Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/f907aa-2acd-4dc7-9f0d-d7b08948f7c7/1/r-iiApeGib2NX15X_MG_64Z8Mio.mft
File: r-iiApeGib2NX15X_MG_64Z8Mio.mft (raw, json)
Hash identifier: k9TyITXhzYikMLj7LyO+FzOItL6+oF05qj6TGoKF5cQ=
Subject key identifier: 03:E5:E6:01:96:0A:76:F3:9D:EE:0C:41:0D:61:C8:47:48:98:46:AD
Authority key identifier: AF:E8:A2:02:97:86:89:BD:8D:5F:5E:57:FC:C1:BF:EB:86:7C:32:2A
Certificate issuer: /CN=afe8a202978689bd8d5f5e57fcc1bfeb867c322a
Certificate serial: 019D3A1C766A56AA33E5ED013762D0FA3C0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r-iiApeGib2NX15X_MG_64Z8Mio.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/f907aa-2acd-4dc7-9f0d-d7b08948f7c7/1/r-iiApeGib2NX15X_MG_64Z8Mio.mft
Manifest number: 188C
Signing time: Sun 29 Mar 2026 15:00:36 +0000
Manifest this update: Sun 29 Mar 2026 15:00:36 +0000
Manifest next update: Mon 30 Mar 2026 15:00:36 +0000
Files and hashes: 1: r-iiApeGib2NX15X_MG_64Z8Mio.crl (hash: EXJJtOOk/JwSNeBl9Hc8fxKfbRj+AmaDyZXbxRK/XQw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7d/f907aa-2acd-4dc7-9f0d-d7b08948f7c7/1/r-iiApeGib2NX15X_MG_64Z8Mio.crl
rsync://rpki.ripe.net/repository/DEFAULT/7d/f907aa-2acd-4dc7-9f0d-d7b08948f7c7/1/r-iiApeGib2NX15X_MG_64Z8Mio.mft
rsync://rpki.ripe.net/repository/DEFAULT/r-iiApeGib2NX15X_MG_64Z8Mio.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:3a:1c:76:6a:56:aa:33:e5:ed:01:37:62:d0:fa:3c:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=afe8a202978689bd8d5f5e57fcc1bfeb867c322a
Validity
Not Before: Mar 29 15:00:36 2026 GMT
Not After : Mar 30 15:00:36 2026 GMT
Subject: CN=03e5e601960a76f39dee0c410d61c847489846ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:fd:71:1f:9b:42:81:15:84:16:8d:7d:a6:32:
8f:15:e4:72:f9:40:2d:1d:6b:8f:d9:fe:63:01:ec:
cd:0c:9b:51:61:d5:21:d6:dd:7e:ca:ad:93:db:66:
92:d4:bc:79:63:ab:89:38:68:00:6f:0b:56:61:cc:
35:75:f9:23:ad:7e:c7:c1:6e:c2:f1:06:d6:8c:dc:
2d:8e:93:2a:fc:7b:2d:24:82:71:d5:d3:eb:b6:21:
1b:30:8f:15:c2:40:79:cd:05:12:66:6e:22:d8:e0:
a3:c9:69:e0:84:7c:80:4b:d1:43:08:d3:c1:4b:f8:
98:68:8a:bd:fd:a1:b5:c0:5d:9f:4d:c9:3e:18:45:
32:6e:d5:2e:fb:2f:30:a2:ec:65:ee:50:15:8f:cf:
0f:b3:8c:ed:a5:65:84:6c:86:fc:23:fb:fb:67:ae:
fb:ed:7e:75:c3:1c:15:ef:15:1f:4b:74:d3:fa:65:
45:7e:96:ec:5f:17:f7:2b:b1:e3:81:b6:e2:da:1f:
76:0e:39:ca:24:f0:97:b5:f6:3c:8d:d7:47:06:14:
82:c0:cc:2a:2f:d1:8e:13:39:9a:1b:60:42:88:2c:
ff:da:89:e8:fe:6f:a5:fb:90:85:05:a2:d4:e0:e8:
8f:8b:d5:b7:1d:24:c4:9c:df:55:b1:ce:d7:90:d8:
d2:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:E5:E6:01:96:0A:76:F3:9D:EE:0C:41:0D:61:C8:47:48:98:46:AD
X509v3 Authority Key Identifier:
keyid:AF:E8:A2:02:97:86:89:BD:8D:5F:5E:57:FC:C1:BF:EB:86:7C:32:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r-iiApeGib2NX15X_MG_64Z8Mio.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/f907aa-2acd-4dc7-9f0d-d7b08948f7c7/1/r-iiApeGib2NX15X_MG_64Z8Mio.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/f907aa-2acd-4dc7-9f0d-d7b08948f7c7/1/r-iiApeGib2NX15X_MG_64Z8Mio.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
07:29:a7:63:27:94:09:23:40:4c:0f:a0:c6:83:c2:24:d1:88:
b3:f4:3b:8b:ec:bb:49:c0:3e:cb:08:74:80:2f:cf:f3:40:e2:
f2:1d:68:95:1a:d0:5a:67:ff:05:03:c4:e2:d6:9a:c1:4f:48:
40:b4:19:ba:eb:48:e2:59:dd:ca:9e:08:49:9b:f1:17:de:51:
6e:3b:80:5b:49:b6:25:38:a9:e9:15:ba:e2:e6:6d:95:64:08:
5c:51:56:9e:3f:94:6d:94:36:5b:2c:95:78:8b:ae:dc:ea:bf:
e7:04:b0:5a:81:01:55:c9:40:23:07:a5:e0:47:dc:8c:c2:f3:
bd:80:28:d7:f0:7c:44:98:09:71:86:90:ae:f0:cb:47:1b:f5:
97:c1:4c:92:01:8c:34:6e:7e:52:e8:95:d3:21:07:25:67:8b:
5b:2a:93:3b:ef:ed:c6:84:d5:e0:cf:7d:d6:b1:e2:3a:8f:ac:
b9:6b:76:4a:55:c1:39:c5:e2:3e:5f:81:31:41:8e:73:12:9e:
3e:3e:39:3d:a6:30:3b:79:b3:83:80:35:e8:6b:8c:1d:69:a6:
ea:28:d7:e4:c8:d0:dd:69:40:c9:74:27:62:13:51:7c:77:88:
1f:81:ea:bf:90:c8:e4:75:10:45:c3:61:52:33:46:17:2d:85:
44:bc:e4:35
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ06HHZqVqoz5e0BN2LQ+jwNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmZThhMjAyOTc4Njg5YmQ4ZDVmNWU1N2ZjYzFiZmViODY3
YzMyMmEwHhcNMjYwMzI5MTUwMDM2WhcNMjYwMzMwMTUwMDM2WjAzMTEwLwYDVQQD
EygwM2U1ZTYwMTk2MGE3NmYzOWRlZTBjNDEwZDYxYzg0NzQ4OTg0NmFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt/1xH5tCgRWEFo19pjKPFeRy+UAt
HWuP2f5jAezNDJtRYdUh1t1+yq2T22aS1Lx5Y6uJOGgAbwtWYcw1dfkjrX7HwW7C
8QbWjNwtjpMq/HstJIJx1dPrtiEbMI8VwkB5zQUSZm4i2OCjyWnghHyAS9FDCNPB
S/iYaIq9/aG1wF2fTck+GEUybtUu+y8wouxl7lAVj88Ps4ztpWWEbIb8I/v7Z677
7X51wxwV7xUfS3TT+mVFfpbsXxf3K7Hjgbbi2h92DjnKJPCXtfY8jddHBhSCwMwq
L9GOEzmaG2BCiCz/2ono/m+l+5CFBaLU4OiPi9W3HSTEnN9Vsc7XkNjSpwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAPl5gGWCnbzne4MQQ1hyEdImEatMB8GA1UdIwQY
MBaAFK/oogKXhom9jV9eV/zBv+uGfDIqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvci1paUFwZUdpYjJOWDE1WF9NR182NFo4TWlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9mOTA3YWEtMmFjZC00ZGM3LTlmMGQt
ZDdiMDg5NDhmN2M3LzEvci1paUFwZUdpYjJOWDE1WF9NR182NFo4TWlvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC9mOTA3YWEtMmFjZC00ZGM3LTlmMGQtZDdiMDg5NDhmN2M3
LzEvci1paUFwZUdpYjJOWDE1WF9NR182NFo4TWlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABymnYyeU
CSNATA+gxoPCJNGIs/Q7i+y7ScA+ywh0gC/P80Di8h1olRrQWmf/BQPE4taawU9I
QLQZuutI4lndyp4ISZvxF95RbjuAW0m2JTip6RW64uZtlWQIXFFWnj+UbZQ2WyyV
eIuu3Oq/5wSwWoEBVclAIwel4EfcjMLzvYAo1/B8RJgJcYaQrvDLRxv1l8FMkgGM
NG5+UuiV0yEHJWeLWyqTO+/txoTV4M991rHiOo+suWt2SlXBOcXiPl+BMUGOcxKe
Pj45PaYwO3mzg4A16GuMHWmm6ijX5MjQ3WlAyXQnYhNRfHeIH4Hqv5DI5HUQRcNh
UjNGFy2FRLzkNQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 17:02:26 2026 by rpki-client