Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/ef9a4e-790e-4ece-a845-25ccf32739a2/1/lbzyUZp7TPNY-2x4A5pb56GxMFs.mft
File: lbzyUZp7TPNY-2x4A5pb56GxMFs.mft (raw, json)
Hash identifier: 3qn3UhZiBXvkyTpFTkPvIzRGMhrQ8pvdBWa33Lfkth4=
Subject key identifier: 19:AF:5C:78:4A:5F:D7:96:67:C2:D0:6C:D6:F2:5E:00:8F:5E:A3:0C
Authority key identifier: 95:BC:F2:51:9A:7B:4C:F3:58:FB:6C:78:03:9A:5B:E7:A1:B1:30:5B
Certificate issuer: /CN=95bcf2519a7b4cf358fb6c78039a5be7a1b1305b
Certificate serial: 019D3865E3B4BD03A6899B1FF7B1155F5DAD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lbzyUZp7TPNY-2x4A5pb56GxMFs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/ef9a4e-790e-4ece-a845-25ccf32739a2/1/lbzyUZp7TPNY-2x4A5pb56GxMFs.mft
Manifest number: 0766
Signing time: Sun 29 Mar 2026 07:01:34 +0000
Manifest this update: Sun 29 Mar 2026 07:01:34 +0000
Manifest next update: Mon 30 Mar 2026 07:01:34 +0000
Files and hashes: 1: lbzyUZp7TPNY-2x4A5pb56GxMFs.crl (hash: zZrO6NI3HB8V9upoDywQB83vsogRuBcL+90JbsMPKVE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d2/ef9a4e-790e-4ece-a845-25ccf32739a2/1/lbzyUZp7TPNY-2x4A5pb56GxMFs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d2/ef9a4e-790e-4ece-a845-25ccf32739a2/1/lbzyUZp7TPNY-2x4A5pb56GxMFs.mft
rsync://rpki.ripe.net/repository/DEFAULT/lbzyUZp7TPNY-2x4A5pb56GxMFs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:65:e3:b4:bd:03:a6:89:9b:1f:f7:b1:15:5f:5d:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=95bcf2519a7b4cf358fb6c78039a5be7a1b1305b
Validity
Not Before: Mar 29 07:01:34 2026 GMT
Not After : Mar 30 07:01:34 2026 GMT
Subject: CN=19af5c784a5fd79667c2d06cd6f25e008f5ea30c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:7e:10:e7:bd:80:fa:44:d0:e5:7c:f5:9b:c1:
ab:93:a4:ec:33:67:12:c6:b3:87:8d:f7:22:2e:04:
99:c7:45:ae:e0:56:ac:0e:76:be:55:65:42:39:a3:
1c:d1:46:bb:53:86:ee:37:e7:10:a7:1b:89:a5:63:
f4:c7:bd:87:ea:e2:88:58:73:f9:ec:ee:f7:cb:a2:
b8:ee:2f:e7:e5:76:e6:db:63:2b:51:41:c6:86:8c:
69:66:af:32:ea:03:ff:b3:ab:7f:88:11:30:ad:c7:
08:04:92:2e:1c:df:20:11:20:19:a2:dc:42:a5:0f:
58:46:32:9f:5d:39:34:bf:a1:6f:f5:b4:fa:f4:0e:
2d:3d:6f:da:66:3b:4b:28:c0:30:1d:f8:2b:d0:6f:
e5:88:bd:4a:e6:c5:32:f9:89:48:ea:80:90:41:7a:
fa:b1:72:f4:73:59:f7:01:99:9d:23:05:43:d5:2c:
5a:b8:a3:84:80:6e:83:cf:97:be:a2:cd:dd:98:1e:
0d:be:17:2e:09:73:65:36:4c:bf:5e:b0:02:f9:07:
2e:c5:ba:4b:56:65:ba:af:b9:56:c3:85:5a:7e:38:
ad:53:f5:10:9d:7c:d7:55:5b:7e:b0:bb:38:7e:b2:
fc:32:00:7b:03:22:25:d1:e7:1c:f9:84:56:cf:02:
9f:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:AF:5C:78:4A:5F:D7:96:67:C2:D0:6C:D6:F2:5E:00:8F:5E:A3:0C
X509v3 Authority Key Identifier:
