Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/09e2f7-e650-4f38-a745-c396200fe0bf/1/lKpBiudwvajvBRax0cYzpn6R84s.mft
File: lKpBiudwvajvBRax0cYzpn6R84s.mft (raw, json)
Hash identifier: Vk3Soc5ea0iD89Drt/I5oYFtFPWgZ6Zn603vvzJHas0=
Subject key identifier: 8D:2A:FA:58:8E:B5:23:14:4D:30:FF:0C:C7:75:84:47:C5:FB:8E:54
Authority key identifier: 94:AA:41:8A:E7:70:BD:A8:EF:05:16:B1:D1:C6:33:A6:7E:91:F3:8B
Certificate issuer: /CN=94aa418ae770bda8ef0516b1d1c633a67e91f38b
Certificate serial: 019CABA1E6F193A9AAADAB5F6AD28714E64C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lKpBiudwvajvBRax0cYzpn6R84s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/09e2f7-e650-4f38-a745-c396200fe0bf/1/lKpBiudwvajvBRax0cYzpn6R84s.mft
Manifest number: 120F
Signing time: Sun 01 Mar 2026 23:00:40 +0000
Manifest this update: Sun 01 Mar 2026 23:00:40 +0000
Manifest next update: Mon 02 Mar 2026 23:00:40 +0000
Files and hashes: 1: F0X0Kldz9ZbWiCYe5dgOuGe8cE8.roa (hash: l3MXfi0HIHId22Sz44wGoyo4bnLBnE9WiSKYA9yuZAM=)
2: lKpBiudwvajvBRax0cYzpn6R84s.crl (hash: UK7y19NGrqXRKFDy3UYxUxATxXtymwZ46sgyj7rHiCE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5c/09e2f7-e650-4f38-a745-c396200fe0bf/1/lKpBiudwvajvBRax0cYzpn6R84s.crl
rsync://rpki.ripe.net/repository/DEFAULT/5c/09e2f7-e650-4f38-a745-c396200fe0bf/1/lKpBiudwvajvBRax0cYzpn6R84s.mft
rsync://rpki.ripe.net/repository/DEFAULT/lKpBiudwvajvBRax0cYzpn6R84s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 23:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ab:a1:e6:f1:93:a9:aa:ad:ab:5f:6a:d2:87:14:e6:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94aa418ae770bda8ef0516b1d1c633a67e91f38b
Validity
Not Before: Mar 1 23:00:40 2026 GMT
Not After : Mar 2 23:00:40 2026 GMT
Subject: CN=8d2afa588eb523144d30ff0cc7758447c5fb8e54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:ae:b2:c4:9e:6b:08:bd:88:dd:3a:bf:74:68:
58:e9:91:db:94:8f:5a:b3:54:aa:fd:2f:a3:27:b1:
3d:55:80:5b:7c:97:b8:28:8e:9f:67:be:dc:ab:9d:
c3:af:4c:05:c3:79:e5:a3:65:a6:9a:12:ff:5c:88:
b1:4d:69:9c:68:d9:27:74:6f:0f:8a:0c:f4:a1:6f:
49:4f:92:1d:37:32:17:ad:24:da:c3:2d:86:03:71:
52:ae:0f:1f:51:3f:71:ae:16:5b:7a:d7:c9:96:d8:
62:d6:24:e5:52:c6:98:90:73:d8:25:90:81:4a:a8:
ba:8c:ef:4a:52:71:8c:e1:be:1c:16:4a:6c:b7:43:
9b:61:b6:f5:55:7b:40:a1:76:1a:b6:7b:1f:71:04:
3a:16:df:34:ce:4a:8b:2c:21:42:77:20:aa:46:97:
b4:29:10:53:bc:76:1a:d6:49:85:9f:62:6f:00:bc:
d3:43:65:64:a7:a4:26:94:d2:66:7c:dc:b6:f8:cf:
22:94:7f:08:b6:1d:8e:73:a8:b4:cf:8b:99:0c:3b:
36:f6:30:b3:3f:57:8f:2d:ac:52:4e:d7:28:f1:6e:
8f:c6:95:a7:1e:96:a4:ab:cd:c8:3d:1f:4c:ef:09:
05:5e:11:2c:7e:8e:1b:e6:c3:0f:59:f9:3a:62:55:
3f:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:2A:FA:58:8E:B5:23:14:4D:30:FF:0C:C7:75:84:47:C5:FB:8E:54
X509v3 Authority Key Identifier:
