Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/8878d9-4f1c-426b-8a40-658120ae68e1/1/ICZNUaES0LwizqcxTLBs9aGuM-k.mft
File: ICZNUaES0LwizqcxTLBs9aGuM-k.mft (raw, json)
Hash identifier: BxoABD66UMhgdmBSMEWY3HjclArXWWFAXHhdiiFaqaI=
Subject key identifier: D0:F2:38:82:5F:98:C3:C0:50:32:0C:BC:C0:BD:80:61:01:AE:55:EF
Authority key identifier: 20:26:4D:51:A1:12:D0:BC:22:CE:A7:31:4C:B0:6C:F5:A1:AE:33:E9
Certificate issuer: /CN=20264d51a112d0bc22cea7314cb06cf5a1ae33e9
Certificate serial: 019EB620575B6D6E5373BDAF486D558EE37B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ICZNUaES0LwizqcxTLBs9aGuM-k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/8878d9-4f1c-426b-8a40-658120ae68e1/1/ICZNUaES0LwizqcxTLBs9aGuM-k.mft
Manifest number: 18E8
Signing time: Thu 11 Jun 2026 10:00:33 +0000
Manifest this update: Thu 11 Jun 2026 10:00:33 +0000
Manifest next update: Fri 12 Jun 2026 10:00:33 +0000
Files and hashes: 1: ICZNUaES0LwizqcxTLBs9aGuM-k.crl (hash: EnOttu3wwufu9KMCxtqsD+quuF3oOx5p3fE3Mk2NXUM=)
2: TlCjshw48MI80zaCqZRdp10HXmU.roa (hash: IUaeg0F1EJZvlebFMhAdUjihSrKer72rVZfI7a/WmYI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b7/8878d9-4f1c-426b-8a40-658120ae68e1/1/ICZNUaES0LwizqcxTLBs9aGuM-k.crl
rsync://rpki.ripe.net/repository/DEFAULT/b7/8878d9-4f1c-426b-8a40-658120ae68e1/1/ICZNUaES0LwizqcxTLBs9aGuM-k.mft
rsync://rpki.ripe.net/repository/DEFAULT/ICZNUaES0LwizqcxTLBs9aGuM-k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 10:00:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:b6:20:57:5b:6d:6e:53:73:bd:af:48:6d:55:8e:e3:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20264d51a112d0bc22cea7314cb06cf5a1ae33e9
Validity
Not Before: Jun 11 10:00:33 2026 GMT
Not After : Jun 12 10:00:33 2026 GMT
Subject: CN=d0f238825f98c3c050320cbcc0bd806101ae55ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:77:4d:c4:f0:3a:38:7d:89:30:51:36:66:96:
a9:b1:e0:7a:59:b2:70:59:17:68:a4:e0:a1:94:46:
7e:3d:b6:be:11:39:e3:99:e3:55:c2:6d:fd:3c:4c:
7b:d0:34:97:6e:03:b4:c0:3c:ac:c6:76:ba:fd:d3:
f2:a5:1b:17:e5:a8:37:47:c5:9e:30:0b:55:ea:7c:
c6:d9:92:8a:85:2a:21:dc:33:c5:bb:d7:95:de:90:
af:96:f6:2a:a3:ee:04:5f:61:df:db:9b:a0:e4:c1:
a6:d3:c2:bd:f3:96:0d:a6:6a:cc:38:44:38:03:bf:
9c:fd:80:34:c2:3e:b8:30:85:cb:13:12:19:d8:09:
6c:0f:88:93:65:9d:ff:e6:1a:13:d4:32:85:15:66:
92:51:3f:e6:a3:dc:77:4e:b6:3b:68:ea:b7:34:3d:
01:8d:bf:83:42:df:58:e0:00:6f:46:b2:dc:7f:53:
d5:fe:4e:5b:8d:5d:7e:07:e6:ec:0e:0c:f8:92:89:
14:92:56:21:d7:0a:fe:a0:40:d2:20:23:9a:fd:ae:
05:fd:7e:ab:39:9c:f6:db:88:68:2d:77:99:bd:57:
08:6a:46:2a:85:b7:77:86:7d:4b:de:22:63:17:b1:
2d:8b:b8:d7:9a:8b:ed:bb:9c:63:0e:a1:f9:56:ec:
2a:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:F2:38:82:5F:98:C3:C0:50:32:0C:BC:C0:BD:80:61:01:AE:55:EF
X509v3 Authority Key Identifier:
keyid:20:26:4D:51:A1:12:D0:BC:22:CE:A7:31:4C:B0:6C:F5:A1:AE:33:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ICZNUaES0LwizqcxTLBs9aGuM-k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/8878d9-4f1c-426b-8a40-658120ae68e1/1/ICZNUaES0LwizqcxTLBs9aGuM-k.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/8878d9-4f1c-426b-8a40-658120ae68e1/1/ICZNUaES0LwizqcxTLBs9aGuM-k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
63:e8:da:51:43:9a:5e:72:f0:5d:e0:9c:e8:d2:3e:cc:b0:d5:
6a:f4:08:1a:b7:60:c1:22:ed:0e:bf:e2:b2:eb:4f:c4:38:ca:
c2:8b:83:1a:79:6f:77:56:89:a3:83:33:62:cb:f2:a3:57:79:
1f:e7:e0:f0:35:f4:03:83:f1:4c:bb:53:14:9f:0e:96:84:06:
d6:c4:63:26:c9:99:d0:2a:c0:c3:ea:c3:db:e3:2e:b7:b4:99:
70:d3:31:6c:b4:56:f1:e4:57:e5:2f:92:dd:e1:b5:3a:b3:93:
8a:88:21:7b:71:ea:f5:ba:15:c6:79:7f:9c:06:c5:1d:0a:62:
07:a5:54:2a:25:90:7b:85:79:c8:50:23:9f:8b:83:43:01:71:
99:83:2d:95:5b:9c:cc:5d:b4:4d:e9:b9:6a:3d:33:57:64:c8:
7d:53:4c:a4:80:92:24:6b:8e:1b:40:c9:f5:28:10:d5:c8:ee:
3c:4b:8b:35:d6:be:98:f3:e5:88:df:4a:06:1d:32:bc:59:fc:
8f:61:a5:ba:73:c9:91:72:f6:ee:ca:cb:64:6d:96:76:aa:6d:
d3:78:8c:60:fd:49:11:ba:0b:32:f6:c8:07:d7:d7:ad:0c:97:
55:fa:70:70:2a:8b:3b:10:bd:b7:ab:18:9a:9b:51:53:d4:16:
0b:f9:dc:46
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ62IFdbbW5Tc72vSG1VjuN7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwMjY0ZDUxYTExMmQwYmMyMmNlYTczMTRjYjA2Y2Y1YTFh
ZTMzZTkwHhcNMjYwNjExMTAwMDMzWhcNMjYwNjEyMTAwMDMzWjAzMTEwLwYDVQQD
EyhkMGYyMzg4MjVmOThjM2MwNTAzMjBjYmNjMGJkODA2MTAxYWU1NWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApXdNxPA6OH2JMFE2ZpapseB6WbJw
WRdopOChlEZ+Pba+ETnjmeNVwm39PEx70DSXbgO0wDysxna6/dPypRsX5ag3R8We
MAtV6nzG2ZKKhSoh3DPFu9eV3pCvlvYqo+4EX2Hf25ug5MGm08K985YNpmrMOEQ4
A7+c/YA0wj64MIXLExIZ2AlsD4iTZZ3/5hoT1DKFFWaSUT/mo9x3TrY7aOq3ND0B
jb+DQt9Y4ABvRrLcf1PV/k5bjV1+B+bsDgz4kokUklYh1wr+oEDSICOa/a4F/X6r
OZz224hoLXeZvVcIakYqhbd3hn1L3iJjF7Eti7jXmovtu5xjDqH5VuwqJQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNDyOIJfmMPAUDIMvMC9gGEBrlXvMB8GA1UdIwQY
MBaAFCAmTVGhEtC8Is6nMUywbPWhrjPpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUNaTlVhRVMwTHdpenFjeFRMQnM5YUd1TS1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy84ODc4ZDktNGYxYy00MjZiLThhNDAt
NjU4MTIwYWU2OGUxLzEvSUNaTlVhRVMwTHdpenFjeFRMQnM5YUd1TS1rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy84ODc4ZDktNGYxYy00MjZiLThhNDAtNjU4MTIwYWU2OGUx
LzEvSUNaTlVhRVMwTHdpenFjeFRMQnM5YUd1TS1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAY+jaUUOa
XnLwXeCc6NI+zLDVavQIGrdgwSLtDr/isutPxDjKwouDGnlvd1aJo4MzYsvyo1d5
H+fg8DX0A4PxTLtTFJ8OloQG1sRjJsmZ0CrAw+rD2+Mut7SZcNMxbLRW8eRX5S+S
3eG1OrOTioghe3Hq9boVxnl/nAbFHQpiB6VUKiWQe4V5yFAjn4uDQwFxmYMtlVuc
zF20Tem5aj0zV2TIfVNMpICSJGuOG0DJ9SgQ1cjuPEuLNda+mPPliN9KBh0yvFn8
j2GlunPJkXL27srLZG2Wdqpt03iMYP1JEboLMvbIB9fXrQyXVfpwcCqLOxC9t6sY
mptRU9QWC/ncRg==
-----END CERTIFICATE-----
Generated at Thu Jun 11 17:53:54 2026 by rpki-client