keyid:95:BC:F2:51:9A:7B:4C:F3:58:FB:6C:78:03:9A:5B:E7:A1:B1:30:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lbzyUZp7TPNY-2x4A5pb56GxMFs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/ef9a4e-790e-4ece-a845-25ccf32739a2/1/lbzyUZp7TPNY-2x4A5pb56GxMFs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/ef9a4e-790e-4ece-a845-25ccf32739a2/1/lbzyUZp7TPNY-2x4A5pb56GxMFs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
97:5a:fd:5b:81:26:15:f6:72:33:12:b9:1d:3b:a4:0b:9e:0b:
18:24:77:27:e2:35:df:f0:67:b2:35:3d:ff:4f:df:45:a3:c3:
47:c8:25:e6:96:07:fc:ff:d8:3b:2d:33:95:2f:8a:68:8a:c4:
9c:69:c7:c8:74:c0:e0:f5:84:ec:9a:a4:91:d5:18:cf:ed:60:
a1:10:8d:06:8e:6e:3d:b8:16:68:1e:66:50:d2:15:3f:88:25:
a9:65:8d:b3:25:7c:70:58:eb:b2:3f:09:32:5d:fd:7f:4f:4d:
62:2e:39:59:31:ad:3d:ef:84:e6:6b:f5:64:91:40:d6:00:16:
8c:53:7e:3f:c5:50:67:c9:4b:96:b4:7e:72:dd:97:f8:3a:e1:
30:28:1c:26:34:ad:cc:5b:fa:70:87:15:82:77:0f:7d:7f:79:
d1:70:06:4e:a2:39:3e:0b:cb:df:86:69:4e:4d:92:4b:a5:db:
ed:83:f5:db:79:21:b7:ad:f3:d6:b3:f8:ad:05:3e:bf:2b:c7:
b0:d7:c6:67:28:ea:35:42:ae:6a:81:03:be:c3:c7:7b:d7:2b:
fe:ec:ca:6b:61:bd:8a:e8:39:b5:0b:33:0c:54:f6:bf:74:09:
78:bf:06:51:dd:7e:87:2d:cb:61:b4:71:fe:7d:05:0c:34:3e:
6a:51:b5:43
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZeO0vQOmiZsf97EVX12tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1YmNmMjUxOWE3YjRjZjM1OGZiNmM3ODAzOWE1YmU3YTFi
MTMwNWIwHhcNMjYwMzI5MDcwMTM0WhcNMjYwMzMwMDcwMTM0WjAzMTEwLwYDVQQD
EygxOWFmNWM3ODRhNWZkNzk2NjdjMmQwNmNkNmYyNWUwMDhmNWVhMzBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtH4Q572A+kTQ5Xz1m8Grk6TsM2cS
xrOHjfciLgSZx0Wu4FasDna+VWVCOaMc0Ua7U4buN+cQpxuJpWP0x72H6uKIWHP5
7O73y6K47i/n5Xbm22MrUUHGhoxpZq8y6gP/s6t/iBEwrccIBJIuHN8gESAZotxC
pQ9YRjKfXTk0v6Fv9bT69A4tPW/aZjtLKMAwHfgr0G/liL1K5sUy+YlI6oCQQXr6
sXL0c1n3AZmdIwVD1SxauKOEgG6Dz5e+os3dmB4NvhcuCXNlNky/XrAC+QcuxbpL
VmW6r7lWw4VafjitU/UQnXzXVVt+sLs4frL8MgB7AyIl0ecc+YRWzwKffwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBmvXHhKX9eWZ8LQbNbyXgCPXqMMMB8GA1UdIwQY
MBaAFJW88lGae0zzWPtseAOaW+ehsTBbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGJ6eVVacDdUUE5ZLTJ4NEE1cGI1Nkd4TUZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi9lZjlhNGUtNzkwZS00ZWNlLWE4NDUt
MjVjY2YzMjczOWEyLzEvbGJ6eVVacDdUUE5ZLTJ4NEE1cGI1Nkd4TUZzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi9lZjlhNGUtNzkwZS00ZWNlLWE4NDUtMjVjY2YzMjczOWEy
LzEvbGJ6eVVacDdUUE5ZLTJ4NEE1cGI1Nkd4TUZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAl1r9W4Em
FfZyMxK5HTukC54LGCR3J+I13/BnsjU9/0/fRaPDR8gl5pYH/P/YOy0zlS+KaIrE
nGnHyHTA4PWE7JqkkdUYz+1goRCNBo5uPbgWaB5mUNIVP4glqWWNsyV8cFjrsj8J
Ml39f09NYi45WTGtPe+E5mv1ZJFA1gAWjFN+P8VQZ8lLlrR+ct2X+DrhMCgcJjSt
zFv6cIcVgncPfX950XAGTqI5PgvL34ZpTk2SS6Xb7YP123kht63z1rP4rQU+vyvH
sNfGZyjqNUKuaoEDvsPHe9cr/uzKa2G9iug5tQszDFT2v3QJeL8GUd1+hy3LYbRx
/n0FDDQ+alG1Qw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 16:58:26 2026 by rpki-client