Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/6a88ac-efb4-45e4-9199-2abdb21941bc/1/lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.mft
File: lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.mft (raw, json)
Hash identifier: dXdq1J0h8O3xhKUNC0hDVxGyPRgxRvCEaPoB78YCQbU=
Subject key identifier: 9F:89:19:5D:E2:40:8F:2B:2B:15:0A:C9:4E:6C:81:E5:43:67:97:5F
Authority key identifier: 96:B8:7E:5F:D1:AA:DC:1B:BE:A3:72:B4:26:9E:EB:D3:93:C5:CD:67
Certificate issuer: /CN=96b87e5fd1aadc1bbea372b4269eebd393c5cd67
Certificate serial: 019D9A3EB38DDBCB144E8B6A2FD15A17FF13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/6a88ac-efb4-45e4-9199-2abdb21941bc/1/lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.mft
Manifest number: 0FF9
Signing time: Fri 17 Apr 2026 07:01:33 +0000
Manifest this update: Fri 17 Apr 2026 07:01:33 +0000
Manifest next update: Sat 18 Apr 2026 07:01:33 +0000
Files and hashes: 1: Qb_RZp-mahSy8KfrU77wNxpfg_E.roa (hash: u1xd1aPYepFZHPAZOvL3xwts9hFrIKK/yaiHVAix9zo=)
2: lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.crl (hash: PDvUmZO6bnhOdofSlE8t439xUCAx/Yp09Ijel2E1We0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1b/6a88ac-efb4-45e4-9199-2abdb21941bc/1/lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.crl
rsync://rpki.ripe.net/repository/DEFAULT/1b/6a88ac-efb4-45e4-9199-2abdb21941bc/1/lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.mft
rsync://rpki.ripe.net/repository/DEFAULT/lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9a:3e:b3:8d:db:cb:14:4e:8b:6a:2f:d1:5a:17:ff:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=96b87e5fd1aadc1bbea372b4269eebd393c5cd67
Validity
Not Before: Apr 17 07:01:33 2026 GMT
Not After : Apr 18 07:01:33 2026 GMT
Subject: CN=9f89195de2408f2b2b150ac94e6c81e54367975f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:90:33:23:91:af:fd:a2:ac:1e:75:ec:dc:5a:
9d:de:e4:4a:fc:15:1f:a0:d6:bb:67:0e:f6:90:a5:
12:0d:c0:97:d8:2c:dd:19:38:b1:72:97:c8:49:92:
39:ac:a3:30:5f:70:8b:85:3f:09:cc:63:fd:09:47:
85:9b:6d:4f:38:f6:00:07:66:43:83:1b:31:48:1b:
53:dd:07:91:3b:20:fe:37:0a:8c:ca:34:52:e3:3f:
7f:bb:49:04:38:f9:84:2a:f7:9b:07:0c:3f:e7:52:
bc:5b:94:a3:9f:6d:6b:f9:ec:07:36:1e:de:d6:1b:
41:a9:84:70:14:01:c6:e3:2a:54:eb:cb:e2:91:b6:
d6:51:db:86:fd:fd:4e:8b:37:bd:16:6b:0f:09:f1:
7e:9d:9f:89:8a:6d:8b:5b:0a:0d:74:b2:7f:99:69:
45:3c:dd:41:24:78:89:ba:e7:d8:74:fc:d3:c6:cf:
09:bc:04:cb:65:6c:d8:7c:fe:22:b8:51:bf:73:42:
3d:db:49:07:ff:67:18:a4:85:cb:94:95:1b:20:03:
da:68:a4:d4:f4:e3:13:a8:2e:b6:61:b1:50:02:1c:
e0:a7:a9:ea:0c:06:cc:62:e3:00:e1:dc:16:81:c0:
0f:df:3e:75:52:e0:59:62:fc:39:b1:a6:52:64:10:
9b:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:89:19:5D:E2:40:8F:2B:2B:15:0A:C9:4E:6C:81:E5:43:67:97:5F
X509v3 Authority Key Identifier:
