Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/f09a7f-5761-45a7-9ccb-1f3ed6d881b8/1/lSC_jHciaj-ojr4RzI8RacxWCnk.mft
File: lSC_jHciaj-ojr4RzI8RacxWCnk.mft (raw, json)
Hash identifier: nMFzzN3GxmhbnOKKnDT2Ukoi79N7MZ7CZ8Fd5fENyck=
Subject key identifier: AE:4F:1F:5F:34:F6:97:54:68:3F:70:85:EC:B3:29:6C:0D:F3:0B:9D
Authority key identifier: 95:20:BF:8C:77:22:6A:3F:A8:8E:BE:11:CC:8F:11:69:CC:56:0A:79
Certificate issuer: /CN=9520bf8c77226a3fa88ebe11cc8f1169cc560a79
Certificate serial: 019D39E5FA398C3274CBD1478016A0787999
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lSC_jHciaj-ojr4RzI8RacxWCnk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/f09a7f-5761-45a7-9ccb-1f3ed6d881b8/1/lSC_jHciaj-ojr4RzI8RacxWCnk.mft
Manifest number: 0FAA
Signing time: Sun 29 Mar 2026 14:01:05 +0000
Manifest this update: Sun 29 Mar 2026 14:01:05 +0000
Manifest next update: Mon 30 Mar 2026 14:01:05 +0000
Files and hashes: 1: 1-4k_j5tlYDY-0PvjETD04LazkDs.roa (hash: dUn8gRxx7kqyKB4xZnZt/reCOUYtE+UapqvIfJ65GYw=)
2: lSC_jHciaj-ojr4RzI8RacxWCnk.crl (hash: ynaDg1CAA1LutuHhy5nyJrmGKwgYQy1Pm6pbFX8654M=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/f09a7f-5761-45a7-9ccb-1f3ed6d881b8/1/lSC_jHciaj-ojr4RzI8RacxWCnk.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/f09a7f-5761-45a7-9ccb-1f3ed6d881b8/1/lSC_jHciaj-ojr4RzI8RacxWCnk.mft
rsync://rpki.ripe.net/repository/DEFAULT/lSC_jHciaj-ojr4RzI8RacxWCnk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 14:01:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:e5:fa:39:8c:32:74:cb:d1:47:80:16:a0:78:79:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9520bf8c77226a3fa88ebe11cc8f1169cc560a79
Validity
Not Before: Mar 29 14:01:05 2026 GMT
Not After : Mar 30 14:01:05 2026 GMT
Subject: CN=ae4f1f5f34f69754683f7085ecb3296c0df30b9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:6a:42:af:19:c3:f2:8c:15:1b:2a:1a:26:a4:
90:87:45:f3:85:66:70:eb:44:55:fe:e6:75:16:bd:
9b:76:fe:6c:55:d3:02:8e:50:24:29:15:3c:2d:fd:
1b:37:10:33:43:73:7d:18:6e:23:14:2e:a6:46:e0:
54:52:84:f4:bc:b1:3f:38:99:d6:3d:9c:e7:1e:79:
3d:c2:e8:b5:0c:25:aa:e9:5f:db:99:e6:a1:b9:92:
c9:9f:01:bc:97:34:18:3a:e7:ad:b0:4a:66:0a:72:
88:3b:d1:2d:6a:32:77:69:c3:8c:8e:ba:2e:8c:f9:
66:74:c5:b7:ad:39:e8:87:af:46:ef:72:80:76:51:
86:0a:d6:61:c5:fa:cb:7d:d4:56:08:1a:e9:c3:d3:
3c:18:f6:40:f0:45:3b:96:54:9c:4b:a2:51:8d:d1:
5a:aa:e2:fc:ec:d8:e1:9f:b8:7c:df:e0:f2:b1:82:
04:09:aa:d2:5c:07:e5:c7:48:de:b2:3e:73:e9:73:
ff:93:e3:11:2c:b5:a4:9f:4c:eb:ee:e2:08:7a:e2:
68:8c:dc:ea:ea:20:26:a8:25:f0:41:06:6b:bd:70:
0d:a5:23:a6:63:95:d8:18:78:e1:53:ba:76:24:49:
11:02:f8:19:6c:41:13:a6:16:9a:c3:73:14:28:23:
7e:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:4F:1F:5F:34:F6:97:54:68:3F:70:85:EC:B3:29:6C:0D:F3:0B:9D
X509v3 Authority Key Identifier:
keyid:95:20:BF:8C:77:22:6A:3F:A8:8E:BE:11:CC:8F:11:69:CC:56:0A:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lSC_jHciaj-ojr4RzI8RacxWCnk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/f09a7f-5761-45a7-9ccb-1f3ed6d881b8/1/lSC_jHciaj-ojr4RzI8RacxWCnk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/f09a7f-5761-45a7-9ccb-1f3ed6d881b8/1/lSC_jHciaj-ojr4RzI8RacxWCnk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2b:ae:1a:e4:40:05:4c:10:17:9c:63:38:9a:2c:de:30:c0:31:
b4:0a:58:87:2d:2e:5a:b5:a2:88:17:6f:38:3d:11:3b:84:48:
a0:bd:9c:8b:68:de:15:e6:75:ce:20:68:86:70:31:ae:61:8e:
8a:c5:40:b6:4d:95:63:84:70:7f:51:0b:1e:d6:ba:ab:c2:b9:
94:2c:9a:7f:fc:c7:4f:a6:d0:c9:82:3e:7e:07:12:50:65:50:
89:81:d9:d5:6e:45:4b:22:eb:34:20:2c:21:f8:00:0b:d9:63:
cb:27:a5:13:e8:9c:8a:5e:d6:d7:fd:63:7f:5d:8e:b5:00:5a:
1d:a9:2d:de:87:e5:61:d7:9a:b8:87:af:18:44:af:3d:ba:86:
5a:76:1b:46:61:66:28:15:60:71:ad:a3:9c:ae:0e:00:b9:84:
86:7c:2b:3b:f3:a9:50:94:7c:15:c6:8d:4a:11:01:1e:69:76:
6b:24:73:f7:05:8c:55:83:21:04:6e:29:bd:5b:6d:85:13:df:
78:33:34:d0:21:e6:28:ec:72:e6:ba:be:1c:4e:43:83:1d:0f:
58:e0:e9:bd:23:0f:2b:f4:d6:25:d8:4b:f6:9e:ca:10:b3:44:
83:70:96:cb:f5:24:9b:07:59:ae:19:1b:79:a6:36:68:ce:fc:
76:40:d5:a8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ055fo5jDJ0y9FHgBageHmZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1MjBiZjhjNzcyMjZhM2ZhODhlYmUxMWNjOGYxMTY5Y2M1
NjBhNzkwHhcNMjYwMzI5MTQwMTA1WhcNMjYwMzMwMTQwMTA1WjAzMTEwLwYDVQQD
EyhhZTRmMWY1ZjM0ZjY5NzU0NjgzZjcwODVlY2IzMjk2YzBkZjMwYjlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu2pCrxnD8owVGyoaJqSQh0XzhWZw
60RV/uZ1Fr2bdv5sVdMCjlAkKRU8Lf0bNxAzQ3N9GG4jFC6mRuBUUoT0vLE/OJnW
PZznHnk9wui1DCWq6V/bmeahuZLJnwG8lzQYOuetsEpmCnKIO9EtajJ3acOMjrou
jPlmdMW3rTnoh69G73KAdlGGCtZhxfrLfdRWCBrpw9M8GPZA8EU7llScS6JRjdFa
quL87Njhn7h83+DysYIECarSXAflx0jesj5z6XP/k+MRLLWkn0zr7uIIeuJojNzq
6iAmqCXwQQZrvXANpSOmY5XYGHjhU7p2JEkRAvgZbEETphaaw3MUKCN+zQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK5PH1809pdUaD9wheyzKWwN8wudMB8GA1UdIwQY
MBaAFJUgv4x3Imo/qI6+EcyPEWnMVgp5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFNDX2pIY2lhai1vanI0UnpJOFJhY3hXQ25rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9mMDlhN2YtNTc2MS00NWE3LTljY2It
MWYzZWQ2ZDg4MWI4LzEvbFNDX2pIY2lhai1vanI0UnpJOFJhY3hXQ25rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9mMDlhN2YtNTc2MS00NWE3LTljY2ItMWYzZWQ2ZDg4MWI4
LzEvbFNDX2pIY2lhai1vanI0UnpJOFJhY3hXQ25rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAK64a5EAF
TBAXnGM4mizeMMAxtApYhy0uWrWiiBdvOD0RO4RIoL2ci2jeFeZ1ziBohnAxrmGO
isVAtk2VY4Rwf1ELHta6q8K5lCyaf/zHT6bQyYI+fgcSUGVQiYHZ1W5FSyLrNCAs
IfgAC9ljyyelE+icil7W1/1jf12OtQBaHakt3oflYdeauIevGESvPbqGWnYbRmFm
KBVgca2jnK4OALmEhnwrO/OpUJR8FcaNShEBHml2ayRz9wWMVYMhBG4pvVtthRPf
eDM00CHmKOxy5rq+HE5Dgx0PWODpvSMPK/TWJdhL9p7KELNEg3CWy/UkmwdZrhkb
eaY2aM78dkDVqA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 21:32:21 2026 by rpki-client