Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/c48b4c-0221-4646-bb72-05cf9db430b3/1/lUZGXKW4bCWgLlLsvwTEz7wHZU0.mft
File: lUZGXKW4bCWgLlLsvwTEz7wHZU0.mft (raw, json)
Hash identifier: Jb5PfeU7Wlk+G39M/BjiJFOZBZ+CQo/XcXycKCJRIhY=
Subject key identifier: 52:85:10:AF:F1:AE:0D:F5:50:45:99:C6:03:56:26:A5:A9:43:10:1D
Authority key identifier: 95:46:46:5C:A5:B8:6C:25:A0:2E:52:EC:BF:04:C4:CF:BC:07:65:4D
Certificate issuer: /CN=9546465ca5b86c25a02e52ecbf04c4cfbc07654d
Certificate serial: 019D2816B03B599904991B7E3999276BA9E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lUZGXKW4bCWgLlLsvwTEz7wHZU0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/c48b4c-0221-4646-bb72-05cf9db430b3/1/lUZGXKW4bCWgLlLsvwTEz7wHZU0.mft
Manifest number: 06D1
Signing time: Thu 26 Mar 2026 03:01:08 +0000
Manifest this update: Thu 26 Mar 2026 03:01:08 +0000
Manifest next update: Fri 27 Mar 2026 03:01:08 +0000
Files and hashes: 1: McifzUNxziI8WsCXgZeHNz10iWQ.roa (hash: 1R6rZYh+m87Flh7dOcMYHRsZeD59VMaEbBnj6Shuhfs=)
2: lUZGXKW4bCWgLlLsvwTEz7wHZU0.crl (hash: WOrMgfZJbeo0eg1Ad4t2A+k1mt9GaSjZPcEB8hbr9Iw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/c48b4c-0221-4646-bb72-05cf9db430b3/1/lUZGXKW4bCWgLlLsvwTEz7wHZU0.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/c48b4c-0221-4646-bb72-05cf9db430b3/1/lUZGXKW4bCWgLlLsvwTEz7wHZU0.mft
rsync://rpki.ripe.net/repository/DEFAULT/lUZGXKW4bCWgLlLsvwTEz7wHZU0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:28:16:b0:3b:59:99:04:99:1b:7e:39:99:27:6b:a9:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9546465ca5b86c25a02e52ecbf04c4cfbc07654d
Validity
Not Before: Mar 26 03:01:08 2026 GMT
Not After : Mar 27 03:01:08 2026 GMT
Subject: CN=528510aff1ae0df5504599c6035626a5a943101d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:56:77:10:17:ec:f1:6c:89:fb:cf:f8:42:e1:
02:47:63:da:45:7b:90:53:1f:2b:7a:8b:17:5a:82:
b0:06:99:d5:5a:a2:ea:f6:4f:b4:43:d7:93:14:fd:
18:c5:8f:4b:34:7b:66:5e:aa:2e:a3:eb:78:29:cd:
f9:ff:95:98:1d:4e:81:95:1b:e5:07:e7:7f:09:0e:
0a:5b:d6:8e:57:d7:c2:c3:5f:ad:b1:c6:db:3f:00:
15:d4:a5:61:af:2b:cd:fa:5f:31:4a:42:db:eb:ec:
d3:69:de:f8:3c:81:6b:85:e6:3d:d0:3e:c9:bb:96:
51:f7:71:16:19:55:45:0a:09:27:e5:88:b9:f3:96:
05:d6:7a:e0:80:3c:8a:91:13:46:02:56:50:39:9b:
94:d8:16:51:87:21:8b:27:ab:a6:b0:5e:db:89:61:
17:19:64:de:35:3f:64:38:0f:c7:22:5e:6d:13:b4:
43:af:f8:15:b5:b9:05:ef:eb:50:50:e0:94:33:37:
a0:73:2a:e0:6e:ec:6d:58:8c:c9:fd:a9:91:6d:6a:
1c:05:d8:e5:f3:4c:fc:e5:f2:2e:e8:25:4b:09:74:
27:a5:13:00:73:a6:e6:fe:58:c0:91:99:81:38:4a:
d5:18:ac:b0:81:f3:99:40:3c:c4:a0:57:9c:91:37:
05:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:85:10:AF:F1:AE:0D:F5:50:45:99:C6:03:56:26:A5:A9:43:10:1D
X509v3 Authority Key Identifier:
keyid:95:46:46:5C:A5:B8:6C:25:A0:2E:52:EC:BF:04:C4:CF:BC:07:65:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lUZGXKW4bCWgLlLsvwTEz7wHZU0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/c48b4c-0221-4646-bb72-05cf9db430b3/1/lUZGXKW4bCWgLlLsvwTEz7wHZU0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/c48b4c-0221-4646-bb72-05cf9db430b3/1/lUZGXKW4bCWgLlLsvwTEz7wHZU0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a7:69:00:ff:9b:08:bc:a1:b0:cb:2c:6a:b2:b1:79:66:70:b3:
cc:61:c9:65:89:53:e1:19:63:16:8c:f1:bc:64:9e:1d:80:f7:
bc:2d:e5:2e:3a:7d:41:b5:9e:7d:9c:5d:d2:e8:ff:bb:53:c9:
8e:4f:9a:b8:05:b1:9e:c4:9f:cf:f1:8a:15:b3:95:7c:db:74:
7c:a4:9e:7c:e6:cb:74:5a:ac:47:2e:c5:55:df:fc:5d:11:58:
ec:dc:1c:9d:aa:84:18:8b:66:79:6c:e1:a7:f7:09:ab:5f:c6:
70:68:52:12:48:68:3f:11:cc:5b:fb:c9:61:b0:36:12:ee:b4:
aa:be:9b:08:85:d6:c4:26:c0:42:cf:e0:48:82:86:97:01:fb:
d4:c7:01:94:60:53:63:83:84:9f:28:09:05:ec:6f:2f:20:8b:
57:a7:4c:29:6f:57:20:25:ac:c1:d0:df:74:b3:bb:0c:69:f6:
f6:45:47:69:d6:10:e1:75:b7:39:10:35:41:87:04:45:ce:8d:
91:39:6d:6e:9a:4b:a4:e3:89:f4:ac:82:dd:bd:78:dc:76:07:
1b:8a:2b:6b:26:29:fb:77:7a:a6:bf:b0:ad:5e:ce:b4:7b:f4:
40:1f:11:bc:2c:69:19:a9:2b:ed:b9:5a:d6:68:ff:d1:ed:9b:
e1:1e:fc:01
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0oFrA7WZkEmRt+OZkna6nhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1NDY0NjVjYTViODZjMjVhMDJlNTJlY2JmMDRjNGNmYmMw
NzY1NGQwHhcNMjYwMzI2MDMwMTA4WhcNMjYwMzI3MDMwMTA4WjAzMTEwLwYDVQQD
Eyg1Mjg1MTBhZmYxYWUwZGY1NTA0NTk5YzYwMzU2MjZhNWE5NDMxMDFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAklZ3EBfs8WyJ+8/4QuECR2PaRXuQ
Ux8reosXWoKwBpnVWqLq9k+0Q9eTFP0YxY9LNHtmXqouo+t4Kc35/5WYHU6BlRvl
B+d/CQ4KW9aOV9fCw1+tscbbPwAV1KVhryvN+l8xSkLb6+zTad74PIFrheY90D7J
u5ZR93EWGVVFCgkn5Yi585YF1nrggDyKkRNGAlZQOZuU2BZRhyGLJ6umsF7biWEX
GWTeNT9kOA/HIl5tE7RDr/gVtbkF7+tQUOCUMzegcyrgbuxtWIzJ/amRbWocBdjl
80z85fIu6CVLCXQnpRMAc6bm/ljAkZmBOErVGKywgfOZQDzEoFeckTcF8QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFKFEK/xrg31UEWZxgNWJqWpQxAdMB8GA1UdIwQY
MBaAFJVGRlyluGwloC5S7L8ExM+8B2VNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFVaR1hLVzRiQ1dnTGxMc3Z3VEV6N3dIWlUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9jNDhiNGMtMDIyMS00NjQ2LWJiNzIt
MDVjZjlkYjQzMGIzLzEvbFVaR1hLVzRiQ1dnTGxMc3Z3VEV6N3dIWlUwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9jNDhiNGMtMDIyMS00NjQ2LWJiNzItMDVjZjlkYjQzMGIz
LzEvbFVaR1hLVzRiQ1dnTGxMc3Z3VEV6N3dIWlUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAp2kA/5sI
vKGwyyxqsrF5ZnCzzGHJZYlT4RljFozxvGSeHYD3vC3lLjp9QbWefZxd0uj/u1PJ
jk+auAWxnsSfz/GKFbOVfNt0fKSefObLdFqsRy7FVd/8XRFY7NwcnaqEGItmeWzh
p/cJq1/GcGhSEkhoPxHMW/vJYbA2Eu60qr6bCIXWxCbAQs/gSIKGlwH71McBlGBT
Y4OEnygJBexvLyCLV6dMKW9XICWswdDfdLO7DGn29kVHadYQ4XW3ORA1QYcERc6N
kTltbppLpOOJ9KyC3b143HYHG4orayYp+3d6pr+wrV7OtHv0QB8RvCxpGakr7bla
1mj/0e2b4R78AQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 11:16:00 2026 by rpki-client