keyid:96:B8:7E:5F:D1:AA:DC:1B:BE:A3:72:B4:26:9E:EB:D3:93:C5:CD:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/6a88ac-efb4-45e4-9199-2abdb21941bc/1/lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/6a88ac-efb4-45e4-9199-2abdb21941bc/1/lrh-X9Gq3Bu-o3K0Jp7r05PFzWc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
84:e7:9e:d0:54:2d:f4:09:ff:a6:00:59:a4:88:99:03:92:8b:
41:29:f9:f4:ab:5a:8c:40:b3:9e:07:ed:81:8f:8f:b8:d7:d5:
d7:e9:89:5e:97:42:e5:da:ad:2b:83:6e:c3:f5:68:e0:be:19:
36:8e:e8:8b:0d:25:b7:d6:c9:fa:ac:5e:00:83:e0:91:10:f7:
1f:65:a9:79:9d:6a:29:2e:91:84:97:0e:bd:5b:7f:10:3b:4b:
19:27:e9:32:76:24:04:b9:87:34:9f:0e:7f:90:3f:57:45:6f:
5a:5e:c9:fd:17:a2:05:76:3f:82:52:39:4f:ea:a2:2d:85:aa:
c6:e2:40:a1:e6:25:ad:64:2f:6a:2d:ca:11:df:52:19:d1:83:
d5:eb:7a:25:57:25:2f:b5:23:62:d2:4f:cd:d8:32:0f:e5:64:
1e:ed:1c:10:13:6a:88:b8:19:b2:89:eb:d5:6a:44:7d:89:e5:
8a:44:e8:03:2c:a0:bc:51:06:66:73:a6:9a:0e:0c:3b:02:9d:
96:fd:f9:e9:59:9e:11:bb:09:0e:c2:c9:37:67:1b:82:df:28:
9c:0f:9b:69:25:96:59:9b:75:81:96:c6:c0:a6:cc:39:85:38:
ec:41:ce:ac:df:ad:c6:11:b9:96:af:2f:72:b5:c6:a1:a4:11:
7a:4c:a9:9b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2aPrON28sUTotqL9FaF/8TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2Yjg3ZTVmZDFhYWRjMWJiZWEzNzJiNDI2OWVlYmQzOTNj
NWNkNjcwHhcNMjYwNDE3MDcwMTMzWhcNMjYwNDE4MDcwMTMzWjAzMTEwLwYDVQQD
Eyg5Zjg5MTk1ZGUyNDA4ZjJiMmIxNTBhYzk0ZTZjODFlNTQzNjc5NzVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsJAzI5Gv/aKsHnXs3Fqd3uRK/BUf
oNa7Zw72kKUSDcCX2CzdGTixcpfISZI5rKMwX3CLhT8JzGP9CUeFm21POPYAB2ZD
gxsxSBtT3QeROyD+NwqMyjRS4z9/u0kEOPmEKvebBww/51K8W5Sjn21r+ewHNh7e
1htBqYRwFAHG4ypU68vikbbWUduG/f1Oize9FmsPCfF+nZ+Jim2LWwoNdLJ/mWlF
PN1BJHiJuufYdPzTxs8JvATLZWzYfP4iuFG/c0I920kH/2cYpIXLlJUbIAPaaKTU
9OMTqC62YbFQAhzgp6nqDAbMYuMA4dwWgcAP3z51UuBZYvw5saZSZBCbEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ+JGV3iQI8rKxUKyU5sgeVDZ5dfMB8GA1UdIwQY
MBaAFJa4fl/RqtwbvqNytCae69OTxc1nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHJoLVg5R3EzQnUtbzNLMEpwN3IwNVBGeldjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi82YTg4YWMtZWZiNC00NWU0LTkxOTkt
MmFiZGIyMTk0MWJjLzEvbHJoLVg5R3EzQnUtbzNLMEpwN3IwNVBGeldjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi82YTg4YWMtZWZiNC00NWU0LTkxOTktMmFiZGIyMTk0MWJj
LzEvbHJoLVg5R3EzQnUtbzNLMEpwN3IwNVBGeldjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhOee0FQt
9An/pgBZpIiZA5KLQSn59KtajECzngftgY+PuNfV1+mJXpdC5dqtK4Nuw/Vo4L4Z
No7oiw0lt9bJ+qxeAIPgkRD3H2WpeZ1qKS6RhJcOvVt/EDtLGSfpMnYkBLmHNJ8O
f5A/V0VvWl7J/ReiBXY/glI5T+qiLYWqxuJAoeYlrWQvai3KEd9SGdGD1et6JVcl
L7UjYtJPzdgyD+VkHu0cEBNqiLgZsonr1WpEfYnlikToAyygvFEGZnOmmg4MOwKd
lv356VmeEbsJDsLJN2cbgt8onA+baSWWWZt1gZbGwKbMOYU47EHOrN+txhG5lq8v
crXGoaQRekypmw==
-----END CERTIFICATE-----
Generated at Fri Apr 17 14:27:05 2026 by rpki-client