Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/8878d9-4f1c-426b-8a40-658120ae68e1/1/ICZNUaES0LwizqcxTLBs9aGuM-k.mft
File: ICZNUaES0LwizqcxTLBs9aGuM-k.mft (raw, json)
Hash identifier: dtxY55VaeIQj3KuD1K/gwBcmabe+NYhzEvK+b4C+K70=
Subject key identifier: 81:A1:87:AA:D5:4A:B0:2E:85:C0:F1:6C:1F:F6:DF:59:19:49:B5:07
Authority key identifier: 20:26:4D:51:A1:12:D0:BC:22:CE:A7:31:4C:B0:6C:F5:A1:AE:33:E9
Certificate issuer: /CN=20264d51a112d0bc22cea7314cb06cf5a1ae33e9
Certificate serial: 019D39AEB65FCEBECD90D684D319A0A821DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ICZNUaES0LwizqcxTLBs9aGuM-k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/8878d9-4f1c-426b-8a40-658120ae68e1/1/ICZNUaES0LwizqcxTLBs9aGuM-k.mft
Manifest number: 1823
Signing time: Sun 29 Mar 2026 13:00:44 +0000
Manifest this update: Sun 29 Mar 2026 13:00:44 +0000
Manifest next update: Mon 30 Mar 2026 13:00:44 +0000
Files and hashes: 1: ICZNUaES0LwizqcxTLBs9aGuM-k.crl (hash: LihGG6i1Do+CRnsczLpuuT94woPYXYZueMdCp+x6Hs0=)
2: TlCjshw48MI80zaCqZRdp10HXmU.roa (hash: IUaeg0F1EJZvlebFMhAdUjihSrKer72rVZfI7a/WmYI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b7/8878d9-4f1c-426b-8a40-658120ae68e1/1/ICZNUaES0LwizqcxTLBs9aGuM-k.crl
rsync://rpki.ripe.net/repository/DEFAULT/b7/8878d9-4f1c-426b-8a40-658120ae68e1/1/ICZNUaES0LwizqcxTLBs9aGuM-k.mft
rsync://rpki.ripe.net/repository/DEFAULT/ICZNUaES0LwizqcxTLBs9aGuM-k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:ae:b6:5f:ce:be:cd:90:d6:84:d3:19:a0:a8:21:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20264d51a112d0bc22cea7314cb06cf5a1ae33e9
Validity
Not Before: Mar 29 13:00:44 2026 GMT
Not After : Mar 30 13:00:44 2026 GMT
Subject: CN=81a187aad54ab02e85c0f16c1ff6df591949b507
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:f6:94:96:49:8b:cd:82:13:41:89:0f:d3:75:
cc:a5:05:1b:ea:39:c9:f7:ce:4e:71:d1:4f:da:0a:
04:42:75:cb:9d:f1:1e:83:fd:14:53:0f:a1:a8:23:
ec:c7:91:2f:2a:a0:d7:a7:09:7a:d0:37:04:7d:72:
93:88:6e:4a:1c:fc:b1:77:a0:7c:ba:ad:cc:98:9b:
53:f5:67:2a:70:e5:0f:64:92:a6:d8:47:77:b3:bc:
66:26:5b:6f:ad:71:c1:12:6b:5e:91:ef:fc:02:2e:
96:3c:cd:fe:5f:fe:c8:35:ce:8e:11:b1:71:f4:11:
cd:3e:64:d0:da:4b:d7:b6:cc:91:02:04:79:be:18:
76:5e:d1:55:a9:e6:52:23:64:27:71:ca:be:d5:90:
66:2a:67:d5:f5:bc:68:c0:d6:2a:28:13:66:42:ae:
2f:2f:61:7c:6b:5d:64:8a:1d:c5:f1:5c:b7:22:2e:
15:b6:0d:d4:c9:ec:77:80:6a:3a:29:15:ff:b1:76:
51:62:f3:03:84:02:50:e0:eb:0d:14:2b:de:db:92:
8b:88:9e:c5:75:ea:31:da:19:88:57:11:ef:cc:11:
a0:0a:dc:de:59:75:2a:12:ab:c7:00:de:b5:95:04:
b4:fd:e9:5b:bc:8d:85:f2:9d:40:e1:49:dc:7f:8b:
58:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:A1:87:AA:D5:4A:B0:2E:85:C0:F1:6C:1F:F6:DF:59:19:49:B5:07
X509v3 Authority Key Identifier:
keyid:20:26:4D:51:A1:12:D0:BC:22:CE:A7:31:4C:B0:6C:F5:A1:AE:33:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ICZNUaES0LwizqcxTLBs9aGuM-k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/8878d9-4f1c-426b-8a40-658120ae68e1/1/ICZNUaES0LwizqcxTLBs9aGuM-k.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/8878d9-4f1c-426b-8a40-658120ae68e1/1/ICZNUaES0LwizqcxTLBs9aGuM-k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
66:bb:34:5c:0b:5d:b3:46:40:8c:74:82:ff:f0:96:20:e6:11:
a9:5a:21:13:b0:cf:76:8c:3a:1e:d2:f3:f3:1d:ce:b3:f7:53:
17:17:a8:4a:1c:e3:8a:70:d6:ae:6c:7a:bc:27:e2:ac:5a:a9:
86:0d:55:43:af:cc:5f:4f:5f:c0:8a:58:6e:ec:ba:0c:92:ad:
5a:90:30:27:5c:92:10:40:33:1c:94:18:ca:18:fa:4d:e2:38:
6d:88:ff:12:1b:68:af:1d:5e:72:13:1b:c3:f8:39:c0:4c:50:
77:24:85:b9:d2:67:bd:58:1b:9c:53:aa:3a:7c:d2:2d:c8:8c:
3e:c5:03:38:c5:ce:b7:80:4a:b2:65:7f:60:7b:b5:ea:fc:d3:
f6:80:82:14:78:5f:f6:4d:26:85:f2:93:e2:c0:2c:f2:2f:2e:
b2:67:a2:64:32:ec:f0:71:29:6b:40:82:37:0b:ec:5a:27:b4:
19:60:34:59:08:ed:d4:5c:a1:d4:92:8e:25:8d:b9:9f:c7:8d:
b9:72:d4:5a:e5:6c:46:ff:24:13:1c:f0:5f:d6:1c:37:2c:2a:
8f:81:f3:c7:2d:13:36:da:1c:f9:83:a7:fa:1b:81:31:3d:1d:
87:85:d7:2b:14:e3:3d:36:d9:38:5a:9b:1e:19:b6:72:dc:86:
fa:90:5e:78
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05rrZfzr7NkNaE0xmgqCHeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwMjY0ZDUxYTExMmQwYmMyMmNlYTczMTRjYjA2Y2Y1YTFh
ZTMzZTkwHhcNMjYwMzI5MTMwMDQ0WhcNMjYwMzMwMTMwMDQ0WjAzMTEwLwYDVQQD
Eyg4MWExODdhYWQ1NGFiMDJlODVjMGYxNmMxZmY2ZGY1OTE5NDliNTA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqPaUlkmLzYITQYkP03XMpQUb6jnJ
985OcdFP2goEQnXLnfEeg/0UUw+hqCPsx5EvKqDXpwl60DcEfXKTiG5KHPyxd6B8
uq3MmJtT9WcqcOUPZJKm2Ed3s7xmJltvrXHBEmteke/8Ai6WPM3+X/7INc6OEbFx
9BHNPmTQ2kvXtsyRAgR5vhh2XtFVqeZSI2Qnccq+1ZBmKmfV9bxowNYqKBNmQq4v
L2F8a11kih3F8Vy3Ii4Vtg3Uyex3gGo6KRX/sXZRYvMDhAJQ4OsNFCve25KLiJ7F
deox2hmIVxHvzBGgCtzeWXUqEqvHAN61lQS0/elbvI2F8p1A4Uncf4tYIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIGhh6rVSrAuhcDxbB/231kZSbUHMB8GA1UdIwQY
MBaAFCAmTVGhEtC8Is6nMUywbPWhrjPpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUNaTlVhRVMwTHdpenFjeFRMQnM5YUd1TS1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy84ODc4ZDktNGYxYy00MjZiLThhNDAt
NjU4MTIwYWU2OGUxLzEvSUNaTlVhRVMwTHdpenFjeFRMQnM5YUd1TS1rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy84ODc4ZDktNGYxYy00MjZiLThhNDAtNjU4MTIwYWU2OGUx
LzEvSUNaTlVhRVMwTHdpenFjeFRMQnM5YUd1TS1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZrs0XAtd
s0ZAjHSC//CWIOYRqVohE7DPdow6HtLz8x3Os/dTFxeoShzjinDWrmx6vCfirFqp
hg1VQ6/MX09fwIpYbuy6DJKtWpAwJ1ySEEAzHJQYyhj6TeI4bYj/Ehtorx1echMb
w/g5wExQdySFudJnvVgbnFOqOnzSLciMPsUDOMXOt4BKsmV/YHu16vzT9oCCFHhf
9k0mhfKT4sAs8i8usmeiZDLs8HEpa0CCNwvsWie0GWA0WQjt1Fyh1JKOJY25n8eN
uXLUWuVsRv8kExzwX9YcNywqj4Hzxy0TNtoc+YOn+huBMT0dh4XXKxTjPTbZOFqb
Hhm2ctyG+pBeeA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 17:00:39 2026 by rpki-client