Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/4df429-f776-4fd3-8de4-00bc903d2621/1/Ilzw0xcEtZ1-6wGFSCAtOlcNqTI.mft
File: Ilzw0xcEtZ1-6wGFSCAtOlcNqTI.mft (raw, json)
Hash identifier: s1UlF2YxKeHgPb8kdPhi/8rzABGdkI49siKE0ESFeaQ=
Subject key identifier: BD:DC:2B:1C:B2:BD:4D:07:87:67:78:E9:F4:6D:09:C3:5C:41:DF:9B
Authority key identifier: 22:5C:F0:D3:17:04:B5:9D:7E:EB:01:85:48:20:2D:3A:57:0D:A9:32
Certificate issuer: /CN=225cf0d31704b59d7eeb018548202d3a570da932
Certificate serial: 019DCE636B1260C0655F5C94873BA658FCA8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ilzw0xcEtZ1-6wGFSCAtOlcNqTI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/4df429-f776-4fd3-8de4-00bc903d2621/1/Ilzw0xcEtZ1-6wGFSCAtOlcNqTI.mft
Manifest number: 17B2
Signing time: Mon 27 Apr 2026 10:01:55 +0000
Manifest this update: Mon 27 Apr 2026 10:01:55 +0000
Manifest next update: Tue 28 Apr 2026 10:01:55 +0000
Files and hashes: 1: Ilzw0xcEtZ1-6wGFSCAtOlcNqTI.crl (hash: i9sMIUWuI4thGoELRwQMlmkkfV+V6mXsmR36ptnSkhc=)
2: gDJ4Lp76yXybVk_hOXjmjT2yA0Y.roa (hash: TNUN3ffkTS+jn16rGNGRBs19tZhvUdCtK4/zEyf8nb4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/05/4df429-f776-4fd3-8de4-00bc903d2621/1/Ilzw0xcEtZ1-6wGFSCAtOlcNqTI.crl
rsync://rpki.ripe.net/repository/DEFAULT/05/4df429-f776-4fd3-8de4-00bc903d2621/1/Ilzw0xcEtZ1-6wGFSCAtOlcNqTI.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ilzw0xcEtZ1-6wGFSCAtOlcNqTI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Apr 2026 08:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:ce:63:6b:12:60:c0:65:5f:5c:94:87:3b:a6:58:fc:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=225cf0d31704b59d7eeb018548202d3a570da932
Validity
Not Before: Apr 27 10:01:55 2026 GMT
Not After : Apr 28 10:01:55 2026 GMT
Subject: CN=bddc2b1cb2bd4d07876778e9f46d09c35c41df9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:ab:02:ef:c2:04:59:9d:88:6d:72:25:f5:75:
0c:f1:dd:37:b5:90:11:03:a7:ac:0b:c7:9c:61:de:
8f:63:85:c3:df:e4:cb:09:ad:84:12:57:64:6c:2b:
14:19:f8:e2:60:1b:f1:12:c0:1e:7b:e1:05:2b:c9:
d1:bc:0f:57:47:13:5b:43:20:39:94:ba:8c:91:87:
fa:f3:01:f2:21:e4:63:34:62:b4:f3:f7:43:da:57:
54:85:1d:d4:32:d3:c3:0c:dd:45:6b:52:14:4b:96:
e2:52:ca:ae:98:db:f6:6a:34:45:6c:a7:30:79:9b:
6f:7a:eb:a8:3c:b9:01:bc:ef:8e:8b:02:19:9e:98:
82:92:a3:b0:6b:d3:52:69:5b:de:0b:d7:d0:36:2e:
d0:ae:0e:e8:16:28:df:fd:f2:53:65:07:0d:51:56:
73:0c:f3:7c:5f:d0:c2:07:1c:c5:27:5e:dd:9a:65:
bb:9f:da:bd:81:39:25:34:53:6d:09:bf:4e:cb:74:
82:e8:2b:1e:e9:03:93:bf:84:3b:6c:4e:98:02:97:
da:bd:d5:20:9b:bc:94:16:e9:d2:37:90:32:95:8a:
c4:0f:93:cb:a2:90:18:4a:ce:ba:b1:a3:2f:31:2d:
e2:28:5d:49:18:41:9d:e7:28:76:3a:3b:c2:b2:4d:
87:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:DC:2B:1C:B2:BD:4D:07:87:67:78:E9:F4:6D:09:C3:5C:41:DF:9B
X509v3 Authority Key Identifier:
keyid:22:5C:F0:D3:17:04:B5:9D:7E:EB:01:85:48:20:2D:3A:57:0D:A9:32