keyid:94:AA:41:8A:E7:70:BD:A8:EF:05:16:B1:D1:C6:33:A6:7E:91:F3:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lKpBiudwvajvBRax0cYzpn6R84s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/09e2f7-e650-4f38-a745-c396200fe0bf/1/lKpBiudwvajvBRax0cYzpn6R84s.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/09e2f7-e650-4f38-a745-c396200fe0bf/1/lKpBiudwvajvBRax0cYzpn6R84s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9b:8b:a3:50:8c:5e:c5:d8:59:a5:31:16:82:70:f2:b6:a4:12:
85:e0:b2:8d:0f:40:1a:3a:a9:54:3e:76:3c:af:00:f0:73:ae:
b5:80:dd:76:6d:2a:2e:f6:91:4c:85:62:be:87:76:aa:18:55:
44:a6:e5:ad:5f:29:ee:2b:ea:64:d5:5e:b3:4a:97:30:5d:3e:
98:1a:d4:72:60:a1:2c:fc:a2:72:27:58:a1:df:10:5d:cf:5d:
0a:2d:27:0f:46:0f:03:dd:5e:fb:04:ea:d7:70:79:4a:f3:ca:
90:6b:57:89:ee:60:bd:85:45:1e:b5:9f:13:d5:e7:67:77:ef:
61:55:66:60:b7:7d:c7:b2:45:80:f1:4c:c7:62:48:52:08:c7:
b2:65:b1:9b:21:52:e9:6d:fa:68:cb:a2:57:b9:ed:e1:9c:cf:
73:9c:c3:84:38:d8:eb:6a:5f:1c:a9:1c:70:64:90:72:4d:4d:
b2:f6:19:4d:38:3d:a2:ef:b5:50:3e:5c:38:5e:79:74:74:6a:
46:ba:dc:49:05:06:3e:f2:f7:f2:16:d5:d3:c8:12:e2:ec:c1:
84:0c:f0:64:ac:52:2e:67:4d:e7:31:b3:87:13:cf:ce:67:55:
cd:a0:43:53:be:37:00:5d:65:c8:0b:91:d6:4d:e8:a9:5b:ad:
a9:3d:38:b9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyroebxk6mqratfatKHFOZMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0YWE0MThhZTc3MGJkYThlZjA1MTZiMWQxYzYzM2E2N2U5
MWYzOGIwHhcNMjYwMzAxMjMwMDQwWhcNMjYwMzAyMjMwMDQwWjAzMTEwLwYDVQQD
Eyg4ZDJhZmE1ODhlYjUyMzE0NGQzMGZmMGNjNzc1ODQ0N2M1ZmI4ZTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxK6yxJ5rCL2I3Tq/dGhY6ZHblI9a
s1Sq/S+jJ7E9VYBbfJe4KI6fZ77cq53Dr0wFw3nlo2WmmhL/XIixTWmcaNkndG8P
igz0oW9JT5IdNzIXrSTawy2GA3FSrg8fUT9xrhZbetfJlthi1iTlUsaYkHPYJZCB
Sqi6jO9KUnGM4b4cFkpst0ObYbb1VXtAoXYatnsfcQQ6Ft80zkqLLCFCdyCqRpe0
KRBTvHYa1kmFn2JvALzTQ2Vkp6QmlNJmfNy2+M8ilH8Ith2Oc6i0z4uZDDs29jCz
P1ePLaxSTtco8W6PxpWnHpakq83IPR9M7wkFXhEsfo4b5sMPWfk6YlU/vwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI0q+liOtSMUTTD/DMd1hEfF+45UMB8GA1UdIwQY
MBaAFJSqQYrncL2o7wUWsdHGM6Z+kfOLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEtwQml1ZHd2YWp2QlJheDBjWXpwbjZSODRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy8wOWUyZjctZTY1MC00ZjM4LWE3NDUt
YzM5NjIwMGZlMGJmLzEvbEtwQml1ZHd2YWp2QlJheDBjWXpwbjZSODRzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy8wOWUyZjctZTY1MC00ZjM4LWE3NDUtYzM5NjIwMGZlMGJm
LzEvbEtwQml1ZHd2YWp2QlJheDBjWXpwbjZSODRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAm4ujUIxe
xdhZpTEWgnDytqQSheCyjQ9AGjqpVD52PK8A8HOutYDddm0qLvaRTIVivod2qhhV
RKblrV8p7ivqZNVes0qXMF0+mBrUcmChLPyicidYod8QXc9dCi0nD0YPA91e+wTq
13B5SvPKkGtXie5gvYVFHrWfE9XnZ3fvYVVmYLd9x7JFgPFMx2JIUgjHsmWxmyFS
6W36aMuiV7nt4ZzPc5zDhDjY62pfHKkccGSQck1NsvYZTTg9ou+1UD5cOF55dHRq
RrrcSQUGPvL38hbV08gS4uzBhAzwZKxSLmdN5zGzhxPPzmdVzaBDU743AF1lyAuR
1k3oqVutqT04uQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 07:40:47 2026 by rpki-client