Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/281dfb-3293-4bab-ba22-1becb5dcd7aa/1/Iw0xH8GUY_3TCt7MkXtfAph0G0Q.mft
File: Iw0xH8GUY_3TCt7MkXtfAph0G0Q.mft (raw, json)
Hash identifier: B7bEjA5td7R7bG7YGtfK4zFFpCtjmZHYzMWAH75RsW4=
Subject key identifier: 89:AF:AF:54:AC:41:DB:2E:7A:92:DE:64:17:1D:AD:CE:98:E0:A9:04
Authority key identifier: 23:0D:31:1F:C1:94:63:FD:D3:0A:DE:CC:91:7B:5F:02:98:74:1B:44
Certificate issuer: /CN=230d311fc19463fdd30adecc917b5f0298741b44
Certificate serial: 019D38D363CD42548CBB6D4158FE09FB9AB1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Iw0xH8GUY_3TCt7MkXtfAph0G0Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/281dfb-3293-4bab-ba22-1becb5dcd7aa/1/Iw0xH8GUY_3TCt7MkXtfAph0G0Q.mft
Manifest number: 12AC
Signing time: Sun 29 Mar 2026 09:01:10 +0000
Manifest this update: Sun 29 Mar 2026 09:01:10 +0000
Manifest next update: Mon 30 Mar 2026 09:01:10 +0000
Files and hashes: 1: 3kj2IZUmhg4c3fn_vDNshjS1bYM.roa (hash: F1j+Rw7AK0w/RfaxR+vC5zwL/WwgyQ05RgO+QAvekpY=)
2: Iw0xH8GUY_3TCt7MkXtfAph0G0Q.crl (hash: fZ68ciOP4+4yDe/2FO3EP8Bkx5psGKmVy2a6y3qs/Jg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c2/281dfb-3293-4bab-ba22-1becb5dcd7aa/1/Iw0xH8GUY_3TCt7MkXtfAph0G0Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/c2/281dfb-3293-4bab-ba22-1becb5dcd7aa/1/Iw0xH8GUY_3TCt7MkXtfAph0G0Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/Iw0xH8GUY_3TCt7MkXtfAph0G0Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:d3:63:cd:42:54:8c:bb:6d:41:58:fe:09:fb:9a:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=230d311fc19463fdd30adecc917b5f0298741b44
Validity
Not Before: Mar 29 09:01:10 2026 GMT
Not After : Mar 30 09:01:10 2026 GMT
Subject: CN=89afaf54ac41db2e7a92de64171dadce98e0a904
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:a8:05:5e:aa:0f:eb:86:0e:47:41:f8:7e:b9:
55:eb:86:85:79:00:61:1f:33:fc:0e:d3:35:90:1c:
e0:bd:6d:e6:a8:c1:ec:2e:97:af:24:4e:f8:42:f7:
e0:d3:55:97:6e:77:3c:11:3d:db:e9:a8:84:ed:ed:
8d:13:a4:7e:95:31:21:12:b8:4f:87:cd:5c:a3:7b:
3d:68:8a:24:87:1a:4e:b9:8f:68:47:14:ef:2a:a5:
67:0a:d4:56:f7:55:ce:bb:5b:1c:17:1e:27:ed:d7:
49:10:e8:7d:90:dd:1a:ab:a0:8e:4f:16:5d:e7:d8:
a0:0c:76:da:a0:14:f3:0d:18:57:27:e3:42:67:7c:
65:e3:57:ed:52:b1:0d:89:fa:87:00:eb:41:90:cd:
0f:21:ad:f2:18:68:a3:3f:b5:bb:f0:4b:d2:78:c2:
5b:7b:19:b1:c3:37:2d:fb:e7:e4:a2:e6:46:ba:1e:
0f:dc:16:32:68:8c:1b:6d:39:bc:79:78:98:ff:4b:
e6:3b:25:ac:0c:ee:30:fd:f1:0e:34:51:c3:a6:1c:
46:d5:3f:9e:72:3b:b3:61:27:86:4b:d3:3c:85:3e:
e3:a6:0f:37:cf:30:0a:ff:0a:2d:e3:5b:88:de:60:
55:b0:49:ce:67:b0:28:6c:86:bb:02:4b:b1:2f:fc:
ea:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:AF:AF:54:AC:41:DB:2E:7A:92:DE:64:17:1D:AD:CE:98:E0:A9:04
X509v3 Authority Key Identifier:
