Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/43d255-284a-468f-8b6e-fb1e9db0c388/1/lPpsQpkyHcX8kfx5Y6pRSH5K9eY.mft
File: lPpsQpkyHcX8kfx5Y6pRSH5K9eY.mft (raw, json)
Hash identifier: Fzyqt1y9pTJvJAdkXQWvmwO/ibHpV8Ox+/jkml+u5vs=
Subject key identifier: 48:90:12:AA:98:20:A5:EB:FF:DD:57:93:08:EB:15:AC:44:9D:44:14
Authority key identifier: 94:FA:6C:42:99:32:1D:C5:FC:91:FC:79:63:AA:51:48:7E:4A:F5:E6
Certificate issuer: /CN=94fa6c4299321dc5fc91fc7963aa51487e4af5e6
Certificate serial: 019D382E28374EE0DA33AFD83549E3E0DCDE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lPpsQpkyHcX8kfx5Y6pRSH5K9eY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/43d255-284a-468f-8b6e-fb1e9db0c388/1/lPpsQpkyHcX8kfx5Y6pRSH5K9eY.mft
Manifest number: 152A
Signing time: Sun 29 Mar 2026 06:00:42 +0000
Manifest this update: Sun 29 Mar 2026 06:00:42 +0000
Manifest next update: Mon 30 Mar 2026 06:00:42 +0000
Files and hashes: 1: AZhIdfQe8WwT9TZ_N6T1lS4NxsE.roa (hash: xpA4Tx1xSz6uA3Q1dMsrfkLMQuhB5qhwmJuQPXJmqYU=)
2: lPpsQpkyHcX8kfx5Y6pRSH5K9eY.crl (hash: 6KiqxnJl1zPfwbUQkVVXxygu3EnVyukD4z52XMbnUVc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/43d255-284a-468f-8b6e-fb1e9db0c388/1/lPpsQpkyHcX8kfx5Y6pRSH5K9eY.crl
rsync://rpki.ripe.net/repository/DEFAULT/cd/43d255-284a-468f-8b6e-fb1e9db0c388/1/lPpsQpkyHcX8kfx5Y6pRSH5K9eY.mft
rsync://rpki.ripe.net/repository/DEFAULT/lPpsQpkyHcX8kfx5Y6pRSH5K9eY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 06:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:2e:28:37:4e:e0:da:33:af:d8:35:49:e3:e0:dc:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94fa6c4299321dc5fc91fc7963aa51487e4af5e6
Validity
Not Before: Mar 29 06:00:42 2026 GMT
Not After : Mar 30 06:00:42 2026 GMT
Subject: CN=489012aa9820a5ebffdd579308eb15ac449d4414
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:ab:ab:db:bf:38:7f:37:d1:f8:f7:25:5a:4e:
a6:3e:b6:65:c6:73:95:2f:49:c6:aa:ff:3f:d4:98:
04:4f:be:e3:ac:a3:90:85:99:42:21:e4:8e:6c:10:
18:0f:be:50:76:67:a5:3e:a9:68:b0:f3:93:06:ec:
da:ca:b6:53:fe:f6:ca:28:98:4e:81:79:2b:61:4e:
38:92:99:85:82:d4:42:c4:49:4a:99:42:1f:b4:34:
67:d7:db:98:6c:e9:d5:d1:d0:2a:a9:54:6d:94:b0:
90:0b:cd:fc:a2:9e:88:32:4e:d2:10:47:89:cc:9e:
94:6d:c6:25:53:bb:a1:81:c7:3a:2f:ac:cd:29:fe:
f8:f8:7d:cb:e0:91:9c:e1:e5:bb:b3:28:fe:40:b9:
a3:73:46:5f:57:a8:ce:52:9b:77:6a:ee:d0:22:b4:
88:b0:c9:03:08:ca:b2:d7:05:86:8f:fb:8d:5b:a3:
6f:7e:c7:50:43:c8:6a:6b:b0:06:ca:40:f7:f9:0f:
6b:73:3d:db:1a:57:d1:70:2e:cc:12:fc:c2:22:79:
43:cd:ec:cd:4d:ba:2d:e0:30:93:02:d6:39:be:e7:
63:25:d3:44:a0:12:3b:2f:cc:e4:97:3e:5d:ee:c9:
dd:71:dc:2e:e8:b3:55:f3:57:87:05:65:a0:cb:3a:
2f:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:90:12:AA:98:20:A5:EB:FF:DD:57:93:08:EB:15:AC:44:9D:44:14
X509v3 Authority Key Identifier:
keyid:94:FA:6C:42:99:32:1D:C5:FC:91:FC:79:63:AA:51:48:7E:4A:F5:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lPpsQpkyHcX8kfx5Y6pRSH5K9eY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/43d255-284a-468f-8b6e-fb1e9db0c388/1/lPpsQpkyHcX8kfx5Y6pRSH5K9eY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/43d255-284a-468f-8b6e-fb1e9db0c388/1/lPpsQpkyHcX8kfx5Y6pRSH5K9eY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
40:44:ba:9d:fc:d4:96:fb:3d:22:42:c3:73:ac:ba:af:76:eb:
f3:04:7e:87:07:8d:48:e6:9b:a2:62:16:24:08:31:35:6c:c8:
30:82:b0:69:99:ad:9a:d2:35:fe:ae:4a:d1:21:ba:19:46:73:
93:b4:7e:f0:48:3c:ff:a1:9a:fe:da:16:99:ad:cf:77:f2:d0:
59:a9:6c:f3:d5:31:4f:c9:aa:d7:f9:b9:d3:90:b5:c0:86:d6:
f5:83:47:47:1b:7f:5c:4a:e4:8c:94:2a:73:a1:ae:a7:34:22:
43:08:41:cb:0e:88:f2:61:aa:9c:e4:01:42:be:7a:b8:07:5a:
19:ef:a0:e1:53:82:b4:e8:b1:c0:58:20:64:f5:b2:a0:5a:89:
51:d5:94:2a:da:9c:df:67:d3:d8:4e:12:8d:35:22:80:ca:df:
5f:a7:e4:87:f6:1f:47:f2:90:64:0b:8b:03:bf:12:b1:21:48:
6c:b9:1b:b7:a8:1b:a3:d0:1a:c1:13:b2:7c:22:3d:72:90:9f:
f3:f0:84:3c:9b:6a:b9:05:31:54:d7:0f:2f:23:9f:21:93:dc:
72:fb:45:33:18:35:4d:5a:38:3c:99:a9:71:76:ef:f3:94:b8:
de:e4:9e:fe:ed:c4:be:16:09:58:f6:e9:45:49:4b:1b:99:ab:
4a:f2:0c:67
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04Lig3TuDaM6/YNUnj4NzeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0ZmE2YzQyOTkzMjFkYzVmYzkxZmM3OTYzYWE1MTQ4N2U0
YWY1ZTYwHhcNMjYwMzI5MDYwMDQyWhcNMjYwMzMwMDYwMDQyWjAzMTEwLwYDVQQD
Eyg0ODkwMTJhYTk4MjBhNWViZmZkZDU3OTMwOGViMTVhYzQ0OWQ0NDE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7qur2784fzfR+PclWk6mPrZlxnOV
L0nGqv8/1JgET77jrKOQhZlCIeSObBAYD75QdmelPqlosPOTBuzayrZT/vbKKJhO
gXkrYU44kpmFgtRCxElKmUIftDRn19uYbOnV0dAqqVRtlLCQC838op6IMk7SEEeJ
zJ6UbcYlU7uhgcc6L6zNKf74+H3L4JGc4eW7syj+QLmjc0ZfV6jOUpt3au7QIrSI
sMkDCMqy1wWGj/uNW6NvfsdQQ8hqa7AGykD3+Q9rcz3bGlfRcC7MEvzCInlDzezN
Tbot4DCTAtY5vudjJdNEoBI7L8zklz5d7sndcdwu6LNV81eHBWWgyzovKwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEiQEqqYIKXr/91XkwjrFaxEnUQUMB8GA1UdIwQY
MBaAFJT6bEKZMh3F/JH8eWOqUUh+SvXmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFBwc1Fwa3lIY1g4a2Z4NVk2cFJTSDVLOWVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC80M2QyNTUtMjg0YS00NjhmLThiNmUt
ZmIxZTlkYjBjMzg4LzEvbFBwc1Fwa3lIY1g4a2Z4NVk2cFJTSDVLOWVZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC80M2QyNTUtMjg0YS00NjhmLThiNmUtZmIxZTlkYjBjMzg4
LzEvbFBwc1Fwa3lIY1g4a2Z4NVk2cFJTSDVLOWVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQES6nfzU
lvs9IkLDc6y6r3br8wR+hweNSOabomIWJAgxNWzIMIKwaZmtmtI1/q5K0SG6GUZz
k7R+8Eg8/6Ga/toWma3Pd/LQWals89UxT8mq1/m505C1wIbW9YNHRxt/XErkjJQq
c6GupzQiQwhByw6I8mGqnOQBQr56uAdaGe+g4VOCtOixwFggZPWyoFqJUdWUKtqc
32fT2E4SjTUigMrfX6fkh/YfR/KQZAuLA78SsSFIbLkbt6gbo9AawROyfCI9cpCf
8/CEPJtquQUxVNcPLyOfIZPccvtFMxg1TVo4PJmpcXbv85S43uSe/u3EvhYJWPbp
RUlLG5mrSvIMZw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:33:35 2026 by rpki-client