Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/30cdbe-11e1-44ca-b654-029e63f0889a/1/iwPcp2MZkDFS8kbgXAaf0aHbXFk.mft
File: iwPcp2MZkDFS8kbgXAaf0aHbXFk.mft (raw, json)
Hash identifier: uqR2oPzwAEY1J1ffDw+jbtCvHRaA0+B1JeVDOv86NcY=
Subject key identifier: FB:96:F0:9E:B0:5A:09:E5:55:79:37:DA:C1:35:9C:2A:28:7C:93:42
Authority key identifier: 8B:03:DC:A7:63:19:90:31:52:F2:46:E0:5C:06:9F:D1:A1:DB:5C:59
Certificate issuer: /CN=8b03dca76319903152f246e05c069fd1a1db5c59
Certificate serial: 019D39AE80B8C86BDE2E460B63A6AEC9BA87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iwPcp2MZkDFS8kbgXAaf0aHbXFk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/30cdbe-11e1-44ca-b654-029e63f0889a/1/iwPcp2MZkDFS8kbgXAaf0aHbXFk.mft
Manifest number: 099B
Signing time: Sun 29 Mar 2026 13:00:30 +0000
Manifest this update: Sun 29 Mar 2026 13:00:30 +0000
Manifest next update: Mon 30 Mar 2026 13:00:30 +0000
Files and hashes: 1: iwPcp2MZkDFS8kbgXAaf0aHbXFk.crl (hash: 63Z7BaLC6h/CXBkiSp/oRkm18G4Q0XiiecJZlCpWK6o=)
2: rTrNf2BtsL1vlw_R__r7UKcCZJk.roa (hash: lQAxfhbBIAhm99xgTizcCxmFSvD0y0yK3pththJkeEg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d7/30cdbe-11e1-44ca-b654-029e63f0889a/1/iwPcp2MZkDFS8kbgXAaf0aHbXFk.crl
rsync://rpki.ripe.net/repository/DEFAULT/d7/30cdbe-11e1-44ca-b654-029e63f0889a/1/iwPcp2MZkDFS8kbgXAaf0aHbXFk.mft
rsync://rpki.ripe.net/repository/DEFAULT/iwPcp2MZkDFS8kbgXAaf0aHbXFk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 13:00:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:ae:80:b8:c8:6b:de:2e:46:0b:63:a6:ae:c9:ba:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b03dca76319903152f246e05c069fd1a1db5c59
Validity
Not Before: Mar 29 13:00:30 2026 GMT
Not After : Mar 30 13:00:30 2026 GMT
Subject: CN=fb96f09eb05a09e5557937dac1359c2a287c9342
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:f0:8d:0e:10:4a:d8:78:e8:51:8b:8f:fb:3c:
c6:ff:88:96:2b:47:44:8b:0a:a3:09:95:7b:ce:33:
de:ca:28:7b:93:cc:f2:78:0e:f5:8a:77:8b:62:3a:
b8:2d:6f:7d:02:d9:22:5f:af:a3:de:27:6b:46:05:
2d:10:26:3d:a1:e3:79:24:a7:ca:bd:45:0c:da:65:
68:96:91:66:f6:07:ae:bc:b7:8c:22:f2:9c:de:df:
04:d1:e9:3f:ac:e2:a8:19:d7:65:5a:47:13:c7:f5:
2d:b4:63:48:b6:1e:a3:80:b5:e6:97:6c:18:d9:2b:
32:cc:75:ac:ec:3b:e7:bc:d4:9a:0b:33:4a:19:cb:
a8:ba:f2:dd:ca:3f:b1:39:7b:b7:3b:66:07:4f:0e:
0d:6a:87:7e:8a:a5:81:72:56:05:b2:77:06:80:56:
4a:0d:6f:88:e3:1f:2d:ad:e5:aa:62:96:e9:88:04:
8e:e7:9f:32:93:cb:98:c3:c3:3b:36:3d:65:de:21:
37:6a:9e:35:98:9e:30:ce:84:a2:04:c1:7d:22:8d:
cf:9a:c1:c0:c6:c1:67:b4:c4:52:58:b2:85:1a:b6:
03:50:d3:27:8a:6a:57:46:e4:e1:cd:b6:be:5e:e8:
d0:7a:bc:5a:07:fa:55:d4:9f:a3:f9:94:67:14:96:
6f:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:96:F0:9E:B0:5A:09:E5:55:79:37:DA:C1:35:9C:2A:28:7C:93:42
X509v3 Authority Key Identifier:
keyid:8B:03:DC:A7:63:19:90:31:52:F2:46:E0:5C:06:9F:D1:A1:DB:5C:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iwPcp2MZkDFS8kbgXAaf0aHbXFk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/30cdbe-11e1-44ca-b654-029e63f0889a/1/iwPcp2MZkDFS8kbgXAaf0aHbXFk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/30cdbe-11e1-44ca-b654-029e63f0889a/1/iwPcp2MZkDFS8kbgXAaf0aHbXFk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
29:39:fa:c0:0e:f7:32:33:86:fb:ac:6a:7c:d7:b3:9c:57:26:
2f:ac:61:38:e5:e5:d9:71:95:98:4a:ba:dd:8a:30:51:01:4e:
2e:12:ef:18:39:3e:52:aa:df:bd:ed:7a:91:16:0a:a1:fe:1a:
82:4c:17:c7:9a:25:32:39:43:f7:46:2a:af:51:89:5d:e8:9d:
c8:83:44:6a:e8:04:a1:f6:77:a1:f4:47:e3:fe:22:d9:45:75:
37:3a:25:69:1e:43:6f:82:18:5d:d8:9a:7a:81:8b:bc:40:86:
5d:b8:e5:5c:13:80:98:86:81:3d:a6:4b:0d:3f:18:cd:21:be:
83:32:50:46:0c:e5:63:03:d8:3e:63:26:c5:e3:c9:7e:07:ee:
ca:11:88:65:5f:27:5e:e0:f5:0d:11:1c:e9:f5:d7:f5:2c:62:
93:f3:a8:ff:05:7b:90:44:a1:fa:9e:bc:93:b9:5a:94:ac:34:
cf:13:f1:99:ab:0f:33:4a:20:f5:b8:b8:ff:5b:7a:aa:fe:5f:
c9:c6:20:16:9e:05:a5:a1:19:b4:03:88:00:2d:14:1d:1b:20:
5c:1e:ea:54:23:85:2c:ea:a2:72:38:e0:df:4b:b4:b0:ad:a9:
1f:72:ef:8b:28:57:ee:55:76:29:d3:52:53:fb:db:90:32:7d:
f2:ca:87:d3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05roC4yGveLkYLY6auybqHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiMDNkY2E3NjMxOTkwMzE1MmYyNDZlMDVjMDY5ZmQxYTFk
YjVjNTkwHhcNMjYwMzI5MTMwMDMwWhcNMjYwMzMwMTMwMDMwWjAzMTEwLwYDVQQD
EyhmYjk2ZjA5ZWIwNWEwOWU1NTU3OTM3ZGFjMTM1OWMyYTI4N2M5MzQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsvCNDhBK2HjoUYuP+zzG/4iWK0dE
iwqjCZV7zjPeyih7k8zyeA71ineLYjq4LW99AtkiX6+j3idrRgUtECY9oeN5JKfK
vUUM2mVolpFm9geuvLeMIvKc3t8E0ek/rOKoGddlWkcTx/UttGNIth6jgLXml2wY
2SsyzHWs7DvnvNSaCzNKGcuouvLdyj+xOXu3O2YHTw4Naod+iqWBclYFsncGgFZK
DW+I4x8treWqYpbpiASO558yk8uYw8M7Nj1l3iE3ap41mJ4wzoSiBMF9Io3PmsHA
xsFntMRSWLKFGrYDUNMnimpXRuThzba+XujQerxaB/pV1J+j+ZRnFJZv8wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPuW8J6wWgnlVXk32sE1nCoofJNCMB8GA1UdIwQY
MBaAFIsD3KdjGZAxUvJG4FwGn9Gh21xZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXdQY3AyTVprREZTOGtiZ1hBYWYwYUhiWEZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy8zMGNkYmUtMTFlMS00NGNhLWI2NTQt
MDI5ZTYzZjA4ODlhLzEvaXdQY3AyTVprREZTOGtiZ1hBYWYwYUhiWEZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy8zMGNkYmUtMTFlMS00NGNhLWI2NTQtMDI5ZTYzZjA4ODlh
LzEvaXdQY3AyTVprREZTOGtiZ1hBYWYwYUhiWEZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKTn6wA73
MjOG+6xqfNeznFcmL6xhOOXl2XGVmEq63YowUQFOLhLvGDk+Uqrfve16kRYKof4a
gkwXx5olMjlD90Yqr1GJXeidyINEaugEofZ3ofRH4/4i2UV1NzolaR5Db4IYXdia
eoGLvECGXbjlXBOAmIaBPaZLDT8YzSG+gzJQRgzlYwPYPmMmxePJfgfuyhGIZV8n
XuD1DREc6fXX9Sxik/Oo/wV7kESh+p68k7lalKw0zxPxmasPM0og9bi4/1t6qv5f
ycYgFp4FpaEZtAOIAC0UHRsgXB7qVCOFLOqicjjg30u0sK2pH3LviyhX7lV2KdNS
U/vbkDJ98sqH0w==
-----END CERTIFICATE-----
Generated at Sun Mar 29 19:13:18 2026 by rpki-client