Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/8d0b05-263f-403a-abf4-238bde0e1ef7/1/lER-sxl6ox5-aEnxavVaslMB-oI.mft
File: lER-sxl6ox5-aEnxavVaslMB-oI.mft (raw, json)
Hash identifier: LQgFSYPtbhDB1/36le2w2ziVCDFpHGJy/2SNzROWWWY=
Subject key identifier: 1A:08:6F:B6:35:3C:1E:A2:70:CD:C2:BB:86:44:1B:A7:9D:E1:F0:CF
Authority key identifier: 94:44:7E:B3:19:7A:A3:1E:7E:68:49:F1:6A:F5:5A:B2:53:01:FA:82
Certificate issuer: /CN=94447eb3197aa31e7e6849f16af55ab25301fa82
Certificate serial: 019D28BBC4812DE34AC550A1DCE3E58C9C55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lER-sxl6ox5-aEnxavVaslMB-oI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/8d0b05-263f-403a-abf4-238bde0e1ef7/1/lER-sxl6ox5-aEnxavVaslMB-oI.mft
Manifest number: 0800
Signing time: Thu 26 Mar 2026 06:01:27 +0000
Manifest this update: Thu 26 Mar 2026 06:01:27 +0000
Manifest next update: Fri 27 Mar 2026 06:01:27 +0000
Files and hashes: 1: DQ38TRCVnXEsSBsusAK4wA5cM7E.roa (hash: LYfpTTUhsNjJzAKWOxzbHYKnI3ctEnoDEml27mltRUs=)
2: lER-sxl6ox5-aEnxavVaslMB-oI.crl (hash: a6lAzj6UMtihvw2K35cUpbcF4ZeNHUpVbo6zsHShLGY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3d/8d0b05-263f-403a-abf4-238bde0e1ef7/1/lER-sxl6ox5-aEnxavVaslMB-oI.crl
rsync://rpki.ripe.net/repository/DEFAULT/3d/8d0b05-263f-403a-abf4-238bde0e1ef7/1/lER-sxl6ox5-aEnxavVaslMB-oI.mft
rsync://rpki.ripe.net/repository/DEFAULT/lER-sxl6ox5-aEnxavVaslMB-oI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 06:01:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:28:bb:c4:81:2d:e3:4a:c5:50:a1:dc:e3:e5:8c:9c:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94447eb3197aa31e7e6849f16af55ab25301fa82
Validity
Not Before: Mar 26 06:01:27 2026 GMT
Not After : Mar 27 06:01:27 2026 GMT
Subject: CN=1a086fb6353c1ea270cdc2bb86441ba79de1f0cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:db:62:43:6c:04:71:ce:01:0c:5a:b5:a6:23:
2a:16:ab:39:73:9d:e9:0a:ed:dd:e2:ff:ae:f2:87:
b0:2a:d3:b0:4b:0f:b5:5f:ed:30:ca:de:42:a8:c2:
c1:ac:46:26:48:88:93:61:1d:02:83:34:80:04:10:
af:52:66:e3:ed:ac:3e:56:b1:bb:e0:20:d4:82:91:
43:3f:f4:14:d2:84:e4:af:3f:b7:9f:4a:4e:9d:77:
8a:22:3b:c6:b6:a6:6b:84:c4:ef:11:67:fc:6c:4d:
c0:c3:14:e2:b3:54:aa:c1:33:1d:5e:49:39:43:af:
52:5d:f5:dc:c6:10:19:29:62:19:53:cc:3c:b7:4e:
75:e6:7b:c8:3a:a8:ce:a5:6b:9d:fb:41:7f:04:5b:
1b:8f:19:f8:17:48:00:9c:f5:38:bc:03:31:16:06:
18:75:0d:2b:48:26:57:02:0c:1e:2d:a4:d6:0b:56:
6b:b1:29:f2:d7:c4:fa:63:27:df:60:58:bc:c9:15:
d3:30:e0:1f:0f:96:ee:bc:3e:73:69:c4:19:e8:70:
df:95:c0:f1:87:5f:69:61:54:08:d1:c5:6d:54:9a:
c8:29:60:18:7b:c1:28:fb:a8:1b:e8:07:b0:59:e6:
ed:f4:84:50:80:23:05:7e:24:d2:ee:de:9d:7c:2a:
ef:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:08:6F:B6:35:3C:1E:A2:70:CD:C2:BB:86:44:1B:A7:9D:E1:F0:CF
X509v3 Authority Key Identifier:
keyid:94:44:7E:B3:19:7A:A3:1E:7E:68:49:F1:6A:F5:5A:B2:53:01:FA:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lER-sxl6ox5-aEnxavVaslMB-oI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/8d0b05-263f-403a-abf4-238bde0e1ef7/1/lER-sxl6ox5-aEnxavVaslMB-oI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/8d0b05-263f-403a-abf4-238bde0e1ef7/1/lER-sxl6ox5-aEnxavVaslMB-oI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
d0:f0:4c:cb:0e:40:79:ea:82:de:4f:f1:6d:c7:b8:aa:5b:c0:
e4:09:dc:83:45:ca:a6:b2:00:77:85:fc:c3:5c:cb:58:ad:7e:
40:b8:1c:3b:dd:16:82:cf:31:0b:36:e9:b7:b0:41:16:97:19:
85:13:1b:dc:5d:b4:0a:b5:24:61:bf:bf:3d:2f:6b:d5:f0:64:
bd:d7:96:e0:0f:bc:84:cd:f3:73:75:b4:37:6b:09:05:92:cd:
be:6d:0d:96:d6:ad:26:db:a2:ba:86:a1:a6:0e:2d:4d:03:8d:
d5:d6:fc:4f:be:43:d1:49:69:9a:58:3e:4d:7f:6c:9d:85:33:
9d:6a:fd:7b:ff:62:20:13:76:f1:d5:f3:bf:1b:98:47:88:b6:
e0:1b:8b:c9:e9:11:30:ca:bd:f4:c7:6d:24:3e:54:ab:7e:6c:
b1:20:03:a0:34:99:eb:72:60:a7:23:7d:2b:da:a2:38:09:a0:
5e:3c:56:c3:b2:2f:ff:86:36:7c:71:39:d4:43:55:de:6d:8a:
33:fa:3e:83:49:41:5c:2f:c3:85:bf:1f:aa:45:f1:b1:6e:c3:
2a:02:fc:3b:bc:8e:5c:89:1a:b0:2d:ca:b6:53:d3:65:36:a3:
7e:3e:46:21:ef:1a:e9:e8:7e:fd:e2:4e:00:51:75:a7:4b:ef:
58:66:17:8d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ou8SBLeNKxVCh3OPljJxVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0NDQ3ZWIzMTk3YWEzMWU3ZTY4NDlmMTZhZjU1YWIyNTMw
MWZhODIwHhcNMjYwMzI2MDYwMTI3WhcNMjYwMzI3MDYwMTI3WjAzMTEwLwYDVQQD
EygxYTA4NmZiNjM1M2MxZWEyNzBjZGMyYmI4NjQ0MWJhNzlkZTFmMGNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs9tiQ2wEcc4BDFq1piMqFqs5c53p
Cu3d4v+u8oewKtOwSw+1X+0wyt5CqMLBrEYmSIiTYR0CgzSABBCvUmbj7aw+VrG7
4CDUgpFDP/QU0oTkrz+3n0pOnXeKIjvGtqZrhMTvEWf8bE3AwxTis1SqwTMdXkk5
Q69SXfXcxhAZKWIZU8w8t0515nvIOqjOpWud+0F/BFsbjxn4F0gAnPU4vAMxFgYY
dQ0rSCZXAgweLaTWC1ZrsSny18T6YyffYFi8yRXTMOAfD5buvD5zacQZ6HDflcDx
h19pYVQI0cVtVJrIKWAYe8Eo+6gb6AewWebt9IRQgCMFfiTS7t6dfCrvpQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBoIb7Y1PB6icM3Cu4ZEG6ed4fDPMB8GA1UdIwQY
MBaAFJREfrMZeqMefmhJ8Wr1WrJTAfqCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEVSLXN4bDZveDUtYUVueGF2VmFzbE1CLW9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC84ZDBiMDUtMjYzZi00MDNhLWFiZjQt
MjM4YmRlMGUxZWY3LzEvbEVSLXN4bDZveDUtYUVueGF2VmFzbE1CLW9JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC84ZDBiMDUtMjYzZi00MDNhLWFiZjQtMjM4YmRlMGUxZWY3
LzEvbEVSLXN4bDZveDUtYUVueGF2VmFzbE1CLW9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA0PBMyw5A
eeqC3k/xbce4qlvA5Ancg0XKprIAd4X8w1zLWK1+QLgcO90Wgs8xCzbpt7BBFpcZ
hRMb3F20CrUkYb+/PS9r1fBkvdeW4A+8hM3zc3W0N2sJBZLNvm0NltatJtuiuoah
pg4tTQON1db8T75D0Ulpmlg+TX9snYUznWr9e/9iIBN28dXzvxuYR4i24BuLyekR
MMq99MdtJD5Uq35ssSADoDSZ63JgpyN9K9qiOAmgXjxWw7Iv/4Y2fHE51ENV3m2K
M/o+g0lBXC/Dhb8fqkXxsW7DKgL8O7yOXIkasC3KtlPTZTajfj5GIe8a6eh+/eJO
AFF1p0vvWGYXjQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 15:01:05 2026 by rpki-client