Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/e6f2ee-0476-40b4-bb6a-660778099b3d/1/IG0YKjtEp74F0-5w3JCoXVer-40.mft
File: IG0YKjtEp74F0-5w3JCoXVer-40.mft (raw, json)
Hash identifier: Lns8yblfrCAAIAhrb8/9tHLr4a3XhcZ6nLiao80Oj/k=
Subject key identifier: 0F:A1:C6:86:94:30:45:9C:52:FC:9D:99:44:2A:40:1E:A3:2F:EE:D4
Authority key identifier: 20:6D:18:2A:3B:44:A7:BE:05:D3:EE:70:DC:90:A8:5D:57:AB:FB:8D
Certificate issuer: /CN=206d182a3b44a7be05d3ee70dc90a85d57abfb8d
Certificate serial: 019D3A8AFF0E7A0DB2FD12D2AA5D8C01024A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IG0YKjtEp74F0-5w3JCoXVer-40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/e6f2ee-0476-40b4-bb6a-660778099b3d/1/IG0YKjtEp74F0-5w3JCoXVer-40.mft
Manifest number: 17F2
Signing time: Sun 29 Mar 2026 17:01:20 +0000
Manifest this update: Sun 29 Mar 2026 17:01:20 +0000
Manifest next update: Mon 30 Mar 2026 17:01:20 +0000
Files and hashes: 1: IG0YKjtEp74F0-5w3JCoXVer-40.crl (hash: OkIRaZ8QJsNaZ6oLSgAlF/xyMM3HMTBQpGaGGfnXkRY=)
2: qSWfUPbdifhrh3aKuAhxxmylP6A.roa (hash: fB+qGwcW2GhnHX2osyvSPDhd9KmuxX/DLSWIY8hF8h8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/e6f2ee-0476-40b4-bb6a-660778099b3d/1/IG0YKjtEp74F0-5w3JCoXVer-40.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/e6f2ee-0476-40b4-bb6a-660778099b3d/1/IG0YKjtEp74F0-5w3JCoXVer-40.mft
rsync://rpki.ripe.net/repository/DEFAULT/IG0YKjtEp74F0-5w3JCoXVer-40.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 16:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:3a:8a:ff:0e:7a:0d:b2:fd:12:d2:aa:5d:8c:01:02:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=206d182a3b44a7be05d3ee70dc90a85d57abfb8d
Validity
Not Before: Mar 29 17:01:20 2026 GMT
Not After : Mar 30 17:01:20 2026 GMT
Subject: CN=0fa1c6869430459c52fc9d99442a401ea32feed4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:df:e0:2c:a1:0f:e9:78:23:db:ac:39:e2:62:
6a:8c:7e:7a:8e:65:21:07:ef:24:cc:08:1d:5c:eb:
97:de:81:d8:fe:7f:fa:fa:58:c6:0d:c7:23:e8:a6:
00:6c:fd:48:ab:24:72:16:27:cc:61:66:ed:a7:1d:
b0:58:ef:df:10:2e:b0:41:49:46:34:75:59:d2:43:
56:31:5f:91:90:e0:d2:6b:5b:33:d2:2b:2b:43:2f:
03:52:c0:65:d4:86:11:37:25:85:2f:49:27:79:c4:
34:a5:3c:e4:1c:74:f7:ac:86:11:4a:98:ca:58:50:
78:32:2a:db:08:d8:8c:21:f0:3f:a0:7e:3c:9b:de:
ad:a7:63:40:31:15:b3:04:80:61:91:05:e2:20:71:
b9:e3:bc:d7:b2:3d:ca:39:ee:f7:df:fd:62:f6:cf:
64:94:08:c7:57:8d:69:10:66:bb:56:d4:b0:9c:b2:
ce:21:79:0b:18:73:4c:d0:d8:de:da:ab:e5:2a:67:
9a:45:f7:dc:6d:aa:5f:16:c2:c0:16:cb:7b:3d:85:
9b:b0:57:0a:ad:1f:e4:7c:1d:3a:99:6f:8b:60:7f:
a0:72:1d:6d:27:b9:8d:b5:44:0e:07:a1:ef:40:93:
cb:45:fd:4d:7e:b9:67:6f:6b:57:2d:a2:be:46:01:
94:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:A1:C6:86:94:30:45:9C:52:FC:9D:99:44:2A:40:1E:A3:2F:EE:D4
X509v3 Authority Key Identifier:
keyid:20:6D:18:2A:3B:44:A7:BE:05:D3:EE:70:DC:90:A8:5D:57:AB:FB:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IG0YKjtEp74F0-5w3JCoXVer-40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/e6f2ee-0476-40b4-bb6a-660778099b3d/1/IG0YKjtEp74F0-5w3JCoXVer-40.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/e6f2ee-0476-40b4-bb6a-660778099b3d/1/IG0YKjtEp74F0-5w3JCoXVer-40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
41:7d:75:f8:96:a9:5b:1f:61:54:5a:b0:e9:51:ba:63:93:68:
4e:75:59:d0:36:4c:49:eb:c8:00:65:04:69:16:0a:72:ad:8e:
2c:07:30:0c:e3:0c:47:a5:14:09:89:a8:e0:6b:ff:76:02:9a:
24:c4:91:17:39:e1:1d:7a:c9:52:46:30:ed:8b:ea:32:1d:87:
e9:62:9c:7c:07:44:7c:f4:7e:a0:9f:f9:7e:40:88:ec:0d:db:
2b:0f:26:51:e1:58:05:20:7c:39:ee:c5:a9:c2:53:2d:18:b1:
7b:ca:bd:3f:d1:0c:a2:7e:06:b5:54:f3:bb:58:37:c1:52:dc:
2e:81:14:20:52:8f:ac:69:50:0a:8a:01:cf:2b:83:2f:61:1f:
8f:9d:12:bc:ad:e2:ca:5f:5c:55:bb:26:04:67:55:f4:e9:6b:
d9:35:df:72:2b:45:c8:ee:42:54:83:ce:95:a2:9e:c8:9d:15:
ec:f3:da:74:d3:81:11:11:ab:69:d6:75:cc:f8:23:1e:c3:84:
0d:ce:4d:43:b4:59:f7:f6:0c:86:2a:95:b9:ef:33:e9:0b:5c:
a1:d6:bc:67:d4:55:78:fb:ca:37:8a:f5:6d:28:4f:9e:34:c6:
9f:cc:f7:26:ec:7f:4b:0f:45:10:b6:3c:83:1b:58:73:28:dd:
fe:90:5a:e0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ06iv8Oeg2y/RLSql2MAQJKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwNmQxODJhM2I0NGE3YmUwNWQzZWU3MGRjOTBhODVkNTdh
YmZiOGQwHhcNMjYwMzI5MTcwMTIwWhcNMjYwMzMwMTcwMTIwWjAzMTEwLwYDVQQD
EygwZmExYzY4Njk0MzA0NTljNTJmYzlkOTk0NDJhNDAxZWEzMmZlZWQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmt/gLKEP6Xgj26w54mJqjH56jmUh
B+8kzAgdXOuX3oHY/n/6+ljGDccj6KYAbP1IqyRyFifMYWbtpx2wWO/fEC6wQUlG
NHVZ0kNWMV+RkODSa1sz0isrQy8DUsBl1IYRNyWFL0knecQ0pTzkHHT3rIYRSpjK
WFB4MirbCNiMIfA/oH48m96tp2NAMRWzBIBhkQXiIHG547zXsj3KOe733/1i9s9k
lAjHV41pEGa7VtSwnLLOIXkLGHNM0Nje2qvlKmeaRffcbapfFsLAFst7PYWbsFcK
rR/kfB06mW+LYH+gch1tJ7mNtUQOB6HvQJPLRf1Nfrlnb2tXLaK+RgGUPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA+hxoaUMEWcUvydmUQqQB6jL+7UMB8GA1UdIwQY
MBaAFCBtGCo7RKe+BdPucNyQqF1Xq/uNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUcwWUtqdEVwNzRGMC01dzNKQ29YVmVyLTQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9lNmYyZWUtMDQ3Ni00MGI0LWJiNmEt
NjYwNzc4MDk5YjNkLzEvSUcwWUtqdEVwNzRGMC01dzNKQ29YVmVyLTQwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9lNmYyZWUtMDQ3Ni00MGI0LWJiNmEtNjYwNzc4MDk5YjNk
LzEvSUcwWUtqdEVwNzRGMC01dzNKQ29YVmVyLTQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQX11+Jap
Wx9hVFqw6VG6Y5NoTnVZ0DZMSevIAGUEaRYKcq2OLAcwDOMMR6UUCYmo4Gv/dgKa
JMSRFznhHXrJUkYw7YvqMh2H6WKcfAdEfPR+oJ/5fkCI7A3bKw8mUeFYBSB8Oe7F
qcJTLRixe8q9P9EMon4GtVTzu1g3wVLcLoEUIFKPrGlQCooBzyuDL2Efj50SvK3i
yl9cVbsmBGdV9Olr2TXfcitFyO5CVIPOlaKeyJ0V7PPadNOBERGradZ1zPgjHsOE
Dc5NQ7RZ9/YMhiqVue8z6Qtcoda8Z9RVePvKN4r1bShPnjTGn8z3Jux/Sw9FELY8
gxtYcyjd/pBa4A==
-----END CERTIFICATE-----
Generated at Sun Mar 29 19:50:17 2026 by rpki-client