Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/4be2d7-9a42-4578-8b8b-90ae6d0c9b33/1/LzJSB9XO4OzqmeRwJFNAe1ZMOco.mft
File: LzJSB9XO4OzqmeRwJFNAe1ZMOco.mft (raw, json)
Hash identifier: 66U2UZl0mV14DDLxhHI4XA0t1vwLHhXtc4RtS4Hcdak=
Subject key identifier: 14:73:70:A4:22:22:2B:6A:16:30:5D:2F:07:37:60:46:66:53:72:1E
Authority key identifier: 2F:32:52:07:D5:CE:E0:EC:EA:99:E4:70:24:53:40:7B:56:4C:39:CA
Certificate issuer: /CN=2f325207d5cee0ecea99e4702453407b564c39ca
Certificate serial: 019D2704E0A29AF194B9EEFBAEF9B08688D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LzJSB9XO4OzqmeRwJFNAe1ZMOco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/4be2d7-9a42-4578-8b8b-90ae6d0c9b33/1/LzJSB9XO4OzqmeRwJFNAe1ZMOco.mft
Manifest number: 1882
Signing time: Wed 25 Mar 2026 22:02:04 +0000
Manifest this update: Wed 25 Mar 2026 22:02:04 +0000
Manifest next update: Thu 26 Mar 2026 22:02:04 +0000
Files and hashes: 1: LzJSB9XO4OzqmeRwJFNAe1ZMOco.crl (hash: k46objZxLqqtBIif8m/N0WhlXFQkNZpp2iBNfiQexFM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a9/4be2d7-9a42-4578-8b8b-90ae6d0c9b33/1/LzJSB9XO4OzqmeRwJFNAe1ZMOco.crl
rsync://rpki.ripe.net/repository/DEFAULT/a9/4be2d7-9a42-4578-8b8b-90ae6d0c9b33/1/LzJSB9XO4OzqmeRwJFNAe1ZMOco.mft
rsync://rpki.ripe.net/repository/DEFAULT/LzJSB9XO4OzqmeRwJFNAe1ZMOco.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:27:04:e0:a2:9a:f1:94:b9:ee:fb:ae:f9:b0:86:88:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f325207d5cee0ecea99e4702453407b564c39ca
Validity
Not Before: Mar 25 22:02:04 2026 GMT
Not After : Mar 26 22:02:04 2026 GMT
Subject: CN=147370a422222b6a16305d2f073760466653721e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:01:46:49:33:3c:ff:1a:2d:cc:f7:a1:17:28:
69:2a:98:53:a8:37:59:29:14:e2:da:f7:e0:c7:d1:
ee:8c:a8:61:e2:43:15:03:da:db:2f:ee:b1:65:1f:
e4:b7:97:cb:02:44:b4:2c:2f:f2:c6:32:ff:ae:6a:
d2:ba:de:bd:cc:cf:c8:b9:d5:f0:36:9b:ae:b6:dd:
45:5b:a1:4b:0e:88:f4:33:36:b8:5c:2f:8d:06:1f:
2d:ce:a7:7c:5c:67:29:47:d5:fc:c0:c5:c8:ea:ef:
e2:32:bc:8d:60:bc:ae:44:62:3a:20:33:73:47:b8:
3e:24:c0:62:8a:79:de:74:28:96:b2:b3:97:88:03:
5c:ea:82:d3:1c:36:ff:ec:b9:f9:4f:62:f1:aa:50:
39:e4:e9:3f:24:aa:a9:01:aa:1f:42:07:1a:09:53:
ab:92:cb:a3:b9:38:bd:d8:68:9b:23:a7:d1:04:fe:
fa:96:b8:80:d5:c8:fc:02:e5:93:04:19:ff:ff:ee:
8f:61:ac:4f:66:e7:93:92:d0:cc:7d:94:bc:ad:ba:
2d:90:d0:92:23:4c:e9:3f:cb:a5:94:bf:72:ca:53:
c6:ad:75:68:21:a8:fb:0e:cf:b2:02:0a:71:be:02:
76:fc:91:1d:d5:52:6c:32:6d:04:5d:86:f9:4b:92:
28:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:73:70:A4:22:22:2B:6A:16:30:5D:2F:07:37:60:46:66:53:72:1E
X509v3 Authority Key Identifier:
