Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/3b8a40-7610-4e4d-9b37-741fa4e10e36/1/ia4iC0do2m4nbmpi7dZ0bY_Dwfs.mft
File: ia4iC0do2m4nbmpi7dZ0bY_Dwfs.mft (raw, json)
Hash identifier: eBMhJNTdqh3iMMbEIW8HTa5lewOlb5obpdMcxQ9vT7o=
Subject key identifier: 32:4B:5C:7C:A4:35:FE:9B:68:01:66:5B:B0:97:C2:29:D6:BD:4D:37
Authority key identifier: 89:AE:22:0B:47:68:DA:6E:27:6E:6A:62:ED:D6:74:6D:8F:C3:C1:FB
Certificate issuer: /CN=89ae220b4768da6e276e6a62edd6746d8fc3c1fb
Certificate serial: 019D37528587EF7A920711E4BA72E460C197
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ia4iC0do2m4nbmpi7dZ0bY_Dwfs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/3b8a40-7610-4e4d-9b37-741fa4e10e36/1/ia4iC0do2m4nbmpi7dZ0bY_Dwfs.mft
Manifest number: 1044
Signing time: Sun 29 Mar 2026 02:00:48 +0000
Manifest this update: Sun 29 Mar 2026 02:00:48 +0000
Manifest next update: Mon 30 Mar 2026 02:00:48 +0000
Files and hashes: 1: ia4iC0do2m4nbmpi7dZ0bY_Dwfs.crl (hash: S5g37b1d/f+D0YyMxiW6DJTCVV7xqQlnk2R+XxXNDfM=)
2: swlvSyg5P2tG5hf6QszpyWKMn_k.roa (hash: bb3L+IeAkS1sZt2NMi7C0qunZyUMt8jC260rx3ny2gs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/3b8a40-7610-4e4d-9b37-741fa4e10e36/1/ia4iC0do2m4nbmpi7dZ0bY_Dwfs.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/3b8a40-7610-4e4d-9b37-741fa4e10e36/1/ia4iC0do2m4nbmpi7dZ0bY_Dwfs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ia4iC0do2m4nbmpi7dZ0bY_Dwfs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 02:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:52:85:87:ef:7a:92:07:11:e4:ba:72:e4:60:c1:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89ae220b4768da6e276e6a62edd6746d8fc3c1fb
Validity
Not Before: Mar 29 02:00:48 2026 GMT
Not After : Mar 30 02:00:48 2026 GMT
Subject: CN=324b5c7ca435fe9b6801665bb097c229d6bd4d37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:f5:66:bc:30:85:ac:f2:fa:23:f4:54:45:a3:
f8:bd:79:d2:d5:04:4e:f3:de:40:db:93:db:06:66:
9f:a9:9b:27:64:99:10:d6:56:15:85:02:58:30:9c:
e2:bb:58:7c:cb:aa:e6:c6:63:fc:5d:9d:d0:fa:9b:
aa:45:55:7f:69:7e:55:3f:a1:34:3a:c1:e2:25:39:
53:33:58:a2:f5:9e:a8:2e:62:d6:b4:e8:bc:05:59:
40:05:e2:46:db:ba:77:1c:90:0b:47:32:56:ea:81:
e3:ed:39:3a:fc:2d:f0:5c:5e:ba:34:7c:7b:17:cc:
60:dd:d8:de:58:a2:79:a9:13:94:99:8f:32:1f:af:
06:88:a3:7f:fc:5a:3e:c8:52:65:97:b7:28:1a:4e:
01:cb:52:8b:28:b2:fc:f8:db:7c:4b:df:02:e3:de:
6a:19:98:1e:8e:22:1d:5f:db:cf:2e:c2:fa:da:73:
29:26:fd:3c:a9:8c:2b:a0:14:f7:39:51:0a:84:5a:
eb:a9:2a:8a:e6:60:b3:92:be:a1:1c:04:09:31:7f:
0a:fd:77:57:d3:c8:00:c9:5b:ca:ee:1b:f9:e8:b7:
98:4b:2c:e2:73:2f:7c:12:81:6f:2e:2b:24:40:d3:
51:86:d3:eb:8f:e2:7c:b1:79:ae:71:55:71:36:6f:
4e:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:4B:5C:7C:A4:35:FE:9B:68:01:66:5B:B0:97:C2:29:D6:BD:4D:37
X509v3 Authority Key Identifier:
keyid:89:AE:22:0B:47:68:DA:6E:27:6E:6A:62:ED:D6:74:6D:8F:C3:C1:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ia4iC0do2m4nbmpi7dZ0bY_Dwfs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/3b8a40-7610-4e4d-9b37-741fa4e10e36/1/ia4iC0do2m4nbmpi7dZ0bY_Dwfs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/3b8a40-7610-4e4d-9b37-741fa4e10e36/1/ia4iC0do2m4nbmpi7dZ0bY_Dwfs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
45:35:16:f4:02:bb:99:83:56:62:f9:0b:8e:fb:91:49:37:f3:
81:01:a4:39:1a:cd:ae:cf:dc:48:26:3d:91:4a:6f:0b:fd:3d:
1c:8f:16:23:be:6b:e5:18:57:72:5f:ba:99:98:c5:1c:b3:88:
50:bf:1f:a6:09:65:f3:2e:07:ea:05:8e:eb:c9:79:43:5c:b5:
2b:90:9c:e0:02:19:7b:90:94:99:87:d0:c7:1f:89:ee:9f:24:
9d:88:95:fa:79:c2:ed:63:0b:9e:77:11:9a:d2:54:e6:99:d2:
d2:dc:06:ee:99:f0:d8:91:c0:93:22:69:4e:4d:62:a5:b9:6d:
40:5d:c1:ac:08:ec:9d:27:25:d3:3a:68:83:de:8e:00:72:77:
8a:ce:81:58:54:0e:7b:5f:ab:29:06:3a:c8:6e:fb:e1:35:2c:
24:64:40:d1:94:29:47:32:fb:e7:1c:f4:7e:6a:e1:1c:a0:bb:
4b:99:34:cc:a3:2b:86:0f:b0:1f:78:f8:1d:2b:69:a5:00:75:
dd:1c:01:53:11:01:cf:7c:45:eb:0e:83:ca:c5:1b:94:7d:97:
cd:56:1d:58:d0:d7:3c:ef:4d:fd:d4:c9:e0:71:d7:c9:4f:d4:
b3:64:ef:ac:30:8b:53:c3:65:19:9d:c7:6e:ab:fd:55:0a:7d:
e7:67:1e:ad
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03UoWH73qSBxHkunLkYMGXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5YWUyMjBiNDc2OGRhNmUyNzZlNmE2MmVkZDY3NDZkOGZj
M2MxZmIwHhcNMjYwMzI5MDIwMDQ4WhcNMjYwMzMwMDIwMDQ4WjAzMTEwLwYDVQQD
EygzMjRiNWM3Y2E0MzVmZTliNjgwMTY2NWJiMDk3YzIyOWQ2YmQ0ZDM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5fVmvDCFrPL6I/RURaP4vXnS1QRO
895A25PbBmafqZsnZJkQ1lYVhQJYMJziu1h8y6rmxmP8XZ3Q+puqRVV/aX5VP6E0
OsHiJTlTM1ii9Z6oLmLWtOi8BVlABeJG27p3HJALRzJW6oHj7Tk6/C3wXF66NHx7
F8xg3djeWKJ5qROUmY8yH68GiKN//Fo+yFJll7coGk4By1KLKLL8+Nt8S98C495q
GZgejiIdX9vPLsL62nMpJv08qYwroBT3OVEKhFrrqSqK5mCzkr6hHAQJMX8K/XdX
08gAyVvK7hv56LeYSyzicy98EoFvLiskQNNRhtPrj+J8sXmucVVxNm9OZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDJLXHykNf6baAFmW7CXwinWvU03MB8GA1UdIwQY
MBaAFImuIgtHaNpuJ25qYu3WdG2Pw8H7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWE0aUMwZG8ybTRuYm1waTdkWjBiWV9Ed2ZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC8zYjhhNDAtNzYxMC00ZTRkLTliMzct
NzQxZmE0ZTEwZTM2LzEvaWE0aUMwZG8ybTRuYm1waTdkWjBiWV9Ed2ZzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC8zYjhhNDAtNzYxMC00ZTRkLTliMzctNzQxZmE0ZTEwZTM2
LzEvaWE0aUMwZG8ybTRuYm1waTdkWjBiWV9Ed2ZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARTUW9AK7
mYNWYvkLjvuRSTfzgQGkORrNrs/cSCY9kUpvC/09HI8WI75r5RhXcl+6mZjFHLOI
UL8fpgll8y4H6gWO68l5Q1y1K5Cc4AIZe5CUmYfQxx+J7p8knYiV+nnC7WMLnncR
mtJU5pnS0twG7pnw2JHAkyJpTk1ipbltQF3BrAjsnScl0zpog96OAHJ3is6BWFQO
e1+rKQY6yG774TUsJGRA0ZQpRzL75xz0fmrhHKC7S5k0zKMrhg+wH3j4HStppQB1
3RwBUxEBz3xF6w6DysUblH2XzVYdWNDXPO9N/dTJ4HHXyU/Us2TvrDCLU8NlGZ3H
bqv9VQp952cerQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:18:41 2026 by rpki-client