Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/1974ee-408f-4120-8f19-fa2f0d54b1d1/1/lQ8oTPXDnybd0jUufyrfeo3GD44.mft
File: lQ8oTPXDnybd0jUufyrfeo3GD44.mft (raw, json)
Hash identifier: mJk8TwJImzPxzl2xmr1R9onYx5/q5oxrUg10jUSw5hk=
Subject key identifier: E4:29:05:CD:2B:C1:9B:CE:E7:C8:6F:7D:03:F9:DE:18:08:81:26:37
Authority key identifier: 95:0F:28:4C:F5:C3:9F:26:DD:D2:35:2E:7F:2A:DF:7A:8D:C6:0F:8E
Certificate issuer: /CN=950f284cf5c39f26ddd2352e7f2adf7a8dc60f8e
Certificate serial: 019CAA583E0F0A848BACB8511DE696D60147
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lQ8oTPXDnybd0jUufyrfeo3GD44.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/1974ee-408f-4120-8f19-fa2f0d54b1d1/1/lQ8oTPXDnybd0jUufyrfeo3GD44.mft
Manifest number: 0E41
Signing time: Sun 01 Mar 2026 17:00:35 +0000
Manifest this update: Sun 01 Mar 2026 17:00:35 +0000
Manifest next update: Mon 02 Mar 2026 17:00:35 +0000
Files and hashes: 1: lQ8oTPXDnybd0jUufyrfeo3GD44.crl (hash: rtX4vWz+rzqh3fwMv4OxkCsOQzjP6IVSkCN8DYPbSSg=)
2: yB6M8ezFHQHag23503sXzkmX4yQ.roa (hash: epvHA2OWGmIXHjeNZ2bPshcPm5dCsn8VP6Fq2wrQdO0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/1974ee-408f-4120-8f19-fa2f0d54b1d1/1/lQ8oTPXDnybd0jUufyrfeo3GD44.crl
rsync://rpki.ripe.net/repository/DEFAULT/b0/1974ee-408f-4120-8f19-fa2f0d54b1d1/1/lQ8oTPXDnybd0jUufyrfeo3GD44.mft
rsync://rpki.ripe.net/repository/DEFAULT/lQ8oTPXDnybd0jUufyrfeo3GD44.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:aa:58:3e:0f:0a:84:8b:ac:b8:51:1d:e6:96:d6:01:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=950f284cf5c39f26ddd2352e7f2adf7a8dc60f8e
Validity
Not Before: Mar 1 17:00:35 2026 GMT
Not After : Mar 2 17:00:35 2026 GMT
Subject: CN=e42905cd2bc19bcee7c86f7d03f9de1808812637
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:1a:bf:3e:55:bd:5a:8c:11:2f:28:c7:e6:79:
eb:e8:c6:96:f4:c6:10:94:22:33:45:d6:ff:3d:a6:
5b:46:19:72:41:ae:7c:37:63:f9:62:14:a6:7c:b8:
bc:63:66:ab:9b:ed:ea:66:88:bf:01:de:6f:30:3f:
8d:d2:68:86:2e:95:7e:39:00:72:fc:31:bc:ba:4d:
f5:a2:98:fb:d8:bf:53:f0:63:a4:44:7a:c3:53:cf:
8d:64:a1:19:08:8a:c9:6e:49:69:49:86:e8:3a:75:
69:88:3b:5d:c7:40:a6:33:77:3c:a7:af:59:7c:c7:
79:47:38:03:3e:3b:f5:75:0a:c0:2b:99:98:b2:e7:
52:69:b9:cd:dd:84:8c:dd:4b:89:10:f6:39:38:94:
cc:4b:69:dd:ab:cb:7a:d1:59:76:6d:b0:10:c3:f0:
9f:e7:53:ed:2f:8d:96:29:a7:e7:df:a1:b9:aa:74:
3a:59:d4:34:62:da:f9:27:ce:db:aa:f7:70:f9:d7:
86:f9:c0:10:be:28:dc:e7:e6:9f:16:ca:61:c6:eb:
3e:4f:d4:e9:26:9e:da:de:19:4c:57:a3:d1:d5:34:
ac:37:16:a3:d3:d8:c9:97:be:b9:5d:56:b0:d8:05:
fc:79:22:11:fb:38:d1:fc:e4:6f:d8:39:b2:9f:09:
2b:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:29:05:CD:2B:C1:9B:CE:E7:C8:6F:7D:03:F9:DE:18:08:81:26:37
X509v3 Authority Key Identifier:
keyid:95:0F:28:4C:F5:C3:9F:26:DD:D2:35:2E:7F:2A:DF:7A:8D:C6:0F:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lQ8oTPXDnybd0jUufyrfeo3GD44.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/1974ee-408f-4120-8f19-fa2f0d54b1d1/1/lQ8oTPXDnybd0jUufyrfeo3GD44.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/1974ee-408f-4120-8f19-fa2f0d54b1d1/1/lQ8oTPXDnybd0jUufyrfeo3GD44.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5e:40:ef:64:13:c2:ae:b5:fb:69:47:16:47:b7:46:28:dd:25:
cd:b5:a4:46:19:62:0a:2c:2e:f3:d9:a0:44:78:a2:3e:a8:1f:
6e:d9:bb:82:73:b1:f0:c3:95:e9:a7:7f:53:69:31:dd:c2:8b:
cf:87:68:78:d7:b4:b6:1e:78:cd:99:b8:16:4c:32:c3:3b:04:
1a:07:05:27:2a:17:3b:df:e9:c1:30:63:52:20:d9:a9:bd:c2:
f4:a3:03:22:80:1c:76:c3:d1:f2:f8:96:7e:d7:d4:19:70:b5:
24:dd:07:5a:94:1c:64:24:45:c0:1b:1b:1c:40:f6:43:e6:af:
f8:da:eb:77:9b:d1:21:d1:8e:12:49:9c:74:22:1c:89:2b:23:
d2:26:8d:e9:8c:ce:d3:10:3e:37:7f:90:53:41:4f:a7:0d:b7:
75:5e:f7:12:29:63:d0:c3:c4:63:a8:1e:82:62:02:f5:05:83:
82:2a:a3:bd:3c:f8:23:a6:c6:a3:6c:87:68:31:3b:f1:86:f2:
dc:24:1c:8b:7e:b8:37:c5:e7:eb:7e:2b:d0:c3:b6:ff:ac:b0:
ce:0c:37:42:87:60:bb:f4:ca:44:76:50:66:67:90:d4:9a:f9:
0c:db:49:b0:b6:e0:5f:bc:47:58:84:40:f5:85:55:ac:f5:9f:
e1:0b:82:22
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqWD4PCoSLrLhRHeaW1gFHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1MGYyODRjZjVjMzlmMjZkZGQyMzUyZTdmMmFkZjdhOGRj
NjBmOGUwHhcNMjYwMzAxMTcwMDM1WhcNMjYwMzAyMTcwMDM1WjAzMTEwLwYDVQQD
EyhlNDI5MDVjZDJiYzE5YmNlZTdjODZmN2QwM2Y5ZGUxODA4ODEyNjM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtBq/PlW9WowRLyjH5nnr6MaW9MYQ
lCIzRdb/PaZbRhlyQa58N2P5YhSmfLi8Y2arm+3qZoi/Ad5vMD+N0miGLpV+OQBy
/DG8uk31opj72L9T8GOkRHrDU8+NZKEZCIrJbklpSYboOnVpiDtdx0CmM3c8p69Z
fMd5RzgDPjv1dQrAK5mYsudSabnN3YSM3UuJEPY5OJTMS2ndq8t60Vl2bbAQw/Cf
51PtL42WKafn36G5qnQ6WdQ0Ytr5J87bqvdw+deG+cAQvijc5+afFsphxus+T9Tp
Jp7a3hlMV6PR1TSsNxaj09jJl765XVaw2AX8eSIR+zjR/ORv2DmynwkrCwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOQpBc0rwZvO58hvfQP53hgIgSY3MB8GA1UdIwQY
MBaAFJUPKEz1w58m3dI1Ln8q33qNxg+OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFE4b1RQWERueWJkMGpVdWZ5cmZlbzNHRDQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC8xOTc0ZWUtNDA4Zi00MTIwLThmMTkt
ZmEyZjBkNTRiMWQxLzEvbFE4b1RQWERueWJkMGpVdWZ5cmZlbzNHRDQ0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC8xOTc0ZWUtNDA4Zi00MTIwLThmMTktZmEyZjBkNTRiMWQx
LzEvbFE4b1RQWERueWJkMGpVdWZ5cmZlbzNHRDQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXkDvZBPC
rrX7aUcWR7dGKN0lzbWkRhliCiwu89mgRHiiPqgfbtm7gnOx8MOV6ad/U2kx3cKL
z4doeNe0th54zZm4FkwywzsEGgcFJyoXO9/pwTBjUiDZqb3C9KMDIoAcdsPR8viW
ftfUGXC1JN0HWpQcZCRFwBsbHED2Q+av+Nrrd5vRIdGOEkmcdCIciSsj0iaN6YzO
0xA+N3+QU0FPpw23dV73Eilj0MPEY6gegmIC9QWDgiqjvTz4I6bGo2yHaDE78Yby
3CQci364N8Xn634r0MO2/6ywzgw3Qodgu/TKRHZQZmeQ1Jr5DNtJsLbgX7xHWIRA
9YVVrPWf4QuCIg==
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:43:52 2026 by rpki-client