Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/18dd8b-a010-42ca-bc99-0f867d9ff58e/1/icKIUyrvyGlxuY1bTR2YGW2ey4U.mft
File: icKIUyrvyGlxuY1bTR2YGW2ey4U.mft (raw, json)
Hash identifier: 6z1bk4lmd65iGpRieByXskQv+6/Qtz16TSikIA2TeWE=
Subject key identifier: 31:D8:88:F5:72:0E:BE:F3:17:FE:E7:8F:5F:45:68:45:11:57:5C:6F
Authority key identifier: 89:C2:88:53:2A:EF:C8:69:71:B9:8D:5B:4D:1D:98:19:6D:9E:CB:85
Certificate issuer: /CN=89c288532aefc86971b98d5b4d1d98196d9ecb85
Certificate serial: 019D38657139E1B85F6C68FD014D870F7E6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/icKIUyrvyGlxuY1bTR2YGW2ey4U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/18dd8b-a010-42ca-bc99-0f867d9ff58e/1/icKIUyrvyGlxuY1bTR2YGW2ey4U.mft
Manifest number: 09FF
Signing time: Sun 29 Mar 2026 07:01:05 +0000
Manifest this update: Sun 29 Mar 2026 07:01:05 +0000
Manifest next update: Mon 30 Mar 2026 07:01:05 +0000
Files and hashes: 1: icKIUyrvyGlxuY1bTR2YGW2ey4U.crl (hash: C7i249XGMpg0M1xKRaabkk5GjUICvMjE50NwjRctQnE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/69/18dd8b-a010-42ca-bc99-0f867d9ff58e/1/icKIUyrvyGlxuY1bTR2YGW2ey4U.crl
rsync://rpki.ripe.net/repository/DEFAULT/69/18dd8b-a010-42ca-bc99-0f867d9ff58e/1/icKIUyrvyGlxuY1bTR2YGW2ey4U.mft
rsync://rpki.ripe.net/repository/DEFAULT/icKIUyrvyGlxuY1bTR2YGW2ey4U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:65:71:39:e1:b8:5f:6c:68:fd:01:4d:87:0f:7e:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89c288532aefc86971b98d5b4d1d98196d9ecb85
Validity
Not Before: Mar 29 07:01:05 2026 GMT
Not After : Mar 30 07:01:05 2026 GMT
Subject: CN=31d888f5720ebef317fee78f5f45684511575c6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:de:ab:7b:cd:0a:e0:f4:6f:04:41:91:1b:7e:
5b:2f:02:b3:02:f9:83:bf:1e:63:00:9a:91:7a:5a:
78:43:2c:95:96:5a:92:2d:fe:e0:cf:4a:9f:0c:0d:
6b:8b:25:ec:96:f2:2e:ad:6e:ad:b1:26:e2:d7:b5:
74:0f:ae:8e:44:91:ee:ab:63:d9:1f:dd:42:d0:4b:
e5:14:c2:47:cd:00:90:0c:92:b4:6c:cc:94:dd:2e:
4b:95:cc:4d:49:69:a0:6f:84:c7:50:9a:52:a2:c7:
3b:49:93:c9:f3:32:32:5e:27:e7:38:0c:38:8c:b4:
70:e9:15:86:73:49:84:98:5d:9a:a5:ab:86:5a:e9:
d2:b1:5c:bc:1b:9d:5e:3e:8f:02:70:92:f8:45:fb:
91:eb:cd:22:66:53:d3:dc:5f:a1:ee:34:2a:68:27:
da:01:1e:47:53:0d:70:92:8e:f5:d1:4a:a1:df:f8:
8a:7a:60:a2:c7:ba:32:bf:ec:2e:bd:3c:43:4c:4a:
32:63:07:d8:6d:33:78:a9:31:3a:2a:5c:49:39:75:
aa:48:40:4f:ae:13:87:2f:e7:0c:c7:77:be:dc:05:
fa:ee:1c:5c:9d:c6:57:32:67:b2:da:22:13:6b:76:
8b:55:54:b3:c3:2a:6e:ce:89:5c:83:0a:aa:97:7a:
d1:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:D8:88:F5:72:0E:BE:F3:17:FE:E7:8F:5F:45:68:45:11:57:5C:6F
X509v3 Authority Key Identifier:
