Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/c75af4-9d26-4290-b027-a56c52be198c/1/LX893KDLOOx7CMaQKeIPUtxAjxc.mft
File: LX893KDLOOx7CMaQKeIPUtxAjxc.mft (raw, json)
Hash identifier: 9r4vnCAXQMjuEfLWqAqiN6QjbpWQQMO0B8CxB6vySCM=
Subject key identifier: 30:ED:CD:67:95:3D:01:1D:70:25:49:4A:94:C0:8A:1B:DF:BA:32:18
Authority key identifier: 2D:7F:3D:DC:A0:CB:38:EC:7B:08:C6:90:29:E2:0F:52:DC:40:8F:17
Certificate issuer: /CN=2d7f3ddca0cb38ec7b08c69029e20f52dc408f17
Certificate serial: 019D38D2B6764C74354A2BC1A51E626FBAC6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LX893KDLOOx7CMaQKeIPUtxAjxc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/c75af4-9d26-4290-b027-a56c52be198c/1/LX893KDLOOx7CMaQKeIPUtxAjxc.mft
Manifest number: 1892
Signing time: Sun 29 Mar 2026 09:00:26 +0000
Manifest this update: Sun 29 Mar 2026 09:00:26 +0000
Manifest next update: Mon 30 Mar 2026 09:00:26 +0000
Files and hashes: 1: HBZIofhnEyGMafPIiZxVB_Ns56M.roa (hash: 49lIUj/HnnMzqTTFtrpK2NJtv/LRA6INi2P9F0Ad34E=)
2: LX893KDLOOx7CMaQKeIPUtxAjxc.crl (hash: Tq24bFIVhlqTLIX8UoVf6RPt8akhC2OitcmBOghDl5A=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/c75af4-9d26-4290-b027-a56c52be198c/1/LX893KDLOOx7CMaQKeIPUtxAjxc.crl
rsync://rpki.ripe.net/repository/DEFAULT/f8/c75af4-9d26-4290-b027-a56c52be198c/1/LX893KDLOOx7CMaQKeIPUtxAjxc.mft
rsync://rpki.ripe.net/repository/DEFAULT/LX893KDLOOx7CMaQKeIPUtxAjxc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:d2:b6:76:4c:74:35:4a:2b:c1:a5:1e:62:6f:ba:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d7f3ddca0cb38ec7b08c69029e20f52dc408f17
Validity
Not Before: Mar 29 09:00:26 2026 GMT
Not After : Mar 30 09:00:26 2026 GMT
Subject: CN=30edcd67953d011d7025494a94c08a1bdfba3218
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:66:ff:95:76:3b:87:ae:8e:d6:e4:7e:5a:98:
6d:98:c2:9a:c3:18:9c:5b:a3:15:10:14:59:07:96:
57:4f:78:82:28:15:da:cf:42:2d:5b:a1:0d:25:dc:
bc:bc:ed:8d:09:f6:ec:87:e0:d8:de:8b:c0:4f:a6:
11:4e:1c:06:b7:e0:f6:6c:9f:fe:8d:da:a1:0f:bb:
4c:ed:9c:95:60:91:b6:3b:f9:f1:c9:87:a1:c8:6f:
70:92:97:8d:d7:20:22:64:52:e3:57:62:03:66:dc:
63:f7:c0:79:78:b7:7e:0b:b8:4d:eb:a6:2d:c1:75:
83:ff:f9:97:83:3a:c8:2e:c4:8c:a8:7a:7a:2d:68:
a5:5f:e8:26:7b:49:d2:2a:61:de:39:57:09:e3:11:
d9:4a:0f:5d:a4:ab:e2:10:60:82:2d:42:f9:c8:18:
06:80:fc:14:7b:60:8e:f9:25:c5:f4:36:75:e1:09:
07:f5:29:84:c8:6c:ac:b7:c3:8f:dd:38:11:6f:b5:
5e:66:34:a7:43:60:9b:aa:30:30:1a:89:79:ec:48:
de:2b:68:f5:ca:3d:d7:a1:2b:20:25:f5:82:7e:97:
b2:b8:a9:19:cc:9f:56:26:24:2f:d4:96:81:cf:b9:
bc:49:1e:b5:1a:7b:02:a6:30:54:20:c2:f0:80:22:
d8:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:ED:CD:67:95:3D:01:1D:70:25:49:4A:94:C0:8A:1B:DF:BA:32:18
X509v3 Authority Key Identifier:
keyid:2D:7F:3D:DC:A0:CB:38:EC:7B:08:C6:90:29:E2:0F:52:DC:40:8F:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LX893KDLOOx7CMaQKeIPUtxAjxc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/c75af4-9d26-4290-b027-a56c52be198c/1/LX893KDLOOx7CMaQKeIPUtxAjxc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/c75af4-9d26-4290-b027-a56c52be198c/1/LX893KDLOOx7CMaQKeIPUtxAjxc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
21:03:34:b4:7d:2c:20:42:7a:78:ee:8e:b0:c5:20:90:7f:74:
6f:dc:6b:9d:4c:ee:69:8d:3e:fc:36:17:cb:7f:ef:d9:f3:4e:
74:78:47:9c:af:19:e8:58:51:29:f0:84:4f:52:47:63:37:7d:
fc:ad:f8:a0:4c:f2:66:e0:2b:bb:f0:c7:32:8a:99:02:bd:ce:
46:37:3c:d0:99:15:c4:a3:08:d7:ba:61:a8:bc:fb:f6:4e:3c:
0e:4a:42:46:88:57:bd:22:b6:c2:49:eb:49:c2:64:bc:16:51:
56:2c:aa:94:f2:51:6f:af:11:18:83:2e:66:f1:de:b2:39:68:
89:bd:1d:2c:ab:34:83:5a:d0:9c:3c:63:1b:be:ed:bb:d6:63:
5e:73:cd:07:23:56:01:e0:a5:ec:4a:32:42:71:41:ff:97:50:
34:86:21:1a:b8:a6:33:f9:83:61:90:d7:e8:8a:0b:52:a3:11:
cc:41:18:a6:e1:7e:32:74:59:16:8d:73:e2:2c:10:79:ff:da:
d6:8d:bd:43:85:bb:1e:5a:39:6c:53:b3:bf:a4:3e:62:61:88:
34:07:b2:d6:be:4a:c2:5c:0f:9c:4e:b9:8a:55:c3:ec:70:73:
74:aa:a2:e8:6f:51:9b:4d:c0:69:d3:9e:5d:19:c6:5d:9a:4d:
c5:40:a9:b3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ040rZ2THQ1SivBpR5ib7rGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkN2YzZGRjYTBjYjM4ZWM3YjA4YzY5MDI5ZTIwZjUyZGM0
MDhmMTcwHhcNMjYwMzI5MDkwMDI2WhcNMjYwMzMwMDkwMDI2WjAzMTEwLwYDVQQD
EygzMGVkY2Q2Nzk1M2QwMTFkNzAyNTQ5NGE5NGMwOGExYmRmYmEzMjE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArGb/lXY7h66O1uR+WphtmMKawxic
W6MVEBRZB5ZXT3iCKBXaz0ItW6ENJdy8vO2NCfbsh+DY3ovAT6YRThwGt+D2bJ/+
jdqhD7tM7ZyVYJG2O/nxyYehyG9wkpeN1yAiZFLjV2IDZtxj98B5eLd+C7hN66Yt
wXWD//mXgzrILsSMqHp6LWilX+gme0nSKmHeOVcJ4xHZSg9dpKviEGCCLUL5yBgG
gPwUe2CO+SXF9DZ14QkH9SmEyGyst8OP3TgRb7VeZjSnQ2CbqjAwGol57EjeK2j1
yj3XoSsgJfWCfpeyuKkZzJ9WJiQv1JaBz7m8SR61GnsCpjBUIMLwgCLYFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDDtzWeVPQEdcCVJSpTAihvfujIYMB8GA1UdIwQY
MBaAFC1/PdygyzjsewjGkCniD1LcQI8XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFg4OTNLRExPT3g3Q01hUUtlSVBVdHhBanhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9jNzVhZjQtOWQyNi00MjkwLWIwMjct
YTU2YzUyYmUxOThjLzEvTFg4OTNLRExPT3g3Q01hUUtlSVBVdHhBanhjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9jNzVhZjQtOWQyNi00MjkwLWIwMjctYTU2YzUyYmUxOThj
LzEvTFg4OTNLRExPT3g3Q01hUUtlSVBVdHhBanhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIQM0tH0s
IEJ6eO6OsMUgkH90b9xrnUzuaY0+/DYXy3/v2fNOdHhHnK8Z6FhRKfCET1JHYzd9
/K34oEzyZuAru/DHMoqZAr3ORjc80JkVxKMI17phqLz79k48DkpCRohXvSK2wknr
ScJkvBZRViyqlPJRb68RGIMuZvHesjloib0dLKs0g1rQnDxjG77tu9ZjXnPNByNW
AeCl7EoyQnFB/5dQNIYhGrimM/mDYZDX6IoLUqMRzEEYpuF+MnRZFo1z4iwQef/a
1o29Q4W7Hlo5bFOzv6Q+YmGINAey1r5KwlwPnE65ilXD7HBzdKqi6G9Rm03AadOe
XRnGXZpNxUCpsw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:27:10 2026 by rpki-client