Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/6fcf66-8e8c-4dbb-8cf0-5019d2c388db/1/LKYTd0lZnAPHtHLxQscZaAAGtuY.mft
File: LKYTd0lZnAPHtHLxQscZaAAGtuY.mft (raw, json)
Hash identifier: ZF9Lo7b23J8Zpa9Xc7oHq8Q2GtAuXWLBVlS00uDk1ho=
Subject key identifier: A8:5E:8E:44:5C:E1:BD:A4:CE:68:01:82:9F:EC:03:A5:3F:4F:E2:39
Authority key identifier: 2C:A6:13:77:49:59:9C:03:C7:B4:72:F1:42:C7:19:68:00:06:B6:E6
Certificate issuer: /CN=2ca6137749599c03c7b472f142c719680006b6e6
Certificate serial: 019CAB6B0F778D7C878BCE4DD1AB31F68384
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LKYTd0lZnAPHtHLxQscZaAAGtuY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/6fcf66-8e8c-4dbb-8cf0-5019d2c388db/1/LKYTd0lZnAPHtHLxQscZaAAGtuY.mft
Manifest number: 14DA
Signing time: Sun 01 Mar 2026 22:00:46 +0000
Manifest this update: Sun 01 Mar 2026 22:00:46 +0000
Manifest next update: Mon 02 Mar 2026 22:00:46 +0000
Files and hashes: 1: DjKvHGkxm9JLkDzr5jJuPNohrKM.roa (hash: 4xyJPy+sZSw3rF0C0CNhWMzSFjnYCLyNFxo1nQPPkU4=)
2: LKYTd0lZnAPHtHLxQscZaAAGtuY.crl (hash: 8C3NZ4tl0H9iWgD9PihqBKEMZgPhcpAJVZgRPveXL8c=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/6fcf66-8e8c-4dbb-8cf0-5019d2c388db/1/LKYTd0lZnAPHtHLxQscZaAAGtuY.crl
rsync://rpki.ripe.net/repository/DEFAULT/09/6fcf66-8e8c-4dbb-8cf0-5019d2c388db/1/LKYTd0lZnAPHtHLxQscZaAAGtuY.mft
rsync://rpki.ripe.net/repository/DEFAULT/LKYTd0lZnAPHtHLxQscZaAAGtuY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ab:6b:0f:77:8d:7c:87:8b:ce:4d:d1:ab:31:f6:83:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ca6137749599c03c7b472f142c719680006b6e6
Validity
Not Before: Mar 1 22:00:46 2026 GMT
Not After : Mar 2 22:00:46 2026 GMT
Subject: CN=a85e8e445ce1bda4ce6801829fec03a53f4fe239
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:db:08:59:2c:49:00:78:c0:e7:96:39:9f:61:
9d:fb:d7:e9:4f:82:5f:e6:14:65:1d:89:0b:3d:2b:
9d:42:da:ee:15:de:56:4f:9a:b1:54:9f:79:21:d4:
27:2d:05:5e:ff:5d:16:0e:e7:ba:bb:2d:b7:c3:5d:
66:06:83:26:aa:9d:fb:68:9a:42:c9:19:c8:cc:59:
99:d0:ba:62:9f:09:83:37:23:2c:c9:7a:21:47:f1:
c7:66:66:78:3d:5a:7c:33:64:22:27:b6:89:dc:53:
2f:79:e0:0c:ff:8d:cc:21:87:db:82:9d:87:9d:a6:
c1:d2:34:09:d1:00:36:ff:5a:29:bf:83:0c:f1:ba:
20:3b:e9:10:c7:10:72:35:6d:3f:31:49:44:3a:30:
ae:93:e4:3a:73:10:99:d1:84:af:46:3d:fe:fb:ba:
79:14:f2:b6:73:a4:07:00:eb:5a:a6:87:fb:c7:f4:
ca:86:9b:f0:52:17:5c:39:0f:eb:f5:0a:97:42:71:
9f:59:ff:56:0e:96:04:dc:00:6e:25:39:f7:06:aa:
57:21:c7:00:68:8b:86:f5:83:17:91:73:6b:71:4a:
0f:83:52:2e:55:00:1c:8c:40:05:df:41:f2:97:c6:
1e:08:a7:e2:aa:33:1a:5b:aa:1c:12:84:6a:c1:3a:
00:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:5E:8E:44:5C:E1:BD:A4:CE:68:01:82:9F:EC:03:A5:3F:4F:E2:39
X509v3 Authority Key Identifier:
keyid:2C:A6:13:77:49:59:9C:03:C7:B4:72:F1:42:C7:19:68:00:06:B6:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LKYTd0lZnAPHtHLxQscZaAAGtuY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/6fcf66-8e8c-4dbb-8cf0-5019d2c388db/1/LKYTd0lZnAPHtHLxQscZaAAGtuY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/6fcf66-8e8c-4dbb-8cf0-5019d2c388db/1/LKYTd0lZnAPHtHLxQscZaAAGtuY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
09:64:a7:8c:07:37:3d:b0:9d:38:f6:e8:97:c7:ad:41:bc:88:
f8:23:85:12:44:4b:ff:36:30:bf:d5:af:02:a2:c7:c7:1e:5f:
fa:f0:37:ad:41:6d:09:45:38:3b:3b:35:ba:cc:db:49:86:84:
f7:13:38:2c:31:4e:c3:e9:c6:28:6d:f7:c1:c5:fc:7a:66:11:
94:90:8b:8b:65:1f:9a:cc:ba:56:99:2c:a9:94:cc:bc:c0:79:
4d:f5:57:cb:ef:e3:1c:4c:77:0a:f0:9e:12:49:d5:27:44:1c:
ad:b4:3f:0a:9c:af:9e:1c:3e:34:ee:f0:c0:ce:00:ee:62:49:
28:dd:95:8e:8b:6e:c4:c0:ee:ee:50:04:31:74:97:05:3e:de:
42:64:3a:3e:cc:80:27:10:64:df:59:22:2f:5b:63:17:9b:8f:
8d:df:bd:9f:64:ca:51:6b:6e:d8:f5:07:04:3d:0c:85:29:1b:
68:55:ff:53:85:c0:4a:b2:2a:c8:2f:cb:bf:76:05:3d:8b:4f:
64:84:92:0b:c8:6f:82:81:2e:8c:4d:4e:b0:f6:42:cb:17:d5:
ea:f8:cf:4e:07:51:a5:75:55:0e:f9:56:f1:fd:f3:8b:cd:12:
30:cb:c6:b2:24:a6:4f:7f:c2:f6:63:41:ad:0f:77:2f:1f:c0:
00:95:4d:91
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyraw93jXyHi85N0asx9oOEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjYTYxMzc3NDk1OTljMDNjN2I0NzJmMTQyYzcxOTY4MDAw
NmI2ZTYwHhcNMjYwMzAxMjIwMDQ2WhcNMjYwMzAyMjIwMDQ2WjAzMTEwLwYDVQQD
EyhhODVlOGU0NDVjZTFiZGE0Y2U2ODAxODI5ZmVjMDNhNTNmNGZlMjM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2dsIWSxJAHjA55Y5n2Gd+9fpT4Jf
5hRlHYkLPSudQtruFd5WT5qxVJ95IdQnLQVe/10WDue6uy23w11mBoMmqp37aJpC
yRnIzFmZ0LpinwmDNyMsyXohR/HHZmZ4PVp8M2QiJ7aJ3FMveeAM/43MIYfbgp2H
nabB0jQJ0QA2/1opv4MM8bogO+kQxxByNW0/MUlEOjCuk+Q6cxCZ0YSvRj3++7p5
FPK2c6QHAOtapof7x/TKhpvwUhdcOQ/r9QqXQnGfWf9WDpYE3ABuJTn3BqpXIccA
aIuG9YMXkXNrcUoPg1IuVQAcjEAF30Hyl8YeCKfiqjMaW6ocEoRqwToAPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKhejkRc4b2kzmgBgp/sA6U/T+I5MB8GA1UdIwQY
MBaAFCymE3dJWZwDx7Ry8ULHGWgABrbmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTEtZVGQwbFpuQVBIdEhMeFFzY1phQUFHdHVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS82ZmNmNjYtOGU4Yy00ZGJiLThjZjAt
NTAxOWQyYzM4OGRiLzEvTEtZVGQwbFpuQVBIdEhMeFFzY1phQUFHdHVZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS82ZmNmNjYtOGU4Yy00ZGJiLThjZjAtNTAxOWQyYzM4OGRi
LzEvTEtZVGQwbFpuQVBIdEhMeFFzY1phQUFHdHVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACWSnjAc3
PbCdOPbol8etQbyI+COFEkRL/zYwv9WvAqLHxx5f+vA3rUFtCUU4Ozs1uszbSYaE
9xM4LDFOw+nGKG33wcX8emYRlJCLi2Ufmsy6VpksqZTMvMB5TfVXy+/jHEx3CvCe
EknVJ0QcrbQ/Cpyvnhw+NO7wwM4A7mJJKN2VjotuxMDu7lAEMXSXBT7eQmQ6PsyA
JxBk31kiL1tjF5uPjd+9n2TKUWtu2PUHBD0MhSkbaFX/U4XASrIqyC/Lv3YFPYtP
ZISSC8hvgoEujE1OsPZCyxfV6vjPTgdRpXVVDvlW8f3zi80SMMvGsiSmT3/C9mNB
rQ93Lx/AAJVNkQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:50:54 2026 by rpki-client