Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/d27ad0-55c2-4904-a8c5-ace180ff9b19/1/lRibFY2NYBG6X5YlLTAmanDT4GY.mft
File: lRibFY2NYBG6X5YlLTAmanDT4GY.mft (raw, json)
Hash identifier: cdsCxPwR1JKwYEcKerLSs7+7Gzw5JUeXX57+UnMrkg4=
Subject key identifier: 2D:5F:8E:42:C4:D0:60:FF:03:85:A7:E3:D1:26:F2:C9:DA:F4:50:0A
Authority key identifier: 95:18:9B:15:8D:8D:60:11:BA:5F:96:25:2D:30:26:6A:70:D3:E0:66
Certificate issuer: /CN=95189b158d8d6011ba5f96252d30266a70d3e066
Certificate serial: 019D296172D8495AFA07B6F2F44EFBA5C4F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lRibFY2NYBG6X5YlLTAmanDT4GY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/d27ad0-55c2-4904-a8c5-ace180ff9b19/1/lRibFY2NYBG6X5YlLTAmanDT4GY.mft
Manifest number: 1888
Signing time: Thu 26 Mar 2026 09:02:25 +0000
Manifest this update: Thu 26 Mar 2026 09:02:25 +0000
Manifest next update: Fri 27 Mar 2026 09:02:25 +0000
Files and hashes: 1: RZP_EJvUPRy8N5V44f-ykW1wgg8.roa (hash: LUUspyCZgfPy/9PXdd/3xbh9XNVlKFlsig4SSBadF24=)
2: lRibFY2NYBG6X5YlLTAmanDT4GY.crl (hash: 4qesMMmkkrTsmQOdJImEbKfEbKkQA3fA/qJz25FTUs0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/d27ad0-55c2-4904-a8c5-ace180ff9b19/1/lRibFY2NYBG6X5YlLTAmanDT4GY.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/d27ad0-55c2-4904-a8c5-ace180ff9b19/1/lRibFY2NYBG6X5YlLTAmanDT4GY.mft
rsync://rpki.ripe.net/repository/DEFAULT/lRibFY2NYBG6X5YlLTAmanDT4GY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:29:61:72:d8:49:5a:fa:07:b6:f2:f4:4e:fb:a5:c4:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=95189b158d8d6011ba5f96252d30266a70d3e066
Validity
Not Before: Mar 26 09:02:25 2026 GMT
Not After : Mar 27 09:02:25 2026 GMT
Subject: CN=2d5f8e42c4d060ff0385a7e3d126f2c9daf4500a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:02:98:6b:32:b3:30:f4:b5:b3:f1:65:43:2e:
8f:38:16:7f:b0:d6:10:a5:b2:8c:bd:22:88:d4:99:
ff:2b:35:ee:4f:41:99:d9:b8:8c:fd:a8:46:c1:4e:
75:23:66:82:3e:6a:ba:d9:62:41:22:0a:32:0b:54:
e2:76:9d:52:f4:65:2d:e2:73:bf:0b:f2:c2:d3:69:
4f:00:a0:e7:11:54:ab:65:a2:91:46:6e:1a:f9:f8:
21:b8:ff:8f:21:11:11:fc:2a:69:bf:6f:52:37:89:
6a:9a:9a:4b:a6:6e:06:f8:43:f2:17:3f:d7:e2:80:
c0:02:27:0a:af:79:cf:bb:60:74:8f:2b:fe:58:a8:
f3:77:e0:c2:d5:76:7f:e1:40:94:3c:ec:b1:48:a6:
60:8b:29:c9:fc:b0:05:d9:6c:40:93:2b:e5:8d:05:
93:9d:fe:2d:37:36:cd:db:52:37:fe:f3:c3:9f:39:
45:0d:21:94:28:25:8b:0f:4f:46:ee:d5:1e:ec:a5:
2e:c2:b5:7a:a3:42:54:50:a3:1c:39:e1:4b:dd:29:
c6:d8:ed:6b:9d:0c:5a:dc:3f:fc:12:18:10:8a:22:
58:84:c1:55:e0:90:34:51:a4:54:99:7b:2d:1a:c3:
00:39:44:32:69:f7:f7:98:76:76:3b:98:ae:e5:0d:
81:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:5F:8E:42:C4:D0:60:FF:03:85:A7:E3:D1:26:F2:C9:DA:F4:50:0A
X509v3 Authority Key Identifier:
keyid:95:18:9B:15:8D:8D:60:11:BA:5F:96:25:2D:30:26:6A:70:D3:E0:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lRibFY2NYBG6X5YlLTAmanDT4GY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/d27ad0-55c2-4904-a8c5-ace180ff9b19/1/lRibFY2NYBG6X5YlLTAmanDT4GY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/d27ad0-55c2-4904-a8c5-ace180ff9b19/1/lRibFY2NYBG6X5YlLTAmanDT4GY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
58:84:ae:cf:14:70:f4:84:4a:4f:41:97:b4:81:0c:b3:21:9b:
97:08:a9:2a:9b:01:04:91:84:65:6e:6c:8d:44:73:a0:e5:59:
06:32:a6:21:74:3c:4e:81:5b:f5:0f:6a:44:47:c6:be:93:55:
4d:af:19:5f:53:2e:5f:87:6c:16:8c:45:5c:b1:4b:6d:38:ba:
63:f1:25:33:d2:0d:31:ea:21:7b:0e:16:ee:e1:74:d5:f5:df:
59:4e:21:bb:d6:5c:28:b0:d3:d7:e3:33:14:f8:c8:ce:10:f3:
96:4b:f8:40:16:46:04:ee:91:69:82:b2:5f:49:e0:06:7b:c2:
cf:22:79:bc:02:3d:3b:2d:87:a6:32:5a:2b:71:51:f2:ed:dc:
db:79:e6:49:a8:37:4d:32:40:96:b8:9c:04:75:4e:3e:7f:d5:
ee:24:15:13:ba:d2:65:fd:3a:74:e2:17:05:a3:a1:ad:c4:6c:
62:b0:07:5f:92:fc:f7:23:d5:9b:e7:cb:f4:cd:11:5e:e5:c5:
a2:90:56:da:d2:05:79:45:60:51:a7:c3:5f:60:86:1a:3d:82:
32:82:24:13:b6:c1:0d:ef:f4:15:a6:67:8c:c2:07:0d:22:1d:
03:4c:eb:bb:c0:e2:fe:c3:8d:b6:d7:ad:4a:4d:c4:17:02:c0:
cd:8f:71:ba
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pYXLYSVr6B7by9E77pcTwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1MTg5YjE1OGQ4ZDYwMTFiYTVmOTYyNTJkMzAyNjZhNzBk
M2UwNjYwHhcNMjYwMzI2MDkwMjI1WhcNMjYwMzI3MDkwMjI1WjAzMTEwLwYDVQQD
EygyZDVmOGU0MmM0ZDA2MGZmMDM4NWE3ZTNkMTI2ZjJjOWRhZjQ1MDBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwwKYazKzMPS1s/FlQy6POBZ/sNYQ
pbKMvSKI1Jn/KzXuT0GZ2biM/ahGwU51I2aCPmq62WJBIgoyC1Tidp1S9GUt4nO/
C/LC02lPAKDnEVSrZaKRRm4a+fghuP+PIRER/Cppv29SN4lqmppLpm4G+EPyFz/X
4oDAAicKr3nPu2B0jyv+WKjzd+DC1XZ/4UCUPOyxSKZgiynJ/LAF2WxAkyvljQWT
nf4tNzbN21I3/vPDnzlFDSGUKCWLD09G7tUe7KUuwrV6o0JUUKMcOeFL3SnG2O1r
nQxa3D/8EhgQiiJYhMFV4JA0UaRUmXstGsMAOUQyaff3mHZ2O5iu5Q2BuQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC1fjkLE0GD/A4Wn49Em8sna9FAKMB8GA1UdIwQY
MBaAFJUYmxWNjWARul+WJS0wJmpw0+BmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFJpYkZZMk5ZQkc2WDVZbExUQW1hbkRUNEdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9kMjdhZDAtNTVjMi00OTA0LWE4YzUt
YWNlMTgwZmY5YjE5LzEvbFJpYkZZMk5ZQkc2WDVZbExUQW1hbkRUNEdZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9kMjdhZDAtNTVjMi00OTA0LWE4YzUtYWNlMTgwZmY5YjE5
LzEvbFJpYkZZMk5ZQkc2WDVZbExUQW1hbkRUNEdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWISuzxRw
9IRKT0GXtIEMsyGblwipKpsBBJGEZW5sjURzoOVZBjKmIXQ8ToFb9Q9qREfGvpNV
Ta8ZX1MuX4dsFoxFXLFLbTi6Y/ElM9INMeohew4W7uF01fXfWU4hu9ZcKLDT1+Mz
FPjIzhDzlkv4QBZGBO6RaYKyX0ngBnvCzyJ5vAI9Oy2HpjJaK3FR8u3c23nmSag3
TTJAlricBHVOPn/V7iQVE7rSZf06dOIXBaOhrcRsYrAHX5L89yPVm+fL9M0RXuXF
opBW2tIFeUVgUafDX2CGGj2CMoIkE7bBDe/0FaZnjMIHDSIdA0zru8Di/sONttet
Sk3EFwLAzY9xug==
-----END CERTIFICATE-----
Generated at Thu Mar 26 14:13:12 2026 by rpki-client