Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/b043af-b492-4b5b-a250-301433ebe436/1/IT2HNcFEzxJWWEO2nrQKTRowGqU.mft
File: IT2HNcFEzxJWWEO2nrQKTRowGqU.mft (raw, json)
Hash identifier: zlkXO0+bhw4+5vgzt73b6sPLo3HICnAaSkEKKWCU2go=
Subject key identifier: 3D:D9:22:FC:D7:DB:59:5D:12:A6:12:9C:EC:5F:3A:27:A9:3E:41:4A
Authority key identifier: 21:3D:87:35:C1:44:CF:12:56:58:43:B6:9E:B4:0A:4D:1A:30:1A:A5
Certificate issuer: /CN=213d8735c144cf12565843b69eb40a4d1a301aa5
Certificate serial: 019D375239B55A399179C4CD2776FED804CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IT2HNcFEzxJWWEO2nrQKTRowGqU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/b043af-b492-4b5b-a250-301433ebe436/1/IT2HNcFEzxJWWEO2nrQKTRowGqU.mft
Manifest number: 1200
Signing time: Sun 29 Mar 2026 02:00:28 +0000
Manifest this update: Sun 29 Mar 2026 02:00:28 +0000
Manifest next update: Mon 30 Mar 2026 02:00:28 +0000
Files and hashes: 1: IT2HNcFEzxJWWEO2nrQKTRowGqU.crl (hash: oaK1tndIsqGIfbq2tlFA8t/1RzupfAGWKb6t3nSuQVU=)
2: NLcXQyarZMLPShqbum_K4HREfn4.roa (hash: mjratVtRdhgBM6Hy0uvO9ymB77guClAbYNO1DYJFQTM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/b043af-b492-4b5b-a250-301433ebe436/1/IT2HNcFEzxJWWEO2nrQKTRowGqU.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/b043af-b492-4b5b-a250-301433ebe436/1/IT2HNcFEzxJWWEO2nrQKTRowGqU.mft
rsync://rpki.ripe.net/repository/DEFAULT/IT2HNcFEzxJWWEO2nrQKTRowGqU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 02:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:52:39:b5:5a:39:91:79:c4:cd:27:76:fe:d8:04:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=213d8735c144cf12565843b69eb40a4d1a301aa5
Validity
Not Before: Mar 29 02:00:28 2026 GMT
Not After : Mar 30 02:00:28 2026 GMT
Subject: CN=3dd922fcd7db595d12a6129cec5f3a27a93e414a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:c6:2f:ae:5d:8f:c7:cc:b3:92:37:77:58:8a:
26:6a:85:08:56:68:ef:f0:12:48:7c:a6:6e:eb:99:
e1:21:5b:92:19:46:ee:6c:57:7a:ce:9d:07:4f:e6:
c0:fc:43:40:1a:9c:78:45:13:53:76:d5:c8:4a:ab:
9a:ac:eb:32:1b:54:ae:23:78:98:7d:7a:34:f3:60:
7f:4a:4f:a3:1e:5d:97:4d:59:50:02:84:47:5a:c3:
de:47:d4:4e:36:7e:45:2f:ad:f8:ef:cd:5b:e8:bf:
da:07:f3:41:6e:ec:4c:75:0f:c4:f5:84:49:f1:47:
c0:ca:8d:74:f2:cb:d0:89:b0:66:21:d9:4c:aa:f1:
03:21:c4:bb:68:ad:55:2a:95:b1:cf:bf:4e:13:eb:
62:c3:8a:be:c3:23:04:cf:67:e6:66:08:b8:ec:e7:
6e:c9:e4:d2:23:dd:73:ab:30:d1:e6:43:73:a8:03:
0e:11:58:64:83:12:b8:bf:f6:2d:3b:36:ce:85:eb:
e0:ee:52:86:13:1d:dc:2a:2b:6e:a5:69:b4:c6:6d:
e8:e0:0f:62:fd:12:fa:88:5a:3d:40:f0:1d:e5:74:
27:16:ed:41:70:b1:ad:f5:1a:46:23:f8:b3:28:1b:
d2:cd:a6:7a:52:e0:f5:26:88:ae:f1:d7:3d:d8:e5:
fa:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:D9:22:FC:D7:DB:59:5D:12:A6:12:9C:EC:5F:3A:27:A9:3E:41:4A
X509v3 Authority Key Identifier:
keyid:21:3D:87:35:C1:44:CF:12:56:58:43:B6:9E:B4:0A:4D:1A:30:1A:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IT2HNcFEzxJWWEO2nrQKTRowGqU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b043af-b492-4b5b-a250-301433ebe436/1/IT2HNcFEzxJWWEO2nrQKTRowGqU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b043af-b492-4b5b-a250-301433ebe436/1/IT2HNcFEzxJWWEO2nrQKTRowGqU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
69:c2:c7:cf:be:91:20:81:b8:0d:6f:3f:df:82:9b:ea:6f:ed:
e2:06:21:4c:49:13:8a:a2:81:1b:e0:87:c5:b8:dc:54:e9:8e:
f1:b2:42:c7:4c:f8:63:52:57:2d:4b:a2:2e:94:04:53:1b:d5:
63:1e:64:ca:0f:29:99:f4:1f:03:1b:c6:17:73:6a:a6:01:aa:
b7:08:25:ef:95:c0:c0:03:9f:c5:d1:af:a7:0a:a5:0e:33:0e:
d7:8d:95:9c:e3:0f:e7:f0:43:ee:f5:25:2e:40:06:61:78:18:
0a:64:2d:9a:c3:2b:af:b3:07:d2:78:c7:27:ba:4f:af:73:7b:
e2:51:0f:ac:e8:9d:41:2b:fb:25:95:37:48:f0:b6:20:34:6f:
62:7b:a7:df:79:83:a5:45:e3:9c:23:26:e6:f7:a9:67:c5:c2:
ff:bd:ca:1a:86:07:c3:42:ce:8d:ac:9c:c4:f8:bd:9d:2d:6a:
7e:86:ef:1c:4e:ee:87:b6:9e:00:68:50:a9:5a:56:cf:9c:e2:
9d:51:d7:10:54:b2:17:95:73:55:0d:9e:67:dc:9b:8e:f0:5f:
50:57:3c:50:09:79:2f:7e:80:41:d3:e6:43:cd:c1:7d:57:73:
7a:8e:ec:32:72:09:f8:e2:e5:21:65:6e:8e:2b:7e:f2:6e:7a:
67:40:35:2b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03Ujm1WjmRecTNJ3b+2ATOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxM2Q4NzM1YzE0NGNmMTI1NjU4NDNiNjllYjQwYTRkMWEz
MDFhYTUwHhcNMjYwMzI5MDIwMDI4WhcNMjYwMzMwMDIwMDI4WjAzMTEwLwYDVQQD
EygzZGQ5MjJmY2Q3ZGI1OTVkMTJhNjEyOWNlYzVmM2EyN2E5M2U0MTRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx8Yvrl2Px8yzkjd3WIomaoUIVmjv
8BJIfKZu65nhIVuSGUbubFd6zp0HT+bA/ENAGpx4RRNTdtXISquarOsyG1SuI3iY
fXo082B/Sk+jHl2XTVlQAoRHWsPeR9RONn5FL634781b6L/aB/NBbuxMdQ/E9YRJ
8UfAyo108svQibBmIdlMqvEDIcS7aK1VKpWxz79OE+tiw4q+wyMEz2fmZgi47Odu
yeTSI91zqzDR5kNzqAMOEVhkgxK4v/YtOzbOhevg7lKGEx3cKitupWm0xm3o4A9i
/RL6iFo9QPAd5XQnFu1BcLGt9RpGI/izKBvSzaZ6UuD1Joiu8dc92OX6fwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD3ZIvzX21ldEqYSnOxfOiepPkFKMB8GA1UdIwQY
MBaAFCE9hzXBRM8SVlhDtp60Ck0aMBqlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVQySE5jRkV6eEpXV0VPMm5yUUtUUm93R3FVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9iMDQzYWYtYjQ5Mi00YjViLWEyNTAt
MzAxNDMzZWJlNDM2LzEvSVQySE5jRkV6eEpXV0VPMm5yUUtUUm93R3FVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9iMDQzYWYtYjQ5Mi00YjViLWEyNTAtMzAxNDMzZWJlNDM2
LzEvSVQySE5jRkV6eEpXV0VPMm5yUUtUUm93R3FVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAacLHz76R
IIG4DW8/34Kb6m/t4gYhTEkTiqKBG+CHxbjcVOmO8bJCx0z4Y1JXLUuiLpQEUxvV
Yx5kyg8pmfQfAxvGF3NqpgGqtwgl75XAwAOfxdGvpwqlDjMO142VnOMP5/BD7vUl
LkAGYXgYCmQtmsMrr7MH0njHJ7pPr3N74lEPrOidQSv7JZU3SPC2IDRvYnun33mD
pUXjnCMm5vepZ8XC/73KGoYHw0LOjaycxPi9nS1qfobvHE7uh7aeAGhQqVpWz5zi
nVHXEFSyF5VzVQ2eZ9ybjvBfUFc8UAl5L36AQdPmQ83BfVdzeo7sMnIJ+OLlIWVu
jit+8m56Z0A1Kw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:34:05 2026 by rpki-client