Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/fdd688-3e23-46f4-a073-35b0c96524fa/1/lMhsmzXXghFrLNhYOifOtAO49ho.mft
File: lMhsmzXXghFrLNhYOifOtAO49ho.mft (raw, json)
Hash identifier: +HpqC9pVWFAVwbGcsDRgEWuUZz51SnwKWbL2c/oGi5E=
Subject key identifier: EF:5F:47:F2:F5:D3:60:05:F5:25:F2:4F:DF:3B:BC:FB:91:31:FC:25
Authority key identifier: 94:C8:6C:9B:35:D7:82:11:6B:2C:D8:58:3A:27:CE:B4:03:B8:F6:1A
Certificate issuer: /CN=94c86c9b35d782116b2cd8583a27ceb403b8f61a
Certificate serial: 019D25BA80667A3B1C5028BA5AC2D15AE8B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lMhsmzXXghFrLNhYOifOtAO49ho.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/fdd688-3e23-46f4-a073-35b0c96524fa/1/lMhsmzXXghFrLNhYOifOtAO49ho.mft
Manifest number: 1886
Signing time: Wed 25 Mar 2026 16:01:12 +0000
Manifest this update: Wed 25 Mar 2026 16:01:12 +0000
Manifest next update: Thu 26 Mar 2026 16:01:12 +0000
Files and hashes: 1: lMhsmzXXghFrLNhYOifOtAO49ho.crl (hash: 1qY897QFir1Gnoj/y7+KP4+WkGKzoc64HEi+8/aglvk=)
2: tz4P9nF3Ei3wUS8VYP6Gfwtlguc.roa (hash: WI+TvaMT1Y9cC04iUl0U1l9xEwrwqSAkBoEDvp55Sj0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/fdd688-3e23-46f4-a073-35b0c96524fa/1/lMhsmzXXghFrLNhYOifOtAO49ho.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/fdd688-3e23-46f4-a073-35b0c96524fa/1/lMhsmzXXghFrLNhYOifOtAO49ho.mft
rsync://rpki.ripe.net/repository/DEFAULT/lMhsmzXXghFrLNhYOifOtAO49ho.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:25:ba:80:66:7a:3b:1c:50:28:ba:5a:c2:d1:5a:e8:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94c86c9b35d782116b2cd8583a27ceb403b8f61a
Validity
Not Before: Mar 25 16:01:12 2026 GMT
Not After : Mar 26 16:01:12 2026 GMT
Subject: CN=ef5f47f2f5d36005f525f24fdf3bbcfb9131fc25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:83:3b:96:f9:32:ff:28:01:3f:d6:22:ab:99:
ad:00:71:6a:5f:02:48:be:61:c3:b4:06:9f:87:3a:
b0:be:e4:d8:8a:39:7b:6c:df:0c:de:61:47:ed:45:
37:be:92:1d:03:20:e4:83:01:54:b6:99:ab:54:18:
c0:3d:bc:14:ee:73:7b:78:b5:88:c9:44:e3:5d:00:
13:52:58:28:41:ae:9e:13:f5:c8:8a:11:60:cb:29:
15:55:99:2e:72:61:da:34:40:b8:b8:7f:20:85:82:
03:a7:af:dd:0e:0a:f0:da:15:3a:2a:e9:c7:8f:4e:
90:63:bf:b4:8d:3d:38:78:c4:84:79:b2:22:61:6a:
45:7d:33:b9:bb:6a:65:b4:77:5a:25:90:2a:1a:ce:
05:ca:af:c0:f8:75:c2:01:7e:05:63:fd:c9:81:3e:
85:48:3a:b5:0b:33:fc:7f:bf:2d:72:3f:2d:9b:9b:
86:35:d7:3a:39:cd:d1:03:21:b7:4f:a5:06:a4:b9:
e6:04:9f:00:f8:c4:89:f0:60:e4:d7:19:70:84:2f:
5d:8f:78:60:5a:8d:7c:13:44:8f:fd:c3:e0:7c:5b:
05:ed:a1:ab:2d:6d:04:c9:20:ba:43:69:b0:d5:fc:
b9:4d:88:55:ba:b6:d6:0c:e5:be:b1:2a:44:d3:d3:
10:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:5F:47:F2:F5:D3:60:05:F5:25:F2:4F:DF:3B:BC:FB:91:31:FC:25
X509v3 Authority Key Identifier:
keyid:94:C8:6C:9B:35:D7:82:11:6B:2C:D8:58:3A:27:CE:B4:03:B8:F6:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lMhsmzXXghFrLNhYOifOtAO49ho.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/fdd688-3e23-46f4-a073-35b0c96524fa/1/lMhsmzXXghFrLNhYOifOtAO49ho.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/fdd688-3e23-46f4-a073-35b0c96524fa/1/lMhsmzXXghFrLNhYOifOtAO49ho.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
e0:54:71:42:8d:d5:b8:cc:9b:64:9f:5a:72:94:fd:ab:7d:50:
44:22:65:c3:e2:6b:11:24:67:0c:07:6f:5c:2e:65:e0:aa:17:
f8:21:c9:57:3d:db:37:20:47:cf:78:2f:4f:c6:7d:e9:1b:fd:
98:01:b0:9f:2a:fc:9e:ac:f8:6d:f6:e8:b0:ef:0e:cf:07:c3:
ef:25:45:08:3a:d1:6f:02:0c:20:34:21:56:25:4e:7e:ba:33:
71:e0:be:ee:57:a2:95:31:4b:e6:b3:42:75:a3:8f:1c:a4:97:
d3:4f:6c:b4:ca:d4:e4:c7:8b:d8:4a:92:9a:cc:20:cd:b2:4f:
49:57:31:71:fc:a3:bb:bc:4d:cb:03:73:86:a7:79:01:6a:84:
1b:02:ea:a2:f1:d1:33:d1:14:b5:f0:3d:0c:5b:9b:04:64:55:
37:b8:95:4f:12:d2:0e:ee:c7:6d:21:0c:fc:44:44:6f:78:a5:
e9:51:c5:f0:27:93:dd:70:80:33:fb:bb:8c:3e:a5:ef:4b:a6:
1f:87:a8:36:56:5a:f1:04:58:fb:5d:2b:4a:b9:47:f1:6e:12:
52:d1:5a:3d:56:f2:b6:4c:7e:11:b9:07:3e:3a:46:c5:68:b1:
5b:41:f9:ed:df:f0:be:cd:c7:ff:a0:5d:2b:91:3d:2a:0e:c4:
31:2c:cd:e6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0luoBmejscUCi6WsLRWui2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0Yzg2YzliMzVkNzgyMTE2YjJjZDg1ODNhMjdjZWI0MDNi
OGY2MWEwHhcNMjYwMzI1MTYwMTEyWhcNMjYwMzI2MTYwMTEyWjAzMTEwLwYDVQQD
EyhlZjVmNDdmMmY1ZDM2MDA1ZjUyNWYyNGZkZjNiYmNmYjkxMzFmYzI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuIM7lvky/ygBP9Yiq5mtAHFqXwJI
vmHDtAafhzqwvuTYijl7bN8M3mFH7UU3vpIdAyDkgwFUtpmrVBjAPbwU7nN7eLWI
yUTjXQATUlgoQa6eE/XIihFgyykVVZkucmHaNEC4uH8ghYIDp6/dDgrw2hU6KunH
j06QY7+0jT04eMSEebIiYWpFfTO5u2pltHdaJZAqGs4Fyq/A+HXCAX4FY/3JgT6F
SDq1CzP8f78tcj8tm5uGNdc6Oc3RAyG3T6UGpLnmBJ8A+MSJ8GDk1xlwhC9dj3hg
Wo18E0SP/cPgfFsF7aGrLW0EySC6Q2mw1fy5TYhVurbWDOW+sSpE09MQDwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO9fR/L102AF9SXyT987vPuRMfwlMB8GA1UdIwQY
MBaAFJTIbJs114IRayzYWDonzrQDuPYaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbE1oc216WFhnaEZyTE5oWU9pZk90QU80OWhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9mZGQ2ODgtM2UyMy00NmY0LWEwNzMt
MzViMGM5NjUyNGZhLzEvbE1oc216WFhnaEZyTE5oWU9pZk90QU80OWhvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9mZGQ2ODgtM2UyMy00NmY0LWEwNzMtMzViMGM5NjUyNGZh
LzEvbE1oc216WFhnaEZyTE5oWU9pZk90QU80OWhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA4FRxQo3V
uMybZJ9acpT9q31QRCJlw+JrESRnDAdvXC5l4KoX+CHJVz3bNyBHz3gvT8Z96Rv9
mAGwnyr8nqz4bfbosO8OzwfD7yVFCDrRbwIMIDQhViVOfrozceC+7leilTFL5rNC
daOPHKSX009stMrU5MeL2EqSmswgzbJPSVcxcfyju7xNywNzhqd5AWqEGwLqovHR
M9EUtfA9DFubBGRVN7iVTxLSDu7HbSEM/EREb3il6VHF8CeT3XCAM/u7jD6l70um
H4eoNlZa8QRY+10rSrlH8W4SUtFaPVbytkx+EbkHPjpGxWixW0H57d/wvs3H/6Bd
K5E9Kg7EMSzN5g==
-----END CERTIFICATE-----
Generated at Thu Mar 26 02:10:42 2026 by rpki-client