Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/2240a9-54d5-4b82-8731-53090b3baa81/1/iqrwV67ry_cGh34qqnSjljgL4hU.mft
File: iqrwV67ry_cGh34qqnSjljgL4hU.mft (raw, json)
Hash identifier: CZXiF5mWFtTvDFHCtdCXvqzzv9I1/U5GQ1+ZKP2DN3w=
Subject key identifier: D0:6E:0F:9F:A6:15:00:C5:CF:14:A1:C1:00:85:96:53:54:E5:16:DC
Authority key identifier: 8A:AA:F0:57:AE:EB:CB:F7:06:87:7E:2A:AA:74:A3:96:38:0B:E2:15
Certificate issuer: /CN=8aaaf057aeebcbf706877e2aaa74a396380be215
Certificate serial: 019D390989BE1E4F50BF0B74083FA663C9DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iqrwV67ry_cGh34qqnSjljgL4hU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/2240a9-54d5-4b82-8731-53090b3baa81/1/iqrwV67ry_cGh34qqnSjljgL4hU.mft
Manifest number: 0621
Signing time: Sun 29 Mar 2026 10:00:19 +0000
Manifest this update: Sun 29 Mar 2026 10:00:19 +0000
Manifest next update: Mon 30 Mar 2026 10:00:19 +0000
Files and hashes: 1: iqrwV67ry_cGh34qqnSjljgL4hU.crl (hash: yYHM6RrihrBpwe+V4yOsz+mqv/0YquV0e/Q9ddDmHFg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/54/2240a9-54d5-4b82-8731-53090b3baa81/1/iqrwV67ry_cGh34qqnSjljgL4hU.crl
rsync://rpki.ripe.net/repository/DEFAULT/54/2240a9-54d5-4b82-8731-53090b3baa81/1/iqrwV67ry_cGh34qqnSjljgL4hU.mft
rsync://rpki.ripe.net/repository/DEFAULT/iqrwV67ry_cGh34qqnSjljgL4hU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:09:89:be:1e:4f:50:bf:0b:74:08:3f:a6:63:c9:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8aaaf057aeebcbf706877e2aaa74a396380be215
Validity
Not Before: Mar 29 10:00:19 2026 GMT
Not After : Mar 30 10:00:19 2026 GMT
Subject: CN=d06e0f9fa61500c5cf14a1c10085965354e516dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:57:68:25:60:7a:a2:52:2a:2e:2a:f9:b1:b4:
11:c6:19:9e:e1:e7:e7:bc:d8:f6:86:e0:8b:77:57:
2f:6b:3e:a7:52:63:d0:42:d9:7b:d6:1f:13:e4:48:
d3:e0:89:a2:43:ae:42:14:2d:8e:d1:03:67:bf:e6:
9b:c6:df:eb:a5:07:91:50:a7:f8:b3:36:44:f1:20:
1c:32:21:47:0a:c3:ea:d5:ba:a6:fa:88:50:b2:2f:
e4:63:0e:d8:d0:ef:92:2b:ac:bb:4b:67:d5:86:ce:
17:0b:0c:2f:c7:b4:1e:6c:b3:3f:0b:11:a4:47:42:
6a:67:2e:8e:c6:f5:a6:a8:a7:bf:95:64:2f:71:5a:
90:ff:fd:76:01:8c:96:e2:2c:5a:55:28:d6:89:07:
22:dd:b7:24:e3:ef:11:89:70:c1:fd:23:41:89:ee:
a5:7b:e8:c5:72:b4:01:bc:35:c9:66:a8:dd:8f:cb:
cf:c0:27:94:45:57:66:d4:55:d6:e3:af:fa:8e:5d:
dd:94:eb:6f:67:47:bc:5b:b1:50:e4:a7:4a:7e:52:
83:27:51:78:5d:76:a1:15:61:4b:a5:56:c4:5f:c5:
7d:60:8d:96:1e:c4:32:30:b3:f0:67:39:5a:b2:f9:
36:db:0d:f1:f5:49:1b:43:c4:c2:0a:e2:6f:b9:d3:
ce:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:6E:0F:9F:A6:15:00:C5:CF:14:A1:C1:00:85:96:53:54:E5:16:DC
X509v3 Authority Key Identifier:
keyid:8A:AA:F0:57:AE:EB:CB:F7:06:87:7E:2A:AA:74:A3:96:38:0B:E2:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iqrwV67ry_cGh34qqnSjljgL4hU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/2240a9-54d5-4b82-8731-53090b3baa81/1/iqrwV67ry_cGh34qqnSjljgL4hU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/2240a9-54d5-4b82-8731-53090b3baa81/1/iqrwV67ry_cGh34qqnSjljgL4hU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
90:a7:3d:e6:32:c4:2d:3b:25:7d:db:d5:0a:8d:33:38:5f:32:
cf:8b:2a:1e:57:9e:32:bb:8e:7b:be:21:a8:3d:81:61:1a:83:
44:c0:05:36:f5:96:18:97:70:0d:4c:35:22:be:34:fb:a9:9a:
de:87:e2:a8:1a:8d:1b:be:89:5d:86:27:ec:e1:c7:55:0e:73:
a8:4d:2b:82:60:ed:68:fd:22:06:6d:80:b6:72:43:5c:4a:74:
3e:28:c3:a0:01:02:2e:65:fd:28:09:ca:57:d4:aa:f8:6f:d1:
02:f2:db:3f:b4:6e:49:19:46:46:23:3e:c7:5e:b6:89:64:af:
ad:79:9b:b5:01:ae:45:34:92:55:33:c6:32:99:f1:fa:69:e8:
49:21:4d:06:d3:f9:c3:5e:7d:f3:29:ee:ce:29:73:ba:ea:0f:
1e:52:45:a7:06:22:4f:db:2d:1e:18:ea:52:eb:0e:c3:14:a4:
94:5f:ae:b3:d8:47:ad:39:d8:14:d0:3c:91:3a:8f:35:90:e6:
61:db:2b:a7:ca:88:4f:56:f1:ca:4a:a5:05:f1:06:42:47:56:
0a:90:2c:d0:f9:3a:c1:16:3c:ff:26:65:33:0b:da:5f:ab:5b:
96:d9:89:dc:ae:85:e2:ed:bb:85:f1:8e:75:b3:03:d4:1a:cd:
5c:f5:5a:3f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05CYm+Hk9Qvwt0CD+mY8ncMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhYWFmMDU3YWVlYmNiZjcwNjg3N2UyYWFhNzRhMzk2Mzgw
YmUyMTUwHhcNMjYwMzI5MTAwMDE5WhcNMjYwMzMwMTAwMDE5WjAzMTEwLwYDVQQD
EyhkMDZlMGY5ZmE2MTUwMGM1Y2YxNGExYzEwMDg1OTY1MzU0ZTUxNmRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2VdoJWB6olIqLir5sbQRxhme4efn
vNj2huCLd1cvaz6nUmPQQtl71h8T5EjT4ImiQ65CFC2O0QNnv+abxt/rpQeRUKf4
szZE8SAcMiFHCsPq1bqm+ohQsi/kYw7Y0O+SK6y7S2fVhs4XCwwvx7QebLM/CxGk
R0JqZy6OxvWmqKe/lWQvcVqQ//12AYyW4ixaVSjWiQci3bck4+8RiXDB/SNBie6l
e+jFcrQBvDXJZqjdj8vPwCeURVdm1FXW46/6jl3dlOtvZ0e8W7FQ5KdKflKDJ1F4
XXahFWFLpVbEX8V9YI2WHsQyMLPwZzlasvk22w3x9UkbQ8TCCuJvudPOtQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNBuD5+mFQDFzxShwQCFllNU5RbcMB8GA1UdIwQY
MBaAFIqq8Feu68v3Bod+Kqp0o5Y4C+IVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXFyd1Y2N3J5X2NHaDM0cXFuU2psamdMNGhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC8yMjQwYTktNTRkNS00YjgyLTg3MzEt
NTMwOTBiM2JhYTgxLzEvaXFyd1Y2N3J5X2NHaDM0cXFuU2psamdMNGhVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC8yMjQwYTktNTRkNS00YjgyLTg3MzEtNTMwOTBiM2JhYTgx
LzEvaXFyd1Y2N3J5X2NHaDM0cXFuU2psamdMNGhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkKc95jLE
LTslfdvVCo0zOF8yz4sqHleeMruOe74hqD2BYRqDRMAFNvWWGJdwDUw1Ir40+6ma
3ofiqBqNG76JXYYn7OHHVQ5zqE0rgmDtaP0iBm2AtnJDXEp0PijDoAECLmX9KAnK
V9Sq+G/RAvLbP7RuSRlGRiM+x162iWSvrXmbtQGuRTSSVTPGMpnx+mnoSSFNBtP5
w1598ynuzilzuuoPHlJFpwYiT9stHhjqUusOwxSklF+us9hHrTnYFNA8kTqPNZDm
Ydsrp8qIT1bxykqlBfEGQkdWCpAs0Pk6wRY8/yZlMwvaX6tbltmJ3K6F4u27hfGO
dbMD1BrNXPVaPw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:39:50 2026 by rpki-client