keyid:2F:32:52:07:D5:CE:E0:EC:EA:99:E4:70:24:53:40:7B:56:4C:39:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LzJSB9XO4OzqmeRwJFNAe1ZMOco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/4be2d7-9a42-4578-8b8b-90ae6d0c9b33/1/LzJSB9XO4OzqmeRwJFNAe1ZMOco.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/4be2d7-9a42-4578-8b8b-90ae6d0c9b33/1/LzJSB9XO4OzqmeRwJFNAe1ZMOco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8a:52:68:f9:31:61:40:c5:60:bb:44:5c:c3:67:e0:20:27:a3:
0d:d7:17:75:99:1d:99:16:cc:40:27:29:74:c3:ff:a5:e3:87:
f8:cf:f2:dd:b4:0c:f6:d8:39:05:1b:29:e0:41:35:70:e6:f5:
fc:21:66:e8:ea:99:dd:5c:69:09:f7:3d:a6:be:2c:48:fd:f2:
a9:b4:22:41:d0:cd:64:fe:82:89:64:a7:0d:2d:0e:18:59:a7:
cb:0a:51:54:f2:d7:98:1f:aa:43:99:32:85:2b:b6:60:73:69:
d7:84:6f:69:70:67:26:e6:c6:0c:25:21:6a:af:b0:35:1b:ee:
32:fa:42:a6:d5:4e:26:8b:91:b9:e6:10:87:de:0b:fc:40:ce:
6a:19:b9:c7:39:bc:50:c6:19:3b:a5:3d:b2:fb:a8:9f:22:b4:
e2:3c:e8:da:a5:13:e9:e2:4f:39:19:52:fc:94:df:a5:65:e0:
59:e1:bc:ec:22:bb:61:e0:a5:75:b8:d9:f2:c7:22:8f:56:d9:
75:e9:14:55:1f:fc:cc:6a:73:af:33:43:cd:95:1e:34:c5:54:
0e:0f:91:35:8a:20:a3:ae:8f:3e:c2:5b:8f:83:c8:0f:a2:20:
4b:8c:bb:de:ad:61:0d:8f:7b:bd:93:a9:78:0b:04:3a:88:58:
e6:03:0d:42
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBOCimvGUue77rvmwhojSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmMzI1MjA3ZDVjZWUwZWNlYTk5ZTQ3MDI0NTM0MDdiNTY0
YzM5Y2EwHhcNMjYwMzI1MjIwMjA0WhcNMjYwMzI2MjIwMjA0WjAzMTEwLwYDVQQD
EygxNDczNzBhNDIyMjIyYjZhMTYzMDVkMmYwNzM3NjA0NjY2NTM3MjFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2wFGSTM8/xotzPehFyhpKphTqDdZ
KRTi2vfgx9HujKhh4kMVA9rbL+6xZR/kt5fLAkS0LC/yxjL/rmrSut69zM/IudXw
Npuutt1FW6FLDoj0Mza4XC+NBh8tzqd8XGcpR9X8wMXI6u/iMryNYLyuRGI6IDNz
R7g+JMBiinnedCiWsrOXiANc6oLTHDb/7Ln5T2LxqlA55Ok/JKqpAaofQgcaCVOr
ksujuTi92GibI6fRBP76lriA1cj8AuWTBBn//+6PYaxPZueTktDMfZS8rbotkNCS
I0zpP8ullL9yylPGrXVoIaj7Ds+yAgpxvgJ2/JEd1VJsMm0EXYb5S5Io1wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBRzcKQiIitqFjBdLwc3YEZmU3IeMB8GA1UdIwQY
MBaAFC8yUgfVzuDs6pnkcCRTQHtWTDnKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHpKU0I5WE80T3pxbWVSd0pGTkFlMVpNT2NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS80YmUyZDctOWE0Mi00NTc4LThiOGIt
OTBhZTZkMGM5YjMzLzEvTHpKU0I5WE80T3pxbWVSd0pGTkFlMVpNT2NvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS80YmUyZDctOWE0Mi00NTc4LThiOGItOTBhZTZkMGM5YjMz
LzEvTHpKU0I5WE80T3pxbWVSd0pGTkFlMVpNT2NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAilJo+TFh
QMVgu0Rcw2fgICejDdcXdZkdmRbMQCcpdMP/peOH+M/y3bQM9tg5BRsp4EE1cOb1
/CFm6OqZ3VxpCfc9pr4sSP3yqbQiQdDNZP6CiWSnDS0OGFmnywpRVPLXmB+qQ5ky
hSu2YHNp14RvaXBnJubGDCUhaq+wNRvuMvpCptVOJouRueYQh94L/EDOahm5xzm8
UMYZO6U9svuonyK04jzo2qUT6eJPORlS/JTfpWXgWeG87CK7YeCldbjZ8scij1bZ
dekUVR/8zGpzrzNDzZUeNMVUDg+RNYogo66PPsJbj4PID6IgS4y73q1hDY97vZOp
eAsEOohY5gMNQg==
-----END CERTIFICATE-----
Generated at Thu Mar 26 02:11:29 2026 by rpki-client