Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/bf70d3-70fa-4a32-809f-2a591c149d7a/1/lhmTYCWfpbNbgpU8Xtl5mSKDQaw.mft
File: lhmTYCWfpbNbgpU8Xtl5mSKDQaw.mft (raw, json)
Hash identifier: 3juELkcvhG7kDdG5Cy6dbHwGSt7rl+SIlW51DJa6DqM=
Subject key identifier: 95:60:F0:4F:EE:C2:29:A8:DF:0A:B0:68:43:0D:D8:5F:AF:61:B9:5F
Authority key identifier: 96:19:93:60:25:9F:A5:B3:5B:82:95:3C:5E:D9:79:99:22:83:41:AC
Certificate issuer: /CN=96199360259fa5b35b82953c5ed97999228341ac
Certificate serial: 019CAAFD805AA2B9218AE04506DFA44BE743
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lhmTYCWfpbNbgpU8Xtl5mSKDQaw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/bf70d3-70fa-4a32-809f-2a591c149d7a/1/lhmTYCWfpbNbgpU8Xtl5mSKDQaw.mft
Manifest number: 15AF
Signing time: Sun 01 Mar 2026 20:01:05 +0000
Manifest this update: Sun 01 Mar 2026 20:01:05 +0000
Manifest next update: Mon 02 Mar 2026 20:01:05 +0000
Files and hashes: 1: lhmTYCWfpbNbgpU8Xtl5mSKDQaw.crl (hash: q+ftf1KrJwpH5hNoJEUDGg+qtKuvGCtcQ8GokrPFfcE=)
2: xR-_0CxJhk7opaVLnqtilVW0u5k.roa (hash: smIJQKujLMH2xBq3OokVMe7VXadkyznDo/jDUgPKJpc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/bf70d3-70fa-4a32-809f-2a591c149d7a/1/lhmTYCWfpbNbgpU8Xtl5mSKDQaw.crl
rsync://rpki.ripe.net/repository/DEFAULT/21/bf70d3-70fa-4a32-809f-2a591c149d7a/1/lhmTYCWfpbNbgpU8Xtl5mSKDQaw.mft
rsync://rpki.ripe.net/repository/DEFAULT/lhmTYCWfpbNbgpU8Xtl5mSKDQaw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:aa:fd:80:5a:a2:b9:21:8a:e0:45:06:df:a4:4b:e7:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=96199360259fa5b35b82953c5ed97999228341ac
Validity
Not Before: Mar 1 20:01:05 2026 GMT
Not After : Mar 2 20:01:05 2026 GMT
Subject: CN=9560f04feec229a8df0ab068430dd85faf61b95f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:e7:46:d4:fd:2c:8f:fd:e6:d3:81:56:58:f4:
4c:4d:20:6d:f4:96:0c:c2:7c:0a:fb:ed:55:63:9c:
71:bc:71:b1:1a:f7:dc:f6:25:c1:64:b6:b5:00:90:
03:a4:3e:76:eb:bf:ef:50:85:1f:1a:0e:9b:e8:0b:
0c:40:51:5b:1c:ce:87:33:f8:ea:b8:43:13:3f:ce:
c1:61:84:04:00:e5:0e:86:d7:6a:d4:a0:1a:68:39:
77:fe:90:c4:e8:ef:e3:70:91:94:77:37:c3:0c:8e:
a8:05:df:4d:f7:c5:eb:cb:97:ca:f2:74:72:c8:f7:
a0:a1:a6:9c:b1:0c:00:00:59:ae:af:e7:b5:b5:f4:
0f:e8:40:15:1c:0c:fa:1c:d7:86:09:91:b5:8a:bc:
95:e1:1f:07:0c:8e:37:79:9f:3d:13:c6:47:f6:c0:
5b:5e:b5:01:78:41:25:5b:db:90:15:9f:2c:10:59:
a7:83:f5:93:5b:14:71:8a:a3:36:1b:d6:70:da:6c:
9c:e1:0e:65:2b:ec:35:32:9a:a2:83:de:f2:3d:a6:
d2:33:d6:ba:0b:78:36:9f:1a:c1:0c:64:2e:05:b4:
22:b1:c7:ba:fd:f2:f9:8e:9c:e3:26:08:cd:14:53:
72:be:a9:4c:1a:93:e2:c9:35:39:cd:68:c3:fe:8c:
48:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:60:F0:4F:EE:C2:29:A8:DF:0A:B0:68:43:0D:D8:5F:AF:61:B9:5F
X509v3 Authority Key Identifier:
keyid:96:19:93:60:25:9F:A5:B3:5B:82:95:3C:5E:D9:79:99:22:83:41:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lhmTYCWfpbNbgpU8Xtl5mSKDQaw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/bf70d3-70fa-4a32-809f-2a591c149d7a/1/lhmTYCWfpbNbgpU8Xtl5mSKDQaw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/bf70d3-70fa-4a32-809f-2a591c149d7a/1/lhmTYCWfpbNbgpU8Xtl5mSKDQaw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6a:4a:42:4a:cb:50:f8:b1:e8:9c:d9:24:6e:df:a9:a1:03:1d:
64:2d:94:0d:ab:c6:c2:cb:0f:ff:63:2a:39:06:d1:15:e4:fa:
43:c2:a2:d4:c7:91:f4:b8:62:12:5c:6d:dc:b9:32:e3:6d:ab:
f5:31:b4:fc:b2:4b:bd:b8:b9:af:9b:fd:69:3e:b7:22:41:9c:
cb:31:45:5f:91:a0:14:06:7c:c7:d2:16:19:3f:19:fd:77:ac:
0a:45:09:ea:1f:cb:02:a6:52:18:6f:57:47:cb:7a:76:4c:31:
95:4f:06:2a:99:ec:fc:71:7e:53:2d:e5:18:6a:7b:93:8f:b8:
d6:bb:1d:a9:b4:9f:35:a7:e5:40:f9:19:97:f7:07:b0:0b:13:
a6:c3:b3:87:a9:c3:28:0f:5a:95:64:8a:06:ae:5f:35:00:b9:
c7:94:ba:88:24:1d:8c:c8:d8:c6:32:1e:ae:4a:2b:4e:25:c5:
fb:29:49:be:bc:85:77:70:ca:cf:73:83:a8:b2:3e:cf:85:2c:
d1:d7:6e:f2:b1:cc:08:da:aa:44:13:97:72:fb:cb:18:f1:be:
07:ba:41:f7:14:d0:9c:a7:f9:c8:ed:67:29:1f:53:a8:45:03:
bc:e2:1a:46:3d:8a:d5:a8:a2:07:3f:61:01:3b:91:3b:03:45:
cf:3b:fa:39
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyq/YBaorkhiuBFBt+kS+dDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2MTk5MzYwMjU5ZmE1YjM1YjgyOTUzYzVlZDk3OTk5MjI4
MzQxYWMwHhcNMjYwMzAxMjAwMTA1WhcNMjYwMzAyMjAwMTA1WjAzMTEwLwYDVQQD
Eyg5NTYwZjA0ZmVlYzIyOWE4ZGYwYWIwNjg0MzBkZDg1ZmFmNjFiOTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqedG1P0sj/3m04FWWPRMTSBt9JYM
wnwK++1VY5xxvHGxGvfc9iXBZLa1AJADpD5267/vUIUfGg6b6AsMQFFbHM6HM/jq
uEMTP87BYYQEAOUOhtdq1KAaaDl3/pDE6O/jcJGUdzfDDI6oBd9N98Xry5fK8nRy
yPegoaacsQwAAFmur+e1tfQP6EAVHAz6HNeGCZG1iryV4R8HDI43eZ89E8ZH9sBb
XrUBeEElW9uQFZ8sEFmng/WTWxRxiqM2G9Zw2myc4Q5lK+w1Mpqig97yPabSM9a6
C3g2nxrBDGQuBbQisce6/fL5jpzjJgjNFFNyvqlMGpPiyTU5zWjD/oxIVwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJVg8E/uwimo3wqwaEMN2F+vYblfMB8GA1UdIwQY
MBaAFJYZk2Aln6WzW4KVPF7ZeZkig0GsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGhtVFlDV2ZwYk5iZ3BVOFh0bDVtU0tEUWF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9iZjcwZDMtNzBmYS00YTMyLTgwOWYt
MmE1OTFjMTQ5ZDdhLzEvbGhtVFlDV2ZwYk5iZ3BVOFh0bDVtU0tEUWF3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9iZjcwZDMtNzBmYS00YTMyLTgwOWYtMmE1OTFjMTQ5ZDdh
LzEvbGhtVFlDV2ZwYk5iZ3BVOFh0bDVtU0tEUWF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAakpCSstQ
+LHonNkkbt+poQMdZC2UDavGwssP/2MqOQbRFeT6Q8Ki1MeR9LhiElxt3Lky422r
9TG0/LJLvbi5r5v9aT63IkGcyzFFX5GgFAZ8x9IWGT8Z/XesCkUJ6h/LAqZSGG9X
R8t6dkwxlU8GKpns/HF+Uy3lGGp7k4+41rsdqbSfNaflQPkZl/cHsAsTpsOzh6nD
KA9alWSKBq5fNQC5x5S6iCQdjMjYxjIerkorTiXF+ylJvryFd3DKz3ODqLI+z4Us
0ddu8rHMCNqqRBOXcvvLGPG+B7pB9xTQnKf5yO1nKR9TqEUDvOIaRj2K1aiiBz9h
ATuROwNFzzv6OQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 03:42:21 2026 by rpki-client