Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/ef9a4e-790e-4ece-a845-25ccf32739a2/1/lbzyUZp7TPNY-2x4A5pb56GxMFs.mft
File: lbzyUZp7TPNY-2x4A5pb56GxMFs.mft (raw, json)
Hash identifier: 2ApPKGRJYI1IBd5mkHh/C5hZ3njBDXukcQjTDnrhuoQ=
Subject key identifier: 1D:15:A2:1F:C3:B6:7C:E4:41:02:96:F3:7A:FD:33:4C:9E:28:54:51
Authority key identifier: 95:BC:F2:51:9A:7B:4C:F3:58:FB:6C:78:03:9A:5B:E7:A1:B1:30:5B
Certificate issuer: /CN=95bcf2519a7b4cf358fb6c78039a5be7a1b1305b
Certificate serial: 019D27043526A3CAAF3DD4B921FF8A0F21AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lbzyUZp7TPNY-2x4A5pb56GxMFs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/ef9a4e-790e-4ece-a845-25ccf32739a2/1/lbzyUZp7TPNY-2x4A5pb56GxMFs.mft
Manifest number: 075D
Signing time: Wed 25 Mar 2026 22:01:20 +0000
Manifest this update: Wed 25 Mar 2026 22:01:20 +0000
Manifest next update: Thu 26 Mar 2026 22:01:20 +0000
Files and hashes: 1: lbzyUZp7TPNY-2x4A5pb56GxMFs.crl (hash: AeVuehEW9ktvf5Vl9lxsJm231KKysTlog9CXMAKF0UY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d2/ef9a4e-790e-4ece-a845-25ccf32739a2/1/lbzyUZp7TPNY-2x4A5pb56GxMFs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d2/ef9a4e-790e-4ece-a845-25ccf32739a2/1/lbzyUZp7TPNY-2x4A5pb56GxMFs.mft
rsync://rpki.ripe.net/repository/DEFAULT/lbzyUZp7TPNY-2x4A5pb56GxMFs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 22:01:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:27:04:35:26:a3:ca:af:3d:d4:b9:21:ff:8a:0f:21:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=95bcf2519a7b4cf358fb6c78039a5be7a1b1305b
Validity
Not Before: Mar 25 22:01:20 2026 GMT
Not After : Mar 26 22:01:20 2026 GMT
Subject: CN=1d15a21fc3b67ce4410296f37afd334c9e285451
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:2b:94:82:f7:4e:1b:f8:e5:03:46:bc:c5:45:
8f:22:28:39:22:6b:10:a1:f6:8a:50:f3:29:b6:4e:
4f:61:44:84:96:1b:23:14:c7:47:e3:48:79:ca:f9:
67:94:04:d2:86:38:f9:b4:63:92:52:8a:4a:25:ad:
75:09:24:1c:4f:4b:02:a2:ff:b2:0d:5c:a9:a8:cf:
11:ea:d0:46:3d:96:1a:61:2b:50:c1:38:a6:c1:c3:
d2:9d:1f:09:f7:39:3e:ac:93:0a:33:7e:2a:b2:75:
68:b9:29:5b:49:77:21:0c:9f:e6:3f:a5:af:f8:c4:
af:0e:4a:fc:19:de:ec:b2:c8:19:9a:2f:6f:d7:af:
5a:d9:c9:8c:6d:0f:4a:d3:17:de:ef:81:ef:d3:bc:
c6:16:7c:37:f7:66:e9:90:51:b5:83:ac:32:4e:25:
9e:c2:6e:4e:50:8f:31:92:64:1b:b1:f8:84:aa:6c:
f3:7d:02:2f:b9:a1:76:8a:b0:a1:9a:28:cc:fc:aa:
df:99:59:6f:2c:1b:20:12:d7:0b:8a:0e:0a:04:b3:
3a:98:01:b2:40:3e:2a:61:52:ee:ac:35:dd:56:d9:
d7:ef:08:57:84:89:ea:68:b7:a5:ee:8c:f1:74:23:
df:12:67:90:e8:be:88:d0:ae:38:de:84:6b:c3:e1:
a9:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:15:A2:1F:C3:B6:7C:E4:41:02:96:F3:7A:FD:33:4C:9E:28:54:51
X509v3 Authority Key Identifier:
keyid:95:BC:F2:51:9A:7B:4C:F3:58:FB:6C:78:03:9A:5B:E7:A1:B1:30:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lbzyUZp7TPNY-2x4A5pb56GxMFs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/ef9a4e-790e-4ece-a845-25ccf32739a2/1/lbzyUZp7TPNY-2x4A5pb56GxMFs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/ef9a4e-790e-4ece-a845-25ccf32739a2/1/lbzyUZp7TPNY-2x4A5pb56GxMFs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
20:3c:00:16:ad:28:3b:a4:39:aa:e9:b7:9f:f1:81:05:9f:14:
f0:7c:50:30:31:19:7d:a1:5c:13:bc:73:93:63:de:26:07:ee:
aa:c1:e5:82:00:1e:a6:c8:78:ce:08:a5:51:a0:d3:81:b9:2e:
40:31:80:dc:2f:db:65:a3:cc:5f:0f:db:e0:eb:8d:28:05:23:
bd:85:28:b7:48:2b:bc:4a:05:7b:b8:80:12:6a:e6:49:2f:68:
de:90:a9:b2:b1:c9:06:52:40:61:5d:a7:5a:95:27:df:bf:12:
bd:45:68:fc:ef:bd:a4:4e:4c:03:f7:dd:24:ea:60:d7:85:27:
86:83:58:20:ee:2d:08:c3:58:14:44:04:22:13:72:95:6a:9d:
1f:77:87:d9:3e:ee:97:3e:22:90:b3:54:14:75:2e:95:47:e5:
6b:87:4b:5d:b6:7e:23:bd:5f:ee:dc:6d:4e:ee:e5:9c:e7:a3:
69:75:d4:b8:63:0c:74:e4:10:b4:f7:23:58:f2:c8:a3:28:c4:
c1:47:3f:c5:89:bb:7d:07:95:5a:a4:fc:8a:57:71:1b:8a:29:
71:33:68:ab:51:c8:05:b9:95:17:0a:4c:14:b3:de:dc:37:35:
4a:09:f4:ee:eb:d5:34:1a:b8:17:d9:4e:fc:64:57:31:a0:9b:
9b:68:0b:92
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBDUmo8qvPdS5If+KDyGrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1YmNmMjUxOWE3YjRjZjM1OGZiNmM3ODAzOWE1YmU3YTFi
MTMwNWIwHhcNMjYwMzI1MjIwMTIwWhcNMjYwMzI2MjIwMTIwWjAzMTEwLwYDVQQD
EygxZDE1YTIxZmMzYjY3Y2U0NDEwMjk2ZjM3YWZkMzM0YzllMjg1NDUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsSuUgvdOG/jlA0a8xUWPIig5ImsQ
ofaKUPMptk5PYUSElhsjFMdH40h5yvlnlATShjj5tGOSUopKJa11CSQcT0sCov+y
DVypqM8R6tBGPZYaYStQwTimwcPSnR8J9zk+rJMKM34qsnVouSlbSXchDJ/mP6Wv
+MSvDkr8Gd7sssgZmi9v169a2cmMbQ9K0xfe74Hv07zGFnw392bpkFG1g6wyTiWe
wm5OUI8xkmQbsfiEqmzzfQIvuaF2irChmijM/KrfmVlvLBsgEtcLig4KBLM6mAGy
QD4qYVLurDXdVtnX7whXhInqaLel7ozxdCPfEmeQ6L6I0K443oRrw+GpkQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB0Voh/DtnzkQQKW83r9M0yeKFRRMB8GA1UdIwQY
MBaAFJW88lGae0zzWPtseAOaW+ehsTBbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGJ6eVVacDdUUE5ZLTJ4NEE1cGI1Nkd4TUZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi9lZjlhNGUtNzkwZS00ZWNlLWE4NDUt
MjVjY2YzMjczOWEyLzEvbGJ6eVVacDdUUE5ZLTJ4NEE1cGI1Nkd4TUZzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi9lZjlhNGUtNzkwZS00ZWNlLWE4NDUtMjVjY2YzMjczOWEy
LzEvbGJ6eVVacDdUUE5ZLTJ4NEE1cGI1Nkd4TUZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIDwAFq0o
O6Q5qum3n/GBBZ8U8HxQMDEZfaFcE7xzk2PeJgfuqsHlggAepsh4zgilUaDTgbku
QDGA3C/bZaPMXw/b4OuNKAUjvYUot0grvEoFe7iAEmrmSS9o3pCpsrHJBlJAYV2n
WpUn378SvUVo/O+9pE5MA/fdJOpg14UnhoNYIO4tCMNYFEQEIhNylWqdH3eH2T7u
lz4ikLNUFHUulUfla4dLXbZ+I71f7txtTu7lnOejaXXUuGMMdOQQtPcjWPLIoyjE
wUc/xYm7fQeVWqT8ildxG4opcTNoq1HIBbmVFwpMFLPe3Dc1Sgn07uvVNBq4F9lO
/GRXMaCbm2gLkg==
-----END CERTIFICATE-----
Generated at Thu Mar 26 09:52:10 2026 by rpki-client