Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/a314cc-066e-4c09-a36a-d0bd0e803fd1/1/IkCgcYD88zY191fMFEng1dvU_bg.mft
File: IkCgcYD88zY191fMFEng1dvU_bg.mft (raw, json)
Hash identifier: zHdTgJAu7l40FUH/YcYU6UqJFcAoryiuRjhN1/c0yWc=
Subject key identifier: D2:F2:DD:B4:36:B9:F4:1D:2D:B0:54:13:82:CD:25:B9:CB:A3:94:97
Authority key identifier: 22:40:A0:71:80:FC:F3:36:35:F7:57:CC:14:49:E0:D5:DB:D4:FD:B8
Certificate issuer: /CN=2240a07180fcf33635f757cc1449e0d5dbd4fdb8
Certificate serial: 019D38D3167B9D73F17A00746CAED5619FB0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IkCgcYD88zY191fMFEng1dvU_bg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/a314cc-066e-4c09-a36a-d0bd0e803fd1/1/IkCgcYD88zY191fMFEng1dvU_bg.mft
Manifest number: 0477
Signing time: Sun 29 Mar 2026 09:00:51 +0000
Manifest this update: Sun 29 Mar 2026 09:00:51 +0000
Manifest next update: Mon 30 Mar 2026 09:00:51 +0000
Files and hashes: 1: IkCgcYD88zY191fMFEng1dvU_bg.crl (hash: 6ly6iGX2mJFBQV61E6BOxrC/YzIG7KC+aiycDALW6nc=)
2: PPCzo4aoB52WIulHl2b-W42AOQQ.roa (hash: v7GTmELXw/VVFQyWL5TMg5z0A0nUbHsal/nQ+BR/mNg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/a314cc-066e-4c09-a36a-d0bd0e803fd1/1/IkCgcYD88zY191fMFEng1dvU_bg.crl
rsync://rpki.ripe.net/repository/DEFAULT/d3/a314cc-066e-4c09-a36a-d0bd0e803fd1/1/IkCgcYD88zY191fMFEng1dvU_bg.mft
rsync://rpki.ripe.net/repository/DEFAULT/IkCgcYD88zY191fMFEng1dvU_bg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:d3:16:7b:9d:73:f1:7a:00:74:6c:ae:d5:61:9f:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2240a07180fcf33635f757cc1449e0d5dbd4fdb8
Validity
Not Before: Mar 29 09:00:51 2026 GMT
Not After : Mar 30 09:00:51 2026 GMT
Subject: CN=d2f2ddb436b9f41d2db0541382cd25b9cba39497
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:a2:23:6a:5d:c6:c6:45:e4:ff:4d:0f:b3:c0:
a6:a2:bd:cb:be:e5:95:00:2b:4f:f7:17:7a:21:a9:
40:db:00:b5:8c:90:66:3a:de:82:9c:12:c0:49:e1:
a0:60:f5:e3:f3:24:07:19:3d:f8:d7:df:f7:9c:8a:
20:1f:4f:73:aa:01:ac:d9:6b:bf:c5:53:71:7b:bd:
f9:1f:49:58:bc:b1:c9:55:c9:9b:89:12:ce:49:82:
00:63:86:99:a3:ee:c0:4e:fc:b7:b0:91:93:65:69:
39:48:b7:81:c4:1b:59:34:03:de:a4:92:d7:b1:71:
90:74:73:40:95:94:a7:d3:65:02:1d:33:b6:35:cb:
fd:09:4b:80:84:65:34:c4:c9:b8:5a:81:f5:4c:42:
16:4b:6e:dd:cc:3f:fe:d0:36:39:2b:59:2d:eb:7a:
85:a9:62:de:21:d6:07:6f:da:13:9c:1e:32:ba:e1:
3b:93:67:34:5c:7a:5a:c2:5d:ad:a1:60:c7:22:8d:
68:fa:5f:74:94:52:62:7f:15:67:62:b3:0b:e8:a5:
40:c7:31:6a:39:e1:16:a7:53:16:52:a2:1c:7e:94:
63:eb:5d:93:82:4b:50:c7:1b:1f:d2:b6:9c:35:df:
cd:77:07:61:0e:f3:e3:81:db:da:15:32:9a:ab:c6:
91:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:F2:DD:B4:36:B9:F4:1D:2D:B0:54:13:82:CD:25:B9:CB:A3:94:97
X509v3 Authority Key Identifier:
