Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/0455d5-ae56-4820-a1e9-9b437dbfd353/1/IEBQzFlTby2UB2koI4kMzdqFRQg.mft
File: IEBQzFlTby2UB2koI4kMzdqFRQg.mft (raw, json)
Hash identifier: WnVzvCPhx0yTG7nEa2C4P1EkcczVd6+NYkKhCQXtloY=
Subject key identifier: 6A:DC:11:2A:31:EF:3E:BA:ED:F3:F2:EE:8F:84:B5:55:89:D2:FF:54
Authority key identifier: 20:40:50:CC:59:53:6F:2D:94:07:69:28:23:89:0C:CD:DA:85:45:08
Certificate issuer: /CN=204050cc59536f2d9407692823890ccdda854508
Certificate serial: 019D3865C00CF8CFB3DD8C969C47B9989D50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IEBQzFlTby2UB2koI4kMzdqFRQg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/0455d5-ae56-4820-a1e9-9b437dbfd353/1/IEBQzFlTby2UB2koI4kMzdqFRQg.mft
Manifest number: 069E
Signing time: Sun 29 Mar 2026 07:01:25 +0000
Manifest this update: Sun 29 Mar 2026 07:01:25 +0000
Manifest next update: Mon 30 Mar 2026 07:01:25 +0000
Files and hashes: 1: IEBQzFlTby2UB2koI4kMzdqFRQg.crl (hash: B0HOGNpOrQ3ZL+dnkdlLidWDaFsT33AGL01CNX/pjh8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/24/0455d5-ae56-4820-a1e9-9b437dbfd353/1/IEBQzFlTby2UB2koI4kMzdqFRQg.crl
rsync://rpki.ripe.net/repository/DEFAULT/24/0455d5-ae56-4820-a1e9-9b437dbfd353/1/IEBQzFlTby2UB2koI4kMzdqFRQg.mft
rsync://rpki.ripe.net/repository/DEFAULT/IEBQzFlTby2UB2koI4kMzdqFRQg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:65:c0:0c:f8:cf:b3:dd:8c:96:9c:47:b9:98:9d:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=204050cc59536f2d9407692823890ccdda854508
Validity
Not Before: Mar 29 07:01:25 2026 GMT
Not After : Mar 30 07:01:25 2026 GMT
Subject: CN=6adc112a31ef3ebaedf3f2ee8f84b55589d2ff54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:71:a8:35:24:5b:c1:70:9e:57:7a:70:c9:6b:
68:3f:0f:d0:22:bf:d9:a9:e6:7c:3d:d1:15:11:09:
8d:40:29:6e:7a:a1:65:23:d4:81:53:a8:7b:ac:b4:
00:a6:c3:92:55:2f:89:ea:13:db:cb:e1:b2:f6:4d:
0c:1d:15:8d:86:42:59:03:6d:69:3e:ae:1f:7a:78:
03:9d:5d:b5:a0:2f:30:bc:77:2b:5d:bc:3b:36:17:
69:80:f4:4f:a3:bd:f6:ff:8e:cf:af:56:40:a9:ae:
34:8f:b8:97:85:c5:26:38:be:c9:40:91:64:97:bf:
44:12:4b:a8:fd:0f:bd:3c:67:6c:26:1e:f8:48:a8:
c9:2d:c3:e6:5a:68:7e:57:c7:f0:ba:44:42:5d:10:
3e:7c:bd:7a:7d:e1:96:5e:c3:69:7b:ab:29:d1:52:
b3:33:dc:b4:6e:2f:a5:90:b0:7d:37:5e:53:54:e0:
ae:bc:20:a7:ac:8a:99:1c:29:ce:66:cb:61:00:be:
19:35:f3:84:63:ed:9f:e8:38:75:d5:a0:4e:da:d8:
b1:88:f0:60:3d:7f:17:d6:17:66:10:f9:05:cd:3d:
14:4a:15:06:72:a3:81:ca:90:1c:d6:38:3c:41:47:
9a:e8:67:20:22:65:de:fc:ef:d8:01:e5:bd:b9:c2:
8c:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:DC:11:2A:31:EF:3E:BA:ED:F3:F2:EE:8F:84:B5:55:89:D2:FF:54
X509v3 Authority Key Identifier:
keyid:20:40:50:CC:59:53:6F:2D:94:07:69:28:23:89:0C:CD:DA:85:45:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IEBQzFlTby2UB2koI4kMzdqFRQg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/0455d5-ae56-4820-a1e9-9b437dbfd353/1/IEBQzFlTby2UB2koI4kMzdqFRQg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/0455d5-ae56-4820-a1e9-9b437dbfd353/1/IEBQzFlTby2UB2koI4kMzdqFRQg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
45:f6:15:06:ab:07:3e:fc:2c:b2:0d:59:f2:83:ae:fa:b4:df:
b8:17:9e:aa:77:4c:e2:e6:76:4f:0a:51:ef:99:22:2f:d8:ce:
78:5d:9f:31:a4:ee:fc:fa:e1:e2:7a:91:5b:06:56:f1:8e:13:
c8:b8:54:f9:6e:e9:90:fb:b8:36:d0:c2:62:d4:70:d4:57:9a:
f0:cf:f0:af:0c:e4:33:17:19:ff:83:85:cb:31:d5:f3:15:3e:
91:1f:b6:e1:7f:ba:61:51:9b:83:73:38:47:c4:66:66:e8:f3:
75:8b:ac:0e:5b:b1:03:92:27:14:fc:d5:2d:a9:00:02:55:ab:
53:3a:2b:c4:23:c9:6b:d2:d6:59:aa:0b:51:eb:5b:0b:de:f1:
32:bc:02:96:5e:2f:5f:2b:82:e2:e0:46:d3:15:2f:ae:e0:ef:
f1:8d:85:70:26:40:0c:a2:23:cd:d1:7f:5f:03:3b:f3:1e:ac:
be:8e:ad:ed:29:e7:7e:cc:e5:b2:1d:88:06:22:84:ea:be:8e:
23:04:6c:bf:dd:01:12:ab:82:c0:3d:7a:a7:32:71:26:23:1c:
82:7c:73:fb:fa:10:b6:fd:98:41:11:f4:d0:a4:9a:ad:95:ca:
62:ec:d5:43:23:d3:bc:b9:11:48:22:20:e1:f4:39:dd:44:39:
a3:fd:89:d6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZcAM+M+z3YyWnEe5mJ1QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwNDA1MGNjNTk1MzZmMmQ5NDA3NjkyODIzODkwY2NkZGE4
NTQ1MDgwHhcNMjYwMzI5MDcwMTI1WhcNMjYwMzMwMDcwMTI1WjAzMTEwLwYDVQQD
Eyg2YWRjMTEyYTMxZWYzZWJhZWRmM2YyZWU4Zjg0YjU1NTg5ZDJmZjU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxXGoNSRbwXCeV3pwyWtoPw/QIr/Z
qeZ8PdEVEQmNQClueqFlI9SBU6h7rLQApsOSVS+J6hPby+Gy9k0MHRWNhkJZA21p
Pq4fengDnV21oC8wvHcrXbw7NhdpgPRPo732/47Pr1ZAqa40j7iXhcUmOL7JQJFk
l79EEkuo/Q+9PGdsJh74SKjJLcPmWmh+V8fwukRCXRA+fL16feGWXsNpe6sp0VKz
M9y0bi+lkLB9N15TVOCuvCCnrIqZHCnOZsthAL4ZNfOEY+2f6Dh11aBO2tixiPBg
PX8X1hdmEPkFzT0UShUGcqOBypAc1jg8QUea6GcgImXe/O/YAeW9ucKMnQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGrcESox7z667fPy7o+EtVWJ0v9UMB8GA1UdIwQY
MBaAFCBAUMxZU28tlAdpKCOJDM3ahUUIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUVCUXpGbFRieTJVQjJrb0k0a016ZHFGUlFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8wNDU1ZDUtYWU1Ni00ODIwLWExZTkt
OWI0MzdkYmZkMzUzLzEvSUVCUXpGbFRieTJVQjJrb0k0a016ZHFGUlFnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC8wNDU1ZDUtYWU1Ni00ODIwLWExZTktOWI0MzdkYmZkMzUz
LzEvSUVCUXpGbFRieTJVQjJrb0k0a016ZHFGUlFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARfYVBqsH
Pvwssg1Z8oOu+rTfuBeeqndM4uZ2TwpR75kiL9jOeF2fMaTu/Prh4nqRWwZW8Y4T
yLhU+W7pkPu4NtDCYtRw1Fea8M/wrwzkMxcZ/4OFyzHV8xU+kR+24X+6YVGbg3M4
R8RmZujzdYusDluxA5InFPzVLakAAlWrUzorxCPJa9LWWaoLUetbC97xMrwCll4v
XyuC4uBG0xUvruDv8Y2FcCZADKIjzdF/XwM78x6svo6t7Snnfszlsh2IBiKE6r6O
IwRsv90BEquCwD16pzJxJiMcgnxz+/oQtv2YQRH00KSarZXKYuzVQyPTvLkRSCIg
4fQ53UQ5o/2J1g==
-----END CERTIFICATE-----
Generated at Sun Mar 29 14:08:33 2026 by rpki-client