Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/5557fc-7653-40a9-99c3-7ea9905c3fbd/1/lhzPqdAsvwWWDjovkHmFnM1urW0.mft
File: lhzPqdAsvwWWDjovkHmFnM1urW0.mft (raw, json)
Hash identifier: sRnOtpHAHJClTxyVMcsriTTiLkVudkdBtgThHqVWD1w=
Subject key identifier: A6:96:B5:D1:46:C4:D8:3F:63:42:E0:2D:F1:CB:1E:8E:3B:7C:D2:BD
Authority key identifier: 96:1C:CF:A9:D0:2C:BF:05:96:0E:3A:2F:90:79:85:9C:CD:6E:AD:6D
Certificate issuer: /CN=961ccfa9d02cbf05960e3a2f9079859ccd6ead6d
Certificate serial: 019D27A89441C713CDAFCE9DED0A0AEEBFE0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lhzPqdAsvwWWDjovkHmFnM1urW0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/5557fc-7653-40a9-99c3-7ea9905c3fbd/1/lhzPqdAsvwWWDjovkHmFnM1urW0.mft
Manifest number: 1888
Signing time: Thu 26 Mar 2026 01:00:52 +0000
Manifest this update: Thu 26 Mar 2026 01:00:52 +0000
Manifest next update: Fri 27 Mar 2026 01:00:52 +0000
Files and hashes: 1: lhzPqdAsvwWWDjovkHmFnM1urW0.crl (hash: is3fwTBR186QVfHkoGPhUTCKVk6nLBWb26bR73eB4Pc=)
2: w0kB1zEMHJSO_FqxY-PIC1zhJaM.roa (hash: Jo7kfxvYvl4YezCWXB8JTsC1u0CS/mCRNmsNeTUMvRs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/5557fc-7653-40a9-99c3-7ea9905c3fbd/1/lhzPqdAsvwWWDjovkHmFnM1urW0.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/5557fc-7653-40a9-99c3-7ea9905c3fbd/1/lhzPqdAsvwWWDjovkHmFnM1urW0.mft
rsync://rpki.ripe.net/repository/DEFAULT/lhzPqdAsvwWWDjovkHmFnM1urW0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:27:a8:94:41:c7:13:cd:af:ce:9d:ed:0a:0a:ee:bf:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=961ccfa9d02cbf05960e3a2f9079859ccd6ead6d
Validity
Not Before: Mar 26 01:00:52 2026 GMT
Not After : Mar 27 01:00:52 2026 GMT
Subject: CN=a696b5d146c4d83f6342e02df1cb1e8e3b7cd2bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:bd:14:50:8b:84:ed:e3:8b:6c:58:00:9f:5a:
57:57:99:83:cf:71:a5:d0:e7:fb:df:a1:5c:70:ae:
bf:cb:c2:1f:7b:d5:9a:55:a2:3a:64:b0:0f:da:31:
de:5d:a9:de:a4:f2:b5:61:ed:bb:69:b8:7c:aa:d7:
34:84:14:1f:61:d9:e7:8e:87:2b:cf:df:9e:94:7e:
0d:a5:80:42:14:08:b4:3e:14:04:28:b1:1c:99:52:
0b:2a:71:60:82:1c:99:c8:bf:97:85:10:52:df:89:
58:fb:d7:07:4b:c6:2c:ed:16:91:8a:50:39:fa:3f:
19:bd:25:f7:73:95:33:5e:06:9b:aa:1e:7a:f1:c1:
33:dc:55:bb:37:32:83:f3:d4:54:e0:08:2c:08:d1:
8f:25:d8:55:8c:ac:5b:40:0a:8a:e0:1a:08:fe:69:
ec:0e:d6:88:26:21:aa:76:96:3d:be:35:3e:ae:ec:
c1:94:5d:6f:3c:e7:bf:c3:53:65:c2:fb:12:bd:2b:
15:81:c5:f7:df:38:a3:01:12:d4:a8:fe:74:fc:6c:
72:f5:6e:2b:6b:a6:ea:e7:2d:51:2c:87:37:18:50:
d4:9a:89:9c:c0:25:81:ba:ca:34:5d:a5:bd:d9:e7:
89:06:c2:b7:da:51:44:8a:e3:1c:43:c9:4c:bc:58:
20:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:96:B5:D1:46:C4:D8:3F:63:42:E0:2D:F1:CB:1E:8E:3B:7C:D2:BD
X509v3 Authority Key Identifier:
keyid:96:1C:CF:A9:D0:2C:BF:05:96:0E:3A:2F:90:79:85:9C:CD:6E:AD:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lhzPqdAsvwWWDjovkHmFnM1urW0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/5557fc-7653-40a9-99c3-7ea9905c3fbd/1/lhzPqdAsvwWWDjovkHmFnM1urW0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/5557fc-7653-40a9-99c3-7ea9905c3fbd/1/lhzPqdAsvwWWDjovkHmFnM1urW0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
24:95:8e:48:e7:96:40:0f:1b:a1:84:78:28:c6:19:2b:4c:0a:
b6:4e:80:81:c7:5a:e1:a8:d0:09:41:eb:b4:10:06:9b:e4:98:
e1:f0:05:04:84:c9:96:7a:12:5f:47:54:b5:ab:26:4f:0f:7e:
4c:d5:84:7e:50:94:f4:7f:e4:7f:6f:a7:8e:0b:ed:b1:1e:f4:
d4:ab:07:b0:bb:a4:89:a6:c3:13:fd:fe:9d:c3:f8:45:2f:f0:
45:ee:e4:83:16:c7:83:e5:03:f2:bb:68:f8:a2:83:4c:de:e5:
d4:63:e2:da:9a:2c:48:30:86:45:24:28:2a:28:8d:49:b3:0c:
61:26:c5:bc:08:00:bb:84:83:fb:49:d1:03:53:5e:1f:c0:33:
ec:64:bb:0f:e9:0e:0a:1e:c0:ac:d0:f2:8f:87:2e:9a:07:f2:
96:7d:1f:26:a0:7b:6e:3d:ae:bb:63:1a:2c:01:5b:14:68:3f:
e4:29:6e:52:3d:56:b2:7c:ba:6d:97:2f:f9:e0:5b:78:e8:a0:
38:f8:70:50:ca:e2:ce:8b:d0:6e:85:0b:d7:f8:65:dd:b3:68:
30:0c:a1:70:6b:90:d7:71:58:18:4a:97:39:a1:c2:87:d7:9c:
b9:33:ba:77:a8:6b:86:7a:6c:22:99:52:4a:e2:1a:fe:28:74:
47:95:7e:7b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nqJRBxxPNr86d7QoK7r/gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2MWNjZmE5ZDAyY2JmMDU5NjBlM2EyZjkwNzk4NTljY2Q2
ZWFkNmQwHhcNMjYwMzI2MDEwMDUyWhcNMjYwMzI3MDEwMDUyWjAzMTEwLwYDVQQD
EyhhNjk2YjVkMTQ2YzRkODNmNjM0MmUwMmRmMWNiMWU4ZTNiN2NkMmJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8L0UUIuE7eOLbFgAn1pXV5mDz3Gl
0Of736FccK6/y8Ife9WaVaI6ZLAP2jHeXanepPK1Ye27abh8qtc0hBQfYdnnjocr
z9+elH4NpYBCFAi0PhQEKLEcmVILKnFgghyZyL+XhRBS34lY+9cHS8Ys7RaRilA5
+j8ZvSX3c5UzXgabqh568cEz3FW7NzKD89RU4AgsCNGPJdhVjKxbQAqK4BoI/mns
DtaIJiGqdpY9vjU+ruzBlF1vPOe/w1NlwvsSvSsVgcX33zijARLUqP50/Gxy9W4r
a6bq5y1RLIc3GFDUmomcwCWBuso0XaW92eeJBsK32lFEiuMcQ8lMvFggCQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKaWtdFGxNg/Y0LgLfHLHo47fNK9MB8GA1UdIwQY
MBaAFJYcz6nQLL8Flg46L5B5hZzNbq1tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGh6UHFkQXN2d1dXRGpvdmtIbUZuTTF1clcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi81NTU3ZmMtNzY1My00MGE5LTk5YzMt
N2VhOTkwNWMzZmJkLzEvbGh6UHFkQXN2d1dXRGpvdmtIbUZuTTF1clcwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi81NTU3ZmMtNzY1My00MGE5LTk5YzMtN2VhOTkwNWMzZmJk
LzEvbGh6UHFkQXN2d1dXRGpvdmtIbUZuTTF1clcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJJWOSOeW
QA8boYR4KMYZK0wKtk6Agcda4ajQCUHrtBAGm+SY4fAFBITJlnoSX0dUtasmTw9+
TNWEflCU9H/kf2+njgvtsR701KsHsLukiabDE/3+ncP4RS/wRe7kgxbHg+UD8rto
+KKDTN7l1GPi2posSDCGRSQoKiiNSbMMYSbFvAgAu4SD+0nRA1NeH8Az7GS7D+kO
Ch7ArNDyj4cumgfyln0fJqB7bj2uu2MaLAFbFGg/5CluUj1Wsny6bZcv+eBbeOig
OPhwUMrizovQboUL1/hl3bNoMAyhcGuQ13FYGEqXOaHCh9ecuTO6d6hrhnpsIplS
SuIa/ih0R5V+ew==
-----END CERTIFICATE-----
Generated at Thu Mar 26 11:38:06 2026 by rpki-client