keyid:22:40:A0:71:80:FC:F3:36:35:F7:57:CC:14:49:E0:D5:DB:D4:FD:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IkCgcYD88zY191fMFEng1dvU_bg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/a314cc-066e-4c09-a36a-d0bd0e803fd1/1/IkCgcYD88zY191fMFEng1dvU_bg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/a314cc-066e-4c09-a36a-d0bd0e803fd1/1/IkCgcYD88zY191fMFEng1dvU_bg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5b:13:03:87:f3:e7:d6:1c:89:80:19:8a:5d:fb:ab:84:18:1e:
2c:ad:fc:ae:69:e1:81:ba:dc:39:00:4a:15:6d:e6:44:11:a8:
4e:6a:52:28:47:00:ab:6c:c5:45:77:ec:37:d3:82:00:7b:21:
91:e5:a1:82:22:df:49:65:ae:fc:9c:89:3c:1f:b4:4e:87:76:
e3:9b:de:f9:9e:93:2c:ce:bc:e2:19:e5:00:bd:19:95:a5:d9:
c5:f3:80:c9:9c:d6:34:e2:f0:85:fd:8e:5f:30:24:7b:fa:1a:
69:71:32:95:35:ad:00:cb:c9:61:b1:a1:0d:e2:bc:90:ce:20:
94:dd:52:fc:3a:93:fc:8a:22:30:34:a0:78:64:8f:94:f0:70:
8d:0e:f9:42:60:5e:d3:5d:d9:05:c4:28:d8:a0:11:b7:be:04:
8c:b6:34:b9:89:2a:f6:2a:47:2a:0b:10:bf:49:4c:45:f9:a9:
e7:6b:cc:8d:96:3f:38:2e:5f:47:e5:3b:b4:f5:65:88:a5:8d:
b6:5a:42:06:80:ef:2a:44:a1:d4:5a:d3:3c:71:fc:ba:f4:9a:
0b:2d:18:4e:2d:02:17:8f:d6:60:bc:f4:d4:ab:d1:da:70:cb:
ff:ee:77:40:a3:6d:93:dd:09:d0:c6:22:0d:35:6a:f4:22:22:
54:95:6f:4c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ040xZ7nXPxegB0bK7VYZ+wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyNDBhMDcxODBmY2YzMzYzNWY3NTdjYzE0NDllMGQ1ZGJk
NGZkYjgwHhcNMjYwMzI5MDkwMDUxWhcNMjYwMzMwMDkwMDUxWjAzMTEwLwYDVQQD
EyhkMmYyZGRiNDM2YjlmNDFkMmRiMDU0MTM4MmNkMjViOWNiYTM5NDk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA16Ijal3GxkXk/00Ps8Cmor3LvuWV
ACtP9xd6IalA2wC1jJBmOt6CnBLASeGgYPXj8yQHGT3419/3nIogH09zqgGs2Wu/
xVNxe735H0lYvLHJVcmbiRLOSYIAY4aZo+7ATvy3sJGTZWk5SLeBxBtZNAPepJLX
sXGQdHNAlZSn02UCHTO2Ncv9CUuAhGU0xMm4WoH1TEIWS27dzD/+0DY5K1kt63qF
qWLeIdYHb9oTnB4yuuE7k2c0XHpawl2toWDHIo1o+l90lFJifxVnYrML6KVAxzFq
OeEWp1MWUqIcfpRj612TgktQxxsf0racNd/NdwdhDvPjgdvaFTKaq8aRLwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNLy3bQ2ufQdLbBUE4LNJbnLo5SXMB8GA1UdIwQY
MBaAFCJAoHGA/PM2NfdXzBRJ4NXb1P24MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWtDZ2NZRDg4elkxOTFmTUZFbmcxZHZVX2JnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9hMzE0Y2MtMDY2ZS00YzA5LWEzNmEt
ZDBiZDBlODAzZmQxLzEvSWtDZ2NZRDg4elkxOTFmTUZFbmcxZHZVX2JnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9hMzE0Y2MtMDY2ZS00YzA5LWEzNmEtZDBiZDBlODAzZmQx
LzEvSWtDZ2NZRDg4elkxOTFmTUZFbmcxZHZVX2JnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWxMDh/Pn
1hyJgBmKXfurhBgeLK38rmnhgbrcOQBKFW3mRBGoTmpSKEcAq2zFRXfsN9OCAHsh
keWhgiLfSWWu/JyJPB+0Tod245ve+Z6TLM684hnlAL0ZlaXZxfOAyZzWNOLwhf2O
XzAke/oaaXEylTWtAMvJYbGhDeK8kM4glN1S/DqT/IoiMDSgeGSPlPBwjQ75QmBe
013ZBcQo2KARt74EjLY0uYkq9ipHKgsQv0lMRfmp52vMjZY/OC5fR+U7tPVliKWN
tlpCBoDvKkSh1FrTPHH8uvSaCy0YTi0CF4/WYLz01KvR2nDL/+53QKNtk90J0MYi
DTVq9CIiVJVvTA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:31:38 2026 by rpki-client