Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/a1ae75-2d6b-4cc6-acef-dce6d6909247/1/lAoQolZyjxGku6rcMgS38KNaUAA.mft
File: lAoQolZyjxGku6rcMgS38KNaUAA.mft (raw, json)
Hash identifier: gklTjwxChu1JNsbsIhuqE7YpoM61d29KZVqmvvROZXQ=
Subject key identifier: 40:38:AC:6A:72:CC:29:9D:4E:53:3E:14:0C:88:A1:D4:91:EB:CF:D0
Authority key identifier: 94:0A:10:A2:56:72:8F:11:A4:BB:AA:DC:32:04:B7:F0:A3:5A:50:00
Certificate issuer: /CN=940a10a256728f11a4bbaadc3204b7f0a35a5000
Certificate serial: 019D284D7BBA7ED8B99639253AC0FAE16AD6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lAoQolZyjxGku6rcMgS38KNaUAA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/a1ae75-2d6b-4cc6-acef-dce6d6909247/1/lAoQolZyjxGku6rcMgS38KNaUAA.mft
Manifest number: 1898
Signing time: Thu 26 Mar 2026 04:00:59 +0000
Manifest this update: Thu 26 Mar 2026 04:00:59 +0000
Manifest next update: Fri 27 Mar 2026 04:00:59 +0000
Files and hashes: 1: 1-zEgOYWTHaiqMcDqGEot8D9hfIE.roa (hash: jVaMeN32gu4WLb8RXEU7QtT8NJ8As10+YaSSTQDJyMM=)
2: 77UuERyh3Z3AUcULCIiJEdc-fQo.roa (hash: DnHBthnf/STbIAi1O3tZFh2P5fMOYtzdif9FPjsRkXU=)
3: I74vLo5CklRsbzCPNYnKrvIvLj4.roa (hash: ylSWG2wfgpUMhcZpBHxBahFVE1pyuX6ebVuzOtGSKVo=)
4: OA8Bk3tPUiZSmiAzbm0eBXa4nuE.roa (hash: oWNPNPjgcKmmhmYQ0/KR/N+7+UQanOVovcIMTSyV2uo=)
5: hYxTxK4AHKTY1TwSA43oGaIbwvI.roa (hash: pXMygWt3Q3zIvm4RuMnURnfNgvmTHNGm+Wsjn0P2p18=)
6: lAoQolZyjxGku6rcMgS38KNaUAA.crl (hash: 3qbqs9t6xJg+ZhAX37OwTeqP7l9nDG9qhMlLJm1aKHA=)
7: nS-qR-87gGJ6pBf2l7_HCJOIeHM.roa (hash: uHfPOVPyEDve9s1ba9V4RroyQ1/pD8S/mdaAMdEB9is=)
8: pxTDDl8HD6hZo5qJKIkeKUT3PHY.roa (hash: FICr2xp4vd+7n3rWeWvKoKoWXhNvU50pS0gZxwPllVU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c1/a1ae75-2d6b-4cc6-acef-dce6d6909247/1/lAoQolZyjxGku6rcMgS38KNaUAA.crl
rsync://rpki.ripe.net/repository/DEFAULT/c1/a1ae75-2d6b-4cc6-acef-dce6d6909247/1/lAoQolZyjxGku6rcMgS38KNaUAA.mft
rsync://rpki.ripe.net/repository/DEFAULT/lAoQolZyjxGku6rcMgS38KNaUAA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:28:4d:7b:ba:7e:d8:b9:96:39:25:3a:c0:fa:e1:6a:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=940a10a256728f11a4bbaadc3204b7f0a35a5000
Validity
Not Before: Mar 26 04:00:59 2026 GMT
Not After : Mar 27 04:00:59 2026 GMT
Subject: CN=4038ac6a72cc299d4e533e140c88a1d491ebcfd0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:76:bd:85:96:a3:2f:09:34:92:e3:96:f6:6c:
aa:b7:5c:5a:87:55:ce:6e:43:c9:25:56:52:1d:a5:
54:19:c5:c9:8c:32:6e:33:a7:f3:a8:b4:18:0a:82:
28:07:7e:8c:b7:7f:3f:25:7d:a7:bc:45:77:08:f2:
f9:72:25:cf:48:1a:3e:e0:5c:d5:43:df:3f:26:92:
67:9e:4c:b6:5e:1c:df:70:83:80:73:2c:49:bd:51:
b4:ce:d9:71:e4:5d:16:cf:22:68:52:72:00:c5:b1:
15:7a:88:81:c9:69:68:e0:7a:d8:e4:4d:cc:9a:c8:
c8:cf:bd:f7:89:fe:5f:fd:2b:28:a3:0c:59:f5:87:
48:95:41:2a:5b:bd:19:6e:26:8c:78:2b:42:bc:e9:
b1:87:15:a2:df:53:3c:6d:ab:de:b7:2b:f9:cf:01:
01:f8:98:b4:5c:93:74:1f:26:8d:29:55:f0:a0:d1:
6e:f5:db:ca:0b:63:0e:c8:27:c3:00:e2:57:46:78:
51:30:51:fc:c3:eb:79:76:fa:45:5b:bb:b5:74:4c:
7f:d0:05:a1:13:fb:89:00:56:f0:82:f9:d0:79:6a:
65:4e:32:aa:66:a8:7b:cc:3f:d7:7c:c7:f5:88:0a:
10:d1:76:b2:a5:ee:c0:5d:6a:da:67:cf:b6:5e:61:
99:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:38:AC:6A:72:CC:29:9D:4E:53:3E:14:0C:88:A1:D4:91:EB:CF:D0
X509v3 Authority Key Identifier:
keyid:94:0A:10:A2:56:72:8F:11:A4:BB:AA:DC:32:04:B7:F0:A3:5A:50:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lAoQolZyjxGku6rcMgS38KNaUAA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/a1ae75-2d6b-4cc6-acef-dce6d6909247/1/lAoQolZyjxGku6rcMgS38KNaUAA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/a1ae75-2d6b-4cc6-acef-dce6d6909247/1/lAoQolZyjxGku6rcMgS38KNaUAA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
c4:e1:5f:4b:ce:e9:f2:09:81:98:db:db:c9:cf:6a:d9:23:1c:
75:09:73:8d:8c:ca:cb:3b:69:2f:09:08:56:fc:75:d4:64:66:
cd:db:a4:0f:0b:7b:bf:56:d8:b8:4a:4a:49:a0:e1:42:ee:94:
47:72:06:2e:ee:09:9b:92:9c:1d:e3:bc:3d:18:75:1f:07:b6:
66:4c:7c:6a:cc:50:58:ae:61:8a:5c:2c:e0:ff:28:19:c4:a4:
4e:de:21:13:1e:e2:f0:e7:10:34:22:b3:a7:f2:e6:e4:04:c3:
c7:f5:6f:cb:85:91:60:2b:81:ae:38:e8:0f:af:72:c9:46:76:
5c:76:59:83:df:0b:30:35:19:71:1c:04:b5:86:7e:03:f4:2c:
71:38:4a:e8:80:60:3a:24:96:09:b8:c3:b7:c5:fc:40:27:90:
94:60:83:be:28:a9:1d:26:a7:ff:9c:67:3b:d5:06:b9:54:b3:
1f:36:2c:96:b5:c7:39:a1:f1:7e:af:74:df:54:ef:a7:c7:ff:
09:dc:c1:fa:ff:fd:4c:3c:03:24:88:6d:aa:80:2c:df:ba:0e:
ef:fc:fa:7b:d2:99:eb:16:03:e0:2e:9f:a9:81:0e:d9:87:ea:
43:25:b7:73:a8:85:60:bf:f0:7f:58:75:d3:a5:c3:f7:4d:59:
e2:08:d6:96
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0oTXu6fti5ljklOsD64WrWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0MGExMGEyNTY3MjhmMTFhNGJiYWFkYzMyMDRiN2YwYTM1
YTUwMDAwHhcNMjYwMzI2MDQwMDU5WhcNMjYwMzI3MDQwMDU5WjAzMTEwLwYDVQQD
Eyg0MDM4YWM2YTcyY2MyOTlkNGU1MzNlMTQwYzg4YTFkNDkxZWJjZmQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAona9hZajLwk0kuOW9myqt1xah1XO
bkPJJVZSHaVUGcXJjDJuM6fzqLQYCoIoB36Mt38/JX2nvEV3CPL5ciXPSBo+4FzV
Q98/JpJnnky2XhzfcIOAcyxJvVG0ztlx5F0WzyJoUnIAxbEVeoiByWlo4HrY5E3M
msjIz733if5f/SsoowxZ9YdIlUEqW70ZbiaMeCtCvOmxhxWi31M8bavetyv5zwEB
+Ji0XJN0HyaNKVXwoNFu9dvKC2MOyCfDAOJXRnhRMFH8w+t5dvpFW7u1dEx/0AWh
E/uJAFbwgvnQeWplTjKqZqh7zD/XfMf1iAoQ0Xaype7AXWraZ8+2XmGZpwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEA4rGpyzCmdTlM+FAyIodSR68/QMB8GA1UdIwQY
MBaAFJQKEKJWco8RpLuq3DIEt/CjWlAAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEFvUW9sWnlqeEdrdTZyY01nUzM4S05hVUFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS9hMWFlNzUtMmQ2Yi00Y2M2LWFjZWYt
ZGNlNmQ2OTA5MjQ3LzEvbEFvUW9sWnlqeEdrdTZyY01nUzM4S05hVUFBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS9hMWFlNzUtMmQ2Yi00Y2M2LWFjZWYtZGNlNmQ2OTA5MjQ3
LzEvbEFvUW9sWnlqeEdrdTZyY01nUzM4S05hVUFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxOFfS87p
8gmBmNvbyc9q2SMcdQlzjYzKyztpLwkIVvx11GRmzdukDwt7v1bYuEpKSaDhQu6U
R3IGLu4Jm5KcHeO8PRh1Hwe2Zkx8asxQWK5hilws4P8oGcSkTt4hEx7i8OcQNCKz
p/Lm5ATDx/Vvy4WRYCuBrjjoD69yyUZ2XHZZg98LMDUZcRwEtYZ+A/QscThK6IBg
OiSWCbjDt8X8QCeQlGCDviipHSan/5xnO9UGuVSzHzYslrXHOaHxfq9031Tvp8f/
CdzB+v/9TDwDJIhtqoAs37oO7/z6e9KZ6xYD4C6fqYEO2YfqQyW3c6iFYL/wf1h1
06XD901Z4gjWlg==
-----END CERTIFICATE-----
Generated at Thu Mar 26 07:49:23 2026 by rpki-client