Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/988768-f17b-4f59-be09-2deb14c290ed/1/iBmVbdzq4CLP4SPaNzxrERZANo0.mft
File: iBmVbdzq4CLP4SPaNzxrERZANo0.mft (raw, json)
Hash identifier: yOTJUyA+HkrLj5pJuWgvrS4cAQclg6kTSpS4B5rZRUA=
Subject key identifier: 10:00:52:9E:7F:FE:B0:22:E1:E0:59:5B:2D:23:B5:35:01:52:FB:10
Authority key identifier: 88:19:95:6D:DC:EA:E0:22:CF:E1:23:DA:37:3C:6B:11:16:40:36:8D
Certificate issuer: /CN=8819956ddceae022cfe123da373c6b111640368d
Certificate serial: 019D38D319D8EA98610F1592F86A7F021E8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iBmVbdzq4CLP4SPaNzxrERZANo0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/988768-f17b-4f59-be09-2deb14c290ed/1/iBmVbdzq4CLP4SPaNzxrERZANo0.mft
Manifest number: 14A1
Signing time: Sun 29 Mar 2026 09:00:51 +0000
Manifest this update: Sun 29 Mar 2026 09:00:51 +0000
Manifest next update: Mon 30 Mar 2026 09:00:51 +0000
Files and hashes: 1: Jpa6fmcWWnrngaFT0OUDJvFJNfs.roa (hash: h5s+yud2w3+2pv0SJ9q0YVNu768ah+hczZmwi91mX/Q=)
2: iBmVbdzq4CLP4SPaNzxrERZANo0.crl (hash: 8nfY71R2L0D8A1GUFAmAemf6HO3iSOsantim6gWQrKc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/37/988768-f17b-4f59-be09-2deb14c290ed/1/iBmVbdzq4CLP4SPaNzxrERZANo0.crl
rsync://rpki.ripe.net/repository/DEFAULT/37/988768-f17b-4f59-be09-2deb14c290ed/1/iBmVbdzq4CLP4SPaNzxrERZANo0.mft
rsync://rpki.ripe.net/repository/DEFAULT/iBmVbdzq4CLP4SPaNzxrERZANo0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:d3:19:d8:ea:98:61:0f:15:92:f8:6a:7f:02:1e:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8819956ddceae022cfe123da373c6b111640368d
Validity
Not Before: Mar 29 09:00:51 2026 GMT
Not After : Mar 30 09:00:51 2026 GMT
Subject: CN=1000529e7ffeb022e1e0595b2d23b5350152fb10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:24:c1:e1:8e:08:7d:91:65:11:ce:33:83:3a:
04:93:6e:cd:c9:f1:a2:53:a0:a8:b4:38:96:67:59:
e5:fe:e4:cc:88:77:85:fb:78:58:ba:54:a6:0f:91:
3c:47:c5:36:18:2b:e0:b2:bf:09:6d:b5:99:a9:60:
a4:0a:8e:da:6c:ac:a0:1c:c5:a8:85:fd:f4:29:56:
32:c9:b0:15:4c:4b:62:27:94:e9:23:6a:e5:6f:c7:
51:ba:f7:38:be:61:5b:8d:79:38:fa:f8:90:5a:85:
ba:2d:46:ef:55:7c:f8:b8:ec:6e:86:54:a2:47:65:
cd:46:d3:51:f2:41:7e:b3:c1:06:b1:a2:1e:72:ed:
d7:71:ba:5a:f4:7c:4d:2e:3f:0a:48:0d:82:b5:2b:
3f:e2:a5:f7:45:3e:82:41:b4:36:ec:15:36:7f:e6:
a2:ce:9d:e4:53:32:92:28:33:0d:08:be:6e:96:77:
03:96:53:0d:9c:51:5e:24:f3:97:83:b3:84:bf:05:
a8:87:3f:1c:e3:81:41:a5:c3:a1:3c:04:0c:a9:13:
f0:bc:19:83:37:91:58:5e:0e:a2:e3:7c:9e:73:3f:
53:41:a5:49:33:67:bd:13:b9:60:9b:5e:aa:91:cd:
80:26:98:01:f1:e1:9e:5f:7d:ac:6a:d8:f3:87:f3:
38:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:00:52:9E:7F:FE:B0:22:E1:E0:59:5B:2D:23:B5:35:01:52:FB:10
X509v3 Authority Key Identifier:
keyid:88:19:95:6D:DC:EA:E0:22:CF:E1:23:DA:37:3C:6B:11:16:40:36:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iBmVbdzq4CLP4SPaNzxrERZANo0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/988768-f17b-4f59-be09-2deb14c290ed/1/iBmVbdzq4CLP4SPaNzxrERZANo0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/988768-f17b-4f59-be09-2deb14c290ed/1/iBmVbdzq4CLP4SPaNzxrERZANo0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
29:6f:a8:62:ce:6c:9d:bc:bc:02:1f:fa:ea:b5:65:f9:af:95:
19:f1:d0:f7:7d:ac:ac:64:d0:0e:98:8d:f5:46:6d:0e:af:1f:
57:15:ba:ab:f2:54:48:4d:67:a7:00:4b:40:11:a8:00:e6:6b:
af:53:91:2f:32:cf:88:31:fd:15:e5:08:44:59:b1:3c:71:30:
d8:5a:84:bc:e4:f4:52:32:0f:10:e6:ec:68:3b:84:ab:13:c5:
ed:4a:32:ef:4c:7b:19:0a:c2:a3:82:78:3d:9b:c1:84:1e:57:
5c:e5:90:62:2f:80:be:f8:ad:94:b5:1b:e0:2f:83:ee:bb:1e:
d8:9d:16:d8:ba:e4:a5:23:f2:97:7b:b4:48:8f:ff:80:15:b2:
dc:62:78:8b:6b:3a:48:a8:b3:86:3a:2b:6a:b8:07:bd:72:b0:
64:8a:b0:be:28:68:6a:7b:05:11:56:23:f6:38:2c:35:ef:88:
90:0d:29:9d:ba:32:65:16:0b:62:b5:bb:42:73:c8:47:7f:cc:
13:f5:8d:ba:24:4b:ca:74:6d:c8:55:18:c5:2c:82:ac:b1:0f:
6f:b8:68:ad:6d:59:0c:17:4e:2c:f4:fe:c4:9d:16:43:7a:66:
c5:d0:a2:e0:8f:16:a0:84:6b:3f:44:71:68:8d:b4:aa:8f:9c:
d3:61:9b:48
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ040xnY6phhDxWS+Gp/Ah6NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4MTk5NTZkZGNlYWUwMjJjZmUxMjNkYTM3M2M2YjExMTY0
MDM2OGQwHhcNMjYwMzI5MDkwMDUxWhcNMjYwMzMwMDkwMDUxWjAzMTEwLwYDVQQD
EygxMDAwNTI5ZTdmZmViMDIyZTFlMDU5NWIyZDIzYjUzNTAxNTJmYjEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmSTB4Y4IfZFlEc4zgzoEk27NyfGi
U6CotDiWZ1nl/uTMiHeF+3hYulSmD5E8R8U2GCvgsr8JbbWZqWCkCo7abKygHMWo
hf30KVYyybAVTEtiJ5TpI2rlb8dRuvc4vmFbjXk4+viQWoW6LUbvVXz4uOxuhlSi
R2XNRtNR8kF+s8EGsaIecu3Xcbpa9HxNLj8KSA2CtSs/4qX3RT6CQbQ27BU2f+ai
zp3kUzKSKDMNCL5ulncDllMNnFFeJPOXg7OEvwWohz8c44FBpcOhPAQMqRPwvBmD
N5FYXg6i43yecz9TQaVJM2e9E7lgm16qkc2AJpgB8eGeX32satjzh/M45QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBAAUp5//rAi4eBZWy0jtTUBUvsQMB8GA1UdIwQY
MBaAFIgZlW3c6uAiz+Ej2jc8axEWQDaNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUJtVmJkenE0Q0xQNFNQYU56eHJFUlpBTm8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy85ODg3NjgtZjE3Yi00ZjU5LWJlMDkt
MmRlYjE0YzI5MGVkLzEvaUJtVmJkenE0Q0xQNFNQYU56eHJFUlpBTm8wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy85ODg3NjgtZjE3Yi00ZjU5LWJlMDktMmRlYjE0YzI5MGVk
LzEvaUJtVmJkenE0Q0xQNFNQYU56eHJFUlpBTm8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKW+oYs5s
nby8Ah/66rVl+a+VGfHQ932srGTQDpiN9UZtDq8fVxW6q/JUSE1npwBLQBGoAOZr
r1ORLzLPiDH9FeUIRFmxPHEw2FqEvOT0UjIPEObsaDuEqxPF7Uoy70x7GQrCo4J4
PZvBhB5XXOWQYi+AvvitlLUb4C+D7rse2J0W2LrkpSPyl3u0SI//gBWy3GJ4i2s6
SKizhjorargHvXKwZIqwvihoansFEVYj9jgsNe+IkA0pnboyZRYLYrW7QnPIR3/M
E/WNuiRLynRtyFUYxSyCrLEPb7horW1ZDBdOLPT+xJ0WQ3pmxdCi4I8WoIRrP0Rx
aI20qo+c02GbSA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:28:03 2026 by rpki-client