:f5:2d:
fe:40:05:66:54:55:ca:00:2f:2e:28:57:ca:93:1f:
83:49:ae:ba:e8:2a:d7:7d:a0:5a:c8:e6:8b:45:ea:
64:6b:f6:10:e3:9c:a2:11:25:9c:b3:5a:03:9e:87:
80:5f:02:30:c9:10:0d:11:48:64:d8:76:3d:f7:16:
e0:64:e8:59:04:35:b9:e8:d9:da:b8:c7:cf:f6:a8:
6d:46:2d:46:17:fb:ac:00:66:3b:e3:59:97:2d:c3:
e6:cf:64:4a:aa:e4:96:ed:24:44:10:87:17:8e:57:
de:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:89:F3:E6:1B:77:79:A9:41:5B:95:4B:77:F9:23:1A:FC:5A:02:45
X509v3 Authority Key Identifier:
keyid:2F:E4:17:36:26:F4:60:26:40:E8:D4:E9:6B:54:A1:A0:96:AB:E7:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L-QXNib0YCZA6NTpa1ShoJar54s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/a4cd0d-af14-49c3-9481-35479c54dcbd/1/L-QXNib0YCZA6NTpa1ShoJar54s.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/a4cd0d-af14-49c3-9481-35479c54dcbd/1/L-QXNib0YCZA6NTpa1ShoJar54s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
22:cb:76:bf:0c:09:0c:a8:db:ad:ad:98:6b:f3:c8:e1:b7:68:
af:21:24:7e:a3:fa:16:eb:20:00:20:d6:60:18:53:71:12:25:
43:2a:3f:5c:97:ba:ca:5b:94:8e:31:2e:2a:9d:7b:6b:80:70:
85:ac:75:5b:1f:ce:5d:32:e2:a5:13:c8:92:85:97:b3:96:ef:
d8:b6:dd:a6:b2:1a:92:d8:21:49:05:d7:52:42:ec:e0:74:85:
13:71:2a:d6:a5:7f:c8:a3:99:55:1d:c1:00:bc:a5:6d:3f:db:
32:b5:d8:93:05:90:82:24:44:c2:0d:e2:9b:15:98:25:29:46:
48:00:89:43:fa:0c:c1:6e:25:83:28:c4:ee:4b:72:66:c0:5d:
71:1e:3d:c6:be:ef:b2:5b:b9:5c:7e:e8:86:c5:cc:6a:ef:79:
4b:a5:b3:ae:63:fd:d0:53:29:1e:be:ba:55:28:1b:71:b6:11:
54:8d:25:9a:48:c3:42:05:54:5a:3d:a5:0d:9e:08:36:d5:ca:
06:ca:d3:4c:72:a4:21:f0:ae:1f:03:04:b0:49:75:83:42:65:
cd:d5:82:14:f8:51:35:da:19:5c:8f:66:72:72:28:14:15:07:
c4:05:b3:c4:88:23:bb:0e:c7:34:ce:94:c2:68:5f:19:25:e5:
ee:b1:cd:59
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ040zGlnSCGqTdHxRc/1R8/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmZTQxNzM2MjZmNDYwMjY0MGU4ZDRlOTZiNTRhMWEwOTZh
YmU3OGIwHhcNMjYwMzI5MDkwMDU4WhcNMjYwMzMwMDkwMDU4WjAzMTEwLwYDVQQD
EyhkOTg5ZjNlNjFiNzc3OWE5NDE1Yjk1NGI3N2Y5MjMxYWZjNWEwMjQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5cLipvJVItb2pGPOxGK6fbFEgXZL
U7ULTXXN8xkiiZJSJkjJVvGqeITQM/9ylxMdx/kMvNNlQi021TYcOogxPc5ArrqR
RhagVBIGtT3t644+z4eT1vBfe1+m83ubUSqjwjvck3z4ZD7biZfiUOa/eGhMNeoB
y3DicTwh4UIEV/zMPPoaCYwCYVJIql+2o5zN8KjX9S3+QAVmVFXKAC8uKFfKkx+D
Sa666CrXfaBayOaLRepka/YQ45yiESWcs1oDnoeAXwIwyRANEUhk2HY99xbgZOhZ
BDW56NnauMfP9qhtRi1GF/usAGY741mXLcPmz2RKquSW7SREEIcXjlfeQQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNmJ8+Ybd3mpQVuVS3f5Ixr8WgJFMB8GA1UdIwQY
MBaAFC/kFzYm9GAmQOjU6WtUoaCWq+eLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTC1RWE5pYjBZQ1pBNk5UcGExU2hvSmFyNTRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9hNGNkMGQtYWYxNC00OWMzLTk0ODEt
MzU0NzljNTRkY2JkLzEvTC1RWE5pYjBZQ1pBNk5UcGExU2hvSmFyNTRzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy9hNGNkMGQtYWYxNC00OWMzLTk0ODEtMzU0NzljNTRkY2Jk
LzEvTC1RWE5pYjBZQ1pBNk5UcGExU2hvSmFyNTRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIst2vwwJ
DKjbra2Ya/PI4bdoryEkfqP6FusgACDWYBhTcRIlQyo/XJe6yluUjjEuKp17a4Bw
hax1Wx/OXTLipRPIkoWXs5bv2LbdprIaktghSQXXUkLs4HSFE3Eq1qV/yKOZVR3B
ALylbT/bMrXYkwWQgiREwg3imxWYJSlGSACJQ/oMwW4lgyjE7ktyZsBdcR49xr7v
slu5XH7ohsXMau95S6WzrmP90FMpHr66VSgbcbYRVI0lmkjDQgVUWj2lDZ4INtXK
BsrTTHKkIfCuHwMEsEl1g0JlzdWCFPhRNdoZXI9mcnIoFBUHxAWzxIgjuw7HNM6U
wmhfGSXl7rHNWQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 15:27:14 2026 by rpki-client