keyid:89:C2:88:53:2A:EF:C8:69:71:B9:8D:5B:4D:1D:98:19:6D:9E:CB:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/icKIUyrvyGlxuY1bTR2YGW2ey4U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/18dd8b-a010-42ca-bc99-0f867d9ff58e/1/icKIUyrvyGlxuY1bTR2YGW2ey4U.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/18dd8b-a010-42ca-bc99-0f867d9ff58e/1/icKIUyrvyGlxuY1bTR2YGW2ey4U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6e:4d:68:f5:c6:60:b1:11:9f:1a:49:d6:53:87:7a:e8:7f:40:
69:57:24:86:de:64:80:14:75:e7:9d:ea:f4:9c:28:85:2f:78:
a5:d2:e0:f8:d1:61:33:15:01:08:2f:8d:80:1f:1e:04:fc:94:
6e:e2:b5:ec:06:66:d1:71:8c:2f:3b:c8:29:27:0a:c7:89:49:
04:99:d6:73:cf:08:7e:93:1a:ae:99:48:d0:71:e2:76:81:8c:
4e:19:49:4c:77:33:81:b6:ae:f5:36:10:3f:58:cd:07:13:39:
c7:65:01:6b:20:d2:bf:1d:88:ef:bb:81:b3:c0:a4:56:aa:fd:
7b:06:74:25:3b:51:ea:17:bf:d8:a7:a6:ef:2c:54:ce:e6:3c:
18:01:7c:ab:93:bc:1e:4b:cb:41:40:e3:8e:d9:6d:c3:4c:4a:
5c:d9:6d:00:ce:10:f0:b5:0f:ee:a5:51:5d:72:d9:fb:3d:6a:
97:49:6b:78:92:23:20:86:1d:95:a2:e3:22:4a:2b:5a:91:d5:
22:7c:04:aa:d5:c2:3f:93:9b:d6:5b:27:90:31:f4:cc:1c:42:
cf:6f:8a:05:27:e8:a2:81:ec:ef:fe:b4:ea:8c:cc:b9:19:40:
dc:e8:31:f8:63:af:9a:5e:6e:85:b0:c4:bd:d2:f9:f2:36:0d:
dc:73:6d:e8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZXE54bhfbGj9AU2HD35rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5YzI4ODUzMmFlZmM4Njk3MWI5OGQ1YjRkMWQ5ODE5NmQ5
ZWNiODUwHhcNMjYwMzI5MDcwMTA1WhcNMjYwMzMwMDcwMTA1WjAzMTEwLwYDVQQD
EygzMWQ4ODhmNTcyMGViZWYzMTdmZWU3OGY1ZjQ1Njg0NTExNTc1YzZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzN6re80K4PRvBEGRG35bLwKzAvmD
vx5jAJqRelp4QyyVllqSLf7gz0qfDA1riyXslvIurW6tsSbi17V0D66ORJHuq2PZ
H91C0EvlFMJHzQCQDJK0bMyU3S5LlcxNSWmgb4THUJpSosc7SZPJ8zIyXifnOAw4
jLRw6RWGc0mEmF2apauGWunSsVy8G51ePo8CcJL4RfuR680iZlPT3F+h7jQqaCfa
AR5HUw1wko710Uqh3/iKemCix7oyv+wuvTxDTEoyYwfYbTN4qTE6KlxJOXWqSEBP
rhOHL+cMx3e+3AX67hxcncZXMmey2iITa3aLVVSzwypuzolcgwqql3rRcwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDHYiPVyDr7zF/7nj19FaEURV1xvMB8GA1UdIwQY
MBaAFInCiFMq78hpcbmNW00dmBltnsuFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWNLSVV5cnZ5R2x4dVkxYlRSMllHVzJleTRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS8xOGRkOGItYTAxMC00MmNhLWJjOTkt
MGY4NjdkOWZmNThlLzEvaWNLSVV5cnZ5R2x4dVkxYlRSMllHVzJleTRVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS8xOGRkOGItYTAxMC00MmNhLWJjOTktMGY4NjdkOWZmNThl
LzEvaWNLSVV5cnZ5R2x4dVkxYlRSMllHVzJleTRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbk1o9cZg
sRGfGknWU4d66H9AaVckht5kgBR1553q9JwohS94pdLg+NFhMxUBCC+NgB8eBPyU
buK17AZm0XGMLzvIKScKx4lJBJnWc88IfpMarplI0HHidoGMThlJTHczgbau9TYQ
P1jNBxM5x2UBayDSvx2I77uBs8CkVqr9ewZ0JTtR6he/2Kem7yxUzuY8GAF8q5O8
HkvLQUDjjtltw0xKXNltAM4Q8LUP7qVRXXLZ+z1ql0lreJIjIIYdlaLjIkorWpHV
InwEqtXCP5Ob1lsnkDH0zBxCz2+KBSfoooHs7/606ozMuRlA3Ogx+GOvml5uhbDE
vdL58jYN3HNt6A==
-----END CERTIFICATE-----
Generated at Sun Mar 29 14:06:22 2026 by rpki-client