Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/97fb0d-d77f-4467-8627-e222bf8529b8/1/lRTfn9w6CxKMIO6MBmKMQ8lYu_A.mft
File: lRTfn9w6CxKMIO6MBmKMQ8lYu_A.mft (raw, json)
Hash identifier: jOueCnsEHuY6nSNm7aFGiBFTYg2/T+NqGqO/Bip78YU=
Subject key identifier: 49:B2:CC:5E:B8:9E:91:90:A8:7E:56:DB:37:D2:65:87:99:D7:1E:53
Authority key identifier: 95:14:DF:9F:DC:3A:0B:12:8C:20:EE:8C:06:62:8C:43:C9:58:BB:F0
Certificate issuer: /CN=9514df9fdc3a0b128c20ee8c06628c43c958bbf0
Certificate serial: 019D2704BF0CF62BC7FF264F1139263A8740
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lRTfn9w6CxKMIO6MBmKMQ8lYu_A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/97fb0d-d77f-4467-8627-e222bf8529b8/1/lRTfn9w6CxKMIO6MBmKMQ8lYu_A.mft
Manifest number: 0970
Signing time: Wed 25 Mar 2026 22:01:55 +0000
Manifest this update: Wed 25 Mar 2026 22:01:55 +0000
Manifest next update: Thu 26 Mar 2026 22:01:55 +0000
Files and hashes: 1: 2-4ZrGQpT0KhwdAqEtwr7VvBLF4.roa (hash: ZZxmDsOTlkFKhz+gwa9Ymw4vgOjq/wRy+P8gUBbGFBY=)
2: CNW3k6cV5qMFfGeO7DCzp4az4dk.roa (hash: eEtgT8pDcDhVSbny7WGDB2FnSEmCUTl8gLtOm3YCkbI=)
3: lRTfn9w6CxKMIO6MBmKMQ8lYu_A.crl (hash: 1G05k34/RkBTVrjm93kxFI2OJ/DLHUkvsXdisPfsbmw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8b/97fb0d-d77f-4467-8627-e222bf8529b8/1/lRTfn9w6CxKMIO6MBmKMQ8lYu_A.crl
rsync://rpki.ripe.net/repository/DEFAULT/8b/97fb0d-d77f-4467-8627-e222bf8529b8/1/lRTfn9w6CxKMIO6MBmKMQ8lYu_A.mft
rsync://rpki.ripe.net/repository/DEFAULT/lRTfn9w6CxKMIO6MBmKMQ8lYu_A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 22:01:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:27:04:bf:0c:f6:2b:c7:ff:26:4f:11:39:26:3a:87:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9514df9fdc3a0b128c20ee8c06628c43c958bbf0
Validity
Not Before: Mar 25 22:01:55 2026 GMT
Not After : Mar 26 22:01:55 2026 GMT
Subject: CN=49b2cc5eb89e9190a87e56db37d2658799d71e53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:04:82:19:4a:69:b4:f9:ec:b0:57:79:89:f2:
a9:97:85:a7:88:f3:a7:7c:fc:80:9a:cf:56:49:66:
89:71:f6:55:a0:ed:d2:a5:0d:50:76:3f:bb:98:3c:
7e:2e:53:0f:95:16:0f:b9:f3:4b:70:5b:e8:37:53:
4d:dc:4a:bc:76:f1:c4:d5:74:9d:12:b5:87:52:74:
14:28:21:5f:00:79:de:25:89:3c:f7:6a:a2:68:be:
bc:8a:d1:e2:94:62:37:56:72:0f:1b:19:70:02:13:
a9:f2:df:56:7b:9b:63:ea:54:a5:60:11:5d:76:d9:
7b:b8:b6:a3:68:a1:3c:49:92:16:c4:d5:78:71:e5:
98:7d:79:a2:56:d9:6c:34:34:1a:36:b1:75:32:84:
49:2c:ff:04:63:c5:28:d5:ea:48:c0:a0:e1:a3:f3:
29:89:06:fc:aa:60:07:df:31:81:b4:1b:10:f9:29:
4e:ed:0b:84:64:55:35:4a:6b:ea:2c:dc:ce:5d:52:
ec:88:ab:55:77:38:15:86:68:67:00:ea:20:cb:98:
a0:37:d2:69:9a:2c:19:dc:48:85:c4:e3:eb:39:b0:
b6:10:9c:cd:b8:ce:a3:3c:b0:c0:3b:87:05:d5:a6:
23:2c:af:43:0b:94:f8:39:38:75:d8:c7:fb:b3:41:
ce:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:B2:CC:5E:B8:9E:91:90:A8:7E:56:DB:37:D2:65:87:99:D7:1E:53
X509v3 Authority Key Identifier:
keyid:95:14:DF:9F:DC:3A:0B:12:8C:20:EE:8C:06:62:8C:43:C9:58:BB:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lRTfn9w6CxKMIO6MBmKMQ8lYu_A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/97fb0d-d77f-4467-8627-e222bf8529b8/1/lRTfn9w6CxKMIO6MBmKMQ8lYu_A.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/97fb0d-d77f-4467-8627-e222bf8529b8/1/lRTfn9w6CxKMIO6MBmKMQ8lYu_A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0b:ff:a0:e1:db:2d:fe:c8:36:86:45:5b:ef:31:12:5d:5a:5e:
00:43:9d:73:02:b5:61:96:2d:03:ed:22:44:67:7c:f9:c4:e8:
d4:17:32:55:48:bf:bb:89:e0:6e:d1:58:92:6d:f4:80:c2:35:
50:58:19:de:24:49:9f:ca:f2:0e:b6:bc:20:6c:9f:09:60:a7:
21:ac:77:3d:68:3f:cd:36:6e:5d:0e:24:e5:cb:d3:f6:d7:31:
30:80:9e:a4:82:75:36:55:2d:14:38:a5:11:63:d0:4c:e9:56:
98:91:54:08:3f:49:bb:59:4b:9b:b5:02:06:41:92:1f:9a:4b:
90:97:32:e3:17:0d:e9:a1:37:8c:b0:8b:d5:41:ca:3c:4e:e5:
72:a7:69:ed:d0:a8:86:d4:08:ab:b8:ea:f0:c6:b9:ab:03:c4:
99:c4:80:7e:b0:01:eb:53:ef:5d:44:cf:36:d3:75:9a:6c:cc:
24:d0:62:3e:0b:e6:8b:ad:fd:28:2d:aa:17:b9:df:cc:56:4d:
0d:34:00:43:45:8e:5e:44:b6:64:ed:44:2e:bb:02:66:c9:1b:
ac:5e:ea:b2:76:7f:6a:18:34:8f:13:06:27:c6:ec:91:f8:3f:
55:39:55:e1:ee:fc:2c:cf:5e:e6:e8:25:3b:ea:93:ac:00:1a:
3b:06:a0:cd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBL8M9ivH/yZPETkmOodAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1MTRkZjlmZGMzYTBiMTI4YzIwZWU4YzA2NjI4YzQzYzk1
OGJiZjAwHhcNMjYwMzI1MjIwMTU1WhcNMjYwMzI2MjIwMTU1WjAzMTEwLwYDVQQD
Eyg0OWIyY2M1ZWI4OWU5MTkwYTg3ZTU2ZGIzN2QyNjU4Nzk5ZDcxZTUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArQSCGUpptPnssFd5ifKpl4WniPOn
fPyAms9WSWaJcfZVoO3SpQ1Qdj+7mDx+LlMPlRYPufNLcFvoN1NN3Eq8dvHE1XSd
ErWHUnQUKCFfAHneJYk892qiaL68itHilGI3VnIPGxlwAhOp8t9We5tj6lSlYBFd
dtl7uLajaKE8SZIWxNV4ceWYfXmiVtlsNDQaNrF1MoRJLP8EY8Uo1epIwKDho/Mp
iQb8qmAH3zGBtBsQ+SlO7QuEZFU1SmvqLNzOXVLsiKtVdzgVhmhnAOogy5igN9Jp
miwZ3EiFxOPrObC2EJzNuM6jPLDAO4cF1aYjLK9DC5T4OTh12Mf7s0HOswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEmyzF64npGQqH5W2zfSZYeZ1x5TMB8GA1UdIwQY
MBaAFJUU35/cOgsSjCDujAZijEPJWLvwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFJUZm45dzZDeEtNSU82TUJtS01ROGxZdV9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi85N2ZiMGQtZDc3Zi00NDY3LTg2Mjct
ZTIyMmJmODUyOWI4LzEvbFJUZm45dzZDeEtNSU82TUJtS01ROGxZdV9BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi85N2ZiMGQtZDc3Zi00NDY3LTg2MjctZTIyMmJmODUyOWI4
LzEvbFJUZm45dzZDeEtNSU82TUJtS01ROGxZdV9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAC/+g4dst
/sg2hkVb7zESXVpeAEOdcwK1YZYtA+0iRGd8+cTo1BcyVUi/u4ngbtFYkm30gMI1
UFgZ3iRJn8ryDra8IGyfCWCnIax3PWg/zTZuXQ4k5cvT9tcxMICepIJ1NlUtFDil
EWPQTOlWmJFUCD9Ju1lLm7UCBkGSH5pLkJcy4xcN6aE3jLCL1UHKPE7lcqdp7dCo
htQIq7jq8Ma5qwPEmcSAfrAB61PvXUTPNtN1mmzMJNBiPgvmi639KC2qF7nfzFZN
DTQAQ0WOXkS2ZO1ELrsCZskbrF7qsnZ/ahg0jxMGJ8bskfg/VTlV4e78LM9e5ugl
O+qTrAAaOwagzQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 06:58:59 2026 by rpki-client