Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/df3a15-2e49-4d8e-855a-1c2758651efa/1/lxx4swX7ScvUAF1EJ8H2LGpFWmg.mft
File: lxx4swX7ScvUAF1EJ8H2LGpFWmg.mft (raw, json)
Hash identifier: B00h1P1e7LwAu3CMZc9aYMlGkBIKRq9w7dzkwo1oMWk=
Subject key identifier: 72:1C:27:AC:D8:BD:B0:40:07:1D:0E:64:07:91:7A:35:B3:56:94:5B
Authority key identifier: 97:1C:78:B3:05:FB:49:CB:D4:00:5D:44:27:C1:F6:2C:6A:45:5A:68
Certificate issuer: /CN=971c78b305fb49cbd4005d4427c1f62c6a455a68
Certificate serial: 019D3941A516E56F807878EB3E17866B1F84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lxx4swX7ScvUAF1EJ8H2LGpFWmg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/df3a15-2e49-4d8e-855a-1c2758651efa/1/lxx4swX7ScvUAF1EJ8H2LGpFWmg.mft
Manifest number: 1890
Signing time: Sun 29 Mar 2026 11:01:36 +0000
Manifest this update: Sun 29 Mar 2026 11:01:36 +0000
Manifest next update: Mon 30 Mar 2026 11:01:36 +0000
Files and hashes: 1: DE4eWYMqD_V_TW9RHCPnXwS869o.roa (hash: B3QCN3c0NtaCxyXkiY1LF3q86AMCDmY0V4HgIvdlpZw=)
2: QHQB5R-_IHEKwwGTKDoZ2Ksm3ts.roa (hash: RSCo2PpN2aVf+mUteSJphpe4hoO5sJZI7c95rlwWbrM=)
3: lxx4swX7ScvUAF1EJ8H2LGpFWmg.crl (hash: VbxHlQz0A/uOWRXqOexxznmlGeQrYkDe8MOgniqbTK8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ef/df3a15-2e49-4d8e-855a-1c2758651efa/1/lxx4swX7ScvUAF1EJ8H2LGpFWmg.crl
rsync://rpki.ripe.net/repository/DEFAULT/ef/df3a15-2e49-4d8e-855a-1c2758651efa/1/lxx4swX7ScvUAF1EJ8H2LGpFWmg.mft
rsync://rpki.ripe.net/repository/DEFAULT/lxx4swX7ScvUAF1EJ8H2LGpFWmg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:41:a5:16:e5:6f:80:78:78:eb:3e:17:86:6b:1f:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=971c78b305fb49cbd4005d4427c1f62c6a455a68
Validity
Not Before: Mar 29 11:01:36 2026 GMT
Not After : Mar 30 11:01:36 2026 GMT
Subject: CN=721c27acd8bdb040071d0e6407917a35b356945b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:cf:28:d1:db:57:ab:2d:4d:a5:ac:24:7f:7d:
a8:62:a8:73:a3:4e:d7:8c:d1:5d:98:76:bf:81:13:
2c:5c:be:ef:ed:06:50:6f:14:8e:6b:b5:66:e6:8c:
51:f7:23:45:ac:08:c2:20:d8:99:3c:a8:85:a2:52:
11:ca:13:26:d3:90:bf:d1:15:92:13:52:77:b1:10:
fc:e7:ac:b8:8a:78:48:dd:ff:23:bf:22:7a:81:87:
2a:9d:d4:94:bc:c7:2f:1c:63:4e:ac:6f:78:5f:7d:
fb:38:d2:d8:d9:3f:6e:fa:16:5c:35:1d:26:65:ff:
d1:b0:2a:37:d3:54:db:09:e6:b8:cd:08:b5:ec:19:
42:4d:cf:ab:73:ff:50:23:1a:a0:79:cc:23:9c:7a:
3a:cb:9a:b6:7a:f2:a6:a1:79:a7:3f:a0:d9:4e:e2:
29:70:45:20:5a:e8:ce:69:53:f7:67:47:b0:e0:9b:
b7:cc:50:01:3e:74:20:23:53:23:86:4c:7d:6d:f2:
84:f7:25:9a:df:4b:0e:07:2c:82:b5:cf:bd:8c:53:
8d:61:bd:c1:ca:6f:a1:ff:24:5b:df:4d:bd:22:0c:
b5:92:77:70:96:9e:f2:81:3e:13:ac:1d:58:6d:07:
29:f8:66:32:40:b8:c0:c3:cf:06:10:a2:0f:8c:ea:
8d:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:1C:27:AC:D8:BD:B0:40:07:1D:0E:64:07:91:7A:35:B3:56:94:5B
X509v3 Authority Key Identifier:
keyid:97:1C:78:B3:05:FB:49:CB:D4:00:5D:44:27:C1:F6:2C:6A:45:5A:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lxx4swX7ScvUAF1EJ8H2LGpFWmg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/df3a15-2e49-4d8e-855a-1c2758651efa/1/lxx4swX7ScvUAF1EJ8H2LGpFWmg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/df3a15-2e49-4d8e-855a-1c2758651efa/1/lxx4swX7ScvUAF1EJ8H2LGpFWmg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
14:e1:0f:c3:2a:e1:55:a8:22:35:92:1d:86:42:d1:ef:db:db:
56:69:b1:43:88:4f:79:0e:ca:a8:c0:18:65:a8:16:00:e8:7b:
4c:ec:ef:e4:69:b9:93:68:b5:c6:49:43:3a:df:77:8b:9e:a8:
24:65:62:1c:ca:3e:7e:3a:2c:b8:9e:87:dc:86:13:74:14:ab:
ce:56:6d:e1:05:81:1e:6c:8b:1c:84:4b:9c:7a:ea:37:43:d4:
bb:0a:a8:1c:c0:e5:e5:d4:42:77:89:ca:be:c8:f9:df:b7:f7:
fe:27:53:bc:87:ec:03:78:64:e8:6a:02:d5:ad:e5:6e:94:15:
d2:f4:f1:5b:a8:62:8d:4d:5b:de:21:6f:96:c6:ca:aa:35:e9:
ce:3b:da:25:3c:c7:82:f7:83:b2:60:f9:50:69:35:a0:34:2e:
f2:2e:2c:36:45:20:37:87:03:e8:70:0a:8c:90:b7:10:58:0c:
bb:47:ce:ae:42:fe:da:d0:2e:f4:31:52:cb:99:3e:a0:5e:66:
a7:03:ad:74:58:b8:13:d6:1e:0a:00:d8:67:02:99:e9:a4:32:
d4:b1:e7:00:9e:ec:dc:fd:c7:ec:b4:ff:f0:8b:9a:69:93:61:
da:95:ba:83:e5:ea:c1:e1:74:22:20:ea:27:83:2d:dc:1b:43:
e2:f3:e2:b1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05QaUW5W+AeHjrPheGax+EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3MWM3OGIzMDVmYjQ5Y2JkNDAwNWQ0NDI3YzFmNjJjNmE0
NTVhNjgwHhcNMjYwMzI5MTEwMTM2WhcNMjYwMzMwMTEwMTM2WjAzMTEwLwYDVQQD
Eyg3MjFjMjdhY2Q4YmRiMDQwMDcxZDBlNjQwNzkxN2EzNWIzNTY5NDViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAks8o0dtXqy1Npawkf32oYqhzo07X
jNFdmHa/gRMsXL7v7QZQbxSOa7Vm5oxR9yNFrAjCINiZPKiFolIRyhMm05C/0RWS
E1J3sRD856y4inhI3f8jvyJ6gYcqndSUvMcvHGNOrG94X337ONLY2T9u+hZcNR0m
Zf/RsCo301TbCea4zQi17BlCTc+rc/9QIxqgecwjnHo6y5q2evKmoXmnP6DZTuIp
cEUgWujOaVP3Z0ew4Ju3zFABPnQgI1Mjhkx9bfKE9yWa30sOByyCtc+9jFONYb3B
ym+h/yRb3029Igy1kndwlp7ygT4TrB1YbQcp+GYyQLjAw88GEKIPjOqNGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHIcJ6zYvbBABx0OZAeRejWzVpRbMB8GA1UdIwQY
MBaAFJcceLMF+0nL1ABdRCfB9ixqRVpoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHh4NHN3WDdTY3ZVQUYxRUo4SDJMR3BGV21nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi9kZjNhMTUtMmU0OS00ZDhlLTg1NWEt
MWMyNzU4NjUxZWZhLzEvbHh4NHN3WDdTY3ZVQUYxRUo4SDJMR3BGV21nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi9kZjNhMTUtMmU0OS00ZDhlLTg1NWEtMWMyNzU4NjUxZWZh
LzEvbHh4NHN3WDdTY3ZVQUYxRUo4SDJMR3BGV21nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFOEPwyrh
VagiNZIdhkLR79vbVmmxQ4hPeQ7KqMAYZagWAOh7TOzv5Gm5k2i1xklDOt93i56o
JGViHMo+fjosuJ6H3IYTdBSrzlZt4QWBHmyLHIRLnHrqN0PUuwqoHMDl5dRCd4nK
vsj537f3/idTvIfsA3hk6GoC1a3lbpQV0vTxW6hijU1b3iFvlsbKqjXpzjvaJTzH
gveDsmD5UGk1oDQu8i4sNkUgN4cD6HAKjJC3EFgMu0fOrkL+2tAu9DFSy5k+oF5m
pwOtdFi4E9YeCgDYZwKZ6aQy1LHnAJ7s3P3H7LT/8IuaaZNh2pW6g+XqweF0IiDq
J4Mt3BtD4vPisQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 14:06:39 2026 by rpki-client