Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/78c414-9b09-4775-a558-e3defb7e2518/1/IQH0Od66_1iAOV148Lv62Mp2CL8.mft
File: IQH0Od66_1iAOV148Lv62Mp2CL8.mft (raw, json)
Hash identifier: Yg7hseSuo7RA//+Dhm3hsj6WsuCWhCKCH+W5XBt7W9M=
Subject key identifier: B6:EF:E2:E5:68:B0:FB:9E:02:73:83:8D:D1:D2:91:32:0B:49:07:31
Authority key identifier: 21:01:F4:39:DE:BA:FF:58:80:39:5D:78:F0:BB:FA:D8:CA:76:08:BF
Certificate issuer: /CN=2101f439debaff5880395d78f0bbfad8ca7608bf
Certificate serial: 019D38D3BDE2E4DF30B84D2EEA598C8FDD44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IQH0Od66_1iAOV148Lv62Mp2CL8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/78c414-9b09-4775-a558-e3defb7e2518/1/IQH0Od66_1iAOV148Lv62Mp2CL8.mft
Manifest number: 0F4C
Signing time: Sun 29 Mar 2026 09:01:33 +0000
Manifest this update: Sun 29 Mar 2026 09:01:33 +0000
Manifest next update: Mon 30 Mar 2026 09:01:33 +0000
Files and hashes: 1: IQH0Od66_1iAOV148Lv62Mp2CL8.crl (hash: kpl15yR6Ysy4fPmZRJDfvHwlMGL3IHzc6HMDTBDKQw8=)
2: LIiML1O5GYrYT2OXv04_3crEOSo.roa (hash: GEv40+sowJMzMWvtaNBUTp1Lf4CV4ySJkJ0S9aCKf/Y=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/78c414-9b09-4775-a558-e3defb7e2518/1/IQH0Od66_1iAOV148Lv62Mp2CL8.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/78c414-9b09-4775-a558-e3defb7e2518/1/IQH0Od66_1iAOV148Lv62Mp2CL8.mft
rsync://rpki.ripe.net/repository/DEFAULT/IQH0Od66_1iAOV148Lv62Mp2CL8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:d3:bd:e2:e4:df:30:b8:4d:2e:ea:59:8c:8f:dd:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2101f439debaff5880395d78f0bbfad8ca7608bf
Validity
Not Before: Mar 29 09:01:33 2026 GMT
Not After : Mar 30 09:01:33 2026 GMT
Subject: CN=b6efe2e568b0fb9e0273838dd1d291320b490731
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:38:60:bf:c1:fc:72:c1:4d:df:9a:6a:52:fd:
58:09:45:3b:29:a3:72:bd:a7:f0:11:51:e5:da:6e:
96:aa:51:d0:6b:c6:0e:f3:eb:e0:e3:e9:c8:58:76:
29:32:35:ee:6b:c0:77:71:73:8c:e4:33:c0:ed:55:
fb:95:73:0c:79:3b:4b:03:11:42:bc:ea:5e:1a:4f:
87:43:f8:4e:00:73:ab:f5:aa:f0:e7:3f:3e:d5:47:
5a:48:96:66:70:eb:5d:ae:5f:77:73:b4:bd:b4:8b:
3d:c1:70:1b:f0:05:fc:e4:8d:7b:ca:89:77:7f:e9:
47:0f:4f:7a:2d:03:fb:d8:9c:3d:f0:13:77:9d:56:
a2:91:fc:97:af:59:82:41:a0:d4:3b:d4:43:71:47:
52:5d:ad:f7:26:c9:bd:4e:6c:62:a8:6f:25:30:f0:
86:cf:fa:22:0e:08:8f:2e:3e:46:ef:69:d4:ee:2b:
59:d1:c0:8e:c5:10:57:7b:68:27:b4:fa:68:e7:47:
30:4f:97:c8:b7:b5:e8:64:c3:ea:47:d4:58:53:72:
46:13:00:8b:51:95:1f:a4:af:ec:fa:c7:36:e1:0a:
41:62:9d:ed:62:9c:f4:51:be:32:4b:2e:4d:d4:df:
30:d5:18:76:6e:74:57:6c:ee:9e:39:c4:c3:f7:15:
c8:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:EF:E2:E5:68:B0:FB:9E:02:73:83:8D:D1:D2:91:32:0B:49:07:31
X509v3 Authority Key Identifier:
keyid:21:01:F4:39:DE:BA:FF:58:80:39:5D:78:F0:BB:FA:D8:CA:76:08:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IQH0Od66_1iAOV148Lv62Mp2CL8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/78c414-9b09-4775-a558-e3defb7e2518/1/IQH0Od66_1iAOV148Lv62Mp2CL8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/78c414-9b09-4775-a558-e3defb7e2518/1/IQH0Od66_1iAOV148Lv62Mp2CL8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6b:0e:48:72:a6:7c:72:db:9e:15:ed:19:2b:a1:49:b9:81:0b:
d8:71:cf:0e:65:27:49:c4:37:9e:9b:d3:10:36:34:51:fe:91:
ba:ac:7e:79:ab:a5:de:2e:6b:67:bd:71:11:f0:7f:57:db:fb:
fd:d1:c9:6f:0c:c3:46:1e:ee:65:55:c9:64:67:84:0a:18:c9:
a1:55:d2:8f:15:e8:29:a2:6b:5f:14:3d:8c:92:c8:11:04:6c:
01:87:8c:11:4b:b3:22:87:34:3f:17:ec:2d:6a:8f:ad:79:63:
a1:b5:f7:d5:ed:a2:7c:fc:44:cc:c7:9a:10:c6:a5:4c:15:2b:
b5:98:37:e7:e5:0a:ce:a4:3d:e6:50:71:fe:0b:c6:b7:37:71:
4a:48:d4:8f:09:47:64:f0:c6:7c:55:e2:5a:be:df:a0:af:d4:
8b:15:bd:08:e5:1f:90:d6:2b:bb:32:ce:0e:d5:f4:53:61:d3:
59:92:45:7e:32:50:90:fa:fc:9e:ee:13:3e:28:77:41:fa:c4:
f8:d1:4a:64:90:c9:a6:6d:52:0b:a0:e3:f4:e0:bf:db:9e:8e:
23:57:1f:99:b9:8b:92:36:dc:6a:57:32:c4:72:33:2c:ad:a8:
e3:7f:52:21:f4:c2:e7:2a:f0:4e:60:c0:b5:5b:b3:10:0d:4f:
83:98:e7:0a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04073i5N8wuE0u6lmMj91EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMDFmNDM5ZGViYWZmNTg4MDM5NWQ3OGYwYmJmYWQ4Y2E3
NjA4YmYwHhcNMjYwMzI5MDkwMTMzWhcNMjYwMzMwMDkwMTMzWjAzMTEwLwYDVQQD
EyhiNmVmZTJlNTY4YjBmYjllMDI3MzgzOGRkMWQyOTEzMjBiNDkwNzMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Thgv8H8csFN35pqUv1YCUU7KaNy
vafwEVHl2m6WqlHQa8YO8+vg4+nIWHYpMjXua8B3cXOM5DPA7VX7lXMMeTtLAxFC
vOpeGk+HQ/hOAHOr9arw5z8+1UdaSJZmcOtdrl93c7S9tIs9wXAb8AX85I17yol3
f+lHD096LQP72Jw98BN3nVaikfyXr1mCQaDUO9RDcUdSXa33Jsm9TmxiqG8lMPCG
z/oiDgiPLj5G72nU7itZ0cCOxRBXe2gntPpo50cwT5fIt7XoZMPqR9RYU3JGEwCL
UZUfpK/s+sc24QpBYp3tYpz0Ub4ySy5N1N8w1Rh2bnRXbO6eOcTD9xXITwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLbv4uVosPueAnODjdHSkTILSQcxMB8GA1UdIwQY
MBaAFCEB9Dneuv9YgDldePC7+tjKdgi/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVFIME9kNjZfMWlBT1YxNDhMdjYyTXAyQ0w4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi83OGM0MTQtOWIwOS00Nzc1LWE1NTgt
ZTNkZWZiN2UyNTE4LzEvSVFIME9kNjZfMWlBT1YxNDhMdjYyTXAyQ0w4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi83OGM0MTQtOWIwOS00Nzc1LWE1NTgtZTNkZWZiN2UyNTE4
LzEvSVFIME9kNjZfMWlBT1YxNDhMdjYyTXAyQ0w4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaw5IcqZ8
ctueFe0ZK6FJuYEL2HHPDmUnScQ3npvTEDY0Uf6Ruqx+eaul3i5rZ71xEfB/V9v7
/dHJbwzDRh7uZVXJZGeEChjJoVXSjxXoKaJrXxQ9jJLIEQRsAYeMEUuzIoc0Pxfs
LWqPrXljobX31e2ifPxEzMeaEMalTBUrtZg35+UKzqQ95lBx/gvGtzdxSkjUjwlH
ZPDGfFXiWr7foK/UixW9COUfkNYruzLODtX0U2HTWZJFfjJQkPr8nu4TPih3QfrE
+NFKZJDJpm1SC6Dj9OC/256OI1cfmbmLkjbcalcyxHIzLK2o439SIfTC5yrwTmDA
tVuzEA1Pg5jnCg==
-----END CERTIFICATE-----
Generated at Sun Mar 29 14:01:03 2026 by rpki-client