Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/2c3619-2c59-46d2-aaae-ef7453ad099f/1/lRZkUh1QOVkhL1WypZrsbSB7Cig.mft
File: lRZkUh1QOVkhL1WypZrsbSB7Cig.mft (raw, json)
Hash identifier: 9Nh8bgnoGyFjZgbOFvIUpgdxw3UqlxkY7EUITe461+I=
Subject key identifier: 30:F3:CB:20:20:B9:68:2F:E0:6A:D4:CC:7B:3D:57:87:74:86:28:00
Authority key identifier: 95:16:64:52:1D:50:39:59:21:2F:55:B2:A5:9A:EC:6D:20:7B:0A:28
Certificate issuer: /CN=951664521d503959212f55b2a59aec6d207b0a28
Certificate serial: 019D3752C86BE611E37289844C80C1408B4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lRZkUh1QOVkhL1WypZrsbSB7Cig.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/2c3619-2c59-46d2-aaae-ef7453ad099f/1/lRZkUh1QOVkhL1WypZrsbSB7Cig.mft
Manifest number: 188D
Signing time: Sun 29 Mar 2026 02:01:05 +0000
Manifest this update: Sun 29 Mar 2026 02:01:05 +0000
Manifest next update: Mon 30 Mar 2026 02:01:05 +0000
Files and hashes: 1: COjqaYnsYuyAQnOfRow1LSaHRvU.roa (hash: OG1wPC551mpOORC3dI+5e8bO42vNDHRLBsbdrz/BicA=)
2: lRZkUh1QOVkhL1WypZrsbSB7Cig.crl (hash: eU8muDJEGsQ7kc84/sGNI6MoPGefxPNtrXxzx+M4TA8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d1/2c3619-2c59-46d2-aaae-ef7453ad099f/1/lRZkUh1QOVkhL1WypZrsbSB7Cig.crl
rsync://rpki.ripe.net/repository/DEFAULT/d1/2c3619-2c59-46d2-aaae-ef7453ad099f/1/lRZkUh1QOVkhL1WypZrsbSB7Cig.mft
rsync://rpki.ripe.net/repository/DEFAULT/lRZkUh1QOVkhL1WypZrsbSB7Cig.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 02:01:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:52:c8:6b:e6:11:e3:72:89:84:4c:80:c1:40:8b:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=951664521d503959212f55b2a59aec6d207b0a28
Validity
Not Before: Mar 29 02:01:05 2026 GMT
Not After : Mar 30 02:01:05 2026 GMT
Subject: CN=30f3cb2020b9682fe06ad4cc7b3d578774862800
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:a6:1c:07:76:c8:c9:51:28:0f:bd:99:90:19:
28:64:ad:ef:4c:84:e9:c5:bc:35:df:c1:2d:88:2f:
b9:26:08:2c:97:64:8a:cc:54:79:c8:93:b7:e7:a8:
76:42:b7:18:7e:17:8c:b6:26:64:41:10:76:4a:50:
ca:5d:3e:8a:df:5e:2c:44:08:27:61:bf:30:d3:5c:
19:fb:d0:ee:ef:5d:8c:35:02:d3:c7:63:29:3d:e6:
1e:ed:e2:d8:fd:cd:7d:97:b1:7f:72:7b:7d:d4:59:
83:99:fc:ed:72:51:60:ab:d1:3f:1b:a2:0a:c2:49:
73:66:a4:72:4a:42:84:52:47:5a:b2:7b:6a:e8:ef:
8e:ed:f7:c0:e9:9c:27:1d:ba:51:1d:a3:88:56:f9:
fc:0c:9b:6c:e6:28:0f:5e:7e:a8:7c:94:f6:cf:ca:
a3:8f:9e:14:5d:da:5f:17:f6:b4:3f:ed:61:00:8a:
6c:96:37:9b:02:9b:d5:15:ff:6f:ee:c1:08:7a:2e:
6c:82:cd:95:dc:11:ce:fa:7b:69:e5:a0:9f:c0:0c:
4c:22:46:1f:08:57:8d:8b:71:34:fa:28:31:4d:3f:
29:d9:b8:d6:68:b9:79:4c:e8:df:2c:01:2c:fe:e5:
e0:75:e6:85:cb:30:11:42:09:57:37:cf:49:c0:b7:
df:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:F3:CB:20:20:B9:68:2F:E0:6A:D4:CC:7B:3D:57:87:74:86:28:00
X509v3 Authority Key Identifier:
keyid:95:16:64:52:1D:50:39:59:21:2F:55:B2:A5:9A:EC:6D:20:7B:0A:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lRZkUh1QOVkhL1WypZrsbSB7Cig.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/2c3619-2c59-46d2-aaae-ef7453ad099f/1/lRZkUh1QOVkhL1WypZrsbSB7Cig.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/2c3619-2c59-46d2-aaae-ef7453ad099f/1/lRZkUh1QOVkhL1WypZrsbSB7Cig.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
74:f7:aa:23:c3:69:9f:7d:58:35:c6:b2:64:79:a4:2d:4c:4d:
e1:b3:84:ef:01:2b:84:e0:0f:54:b3:57:0c:80:f9:d0:26:98:
a9:be:4e:0b:ed:f3:5a:1e:b7:fb:ee:29:b7:5f:78:5a:63:66:
94:47:18:cf:79:e1:63:ef:13:b3:31:70:72:4a:ac:28:2c:f9:
ab:5b:d4:9f:55:36:f1:61:1d:e8:95:6e:d3:54:a0:97:4e:b3:
00:69:40:03:95:30:cf:9a:f4:20:f3:36:27:57:b9:4d:74:aa:
57:8b:c4:3d:de:00:83:86:62:52:0d:41:21:74:0b:53:e5:0a:
47:fb:2d:df:ad:60:b9:09:1f:dc:fc:cb:c8:78:fe:a8:6d:f3:
85:75:d9:7b:59:3c:4c:34:11:c3:25:93:4e:84:ae:82:62:ef:
d0:7e:40:e4:98:aa:ef:2c:ab:d6:5d:d2:97:d0:b6:31:97:aa:
78:c6:4b:df:07:da:17:36:27:ba:66:72:46:10:b3:e9:b8:cc:
5c:0a:c3:58:ff:71:63:ef:80:41:4f:86:0e:c7:07:5a:c7:9c:
7f:20:93:7d:ce:bf:3f:36:30:4c:3b:2c:d9:e4:ff:3e:c3:28:
99:8b:62:83:08:e0:f5:25:d7:50:96:1e:18:ed:72:a8:95:3c:
ee:d9:4d:95
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03Ushr5hHjcomETIDBQItOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1MTY2NDUyMWQ1MDM5NTkyMTJmNTViMmE1OWFlYzZkMjA3
YjBhMjgwHhcNMjYwMzI5MDIwMTA1WhcNMjYwMzMwMDIwMTA1WjAzMTEwLwYDVQQD
EygzMGYzY2IyMDIwYjk2ODJmZTA2YWQ0Y2M3YjNkNTc4Nzc0ODYyODAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoKYcB3bIyVEoD72ZkBkoZK3vTITp
xbw138EtiC+5Jggsl2SKzFR5yJO356h2QrcYfheMtiZkQRB2SlDKXT6K314sRAgn
Yb8w01wZ+9Du712MNQLTx2MpPeYe7eLY/c19l7F/cnt91FmDmfztclFgq9E/G6IK
wklzZqRySkKEUkdasntq6O+O7ffA6ZwnHbpRHaOIVvn8DJts5igPXn6ofJT2z8qj
j54UXdpfF/a0P+1hAIpsljebApvVFf9v7sEIei5sgs2V3BHO+ntp5aCfwAxMIkYf
CFeNi3E0+igxTT8p2bjWaLl5TOjfLAEs/uXgdeaFyzARQglXN89JwLff5QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDDzyyAguWgv4GrUzHs9V4d0higAMB8GA1UdIwQY
MBaAFJUWZFIdUDlZIS9VsqWa7G0gewooMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFJaa1VoMVFPVmtoTDFXeXBacnNiU0I3Q2lnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS8yYzM2MTktMmM1OS00NmQyLWFhYWUt
ZWY3NDUzYWQwOTlmLzEvbFJaa1VoMVFPVmtoTDFXeXBacnNiU0I3Q2lnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS8yYzM2MTktMmM1OS00NmQyLWFhYWUtZWY3NDUzYWQwOTlm
LzEvbFJaa1VoMVFPVmtoTDFXeXBacnNiU0I3Q2lnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdPeqI8Np
n31YNcayZHmkLUxN4bOE7wErhOAPVLNXDID50CaYqb5OC+3zWh63++4pt194WmNm
lEcYz3nhY+8TszFwckqsKCz5q1vUn1U28WEd6JVu01Sgl06zAGlAA5Uwz5r0IPM2
J1e5TXSqV4vEPd4Ag4ZiUg1BIXQLU+UKR/st361guQkf3PzLyHj+qG3zhXXZe1k8
TDQRwyWTToSugmLv0H5A5Jiq7yyr1l3Sl9C2MZeqeMZL3wfaFzYnumZyRhCz6bjM
XArDWP9xY++AQU+GDscHWsecfyCTfc6/PzYwTDss2eT/PsMomYtigwjg9SXXUJYe
GO1yqJU87tlNlQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:28:17 2026 by rpki-client