Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/d27ad0-55c2-4904-a8c5-ace180ff9b19/1/lRibFY2NYBG6X5YlLTAmanDT4GY.mft
File: lRibFY2NYBG6X5YlLTAmanDT4GY.mft (raw, json)
Hash identifier: JkmXMexGZB4mKzgjUjPwzrjhUu9gX/h9Q5OF24Wr3bc=
Subject key identifier: 28:D8:01:96:C9:30:7F:A8:77:DA:9C:BE:9F:7F:40:73:64:B0:9C:36
Authority key identifier: 95:18:9B:15:8D:8D:60:11:BA:5F:96:25:2D:30:26:6A:70:D3:E0:66
Certificate issuer: /CN=95189b158d8d6011ba5f96252d30266a70d3e066
Certificate serial: 019D38D3A7D2FE8A38B946D6FB10A0E39E80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lRibFY2NYBG6X5YlLTAmanDT4GY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/d27ad0-55c2-4904-a8c5-ace180ff9b19/1/lRibFY2NYBG6X5YlLTAmanDT4GY.mft
Manifest number: 1890
Signing time: Sun 29 Mar 2026 09:01:28 +0000
Manifest this update: Sun 29 Mar 2026 09:01:28 +0000
Manifest next update: Mon 30 Mar 2026 09:01:28 +0000
Files and hashes: 1: RZP_EJvUPRy8N5V44f-ykW1wgg8.roa (hash: LUUspyCZgfPy/9PXdd/3xbh9XNVlKFlsig4SSBadF24=)
2: lRibFY2NYBG6X5YlLTAmanDT4GY.crl (hash: Nq/6tM9pslOYwe3qMYpCSxrpffa8vZvtptsy4WAGdgc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/d27ad0-55c2-4904-a8c5-ace180ff9b19/1/lRibFY2NYBG6X5YlLTAmanDT4GY.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/d27ad0-55c2-4904-a8c5-ace180ff9b19/1/lRibFY2NYBG6X5YlLTAmanDT4GY.mft
rsync://rpki.ripe.net/repository/DEFAULT/lRibFY2NYBG6X5YlLTAmanDT4GY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:d3:a7:d2:fe:8a:38:b9:46:d6:fb:10:a0:e3:9e:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=95189b158d8d6011ba5f96252d30266a70d3e066
Validity
Not Before: Mar 29 09:01:28 2026 GMT
Not After : Mar 30 09:01:28 2026 GMT
Subject: CN=28d80196c9307fa877da9cbe9f7f407364b09c36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:c1:9f:2b:42:57:fe:96:ea:95:5b:f6:c2:98:
d4:d9:08:f6:ed:5c:42:47:16:ca:65:c2:0e:9e:77:
c9:fd:bb:1b:89:2b:c6:8c:4f:98:f1:1d:e6:c5:f2:
25:00:4b:91:41:4a:ac:31:4d:81:75:f9:06:54:aa:
1b:31:24:3e:58:3a:79:02:a2:0d:95:61:81:66:e5:
45:76:00:67:e5:1a:67:ae:1d:5b:07:b2:ee:7b:35:
60:14:9e:bc:e7:e5:6c:c0:39:ed:9a:11:b0:08:68:
ca:dc:c7:3f:78:13:b6:e4:f0:dd:ed:5f:6f:1c:84:
a3:0d:ef:37:0e:21:6b:d3:03:d0:77:20:b5:fa:c7:
09:66:d7:64:60:9e:97:26:4f:ad:45:17:47:27:85:
aa:4f:d9:c7:35:38:f3:7d:7a:67:70:aa:d9:e8:f4:
88:bc:37:4a:b4:5e:6e:27:bb:0e:24:c2:1d:31:6e:
09:2a:2b:7e:13:b6:60:46:d5:f4:52:1f:ba:8e:75:
d9:4f:06:47:23:a0:28:0d:0b:36:b1:37:07:ff:9f:
5b:25:9b:ef:ac:c3:f8:79:a1:bf:1f:74:78:9e:4e:
7a:19:d7:cf:eb:af:63:ce:65:50:9a:51:76:06:f8:
94:07:34:b2:ae:67:7e:6d:db:5e:84:45:da:5a:e6:
a5:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:D8:01:96:C9:30:7F:A8:77:DA:9C:BE:9F:7F:40:73:64:B0:9C:36
X509v3 Authority Key Identifier:
keyid:95:18:9B:15:8D:8D:60:11:BA:5F:96:25:2D:30:26:6A:70:D3:E0:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lRibFY2NYBG6X5YlLTAmanDT4GY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/d27ad0-55c2-4904-a8c5-ace180ff9b19/1/lRibFY2NYBG6X5YlLTAmanDT4GY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/d27ad0-55c2-4904-a8c5-ace180ff9b19/1/lRibFY2NYBG6X5YlLTAmanDT4GY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
78:99:d5:3b:17:42:f9:f6:08:9d:fb:64:45:bd:43:e3:6f:a8:
35:f8:7c:6c:f2:d3:b5:f2:9b:d5:2a:85:d3:4b:7a:f8:d9:eb:
5c:d0:93:ea:89:2e:ba:b7:21:20:d1:e4:f0:32:c5:90:9f:5a:
a6:ea:9c:da:de:58:df:bf:41:4f:39:79:44:33:a3:73:e9:e3:
78:0c:be:55:12:ea:df:64:9a:e9:4e:5e:6d:3c:09:d9:83:ab:
ba:97:09:f8:41:16:e2:2b:b9:3d:ea:1f:32:ae:e6:34:b3:92:
f1:b0:62:c1:20:fc:e5:c8:ba:aa:78:2c:6b:4c:de:84:2c:28:
65:29:a9:df:90:b7:aa:21:0e:84:a8:49:63:ab:5e:03:63:c2:
85:25:de:ff:8d:08:79:88:44:d9:31:ff:04:03:45:9e:40:29:
b9:b1:b7:66:59:3d:ab:ba:9d:b0:eb:77:a7:3e:56:87:87:35:
5b:37:5c:3d:4d:32:6a:ff:0e:df:8b:a0:d9:bd:35:eb:b8:bc:
ca:bb:4b:ff:bc:86:0e:10:9e:bc:f9:ea:53:bc:88:90:01:86:
f6:37:33:0c:ec:c1:89:5c:83:dc:59:9c:93:78:f2:4b:c1:f6:
8b:7d:e9:20:37:1d:fb:29:12:8c:1a:b8:2f:b7:4c:61:36:43:
c3:c9:91:21
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0406fS/oo4uUbW+xCg456AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1MTg5YjE1OGQ4ZDYwMTFiYTVmOTYyNTJkMzAyNjZhNzBk
M2UwNjYwHhcNMjYwMzI5MDkwMTI4WhcNMjYwMzMwMDkwMTI4WjAzMTEwLwYDVQQD
EygyOGQ4MDE5NmM5MzA3ZmE4NzdkYTljYmU5ZjdmNDA3MzY0YjA5YzM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA08GfK0JX/pbqlVv2wpjU2Qj27VxC
RxbKZcIOnnfJ/bsbiSvGjE+Y8R3mxfIlAEuRQUqsMU2BdfkGVKobMSQ+WDp5AqIN
lWGBZuVFdgBn5Rpnrh1bB7LuezVgFJ685+VswDntmhGwCGjK3Mc/eBO25PDd7V9v
HISjDe83DiFr0wPQdyC1+scJZtdkYJ6XJk+tRRdHJ4WqT9nHNTjzfXpncKrZ6PSI
vDdKtF5uJ7sOJMIdMW4JKit+E7ZgRtX0Uh+6jnXZTwZHI6AoDQs2sTcH/59bJZvv
rMP4eaG/H3R4nk56GdfP669jzmVQmlF2BviUBzSyrmd+bdtehEXaWual7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCjYAZbJMH+od9qcvp9/QHNksJw2MB8GA1UdIwQY
MBaAFJUYmxWNjWARul+WJS0wJmpw0+BmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFJpYkZZMk5ZQkc2WDVZbExUQW1hbkRUNEdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9kMjdhZDAtNTVjMi00OTA0LWE4YzUt
YWNlMTgwZmY5YjE5LzEvbFJpYkZZMk5ZQkc2WDVZbExUQW1hbkRUNEdZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9kMjdhZDAtNTVjMi00OTA0LWE4YzUtYWNlMTgwZmY5YjE5
LzEvbFJpYkZZMk5ZQkc2WDVZbExUQW1hbkRUNEdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeJnVOxdC
+fYInftkRb1D42+oNfh8bPLTtfKb1SqF00t6+NnrXNCT6okuurchINHk8DLFkJ9a
puqc2t5Y379BTzl5RDOjc+njeAy+VRLq32Sa6U5ebTwJ2YOrupcJ+EEW4iu5Peof
Mq7mNLOS8bBiwSD85ci6qngsa0zehCwoZSmp35C3qiEOhKhJY6teA2PChSXe/40I
eYhE2TH/BANFnkApubG3Zlk9q7qdsOt3pz5Wh4c1WzdcPU0yav8O34ug2b0167i8
yrtL/7yGDhCevPnqU7yIkAGG9jczDOzBiVyD3Fmck3jyS8H2i33pIDcd+ykSjBq4
L7dMYTZDw8mRIQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 15:27:19 2026 by rpki-client