keyid:23:0D:31:1F:C1:94:63:FD:D3:0A:DE:CC:91:7B:5F:02:98:74:1B:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Iw0xH8GUY_3TCt7MkXtfAph0G0Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/281dfb-3293-4bab-ba22-1becb5dcd7aa/1/Iw0xH8GUY_3TCt7MkXtfAph0G0Q.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/281dfb-3293-4bab-ba22-1becb5dcd7aa/1/Iw0xH8GUY_3TCt7MkXtfAph0G0Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
af:f7:0c:50:a5:ff:03:c4:a1:88:f0:87:d1:05:4f:7a:19:7d:
b9:2a:ab:45:99:2a:02:8d:72:73:a4:02:bf:59:79:ad:89:4c:
ac:29:5c:38:ba:7d:c6:2a:e3:43:49:54:19:e5:1a:5b:76:9c:
77:2b:51:74:1d:82:25:de:d8:43:7d:f6:11:d7:1d:68:3e:dc:
a8:0f:1d:d2:3a:a0:6a:8e:61:97:39:f8:ac:98:a4:5e:3f:25:
43:77:48:1a:4b:83:b4:7f:16:77:4b:8b:05:53:b9:4a:a2:1e:
2d:3b:8d:cd:f9:7d:62:93:e1:89:2c:01:6d:27:32:5a:93:5c:
ad:58:5c:77:54:d1:56:84:22:27:36:ed:3e:1a:f9:ad:37:4d:
d9:fb:c5:39:bf:d9:37:79:a3:ea:8f:35:9b:a3:12:19:55:93:
a6:43:4e:b2:69:38:1c:cc:2b:e5:19:f0:e8:89:8d:cb:ae:84:
5d:81:ae:8d:13:18:2f:1c:05:55:4f:d3:a7:1c:5a:e0:a3:9f:
ba:b9:7a:3b:d3:3d:4a:8c:2a:83:a5:51:4b:fc:2b:77:f4:0c:
fa:24:b3:7c:05:a7:5c:e9:a0:3d:74:26:5b:34:43:48:13:e4:
10:85:8a:db:dd:85:85:a7:35:07:21:8c:d7:f1:30:a0:0d:f6:
87:a5:40:aa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0402PNQlSMu21BWP4J+5qxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzMGQzMTFmYzE5NDYzZmRkMzBhZGVjYzkxN2I1ZjAyOTg3
NDFiNDQwHhcNMjYwMzI5MDkwMTEwWhcNMjYwMzMwMDkwMTEwWjAzMTEwLwYDVQQD
Eyg4OWFmYWY1NGFjNDFkYjJlN2E5MmRlNjQxNzFkYWRjZTk4ZTBhOTA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu6gFXqoP64YOR0H4frlV64aFeQBh
HzP8DtM1kBzgvW3mqMHsLpevJE74Qvfg01WXbnc8ET3b6aiE7e2NE6R+lTEhErhP
h81co3s9aIokhxpOuY9oRxTvKqVnCtRW91XOu1scFx4n7ddJEOh9kN0aq6COTxZd
59igDHbaoBTzDRhXJ+NCZ3xl41ftUrENifqHAOtBkM0PIa3yGGijP7W78EvSeMJb
exmxwzct++fkouZGuh4P3BYyaIwbbTm8eXiY/0vmOyWsDO4w/fEONFHDphxG1T+e
cjuzYSeGS9M8hT7jpg83zzAK/wot41uI3mBVsEnOZ7AobIa7AkuxL/zqlQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFImvr1SsQdsuepLeZBcdrc6Y4KkEMB8GA1UdIwQY
MBaAFCMNMR/BlGP90wrezJF7XwKYdBtEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXcweEg4R1VZXzNUQ3Q3TWtYdGZBcGgwRzBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi8yODFkZmItMzI5My00YmFiLWJhMjIt
MWJlY2I1ZGNkN2FhLzEvSXcweEg4R1VZXzNUQ3Q3TWtYdGZBcGgwRzBRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi8yODFkZmItMzI5My00YmFiLWJhMjItMWJlY2I1ZGNkN2Fh
LzEvSXcweEg4R1VZXzNUQ3Q3TWtYdGZBcGgwRzBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAr/cMUKX/
A8ShiPCH0QVPehl9uSqrRZkqAo1yc6QCv1l5rYlMrClcOLp9xirjQ0lUGeUaW3ac
dytRdB2CJd7YQ332EdcdaD7cqA8d0jqgao5hlzn4rJikXj8lQ3dIGkuDtH8Wd0uL
BVO5SqIeLTuNzfl9YpPhiSwBbScyWpNcrVhcd1TRVoQiJzbtPhr5rTdN2fvFOb/Z
N3mj6o81m6MSGVWTpkNOsmk4HMwr5Rnw6ImNy66EXYGujRMYLxwFVU/Tpxxa4KOf
url6O9M9Sowqg6VRS/wrd/QM+iSzfAWnXOmgPXQmWzRDSBPkEIWK292Fhac1ByGM
1/EwoA32h6VAqg==
-----END CERTIFICATE-----
Generated at Sun Mar 29 15:24:22 2026 by rpki-client