Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/bfb542-4f67-46c5-9710-694252f029f1/1/1-ItEPpksZlZYlC5okNKY1ozeZCU.mft
File: 1-ItEPpksZlZYlC5okNKY1ozeZCU.mft (raw, json)
Hash identifier: jH10taNBRg/ApwNBIfFj1QGbOWAUWRAC8qH1s2s4TNM=
Subject key identifier: DF:80:01:44:AC:29:63:58:F6:1D:52:E3:B2:BF:60:6F:98:14:37:0D
Authority key identifier: F8:8B:44:3E:99:2C:66:56:58:94:2E:68:90:D2:98:D6:8C:DE:64:25
Certificate issuer: /CN=f88b443e992c665658942e6890d298d68cde6425
Certificate serial: 019F111C841233BCA85CDA7620C32DA2348F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-ItEPpksZlZYlC5okNKY1ozeZCU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/bfb542-4f67-46c5-9710-694252f029f1/1/1-ItEPpksZlZYlC5okNKY1ozeZCU.mft
Manifest number: 0131
Signing time: Mon 29 Jun 2026 02:01:48 +0000
Manifest this update: Mon 29 Jun 2026 02:01:48 +0000
Manifest next update: Tue 30 Jun 2026 02:01:48 +0000
Files and hashes: 1: 1-ItEPpksZlZYlC5okNKY1ozeZCU.crl (hash: fqYfHFaf5j3MwvpFUnvKjXsLbP0c82MGU7SWbigv1TM=)
2: 560UvqVud9DEuhQPr1x60Rz_4no.asa (hash: R22iZnCp/y6i8IZet00/Fkh5m7KFKy8c2ikVMY1ramc=)
3: Kf9QvVgVrtl0XM8frEpJ_fd4yfM.roa (hash: fg4f8lm5urIblTtWM6P0oF5ZkLFnBYAOFc4g9paZJZw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/bfb542-4f67-46c5-9710-694252f029f1/1/1-ItEPpksZlZYlC5okNKY1ozeZCU.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/bfb542-4f67-46c5-9710-694252f029f1/1/1-ItEPpksZlZYlC5okNKY1ozeZCU.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-ItEPpksZlZYlC5okNKY1ozeZCU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 30 Jun 2026 02:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9f:11:1c:84:12:33:bc:a8:5c:da:76:20:c3:2d:a2:34:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f88b443e992c665658942e6890d298d68cde6425
Validity
Not Before: Jun 29 02:01:48 2026 GMT
Not After : Jun 30 02:01:48 2026 GMT
Subject: CN=df800144ac296358f61d52e3b2bf606f9814370d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:62:1a:25:e4:ec:b6:8f:aa:0e:72:b7:f5:b0:
51:3d:f6:06:1e:33:dc:1e:d9:1b:16:50:68:f6:a1:
fb:29:2f:19:b3:78:ae:d2:90:51:5c:75:f1:1f:da:
c7:5d:35:9f:84:f7:7e:fd:ea:bf:99:9d:2d:46:2f:
9a:ca:59:8c:85:e3:2e:64:02:da:30:c8:6b:2f:9c:
df:ce:d2:be:6b:50:ad:d7:91:f8:c2:84:cb:84:32:
7b:a3:41:23:37:a0:14:d9:59:3b:2a:ea:32:65:80:
f2:2a:90:55:29:78:e6:66:fd:2b:fd:46:8f:f7:3f:
50:c4:78:4e:0c:ae:f1:fc:94:61:26:82:a9:f0:47:
05:b9:a8:d0:af:4a:1e:2f:78:92:3f:7a:5e:10:64:
47:07:86:fa:18:4c:7f:dc:ee:50:a6:0c:68:4c:98:
62:3c:42:0a:dc:ca:f4:bb:30:3e:e8:21:73:bc:b4:
ec:a6:11:ba:dc:7b:50:72:1c:03:77:71:d1:33:0b:
5b:4c:da:dd:7e:90:f0:66:66:bf:e2:2c:4c:f9:d7:
cd:af:55:06:5c:e4:57:04:d4:7f:c9:20:81:d6:62:
f1:54:ed:d5:14:e1:34:6b:f2:ea:91:b5:ef:ed:21:
30:40:1a:53:25:ab:93:ad:45:4e:8f:b8:17:db:97:
0a:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:80:01:44:AC:29:63:58:F6:1D:52:E3:B2:BF:60:6F:98:14:37:0D
X509v3 Authority Key Identifier:
