Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/31fa99-c853-4d02-b53d-d250e45b1620/1/lywzrtjvsmnTdEgT0oxTYJLnzzg.mft
File: lywzrtjvsmnTdEgT0oxTYJLnzzg.mft (raw, json)
Hash identifier: 72w1fTH780oNMLHksK5kpJCHnmeD+Gi59efpOe0ymJ0=
Subject key identifier: 66:1F:15:82:41:7C:DE:B4:BB:17:A5:00:00:23:2B:CD:40:53:E3:5E
Authority key identifier: 97:2C:33:AE:D8:EF:B2:69:D3:74:48:13:D2:8C:53:60:92:E7:CF:38
Certificate issuer: /CN=972c33aed8efb269d3744813d28c536092e7cf38
Certificate serial: 019CAAFCFCDA3690D9D2A91610A736850566
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lywzrtjvsmnTdEgT0oxTYJLnzzg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/31fa99-c853-4d02-b53d-d250e45b1620/1/lywzrtjvsmnTdEgT0oxTYJLnzzg.mft
Manifest number: 0E17
Signing time: Sun 01 Mar 2026 20:00:32 +0000
Manifest this update: Sun 01 Mar 2026 20:00:32 +0000
Manifest next update: Mon 02 Mar 2026 20:00:32 +0000
Files and hashes: 1: lywzrtjvsmnTdEgT0oxTYJLnzzg.crl (hash: +WBzDS4uf+6T56GHx/bLzFQt+iM/HmomTtNjioM60kQ=)
2: qyXjUdsyD8Ul_eSPbkKBBLkd-QY.roa (hash: K5SK7KsksSiQa/QO/NP+4NIGvbz4hbAkl2e3OiIRMxk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ac/31fa99-c853-4d02-b53d-d250e45b1620/1/lywzrtjvsmnTdEgT0oxTYJLnzzg.crl
rsync://rpki.ripe.net/repository/DEFAULT/ac/31fa99-c853-4d02-b53d-d250e45b1620/1/lywzrtjvsmnTdEgT0oxTYJLnzzg.mft
rsync://rpki.ripe.net/repository/DEFAULT/lywzrtjvsmnTdEgT0oxTYJLnzzg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:aa:fc:fc:da:36:90:d9:d2:a9:16:10:a7:36:85:05:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=972c33aed8efb269d3744813d28c536092e7cf38
Validity
Not Before: Mar 1 20:00:32 2026 GMT
Not After : Mar 2 20:00:32 2026 GMT
Subject: CN=661f1582417cdeb4bb17a50000232bcd4053e35e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:3e:64:99:ba:67:d5:5f:54:c0:5c:82:3f:1b:
d1:8f:bb:70:ae:a0:71:5c:3c:2b:8c:0c:9c:f9:df:
d0:4b:35:9a:f5:d2:f3:57:25:c8:58:75:5e:4d:1e:
b6:6a:00:fb:8a:d1:e9:ea:ce:be:f2:cc:25:f3:20:
11:bc:f4:91:99:54:e3:cb:da:bb:2a:11:4e:d9:00:
24:29:9c:e8:f8:4b:a2:e9:a4:65:94:21:25:88:38:
e9:d8:89:e1:a2:9c:3a:16:e2:02:e1:f7:9f:ce:e2:
bd:29:56:d2:9f:57:82:44:1a:70:3c:96:a2:57:7b:
3f:8a:a4:3d:bc:2f:91:06:0e:71:33:f2:3d:67:b2:
d5:fe:57:d8:84:df:11:b7:a1:05:cf:4f:da:82:72:
3e:f3:56:d3:fe:8c:1a:b8:52:8b:08:fa:d8:7d:58:
3f:2a:4c:c0:46:72:15:af:6a:a7:7c:e3:b6:26:be:
4e:d0:29:9f:85:79:5f:c2:33:ac:4d:c3:1e:4a:3c:
53:8f:58:2a:79:fd:8c:94:aa:88:1a:92:01:a9:77:
04:8d:e9:a8:bd:9d:6f:ef:77:07:e3:da:b2:58:eb:
31:61:bc:31:82:85:6d:83:32:04:c3:f0:c9:e7:77:
fd:19:0d:57:db:e1:35:cb:84:ca:81:2e:13:1e:df:
57:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:1F:15:82:41:7C:DE:B4:BB:17:A5:00:00:23:2B:CD:40:53:E3:5E
X509v3 Authority Key Identifier:
keyid:97:2C:33:AE:D8:EF:B2:69:D3:74:48:13:D2:8C:53:60:92:E7:CF:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lywzrtjvsmnTdEgT0oxTYJLnzzg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/31fa99-c853-4d02-b53d-d250e45b1620/1/lywzrtjvsmnTdEgT0oxTYJLnzzg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/31fa99-c853-4d02-b53d-d250e45b1620/1/lywzrtjvsmnTdEgT0oxTYJLnzzg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
90:26:e7:c2:99:e7:63:f6:33:e3:8e:dd:69:bf:b2:75:c0:79:
0f:e1:72:fc:64:5a:1d:c7:bf:7c:ea:4a:80:5a:35:a3:67:85:
75:61:07:38:1d:d9:d3:e3:ff:2c:d3:23:b0:5c:be:84:a2:ea:
2f:51:15:a6:88:91:fa:64:e5:81:59:97:ab:2f:d6:8e:30:4d:
a8:9c:0d:da:2b:23:f1:e4:81:36:54:1f:a3:34:11:c7:63:48:
78:fc:65:86:26:7a:10:26:39:55:f5:a3:7e:e6:7f:4c:70:ac:
1b:28:cf:c2:27:51:58:a5:74:ba:ee:49:8c:1c:a1:59:66:f1:
e9:92:a3:83:5a:d7:81:a0:be:46:26:1b:6d:47:5e:78:12:ad:
40:ab:c7:69:0b:9e:9e:98:76:83:4e:6e:cb:d8:27:85:1b:1a:
7f:07:0e:e3:66:01:c9:a8:34:93:4b:b4:92:1c:6f:73:42:68:
39:ff:ca:e7:9d:31:38:c1:2f:cc:69:9f:fe:86:01:16:14:17:
8a:79:cc:89:e7:53:d4:2a:92:7b:95:67:b3:31:07:a0:4d:e2:
62:f9:89:2b:7d:bc:b1:21:08:1c:d7:99:23:c6:a1:a4:63:08:
88:12:93:68:dd:68:e5:c6:5f:29:80:ce:53:84:c6:3a:37:30:
dc:14:fb:b9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyq/PzaNpDZ0qkWEKc2hQVmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3MmMzM2FlZDhlZmIyNjlkMzc0NDgxM2QyOGM1MzYwOTJl
N2NmMzgwHhcNMjYwMzAxMjAwMDMyWhcNMjYwMzAyMjAwMDMyWjAzMTEwLwYDVQQD
Eyg2NjFmMTU4MjQxN2NkZWI0YmIxN2E1MDAwMDIzMmJjZDQwNTNlMzVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvD5kmbpn1V9UwFyCPxvRj7twrqBx
XDwrjAyc+d/QSzWa9dLzVyXIWHVeTR62agD7itHp6s6+8swl8yARvPSRmVTjy9q7
KhFO2QAkKZzo+Eui6aRllCEliDjp2Inhopw6FuIC4fefzuK9KVbSn1eCRBpwPJai
V3s/iqQ9vC+RBg5xM/I9Z7LV/lfYhN8Rt6EFz0/agnI+81bT/owauFKLCPrYfVg/
KkzARnIVr2qnfOO2Jr5O0CmfhXlfwjOsTcMeSjxTj1gqef2MlKqIGpIBqXcEjemo
vZ1v73cH49qyWOsxYbwxgoVtgzIEw/DJ53f9GQ1X2+E1y4TKgS4THt9XvwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGYfFYJBfN60uxelAAAjK81AU+NeMB8GA1UdIwQY
MBaAFJcsM67Y77Jp03RIE9KMU2CS5884MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHl3enJ0anZzbW5UZEVnVDBveFRZSkxuenpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy8zMWZhOTktYzg1My00ZDAyLWI1M2Qt
ZDI1MGU0NWIxNjIwLzEvbHl3enJ0anZzbW5UZEVnVDBveFRZSkxuenpnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy8zMWZhOTktYzg1My00ZDAyLWI1M2QtZDI1MGU0NWIxNjIw
LzEvbHl3enJ0anZzbW5UZEVnVDBveFRZSkxuenpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkCbnwpnn
Y/Yz447dab+ydcB5D+Fy/GRaHce/fOpKgFo1o2eFdWEHOB3Z0+P/LNMjsFy+hKLq
L1EVpoiR+mTlgVmXqy/WjjBNqJwN2isj8eSBNlQfozQRx2NIePxlhiZ6ECY5VfWj
fuZ/THCsGyjPwidRWKV0uu5JjByhWWbx6ZKjg1rXgaC+RiYbbUdeeBKtQKvHaQue
nph2g05uy9gnhRsafwcO42YByag0k0u0khxvc0JoOf/K550xOMEvzGmf/oYBFhQX
innMiedT1CqSe5VnszEHoE3iYvmJK328sSEIHNeZI8ahpGMIiBKTaN1o5cZfKYDO
U4TGOjcw3BT7uQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 02:07:34 2026 by rpki-client