Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/33d226-7c43-4c83-94ad-218289d81c53/1/immKFPthpoevCmP3xlXAAfZwEoI.mft
File: immKFPthpoevCmP3xlXAAfZwEoI.mft (raw, json)
Hash identifier: EVmFtW38UEupmXOqTn8+sRmhDWhxBqpjO9aFY5NCLLQ=
Subject key identifier: 1B:A1:30:98:06:DC:FD:94:AC:16:0F:0E:83:9E:9A:2C:6A:42:59:77
Authority key identifier: 8A:69:8A:14:FB:61:A6:87:AF:0A:63:F7:C6:55:C0:01:F6:70:12:82
Certificate issuer: /CN=8a698a14fb61a687af0a63f7c655c001f6701282
Certificate serial: 019D39AF04FEC11ECEF727C091C3C106236B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/immKFPthpoevCmP3xlXAAfZwEoI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/33d226-7c43-4c83-94ad-218289d81c53/1/immKFPthpoevCmP3xlXAAfZwEoI.mft
Manifest number: 062A
Signing time: Sun 29 Mar 2026 13:01:04 +0000
Manifest this update: Sun 29 Mar 2026 13:01:04 +0000
Manifest next update: Mon 30 Mar 2026 13:01:04 +0000
Files and hashes: 1: HxmIn0AGzA-g9k-4bheqqTcmLgI.roa (hash: uHSpZAAfzcw7ixBYZphuiZW4nA4GJ515tOk36J46Jqw=)
2: immKFPthpoevCmP3xlXAAfZwEoI.crl (hash: s7BU6t/MYGxxD9VF1leV8bdiSnhB/eeJ02XqsfCeZjI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4e/33d226-7c43-4c83-94ad-218289d81c53/1/immKFPthpoevCmP3xlXAAfZwEoI.crl
rsync://rpki.ripe.net/repository/DEFAULT/4e/33d226-7c43-4c83-94ad-218289d81c53/1/immKFPthpoevCmP3xlXAAfZwEoI.mft
rsync://rpki.ripe.net/repository/DEFAULT/immKFPthpoevCmP3xlXAAfZwEoI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:af:04:fe:c1:1e:ce:f7:27:c0:91:c3:c1:06:23:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8a698a14fb61a687af0a63f7c655c001f6701282
Validity
Not Before: Mar 29 13:01:04 2026 GMT
Not After : Mar 30 13:01:04 2026 GMT
Subject: CN=1ba1309806dcfd94ac160f0e839e9a2c6a425977
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:13:30:2e:8d:46:33:e2:e2:7a:b9:82:2e:c8:
fa:03:44:e8:95:43:e0:cd:00:29:fc:51:4d:32:6d:
f2:48:5f:c1:70:96:4d:2e:11:ae:ea:5d:a1:3c:9e:
0d:07:20:98:8e:2f:c7:35:cc:4b:e9:e0:8d:05:cc:
22:c1:f7:ea:0e:ce:51:05:03:ca:20:87:e1:39:85:
f2:e2:e0:20:c7:3a:5e:3f:0d:d0:a2:ca:97:59:e4:
2d:6d:17:1c:25:37:9c:f7:a2:a3:38:1f:5c:4f:d9:
90:b0:eb:91:e0:c5:da:ed:fa:33:f1:2e:a6:45:5a:
fd:6c:2a:7f:af:cf:c1:ca:ae:57:05:68:bf:e0:5b:
71:c7:13:07:1c:00:5b:55:e8:79:7d:0f:35:b8:9c:
0c:8e:93:da:44:f7:be:73:d0:a8:69:e3:0d:ce:f8:
aa:cd:7c:5e:4b:e3:2b:fb:f6:ed:c9:63:47:87:26:
a7:61:a4:58:e0:be:81:5c:00:0f:e8:f7:cf:dd:0d:
fe:aa:f9:64:32:ed:9a:9f:1d:60:08:fe:43:65:78:
5a:60:bd:6c:52:30:90:0c:5b:76:4d:41:6a:63:75:
09:f9:f5:57:18:90:81:b8:aa:be:62:3d:1a:92:f6:
9f:63:c3:e2:59:31:bc:04:b3:e7:e0:8f:d3:44:c6:
61:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:A1:30:98:06:DC:FD:94:AC:16:0F:0E:83:9E:9A:2C:6A:42:59:77
X509v3 Authority Key Identifier:
keyid:8A:69:8A:14:FB:61:A6:87:AF:0A:63:F7:C6:55:C0:01:F6:70:12:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/immKFPthpoevCmP3xlXAAfZwEoI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/33d226-7c43-4c83-94ad-218289d81c53/1/immKFPthpoevCmP3xlXAAfZwEoI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/33d226-7c43-4c83-94ad-218289d81c53/1/immKFPthpoevCmP3xlXAAfZwEoI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0b:61:ff:85:6b:ee:ec:1d:fa:59:93:1d:f8:3d:f2:31:83:81:
fd:8f:17:45:d8:bd:b2:ca:90:5c:bc:3e:c6:61:a2:b7:24:0b:
8f:8e:37:0d:1e:f6:ed:f6:15:2c:52:5f:e0:2b:1a:9f:fe:3f:
2a:cb:69:22:9c:eb:26:90:ad:b2:f6:f5:3f:c7:f3:17:bb:14:
70:0b:ec:ad:21:c8:26:ab:1e:6a:65:85:5a:10:65:c7:8d:1f:
58:b3:66:57:df:43:18:1c:ba:f7:ac:18:d3:9b:e0:38:69:fb:
9c:ee:e7:4f:8c:d9:fa:b7:6a:a1:e5:5f:ce:b6:22:6d:72:f9:
b8:21:ce:c5:fe:93:5a:49:8c:0d:32:c7:2d:ab:87:73:02:fa:
b6:eb:da:9f:72:b6:c3:da:be:84:63:97:7f:f8:40:d6:52:14:
93:0e:16:b4:d3:89:86:cc:b0:f8:53:be:8b:da:94:f5:44:c3:
d9:28:aa:e1:81:04:e7:87:38:f1:15:c3:c6:13:b2:5f:16:ad:
cb:0d:c9:4e:9f:5e:56:71:18:4a:c6:f5:ba:83:1b:3a:b8:42:
37:9a:58:41:5f:10:d7:25:c5:64:5d:ee:e6:d5:23:cd:22:78:
ab:e2:ea:fc:17:60:7a:0f:c7:ac:40:a2:94:48:d5:90:ce:cd:
dd:11:95:b1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05rwT+wR7O9yfAkcPBBiNrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhNjk4YTE0ZmI2MWE2ODdhZjBhNjNmN2M2NTVjMDAxZjY3
MDEyODIwHhcNMjYwMzI5MTMwMTA0WhcNMjYwMzMwMTMwMTA0WjAzMTEwLwYDVQQD
EygxYmExMzA5ODA2ZGNmZDk0YWMxNjBmMGU4MzllOWEyYzZhNDI1OTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqhMwLo1GM+LiermCLsj6A0TolUPg
zQAp/FFNMm3ySF/BcJZNLhGu6l2hPJ4NByCYji/HNcxL6eCNBcwiwffqDs5RBQPK
IIfhOYXy4uAgxzpePw3QosqXWeQtbRccJTec96KjOB9cT9mQsOuR4MXa7foz8S6m
RVr9bCp/r8/Byq5XBWi/4FtxxxMHHABbVeh5fQ81uJwMjpPaRPe+c9CoaeMNzviq
zXxeS+Mr+/btyWNHhyanYaRY4L6BXAAP6PfP3Q3+qvlkMu2anx1gCP5DZXhaYL1s
UjCQDFt2TUFqY3UJ+fVXGJCBuKq+Yj0akvafY8PiWTG8BLPn4I/TRMZhAwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBuhMJgG3P2UrBYPDoOemixqQll3MB8GA1UdIwQY
MBaAFIppihT7YaaHrwpj98ZVwAH2cBKCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaW1tS0ZQdGhwb2V2Q21QM3hsWEFBZlp3RW9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS8zM2QyMjYtN2M0My00YzgzLTk0YWQt
MjE4Mjg5ZDgxYzUzLzEvaW1tS0ZQdGhwb2V2Q21QM3hsWEFBZlp3RW9JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS8zM2QyMjYtN2M0My00YzgzLTk0YWQtMjE4Mjg5ZDgxYzUz
LzEvaW1tS0ZQdGhwb2V2Q21QM3hsWEFBZlp3RW9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAC2H/hWvu
7B36WZMd+D3yMYOB/Y8XRdi9ssqQXLw+xmGityQLj443DR727fYVLFJf4Csan/4/
KstpIpzrJpCtsvb1P8fzF7sUcAvsrSHIJqseamWFWhBlx40fWLNmV99DGBy696wY
05vgOGn7nO7nT4zZ+rdqoeVfzrYibXL5uCHOxf6TWkmMDTLHLauHcwL6tuvan3K2
w9q+hGOXf/hA1lIUkw4WtNOJhsyw+FO+i9qU9UTD2Siq4YEE54c48RXDxhOyXxat
yw3JTp9eVnEYSsb1uoMbOrhCN5pYQV8Q1yXFZF3u5tUjzSJ4q+Lq/Bdgeg/HrECi
lEjVkM7N3RGVsQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 16:27:48 2026 by rpki-client