Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/c216ca-aa9d-4d21-841e-49b5687fee6d/1/IM1XQoSmAY5bA2Neml1lj99XNPA.mft
File: IM1XQoSmAY5bA2Neml1lj99XNPA.mft (raw, json)
Hash identifier: dR+srVSwPyDPliW17YQC8fe0NrRV1ldaBBVg6qe7Jo8=
Subject key identifier: DD:04:F5:45:6F:8D:97:F6:02:78:16:C4:88:7B:0C:43:01:30:A2:10
Authority key identifier: 20:CD:57:42:84:A6:01:8E:5B:03:63:5E:9A:5D:65:8F:DF:57:34:F0
Certificate issuer: /CN=20cd574284a6018e5b03635e9a5d658fdf5734f0
Certificate serial: 019D38D30BDFDDD5F4A8255E083D25C6A654
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IM1XQoSmAY5bA2Neml1lj99XNPA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/c216ca-aa9d-4d21-841e-49b5687fee6d/1/IM1XQoSmAY5bA2Neml1lj99XNPA.mft
Manifest number: 15D5
Signing time: Sun 29 Mar 2026 09:00:48 +0000
Manifest this update: Sun 29 Mar 2026 09:00:48 +0000
Manifest next update: Mon 30 Mar 2026 09:00:48 +0000
Files and hashes: 1: IM1XQoSmAY5bA2Neml1lj99XNPA.crl (hash: ygUecr9IZs06GAiPJDLEJ8H8nIWB0zDv65DrViKh1yA=)
2: ImTLWt2g0cY7V35wRVv87mBniEg.roa (hash: VJYLeV7M13GLWx8pAqlJxHBxVDnSY7dG5v0w8WshUfs=)
3: xsbeeqBrYcrCh1XkX_yalGrpwlg.roa (hash: C6xVrKshvFw2VHF914TCAq+YdHSq0Ozgs9as5bzKGhE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/37/c216ca-aa9d-4d21-841e-49b5687fee6d/1/IM1XQoSmAY5bA2Neml1lj99XNPA.crl
rsync://rpki.ripe.net/repository/DEFAULT/37/c216ca-aa9d-4d21-841e-49b5687fee6d/1/IM1XQoSmAY5bA2Neml1lj99XNPA.mft
rsync://rpki.ripe.net/repository/DEFAULT/IM1XQoSmAY5bA2Neml1lj99XNPA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:d3:0b:df:dd:d5:f4:a8:25:5e:08:3d:25:c6:a6:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20cd574284a6018e5b03635e9a5d658fdf5734f0
Validity
Not Before: Mar 29 09:00:48 2026 GMT
Not After : Mar 30 09:00:48 2026 GMT
Subject: CN=dd04f5456f8d97f6027816c4887b0c430130a210
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:a8:bf:92:38:2a:db:d5:1e:6c:9b:b6:e7:a1:
1d:24:6d:b5:87:0b:48:45:c9:cb:be:c8:d2:b3:03:
c0:d0:37:12:74:e0:10:db:b4:38:7d:dd:eb:87:fc:
9f:54:d4:a9:51:4d:b9:4f:37:39:80:2d:95:1d:5a:
26:8a:8c:97:9f:a3:02:4e:91:1f:fc:09:01:be:e9:
3d:b9:4a:8e:45:91:92:3d:8a:e7:e5:6c:97:bb:13:
dc:43:85:fa:f2:81:26:bb:c7:dd:67:ac:e9:bd:fb:
2e:19:f6:f1:35:ea:2b:e4:d3:1c:e8:93:d8:5f:f9:
e4:83:3d:02:28:b6:82:f0:c0:9d:99:5e:85:f3:43:
cf:55:f9:ee:e9:12:cd:7a:32:40:4a:58:33:43:59:
4f:1a:b5:c0:d5:b1:72:0d:4d:e1:3d:d1:9a:59:6b:
a2:4b:f4:45:ee:8f:67:e1:25:f6:f4:c0:7a:12:a8:
96:81:16:4c:a8:ee:4e:d9:63:7f:c6:f8:d0:71:91:
e3:44:89:1a:47:12:58:93:85:7f:da:e5:cd:7e:e3:
cc:ab:c7:a6:d5:03:c4:06:b5:32:42:d1:05:99:ea:
5e:dd:f7:ef:3a:7e:21:4a:be:ef:03:a9:a8:3f:74:
53:7e:53:5f:ba:45:a8:c3:ba:a2:b4:9b:07:fa:72:
45:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:04:F5:45:6F:8D:97:F6:02:78:16:C4:88:7B:0C:43:01:30:A2:10
X509v3 Authority Key Identifier:
keyid:20:CD:57:42:84:A6:01:8E:5B:03:63:5E:9A:5D:65:8F:DF:57:34:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IM1XQoSmAY5bA2Neml1lj99XNPA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/c216ca-aa9d-4d21-841e-49b5687fee6d/1/IM1XQoSmAY5bA2Neml1lj99XNPA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/c216ca-aa9d-4d21-841e-49b5687fee6d/1/IM1XQoSmAY5bA2Neml1lj99XNPA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6d:cc:e6:67:18:81:ab:62:76:10:c9:3c:16:ba:75:16:02:e0:
5e:23:eb:dc:de:8a:04:31:c6:ba:fe:5d:2c:17:70:29:47:fe:
51:0a:27:f3:6b:23:07:5c:80:b1:ee:55:47:f1:e9:24:9e:c8:
52:a2:d6:84:e0:04:f5:ab:a8:3e:f1:0b:a8:78:50:59:35:25:
08:bf:55:d3:55:36:e6:18:79:b8:16:73:7c:89:1f:91:d4:7f:
03:e0:ec:34:3c:b4:77:2a:b1:33:f0:10:2f:c8:fb:f9:83:47:
ca:ca:df:f2:9a:9c:5e:7d:3e:50:00:bd:5e:66:c2:8f:2a:a9:
9c:9f:6b:62:2f:39:72:51:0d:27:0a:17:7b:5a:10:0d:8f:06:
ff:96:eb:ba:45:6a:f9:ba:cb:cb:85:69:b8:60:b0:56:ce:f9:
de:c2:6a:82:c3:e5:ab:8d:26:50:5c:20:6e:e8:95:2f:f6:d9:
31:62:41:8d:0f:41:65:be:c5:ca:a2:99:54:67:42:11:42:3b:
cd:9a:16:67:f2:c0:64:50:17:32:d8:b4:71:5d:69:0a:27:6d:
c8:7b:47:84:a0:13:f8:8b:6e:51:f3:d9:98:88:fe:79:7f:cf:
10:d1:84:86:1e:86:bf:25:75:63:78:14:ee:85:0c:5e:14:33:
2a:fb:81:c2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ040wvf3dX0qCVeCD0lxqZUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwY2Q1NzQyODRhNjAxOGU1YjAzNjM1ZTlhNWQ2NThmZGY1
NzM0ZjAwHhcNMjYwMzI5MDkwMDQ4WhcNMjYwMzMwMDkwMDQ4WjAzMTEwLwYDVQQD
EyhkZDA0ZjU0NTZmOGQ5N2Y2MDI3ODE2YzQ4ODdiMGM0MzAxMzBhMjEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv6i/kjgq29UebJu256EdJG21hwtI
RcnLvsjSswPA0DcSdOAQ27Q4fd3rh/yfVNSpUU25Tzc5gC2VHVomioyXn6MCTpEf
/AkBvuk9uUqORZGSPYrn5WyXuxPcQ4X68oEmu8fdZ6zpvfsuGfbxNeor5NMc6JPY
X/nkgz0CKLaC8MCdmV6F80PPVfnu6RLNejJASlgzQ1lPGrXA1bFyDU3hPdGaWWui
S/RF7o9n4SX29MB6EqiWgRZMqO5O2WN/xvjQcZHjRIkaRxJYk4V/2uXNfuPMq8em
1QPEBrUyQtEFmepe3ffvOn4hSr7vA6moP3RTflNfukWow7qitJsH+nJF7wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN0E9UVvjZf2AngWxIh7DEMBMKIQMB8GA1UdIwQY
MBaAFCDNV0KEpgGOWwNjXppdZY/fVzTwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSU0xWFFvU21BWTViQTJOZW1sMWxqOTlYTlBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy9jMjE2Y2EtYWE5ZC00ZDIxLTg0MWUt
NDliNTY4N2ZlZTZkLzEvSU0xWFFvU21BWTViQTJOZW1sMWxqOTlYTlBBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy9jMjE2Y2EtYWE5ZC00ZDIxLTg0MWUtNDliNTY4N2ZlZTZk
LzEvSU0xWFFvU21BWTViQTJOZW1sMWxqOTlYTlBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbczmZxiB
q2J2EMk8Frp1FgLgXiPr3N6KBDHGuv5dLBdwKUf+UQon82sjB1yAse5VR/HpJJ7I
UqLWhOAE9auoPvELqHhQWTUlCL9V01U25hh5uBZzfIkfkdR/A+DsNDy0dyqxM/AQ
L8j7+YNHysrf8pqcXn0+UAC9XmbCjyqpnJ9rYi85clENJwoXe1oQDY8G/5brukVq
+brLy4VpuGCwVs753sJqgsPlq40mUFwgbuiVL/bZMWJBjQ9BZb7FyqKZVGdCEUI7
zZoWZ/LAZFAXMti0cV1pCidtyHtHhKAT+ItuUfPZmIj+eX/PENGEhh6GvyV1Y3gU
7oUMXhQzKvuBwg==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:26:51 2026 by rpki-client