Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/9eaf5c-8c54-45ed-bfc4-673c3889161d/1/lQSgmkWW2BV9pp3DNGxavOTOThM.mft
File: lQSgmkWW2BV9pp3DNGxavOTOThM.mft (raw, json)
Hash identifier: MOmTf16V/AmLYfGPWyTtw+esTmyOQBYAD4I932g3w7Q=
Subject key identifier: 37:D5:87:CF:DB:74:2B:2D:65:60:90:37:BB:78:5E:CD:EB:4F:F3:4F
Authority key identifier: 95:04:A0:9A:45:96:D8:15:7D:A6:9D:C3:34:6C:5A:BC:E4:CE:4E:13
Certificate issuer: /CN=9504a09a4596d8157da69dc3346c5abce4ce4e13
Certificate serial: 019D3940848FED79BA6D7AAEF60A8C67E199
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lQSgmkWW2BV9pp3DNGxavOTOThM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/9eaf5c-8c54-45ed-bfc4-673c3889161d/1/lQSgmkWW2BV9pp3DNGxavOTOThM.mft
Manifest number: 04EE
Signing time: Sun 29 Mar 2026 11:00:22 +0000
Manifest this update: Sun 29 Mar 2026 11:00:22 +0000
Manifest next update: Mon 30 Mar 2026 11:00:22 +0000
Files and hashes: 1: lQSgmkWW2BV9pp3DNGxavOTOThM.crl (hash: Ooku4B2Q265pUFIiQT9cPNWD23dfaL06t9MvmTxr+Uc=)
2: sZJjT_2snQotK3ftEGw_d9sZrf0.roa (hash: ZP0upJCIf42M9db5/txOE5l9C4b/LsGAyR1WtYBipm0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/9eaf5c-8c54-45ed-bfc4-673c3889161d/1/lQSgmkWW2BV9pp3DNGxavOTOThM.crl
rsync://rpki.ripe.net/repository/DEFAULT/f4/9eaf5c-8c54-45ed-bfc4-673c3889161d/1/lQSgmkWW2BV9pp3DNGxavOTOThM.mft
rsync://rpki.ripe.net/repository/DEFAULT/lQSgmkWW2BV9pp3DNGxavOTOThM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:40:84:8f:ed:79:ba:6d:7a:ae:f6:0a:8c:67:e1:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9504a09a4596d8157da69dc3346c5abce4ce4e13
Validity
Not Before: Mar 29 11:00:22 2026 GMT
Not After : Mar 30 11:00:22 2026 GMT
Subject: CN=37d587cfdb742b2d65609037bb785ecdeb4ff34f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:45:35:be:6e:0c:75:11:a3:f4:05:65:d9:1c:
7e:60:5a:25:9b:3b:60:dd:ab:5e:e4:38:78:29:2b:
6e:4b:24:7d:a4:7d:bf:80:a3:f8:7c:26:24:9d:ea:
c6:65:90:59:76:b3:07:4b:3a:5c:f5:06:88:a4:35:
4b:d5:02:7b:13:72:9e:ea:da:fb:09:7c:3c:17:88:
ca:12:d1:16:5d:24:75:2f:31:ed:42:13:70:0c:bb:
cc:3b:1c:2b:a9:6d:c6:6a:d3:2a:2d:ad:b2:66:b4:
5c:f1:5f:6a:1d:64:de:10:df:9d:5a:29:9b:2e:8e:
68:40:4c:b9:46:f3:87:5a:aa:64:24:10:01:3e:3f:
fa:5a:b4:eb:12:e6:0c:63:ed:9d:44:59:2f:e7:cd:
6b:f8:27:42:17:11:70:41:ff:b0:1f:e8:ff:43:00:
96:2f:fa:b9:3e:96:87:f1:d1:22:cf:98:7d:3f:0b:
be:2f:9b:82:61:42:8a:44:39:32:6f:b0:00:3e:bd:
5f:5d:c0:97:23:54:80:7d:22:33:ea:87:0e:33:89:
7d:28:0c:70:5d:4f:ac:7c:fa:b1:53:db:64:2d:16:
2b:62:69:fb:4c:3c:ed:11:08:bc:c8:1b:e4:a4:fa:
34:b5:29:17:1c:f2:fd:81:b1:eb:55:00:25:4b:d7:
1e:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:D5:87:CF:DB:74:2B:2D:65:60:90:37:BB:78:5E:CD:EB:4F:F3:4F
X509v3 Authority Key Identifier:
keyid:95:04:A0:9A:45:96:D8:15:7D:A6:9D:C3:34:6C:5A:BC:E4:CE:4E:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lQSgmkWW2BV9pp3DNGxavOTOThM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/9eaf5c-8c54-45ed-bfc4-673c3889161d/1/lQSgmkWW2BV9pp3DNGxavOTOThM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/9eaf5c-8c54-45ed-bfc4-673c3889161d/1/lQSgmkWW2BV9pp3DNGxavOTOThM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7f:1c:d0:43:bd:48:49:a1:0e:4e:40:19:46:bd:52:99:76:15:
1c:de:58:fe:bb:fd:3d:2d:34:16:18:aa:bf:56:18:41:8d:11:
89:f6:01:35:b5:f1:6e:cd:af:f7:2c:ed:2c:8e:be:14:40:ff:
f1:72:33:28:d4:11:0a:ec:67:77:2c:36:d2:36:4f:04:59:86:
74:78:28:9b:c1:96:04:72:6a:49:39:29:62:a0:5f:a7:4a:7d:
d8:25:d5:14:ad:3f:67:ef:d2:cd:21:a5:6b:be:ed:a5:e8:01:
ac:50:a8:04:f3:12:00:8f:73:89:dd:8d:f5:8a:ff:a7:c1:9c:
b1:34:f5:18:eb:bb:5a:6d:0a:34:d3:32:51:65:80:75:b3:5a:
de:9a:62:9f:38:d9:bf:15:78:2b:9c:05:2d:b2:3a:8a:ff:63:
37:b7:6e:16:4e:a4:7e:fb:5f:40:33:65:01:c0:57:fb:c3:21:
19:b0:bd:f5:c8:e8:3e:7e:1f:9c:db:39:79:ba:9b:74:9d:01:
27:0e:f9:74:b0:c5:c4:5c:ca:b7:6d:2a:d4:e9:a0:fb:b4:03:
b9:61:d3:b2:ff:55:ad:33:3c:46:5a:2e:d9:24:18:9b:bd:ca:
35:08:08:ff:12:4e:19:18:19:b2:df:99:0f:89:85:05:34:90:
9f:51:11:1f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05QISP7Xm6bXqu9gqMZ+GZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1MDRhMDlhNDU5NmQ4MTU3ZGE2OWRjMzM0NmM1YWJjZTRj
ZTRlMTMwHhcNMjYwMzI5MTEwMDIyWhcNMjYwMzMwMTEwMDIyWjAzMTEwLwYDVQQD
EygzN2Q1ODdjZmRiNzQyYjJkNjU2MDkwMzdiYjc4NWVjZGViNGZmMzRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk0U1vm4MdRGj9AVl2Rx+YFolmztg
3ate5Dh4KStuSyR9pH2/gKP4fCYknerGZZBZdrMHSzpc9QaIpDVL1QJ7E3Ke6tr7
CXw8F4jKEtEWXSR1LzHtQhNwDLvMOxwrqW3GatMqLa2yZrRc8V9qHWTeEN+dWimb
Lo5oQEy5RvOHWqpkJBABPj/6WrTrEuYMY+2dRFkv581r+CdCFxFwQf+wH+j/QwCW
L/q5PpaH8dEiz5h9Pwu+L5uCYUKKRDkyb7AAPr1fXcCXI1SAfSIz6ocOM4l9KAxw
XU+sfPqxU9tkLRYrYmn7TDztEQi8yBvkpPo0tSkXHPL9gbHrVQAlS9ceswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDfVh8/bdCstZWCQN7t4Xs3rT/NPMB8GA1UdIwQY
MBaAFJUEoJpFltgVfaadwzRsWrzkzk4TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFFTZ21rV1cyQlY5cHAzRE5HeGF2T1RPVGhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC85ZWFmNWMtOGM1NC00NWVkLWJmYzQt
NjczYzM4ODkxNjFkLzEvbFFTZ21rV1cyQlY5cHAzRE5HeGF2T1RPVGhNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC85ZWFmNWMtOGM1NC00NWVkLWJmYzQtNjczYzM4ODkxNjFk
LzEvbFFTZ21rV1cyQlY5cHAzRE5HeGF2T1RPVGhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfxzQQ71I
SaEOTkAZRr1SmXYVHN5Y/rv9PS00Fhiqv1YYQY0RifYBNbXxbs2v9yztLI6+FED/
8XIzKNQRCuxndyw20jZPBFmGdHgom8GWBHJqSTkpYqBfp0p92CXVFK0/Z+/SzSGl
a77tpegBrFCoBPMSAI9zid2N9Yr/p8GcsTT1GOu7Wm0KNNMyUWWAdbNa3ppinzjZ
vxV4K5wFLbI6iv9jN7duFk6kfvtfQDNlAcBX+8MhGbC99cjoPn4fnNs5ebqbdJ0B
Jw75dLDFxFzKt20q1Omg+7QDuWHTsv9VrTM8Rlou2SQYm73KNQgI/xJOGRgZst+Z
D4mFBTSQn1ERHw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 13:45:41 2026 by rpki-client