Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/559e8c-3825-493d-a8c7-fb893e3908d2/1/iydIPcFsMY5a__gyKTDIF_0ZLJE.mft
File: iydIPcFsMY5a__gyKTDIF_0ZLJE.mft (raw, json)
Hash identifier: onIpKyDeM/+cILd7PQSIclVGmhR2VfSfJtZGIpltoWk=
Subject key identifier: 16:9E:1E:35:FD:84:7E:3C:63:FE:D5:92:C3:89:42:E4:1E:AD:E8:4F
Authority key identifier: 8B:27:48:3D:C1:6C:31:8E:5A:FF:F8:32:29:30:C8:17:FD:19:2C:91
Certificate issuer: /CN=8b27483dc16c318e5afff8322930c817fd192c91
Certificate serial: 019D3977B2E0F0A048FEE7FBD049B4B0E3AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iydIPcFsMY5a__gyKTDIF_0ZLJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/559e8c-3825-493d-a8c7-fb893e3908d2/1/iydIPcFsMY5a__gyKTDIF_0ZLJE.mft
Manifest number: 0BF0
Signing time: Sun 29 Mar 2026 12:00:38 +0000
Manifest this update: Sun 29 Mar 2026 12:00:38 +0000
Manifest next update: Mon 30 Mar 2026 12:00:38 +0000
Files and hashes: 1: 1-oQkBgC1KtD4YbEgIZgWwDGwMZI.roa (hash: dv8y3sb289eQlJ2it24+CyBcLvJoFUqHwqUDVlJyHUA=)
2: iydIPcFsMY5a__gyKTDIF_0ZLJE.crl (hash: PY1LqqJKE7A002GIjvmGDzdkf8X//weREeww0C1s7Ms=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3d/559e8c-3825-493d-a8c7-fb893e3908d2/1/iydIPcFsMY5a__gyKTDIF_0ZLJE.crl
rsync://rpki.ripe.net/repository/DEFAULT/3d/559e8c-3825-493d-a8c7-fb893e3908d2/1/iydIPcFsMY5a__gyKTDIF_0ZLJE.mft
rsync://rpki.ripe.net/repository/DEFAULT/iydIPcFsMY5a__gyKTDIF_0ZLJE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 12:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:77:b2:e0:f0:a0:48:fe:e7:fb:d0:49:b4:b0:e3:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b27483dc16c318e5afff8322930c817fd192c91
Validity
Not Before: Mar 29 12:00:38 2026 GMT
Not After : Mar 30 12:00:38 2026 GMT
Subject: CN=169e1e35fd847e3c63fed592c38942e41eade84f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:9f:d8:7c:c2:6a:0d:74:37:85:f1:f0:c8:55:
e1:69:18:b4:06:4b:8d:32:4b:76:ec:6c:66:28:59:
15:cd:6d:fe:44:9c:e5:7f:0d:b2:c5:9d:ca:c1:ca:
49:ef:ee:50:ba:91:3f:66:2b:7b:50:67:06:ba:ea:
40:dc:96:e5:ee:9d:75:6a:99:71:71:cc:7d:14:3e:
f6:61:9c:e2:13:f7:37:52:6a:ad:07:3f:ea:d9:34:
40:52:2e:5e:7a:0a:b3:69:ab:b5:b5:86:88:82:3a:
b4:c0:a1:84:35:f7:be:2a:a8:4f:b4:e7:73:46:2c:
73:f9:81:46:4a:16:ef:3d:dc:0e:17:45:45:c2:a6:
a6:77:e6:3e:c6:ab:fa:4a:98:0d:07:e7:2b:a0:26:
13:9b:b8:19:d9:5b:23:bf:a9:20:8d:51:86:03:14:
91:2a:1a:af:e0:41:1e:a6:9e:f4:b5:5b:9f:c1:da:
f0:b0:9f:18:25:26:ca:58:7e:5b:92:b9:3f:ec:83:
93:4d:d6:ca:d3:5f:f2:11:e5:b9:0c:b4:c0:f7:88:
1d:0a:a8:a0:e6:da:63:98:19:e7:8a:0c:17:5e:cb:
63:b9:e3:32:a2:f9:73:9f:3b:c9:17:79:f8:58:6d:
de:b8:a2:79:28:7d:b9:83:10:5e:6b:d0:7a:89:35:
46:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:9E:1E:35:FD:84:7E:3C:63:FE:D5:92:C3:89:42:E4:1E:AD:E8:4F
X509v3 Authority Key Identifier:
keyid:8B:27:48:3D:C1:6C:31:8E:5A:FF:F8:32:29:30:C8:17:FD:19:2C:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iydIPcFsMY5a__gyKTDIF_0ZLJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/559e8c-3825-493d-a8c7-fb893e3908d2/1/iydIPcFsMY5a__gyKTDIF_0ZLJE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/559e8c-3825-493d-a8c7-fb893e3908d2/1/iydIPcFsMY5a__gyKTDIF_0ZLJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
75:5c:6b:aa:f9:9b:cf:f2:41:3b:91:de:9b:6f:36:79:ce:e3:
19:80:5d:43:01:98:2c:96:08:c9:c9:d6:2f:bd:54:77:26:cb:
73:b6:14:a4:5c:02:0f:b4:55:04:bc:9b:6a:6f:05:07:c7:25:
4e:b9:11:67:98:2f:7e:f7:9b:d8:b7:d7:d9:0b:21:86:fb:fe:
6b:78:d8:45:9e:4b:f2:68:3c:50:d1:1f:5c:4e:cd:5b:f2:a6:
12:ec:d5:6a:c8:5a:e0:a2:52:1a:72:cb:e7:d9:bf:3e:db:79:
e7:0d:3e:6f:a6:da:4f:03:37:89:f5:1f:aa:b9:a9:ce:72:32:
00:c8:8c:b7:6c:d1:b2:e0:a6:c0:1b:ab:25:0f:30:62:d3:39:
a5:4a:8b:c0:88:07:22:b0:81:35:fd:a8:4e:c7:bc:7e:74:cf:
96:2c:67:42:f7:05:8f:85:e1:1d:ad:c3:a8:2f:d5:89:bd:72:
32:a3:e1:f2:cd:a8:b0:40:e1:bf:e5:48:0d:42:df:3a:73:04:
c9:b9:e9:17:fd:e6:2c:60:99:8a:6f:5e:83:5e:a1:f7:95:14:
47:a4:59:98:85:ab:31:bf:c2:f2:87:4b:bf:2c:c6:a7:f4:12:
f4:30:11:64:7f:8f:a7:4a:d8:65:53:f7:43:0c:9d:6c:7c:c4:
73:9d:2c:ec
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05d7Lg8KBI/uf70Em0sOOtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiMjc0ODNkYzE2YzMxOGU1YWZmZjgzMjI5MzBjODE3ZmQx
OTJjOTEwHhcNMjYwMzI5MTIwMDM4WhcNMjYwMzMwMTIwMDM4WjAzMTEwLwYDVQQD
EygxNjllMWUzNWZkODQ3ZTNjNjNmZWQ1OTJjMzg5NDJlNDFlYWRlODRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvp/YfMJqDXQ3hfHwyFXhaRi0BkuN
Mkt27GxmKFkVzW3+RJzlfw2yxZ3KwcpJ7+5QupE/Zit7UGcGuupA3Jbl7p11aplx
ccx9FD72YZziE/c3UmqtBz/q2TRAUi5eegqzaau1tYaIgjq0wKGENfe+KqhPtOdz
Rixz+YFGShbvPdwOF0VFwqamd+Y+xqv6SpgNB+croCYTm7gZ2Vsjv6kgjVGGAxSR
Khqv4EEepp70tVufwdrwsJ8YJSbKWH5bkrk/7IOTTdbK01/yEeW5DLTA94gdCqig
5tpjmBnnigwXXstjueMyovlznzvJF3n4WG3euKJ5KH25gxBea9B6iTVGuwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBaeHjX9hH48Y/7VksOJQuQerehPMB8GA1UdIwQY
MBaAFIsnSD3BbDGOWv/4MikwyBf9GSyRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXlkSVBjRnNNWTVhX19neUtURElGXzBaTEpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC81NTllOGMtMzgyNS00OTNkLWE4Yzct
ZmI4OTNlMzkwOGQyLzEvaXlkSVBjRnNNWTVhX19neUtURElGXzBaTEpFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC81NTllOGMtMzgyNS00OTNkLWE4YzctZmI4OTNlMzkwOGQy
LzEvaXlkSVBjRnNNWTVhX19neUtURElGXzBaTEpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdVxrqvmb
z/JBO5Hem282ec7jGYBdQwGYLJYIycnWL71UdybLc7YUpFwCD7RVBLybam8FB8cl
TrkRZ5gvfveb2LfX2Qshhvv+a3jYRZ5L8mg8UNEfXE7NW/KmEuzVasha4KJSGnLL
59m/Ptt55w0+b6baTwM3ifUfqrmpznIyAMiMt2zRsuCmwBurJQ8wYtM5pUqLwIgH
IrCBNf2oTse8fnTPlixnQvcFj4XhHa3DqC/Vib1yMqPh8s2osEDhv+VIDULfOnME
ybnpF/3mLGCZim9eg16h95UUR6RZmIWrMb/C8odLvyzGp/QS9DARZH+Pp0rYZVP3
QwydbHzEc50s7A==
-----END CERTIFICATE-----
Generated at Sun Mar 29 20:25:46 2026 by rpki-client