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ilzw0xcEtZ1-6wGFSCAtOlcNqTI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/4df429-f776-4fd3-8de4-00bc903d2621/1/Ilzw0xcEtZ1-6wGFSCAtOlcNqTI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/4df429-f776-4fd3-8de4-00bc903d2621/1/Ilzw0xcEtZ1-6wGFSCAtOlcNqTI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0e:0c:0c:14:f9:04:7e:c5:ab:34:8f:4c:8b:ea:c0:6a:f9:17:
51:62:50:91:ae:50:09:38:c6:a7:2d:18:59:c2:d0:56:fb:b9:
86:59:1c:1a:db:03:d1:f9:da:63:53:8e:49:0b:d0:e9:f0:55:
f6:e6:d8:7f:b4:52:82:55:b0:8f:05:a3:8b:ad:4f:e7:3b:ce:
95:0c:be:8f:79:c9:0d:88:71:c6:28:48:73:14:fe:c3:b8:e7:
7e:a8:8a:65:85:41:ac:79:de:c2:02:85:a3:da:23:52:ce:98:
65:13:c5:6e:96:0f:a7:cc:5b:2e:70:67:c2:18:5a:3b:dc:93:
3a:67:ff:ed:39:f5:0f:cb:09:26:a2:6d:63:ff:c7:5b:a1:96:
f8:bc:6e:cf:ff:8c:f3:d0:d4:52:bf:19:a0:23:cb:94:89:7d:
cf:31:db:bc:06:9c:e4:e4:9c:cb:8e:0d:29:da:f1:2f:d9:54:
79:8e:08:20:da:c3:82:c9:80:b1:ab:e4:fa:10:f7:16:2a:53:
c8:29:46:ba:05:02:0c:6a:59:32:7f:52:11:bd:5b:78:b4:f7:
85:32:7d:1c:1e:23:13:c9:62:55:af:55:56:3a:12:e3:08:d8:
8c:3f:1f:5f:4c:ea:f6:47:0a:f8:ae:1b:c2:bb:a8:ec:11:60:
d7:70:63:01
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ3OY2sSYMBlX1yUhzumWPyoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyNWNmMGQzMTcwNGI1OWQ3ZWViMDE4NTQ4MjAyZDNhNTcw
ZGE5MzIwHhcNMjYwNDI3MTAwMTU1WhcNMjYwNDI4MTAwMTU1WjAzMTEwLwYDVQQD
EyhiZGRjMmIxY2IyYmQ0ZDA3ODc2Nzc4ZTlmNDZkMDljMzVjNDFkZjliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzasC78IEWZ2IbXIl9XUM8d03tZAR
A6esC8ecYd6PY4XD3+TLCa2EEldkbCsUGfjiYBvxEsAee+EFK8nRvA9XRxNbQyA5
lLqMkYf68wHyIeRjNGK08/dD2ldUhR3UMtPDDN1Fa1IUS5biUsqumNv2ajRFbKcw
eZtveuuoPLkBvO+OiwIZnpiCkqOwa9NSaVveC9fQNi7Qrg7oFijf/fJTZQcNUVZz
DPN8X9DCBxzFJ17dmmW7n9q9gTklNFNtCb9Oy3SC6Cse6QOTv4Q7bE6YApfavdUg
m7yUFunSN5AylYrED5PLopAYSs66saMvMS3iKF1JGEGd5yh2OjvCsk2HIwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL3cKxyyvU0Hh2d46fRtCcNcQd+bMB8GA1UdIwQY
MBaAFCJc8NMXBLWdfusBhUggLTpXDakyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWx6dzB4Y0V0WjEtNndHRlNDQXRPbGNOcVRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS80ZGY0MjktZjc3Ni00ZmQzLThkZTQt
MDBiYzkwM2QyNjIxLzEvSWx6dzB4Y0V0WjEtNndHRlNDQXRPbGNOcVRJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS80ZGY0MjktZjc3Ni00ZmQzLThkZTQtMDBiYzkwM2QyNjIx
LzEvSWx6dzB4Y0V0WjEtNndHRlNDQXRPbGNOcVRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADgwMFPkE
fsWrNI9Mi+rAavkXUWJQka5QCTjGpy0YWcLQVvu5hlkcGtsD0fnaY1OOSQvQ6fBV
9ubYf7RSglWwjwWji61P5zvOlQy+j3nJDYhxxihIcxT+w7jnfqiKZYVBrHnewgKF
o9ojUs6YZRPFbpYPp8xbLnBnwhhaO9yTOmf/7Tn1D8sJJqJtY//HW6GW+Lxuz/+M
89DUUr8ZoCPLlIl9zzHbvAac5OScy44NKdrxL9lUeY4IINrDgsmAsavk+hD3FipT
yClGugUCDGpZMn9SEb1beLT3hTJ9HB4jE8liVa9VVjoS4wjYjD8fX0zq9kcK+K4b
wruo7BFg13BjAQ==
-----END CERTIFICATE-----
Generated at Mon Apr 27 16:14:36 2026 by rpki-client