Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/89bb71-3fe9-42d2-a73b-13ae98aa7d33/1/i4gBVDgSBAR31HRCKUZshTfUUXE.mft
File: i4gBVDgSBAR31HRCKUZshTfUUXE.mft (raw, json)
Hash identifier: ICVU8HDz8L72vOifgZ5WJsBNL5M3rt/ZXHH2+3lDd7k=
Subject key identifier: D3:8A:AF:31:F3:97:41:10:62:6E:06:B0:A1:EF:48:44:D6:FE:7D:8D
Authority key identifier: 8B:88:01:54:38:12:04:04:77:D4:74:42:29:46:6C:85:37:D4:51:71
Certificate issuer: /CN=8b8801543812040477d4744229466c8537d45171
Certificate serial: 019D389BAE7A06BFFDEE67004D45BB6AC599
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i4gBVDgSBAR31HRCKUZshTfUUXE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/89bb71-3fe9-42d2-a73b-13ae98aa7d33/1/i4gBVDgSBAR31HRCKUZshTfUUXE.mft
Manifest number: 0FD8
Signing time: Sun 29 Mar 2026 08:00:19 +0000
Manifest this update: Sun 29 Mar 2026 08:00:19 +0000
Manifest next update: Mon 30 Mar 2026 08:00:19 +0000
Files and hashes: 1: 5qOXZsZ0BHNAbp3kT3SWOZkhYW4.roa (hash: DBxKLTH87HKe59x6vClNlaxgF86/cqJNz234XOYz+0Y=)
2: i4gBVDgSBAR31HRCKUZshTfUUXE.crl (hash: tGxbfobf+RvFnVSjVjL7QyWgq500F7P7zkWhvsoXDcE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/69/89bb71-3fe9-42d2-a73b-13ae98aa7d33/1/i4gBVDgSBAR31HRCKUZshTfUUXE.crl
rsync://rpki.ripe.net/repository/DEFAULT/69/89bb71-3fe9-42d2-a73b-13ae98aa7d33/1/i4gBVDgSBAR31HRCKUZshTfUUXE.mft
rsync://rpki.ripe.net/repository/DEFAULT/i4gBVDgSBAR31HRCKUZshTfUUXE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:9b:ae:7a:06:bf:fd:ee:67:00:4d:45:bb:6a:c5:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b8801543812040477d4744229466c8537d45171
Validity
Not Before: Mar 29 08:00:19 2026 GMT
Not After : Mar 30 08:00:19 2026 GMT
Subject: CN=d38aaf31f3974110626e06b0a1ef4844d6fe7d8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:f9:e1:21:62:c1:6c:6e:af:da:b9:78:e8:3d:
dd:a7:df:b6:d1:b7:9f:bc:b6:ec:d0:cd:59:dd:a6:
47:8f:de:84:49:84:22:a4:ab:d3:a3:c4:4b:3f:e5:
7c:e7:ba:2c:f6:58:45:42:1a:f9:8f:96:b9:72:2c:
2e:5d:a7:b7:db:94:99:3d:9f:5a:6f:e9:36:59:7c:
f3:28:ad:8e:99:7a:d6:77:1d:c4:99:56:e4:27:44:
1f:cf:79:c2:b6:b6:b9:bd:91:65:fd:ca:b5:b5:5a:
ab:51:c6:d1:64:2f:04:48:63:51:c8:e6:ae:52:3a:
fc:01:82:53:f2:a9:0a:a8:62:78:db:f6:68:47:eb:
11:e2:b9:7c:f5:59:bf:f2:8c:db:49:6d:03:bf:1d:
fe:9b:8b:3e:b3:b8:39:7b:bf:48:5e:68:eb:d7:bb:
e8:f5:91:95:d7:20:c2:6a:1d:5f:db:3e:74:f8:4b:
50:81:e5:cf:cf:ee:6e:a5:25:76:6b:33:b3:85:a5:
7e:8a:26:08:bc:c2:a9:3e:f8:cc:7c:95:77:2a:f2:
70:6a:3f:8b:e0:41:3b:60:cf:41:f4:01:31:75:49:
05:17:44:38:3f:05:1b:e8:a3:a7:c3:05:cd:0a:24:
da:83:6d:91:0e:b2:97:c7:1d:f2:51:97:55:2f:3e:
06:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:8A:AF:31:F3:97:41:10:62:6E:06:B0:A1:EF:48:44:D6:FE:7D:8D
X509v3 Authority Key Identifier:
keyid:8B:88:01:54:38:12:04:04:77:D4:74:42:29:46:6C:85:37:D4:51:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i4gBVDgSBAR31HRCKUZshTfUUXE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/89bb71-3fe9-42d2-a73b-13ae98aa7d33/1/i4gBVDgSBAR31HRCKUZshTfUUXE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/89bb71-3fe9-42d2-a73b-13ae98aa7d33/1/i4gBVDgSBAR31HRCKUZshTfUUXE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b1:82:29:5f:85:bf:fd:7c:51:c4:e8:92:ef:8a:43:cf:d4:05:
e2:4f:f8:e7:2a:2e:d6:31:30:e3:d3:23:12:f3:13:ca:0f:9b:
78:ae:76:71:14:09:6a:1d:de:64:8a:30:f1:95:3f:c9:52:42:
7a:8f:e7:0f:1f:2c:52:bf:c4:d6:f0:a3:cf:16:d6:78:03:32:
dd:7d:1b:ab:9d:98:38:cf:09:45:09:ef:f8:01:fc:94:17:6d:
6b:30:e9:ab:81:cf:b6:c6:6e:9e:64:0b:be:73:70:81:fd:84:
06:df:ca:16:7d:2f:c5:fc:c7:d0:10:d4:af:19:2a:20:75:61:
e3:15:71:5b:a2:1a:b5:bc:4a:89:94:f0:f2:4c:7d:6b:44:0b:
30:62:0f:1e:31:db:cc:79:d2:e9:f0:ef:31:60:ec:ee:2f:e1:
25:d7:15:75:e5:91:4d:a0:0f:de:44:fc:59:30:bc:30:5b:58:
76:03:9d:83:a9:c3:11:c2:29:29:b5:90:8b:d1:8a:ce:5c:46:
01:6d:e5:3a:4d:84:11:f2:09:d5:c3:60:2f:4f:19:e9:28:f8:
8a:f5:22:7a:4a:98:e3:9d:93:f4:c8:f6:9f:46:d6:75:b4:63:
9c:6d:9e:55:8f:cc:13:a5:3a:1e:b9:fe:d6:67:49:9a:01:21:
c0:0f:cd:92
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04m656Br/97mcATUW7asWZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiODgwMTU0MzgxMjA0MDQ3N2Q0NzQ0MjI5NDY2Yzg1Mzdk
NDUxNzEwHhcNMjYwMzI5MDgwMDE5WhcNMjYwMzMwMDgwMDE5WjAzMTEwLwYDVQQD
EyhkMzhhYWYzMWYzOTc0MTEwNjI2ZTA2YjBhMWVmNDg0NGQ2ZmU3ZDhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6fnhIWLBbG6v2rl46D3dp9+20bef
vLbs0M1Z3aZHj96ESYQipKvTo8RLP+V857os9lhFQhr5j5a5ciwuXae325SZPZ9a
b+k2WXzzKK2OmXrWdx3EmVbkJ0Qfz3nCtra5vZFl/cq1tVqrUcbRZC8ESGNRyOau
Ujr8AYJT8qkKqGJ42/ZoR+sR4rl89Vm/8ozbSW0Dvx3+m4s+s7g5e79IXmjr17vo
9ZGV1yDCah1f2z50+EtQgeXPz+5upSV2azOzhaV+iiYIvMKpPvjMfJV3KvJwaj+L
4EE7YM9B9AExdUkFF0Q4PwUb6KOnwwXNCiTag22RDrKXxx3yUZdVLz4GawIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNOKrzHzl0EQYm4GsKHvSETW/n2NMB8GA1UdIwQY
MBaAFIuIAVQ4EgQEd9R0QilGbIU31FFxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTRnQlZEZ1NCQVIzMUhSQ0tVWnNoVGZVVVhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS84OWJiNzEtM2ZlOS00MmQyLWE3M2It
MTNhZTk4YWE3ZDMzLzEvaTRnQlZEZ1NCQVIzMUhSQ0tVWnNoVGZVVVhFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS84OWJiNzEtM2ZlOS00MmQyLWE3M2ItMTNhZTk4YWE3ZDMz
LzEvaTRnQlZEZ1NCQVIzMUhSQ0tVWnNoVGZVVVhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsYIpX4W/
/XxRxOiS74pDz9QF4k/45you1jEw49MjEvMTyg+beK52cRQJah3eZIow8ZU/yVJC
eo/nDx8sUr/E1vCjzxbWeAMy3X0bq52YOM8JRQnv+AH8lBdtazDpq4HPtsZunmQL
vnNwgf2EBt/KFn0vxfzH0BDUrxkqIHVh4xVxW6IatbxKiZTw8kx9a0QLMGIPHjHb
zHnS6fDvMWDs7i/hJdcVdeWRTaAP3kT8WTC8MFtYdgOdg6nDEcIpKbWQi9GKzlxG
AW3lOk2EEfIJ1cNgL08Z6Sj4ivUiekqY452T9Mj2n0bWdbRjnG2eVY/ME6U6Hrn+
1mdJmgEhwA/Nkg==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:26:54 2026 by rpki-client