keyid:F8:8B:44:3E:99:2C:66:56:58:94:2E:68:90:D2:98:D6:8C:DE:64:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-ItEPpksZlZYlC5okNKY1ozeZCU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/bfb542-4f67-46c5-9710-694252f029f1/1/1-ItEPpksZlZYlC5okNKY1ozeZCU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/bfb542-4f67-46c5-9710-694252f029f1/1/1-ItEPpksZlZYlC5okNKY1ozeZCU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
17:ad:cf:a9:3b:f2:a3:6e:32:d4:a1:c3:e7:20:41:6f:8f:44:
1e:9d:e2:99:1a:27:04:7d:b2:77:d7:2d:ce:89:ac:1e:7a:97:
71:8b:aa:2f:ae:0d:24:31:94:d0:99:ee:7e:d1:ab:3c:1b:ff:
18:71:88:d1:9d:75:14:36:e7:7b:2d:48:21:15:f5:e0:b1:78:
0e:4c:06:18:87:a4:f6:e4:b6:62:cf:c4:7b:39:ee:85:0d:27:
55:d6:2c:8b:b2:c0:4b:9f:96:fa:bf:5f:ae:22:b4:75:c3:bc:
89:1e:06:09:58:fd:20:4c:a2:c1:64:fd:0e:c8:0d:86:e4:b5:
21:11:d6:a5:4e:91:18:5e:48:8c:90:18:b5:cf:4c:75:80:c9:
ee:7f:f7:65:57:be:a1:a8:02:31:c7:27:70:b5:5d:b7:be:c5:
40:c0:f5:5d:e9:97:0e:33:a6:ac:9f:a3:b5:15:e2:33:2b:1c:
11:28:d7:57:6b:e9:d6:34:80:9c:ca:c2:31:31:52:3b:53:2a:
c4:1e:ff:93:9d:b5:43:f6:c9:91:d8:c5:54:7a:92:ab:b9:ad:
33:8a:ff:47:f2:38:ad:ba:99:36:eb:80:1c:52:6d:d8:d6:31:
b3:63:07:28:23:c6:bc:09:db:4d:08:9f:52:1a:3b:f0:34:09:
53:64:c5:95
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZ8RHIQSM7yoXNp2IMMtojSPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4OGI0NDNlOTkyYzY2NTY1ODk0MmU2ODkwZDI5OGQ2OGNk
ZTY0MjUwHhcNMjYwNjI5MDIwMTQ4WhcNMjYwNjMwMDIwMTQ4WjAzMTEwLwYDVQQD
EyhkZjgwMDE0NGFjMjk2MzU4ZjYxZDUyZTNiMmJmNjA2Zjk4MTQzNzBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuGIaJeTsto+qDnK39bBRPfYGHjPc
HtkbFlBo9qH7KS8Zs3iu0pBRXHXxH9rHXTWfhPd+/eq/mZ0tRi+aylmMheMuZALa
MMhrL5zfztK+a1Ct15H4woTLhDJ7o0EjN6AU2Vk7KuoyZYDyKpBVKXjmZv0r/UaP
9z9QxHhODK7x/JRhJoKp8EcFuajQr0oeL3iSP3peEGRHB4b6GEx/3O5QpgxoTJhi
PEIK3Mr0uzA+6CFzvLTsphG63HtQchwDd3HRMwtbTNrdfpDwZma/4ixM+dfNr1UG
XORXBNR/ySCB1mLxVO3VFOE0a/LqkbXv7SEwQBpTJauTrUVOj7gX25cK5QIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFN+AAUSsKWNY9h1S47K/YG+YFDcNMB8GA1UdIwQY
MBaAFPiLRD6ZLGZWWJQuaJDSmNaM3mQlMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1JdEVQcGtzWmxaWWxDNW9rTktZMW96ZVpDVS5jZXIw
gY4GCCsGAQUFBwELBIGBMH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWIvYmZiNTQyLTRmNjctNDZjNS05NzEw
LTY5NDI1MmYwMjlmMS8xLzEtSXRFUHBrc1psWllsQzVva05LWTFvemVaQ1UubWZ0
MIGCBgNVHR8EezB5MHegdaBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3Np
dG9yeS9ERUZBVUxULzViL2JmYjU0Mi00ZjY3LTQ2YzUtOTcxMC02OTQyNTJmMDI5
ZjEvMS8xLUl0RVBwa3NabFpZbEM1b2tOS1kxb3plWkNVLmNybDAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgAC
BQAwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAF63P
qTvyo24y1KHD5yBBb49EHp3imRonBH2yd9ctzomsHnqXcYuqL64NJDGU0JnuftGr
PBv/GHGI0Z11FDbney1IIRX14LF4DkwGGIek9uS2Ys/EeznuhQ0nVdYsi7LAS5+W
+r9friK0dcO8iR4GCVj9IEyiwWT9DsgNhuS1IRHWpU6RGF5IjJAYtc9MdYDJ7n/3
ZVe+oagCMccncLVdt77FQMD1XemXDjOmrJ+jtRXiMyscESjXV2vp1jSAnMrCMTFS
O1MqxB7/k521Q/bJkdjFVHqSq7mtM4r/R/I4rbqZNuuAHFJt2NYxs2MHKCPGvAnb
TQifUho78DQJU2TFlQ==
-----END CERTIFICATE-----
Generated at Mon Jun 29 10:43:18 2026 by rpki-client