Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/09e2f7-e650-4f38-a745-c396200fe0bf/1/lKpBiudwvajvBRax0cYzpn6R84s.mft
File: lKpBiudwvajvBRax0cYzpn6R84s.mft (raw, json)
Hash identifier: WZb/W5md4/Z495Ybnmi6a71kKDl+v6SL28RVS+0M/yU=
Subject key identifier: 69:A4:E1:44:3F:2B:6E:5F:25:87:D4:8A:03:FE:04:CD:32:27:74:B9
Authority key identifier: 94:AA:41:8A:E7:70:BD:A8:EF:05:16:B1:D1:C6:33:A6:7E:91:F3:8B
Certificate issuer: /CN=94aa418ae770bda8ef0516b1d1c633a67e91f38b
Certificate serial: 019D9B19EE1D30C369730720F4FB0C434A61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lKpBiudwvajvBRax0cYzpn6R84s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/09e2f7-e650-4f38-a745-c396200fe0bf/1/lKpBiudwvajvBRax0cYzpn6R84s.mft
Manifest number: 128B
Signing time: Fri 17 Apr 2026 11:01:00 +0000
Manifest this update: Fri 17 Apr 2026 11:01:00 +0000
Manifest next update: Sat 18 Apr 2026 11:01:00 +0000
Files and hashes: 1: F0X0Kldz9ZbWiCYe5dgOuGe8cE8.roa (hash: l3MXfi0HIHId22Sz44wGoyo4bnLBnE9WiSKYA9yuZAM=)
2: lKpBiudwvajvBRax0cYzpn6R84s.crl (hash: blcuSkHySYsDu7Qovx7jXT9s0hpgaopWStsuaEwdv3I=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5c/09e2f7-e650-4f38-a745-c396200fe0bf/1/lKpBiudwvajvBRax0cYzpn6R84s.crl
rsync://rpki.ripe.net/repository/DEFAULT/5c/09e2f7-e650-4f38-a745-c396200fe0bf/1/lKpBiudwvajvBRax0cYzpn6R84s.mft
rsync://rpki.ripe.net/repository/DEFAULT/lKpBiudwvajvBRax0cYzpn6R84s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9b:19:ee:1d:30:c3:69:73:07:20:f4:fb:0c:43:4a:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94aa418ae770bda8ef0516b1d1c633a67e91f38b
Validity
Not Before: Apr 17 11:01:00 2026 GMT
Not After : Apr 18 11:01:00 2026 GMT
Subject: CN=69a4e1443f2b6e5f2587d48a03fe04cd322774b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:47:bd:8e:95:f7:e2:29:71:95:23:e6:71:87:
85:b3:2a:c3:47:55:d6:96:99:fd:6e:59:33:47:21:
ca:70:d9:d7:17:e1:8a:2c:93:d3:55:ca:b8:ec:a6:
db:d6:df:7a:0b:d9:85:5c:a1:44:05:7c:4b:d3:93:
ef:90:17:e1:55:d0:af:92:0c:93:12:5c:3f:63:41:
54:ee:93:a5:97:3b:ee:a3:6a:ef:dc:bd:d5:1c:dd:
b0:90:1f:8a:9e:32:e4:74:83:2a:2c:14:43:81:32:
f8:02:94:24:8f:4e:2e:7d:ae:ec:e1:e6:89:17:84:
54:4e:62:78:50:30:ff:b7:5c:49:21:77:a8:7e:e7:
ea:6a:9a:fa:d9:93:f5:4d:82:ae:65:a3:32:bc:51:
55:64:57:af:dc:c3:bb:ab:04:9b:23:8a:ff:b0:4a:
2e:fa:b1:ea:42:ae:10:a7:f3:37:82:31:de:f6:8b:
22:9d:d0:f1:86:b6:93:00:9f:00:c3:d2:61:48:24:
d1:39:9e:92:24:8c:07:f0:6e:36:66:fb:68:1f:6d:
a2:7d:c5:ab:60:f6:57:19:51:52:35:5b:1d:dd:ee:
96:fb:4c:d7:4e:22:d2:7e:4a:d4:1a:79:93:1f:2d:
98:25:0e:95:4a:f9:fb:9a:e8:78:52:34:c1:f3:dc:
11:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:A4:E1:44:3F:2B:6E:5F:25:87:D4:8A:03:FE:04:CD:32:27:74:B9
X509v3 Authority Key Identifier:
keyid:94:AA:41:8A:E7:70:BD:A8:EF:05:16:B1:D1:C6:33:A6:7E:91:F3:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lKpBiudwvajvBRax0cYzpn6R84s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/09e2f7-e650-4f38-a745-c396200fe0bf/1/lKpBiudwvajvBRax0cYzpn6R84s.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/09e2f7-e650-4f38-a745-c396200fe0bf/1/lKpBiudwvajvBRax0cYzpn6R84s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a4:fc:15:b8:9e:f7:3c:7c:fe:88:bd:81:46:aa:4d:93:20:42:
12:67:cf:df:eb:6f:4b:c8:e0:ba:52:b7:4b:40:68:ae:91:1b:
a1:0a:c1:e4:c4:89:eb:4d:a6:f2:ca:e2:0a:87:6f:ca:41:7f:
d3:12:79:ed:d8:03:c2:2b:56:8d:4e:bd:1a:a6:d1:50:51:67:
e6:50:60:50:0a:5a:6b:82:27:e8:0f:1b:3c:93:d7:6b:21:1c:
5a:de:b0:dc:cc:8c:d2:eb:b1:3c:9b:90:7f:b4:58:56:ca:58:
01:19:bf:21:51:58:a1:46:26:59:e1:37:77:4c:e6:f5:16:9b:
45:48:0a:c2:25:fe:d6:3f:e3:8c:1d:6a:33:ec:66:46:bf:88:
f8:4e:30:17:4a:5e:1c:7e:8c:90:06:c8:2f:00:76:9c:de:2d:
85:d3:ae:3e:74:eb:60:b7:a1:bc:dd:b0:18:70:b0:9d:af:54:
76:ca:a8:66:4f:61:bb:40:ed:13:0b:bc:b9:70:35:25:61:91:
02:66:cf:05:41:b3:a8:c0:cd:0c:3f:41:ef:81:c8:2b:de:33:
2c:e9:48:0a:d9:84:1a:9e:21:f4:d9:81:6a:5e:c7:80:f3:e0:
93:f2:7e:46:cc:d9:bc:43:4c:a8:a9:37:1b:6b:9d:2e:a4:90:
d6:fb:01:13
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2bGe4dMMNpcwcg9PsMQ0phMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0YWE0MThhZTc3MGJkYThlZjA1MTZiMWQxYzYzM2E2N2U5
MWYzOGIwHhcNMjYwNDE3MTEwMTAwWhcNMjYwNDE4MTEwMTAwWjAzMTEwLwYDVQQD
Eyg2OWE0ZTE0NDNmMmI2ZTVmMjU4N2Q0OGEwM2ZlMDRjZDMyMjc3NGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwEe9jpX34ilxlSPmcYeFsyrDR1XW
lpn9blkzRyHKcNnXF+GKLJPTVcq47Kbb1t96C9mFXKFEBXxL05PvkBfhVdCvkgyT
Elw/Y0FU7pOllzvuo2rv3L3VHN2wkB+KnjLkdIMqLBRDgTL4ApQkj04ufa7s4eaJ
F4RUTmJ4UDD/t1xJIXeofufqapr62ZP1TYKuZaMyvFFVZFev3MO7qwSbI4r/sEou
+rHqQq4Qp/M3gjHe9osindDxhraTAJ8Aw9JhSCTROZ6SJIwH8G42ZvtoH22ifcWr
YPZXGVFSNVsd3e6W+0zXTiLSfkrUGnmTHy2YJQ6VSvn7muh4UjTB89wRkwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGmk4UQ/K25fJYfUigP+BM0yJ3S5MB8GA1UdIwQY
MBaAFJSqQYrncL2o7wUWsdHGM6Z+kfOLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEtwQml1ZHd2YWp2QlJheDBjWXpwbjZSODRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy8wOWUyZjctZTY1MC00ZjM4LWE3NDUt
YzM5NjIwMGZlMGJmLzEvbEtwQml1ZHd2YWp2QlJheDBjWXpwbjZSODRzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy8wOWUyZjctZTY1MC00ZjM4LWE3NDUtYzM5NjIwMGZlMGJm
LzEvbEtwQml1ZHd2YWp2QlJheDBjWXpwbjZSODRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApPwVuJ73
PHz+iL2BRqpNkyBCEmfP3+tvS8jgulK3S0BorpEboQrB5MSJ602m8sriCodvykF/
0xJ57dgDwitWjU69GqbRUFFn5lBgUApaa4In6A8bPJPXayEcWt6w3MyM0uuxPJuQ
f7RYVspYARm/IVFYoUYmWeE3d0zm9RabRUgKwiX+1j/jjB1qM+xmRr+I+E4wF0pe
HH6MkAbILwB2nN4thdOuPnTrYLehvN2wGHCwna9UdsqoZk9hu0DtEwu8uXA1JWGR
AmbPBUGzqMDNDD9B74HIK94zLOlICtmEGp4h9NmBal7HgPPgk/J+RszZvENMqKk3
G2udLqSQ1vsBEw==
-----END CERTIFICATE-----
Generated at Fri Apr 17 13:54:41 2026 by rpki-client