Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/cfc0d1-d095-4b1b-9b5d-3985299fad6d/1/IO7gXaGD3uK4EYFBlWRiySQNeHY.mft
File: IO7gXaGD3uK4EYFBlWRiySQNeHY.mft (raw, json)
Hash identifier: W1dbinxtPqvzAdGuCEQurLKVyAT09cjPgJCURwNaaqU=
Subject key identifier: A4:3E:AA:ED:AE:62:B5:CA:3E:03:B4:76:39:2C:A7:6E:25:2A:A0:F0
Authority key identifier: 20:EE:E0:5D:A1:83:DE:E2:B8:11:81:41:95:64:62:C9:24:0D:78:76
Certificate issuer: /CN=20eee05da183dee2b8118141956462c9240d7876
Certificate serial: 019D386607E8E99B274708968DFED8875762
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IO7gXaGD3uK4EYFBlWRiySQNeHY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/cfc0d1-d095-4b1b-9b5d-3985299fad6d/1/IO7gXaGD3uK4EYFBlWRiySQNeHY.mft
Manifest number: 169A
Signing time: Sun 29 Mar 2026 07:01:43 +0000
Manifest this update: Sun 29 Mar 2026 07:01:43 +0000
Manifest next update: Mon 30 Mar 2026 07:01:43 +0000
Files and hashes: 1: IO7gXaGD3uK4EYFBlWRiySQNeHY.crl (hash: V1DY/tkHJTvqnyx90vlqeMUps9uA3oz9Sqbxi4V1ImI=)
2: WX9t0xmXDR4uM2A7AQHLj3QPI_4.roa (hash: juszrqxHpM/25SYd4SpIiGanqn2fYHKuBqSkrqz21Rw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/cfc0d1-d095-4b1b-9b5d-3985299fad6d/1/IO7gXaGD3uK4EYFBlWRiySQNeHY.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/cfc0d1-d095-4b1b-9b5d-3985299fad6d/1/IO7gXaGD3uK4EYFBlWRiySQNeHY.mft
rsync://rpki.ripe.net/repository/DEFAULT/IO7gXaGD3uK4EYFBlWRiySQNeHY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:66:07:e8:e9:9b:27:47:08:96:8d:fe:d8:87:57:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20eee05da183dee2b8118141956462c9240d7876
Validity
Not Before: Mar 29 07:01:43 2026 GMT
Not After : Mar 30 07:01:43 2026 GMT
Subject: CN=a43eaaedae62b5ca3e03b476392ca76e252aa0f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:fe:6c:d6:31:58:82:2b:06:d9:9f:82:ad:cf:
50:25:b3:61:3e:3c:ff:71:c5:1b:d7:72:07:e7:d8:
8e:a0:df:29:8a:42:b3:6b:d4:ec:77:7b:e0:91:5c:
7e:d4:de:62:19:27:7c:61:62:e0:91:92:74:02:26:
d5:9c:1b:52:de:7d:f5:d5:74:85:c4:5b:c3:67:f7:
1a:d3:e1:7a:f3:b9:6e:6d:92:19:eb:ff:d1:83:f0:
f8:c7:01:6a:c4:ae:40:87:d2:d8:43:63:63:a3:92:
b9:c0:2c:41:9f:f1:d3:49:d8:3b:c9:79:49:a7:37:
52:83:e9:70:06:6f:54:8f:1f:2b:59:b6:c9:07:5c:
ec:1e:9d:78:cc:94:b4:ba:1f:f9:4c:09:e8:eb:71:
e1:7c:5c:58:eb:64:11:32:5e:2b:55:0f:b5:8f:08:
e2:86:37:c0:7e:d0:51:da:f5:ab:69:70:be:52:81:
44:7a:62:c6:d1:c6:76:5f:64:f1:ab:0f:3e:d6:ea:
96:e1:e5:e4:aa:e2:b6:a3:31:5f:80:16:14:55:b3:
7e:c5:db:56:5d:57:81:0e:35:8a:79:02:66:56:64:
24:ae:82:0f:1e:dd:44:77:55:94:77:39:a9:55:42:
31:07:ae:07:a2:33:3b:fa:31:8a:41:42:d5:4d:ae:
9a:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:3E:AA:ED:AE:62:B5:CA:3E:03:B4:76:39:2C:A7:6E:25:2A:A0:F0
X509v3 Authority Key Identifier:
keyid:20:EE:E0:5D:A1:83:DE:E2:B8:11:81:41:95:64:62:C9:24:0D:78:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IO7gXaGD3uK4EYFBlWRiySQNeHY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/cfc0d1-d095-4b1b-9b5d-3985299fad6d/1/IO7gXaGD3uK4EYFBlWRiySQNeHY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/cfc0d1-d095-4b1b-9b5d-3985299fad6d/1/IO7gXaGD3uK4EYFBlWRiySQNeHY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
44:84:ea:75:ce:a9:ac:16:f9:79:db:b3:d6:d3:c3:07:ec:1e:
74:b9:41:3c:1f:18:6a:f1:4e:43:5f:81:0f:57:7b:fa:02:fc:
aa:f4:08:30:34:92:27:f5:c3:da:fd:28:c0:70:d9:84:b1:26:
bd:c7:35:47:3e:89:d0:b4:34:ca:53:ae:24:5a:c5:e7:5a:0a:
4e:a8:f7:52:16:7a:fd:da:c5:c9:f4:07:0f:aa:e1:e3:15:e3:
f7:82:0e:25:5e:c9:3d:90:5b:4a:fb:8b:7f:db:91:f5:23:f9:
a3:d2:8c:eb:31:dc:35:d4:42:5e:e9:21:f5:fe:38:89:19:f6:
06:53:1b:a1:3f:4b:7c:18:62:e5:34:25:ad:d8:fb:29:5f:8e:
f8:2e:b4:e0:92:4b:24:4b:02:6c:a8:3c:e4:8a:10:47:b8:d2:
fa:3e:58:a0:d6:1f:c0:1f:85:e0:d0:27:4b:5a:47:b2:8f:9c:
ed:6d:a0:29:3e:fc:04:85:7f:ee:20:bc:8a:99:24:c1:67:45:
d4:15:7c:53:ef:56:25:05:ba:3b:1a:8a:8c:c4:a1:f4:10:ab:
3f:10:1f:4f:cb:9b:ea:0f:9e:9a:00:df:6e:66:40:1e:af:56:
6f:ac:ff:36:38:1d:9d:4b:04:33:e8:cb:d3:2b:6c:6c:74:c9:
f0:60:55:d5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04Zgfo6ZsnRwiWjf7Yh1diMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwZWVlMDVkYTE4M2RlZTJiODExODE0MTk1NjQ2MmM5MjQw
ZDc4NzYwHhcNMjYwMzI5MDcwMTQzWhcNMjYwMzMwMDcwMTQzWjAzMTEwLwYDVQQD
EyhhNDNlYWFlZGFlNjJiNWNhM2UwM2I0NzYzOTJjYTc2ZTI1MmFhMGYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxf5s1jFYgisG2Z+Crc9QJbNhPjz/
ccUb13IH59iOoN8pikKza9Tsd3vgkVx+1N5iGSd8YWLgkZJ0AibVnBtS3n311XSF
xFvDZ/ca0+F687lubZIZ6//Rg/D4xwFqxK5Ah9LYQ2Njo5K5wCxBn/HTSdg7yXlJ
pzdSg+lwBm9Ujx8rWbbJB1zsHp14zJS0uh/5TAno63HhfFxY62QRMl4rVQ+1jwji
hjfAftBR2vWraXC+UoFEemLG0cZ2X2Txqw8+1uqW4eXkquK2ozFfgBYUVbN+xdtW
XVeBDjWKeQJmVmQkroIPHt1Ed1WUdzmpVUIxB64HojM7+jGKQULVTa6aKQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKQ+qu2uYrXKPgO0djksp24lKqDwMB8GA1UdIwQY
MBaAFCDu4F2hg97iuBGBQZVkYskkDXh2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSU83Z1hhR0QzdUs0RVlGQmxXUml5U1FOZUhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS9jZmMwZDEtZDA5NS00YjFiLTliNWQt
Mzk4NTI5OWZhZDZkLzEvSU83Z1hhR0QzdUs0RVlGQmxXUml5U1FOZUhZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS9jZmMwZDEtZDA5NS00YjFiLTliNWQtMzk4NTI5OWZhZDZk
LzEvSU83Z1hhR0QzdUs0RVlGQmxXUml5U1FOZUhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARITqdc6p
rBb5eduz1tPDB+wedLlBPB8YavFOQ1+BD1d7+gL8qvQIMDSSJ/XD2v0owHDZhLEm
vcc1Rz6J0LQ0ylOuJFrF51oKTqj3UhZ6/drFyfQHD6rh4xXj94IOJV7JPZBbSvuL
f9uR9SP5o9KM6zHcNdRCXukh9f44iRn2BlMboT9LfBhi5TQlrdj7KV+O+C604JJL
JEsCbKg85IoQR7jS+j5YoNYfwB+F4NAnS1pHso+c7W2gKT78BIV/7iC8ipkkwWdF
1BV8U+9WJQW6OxqKjMSh9BCrPxAfT8ub6g+emgDfbmZAHq9Wb6z/NjgdnUsEM+jL
0ytsbHTJ8GBV1Q==
-----END CERTIFICATE-----
Generated at Sun Mar 29 14:55:09 2026 by rpki-client