Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/571244-9c9a-43ac-930c-370c80769831/1/iJiSZOUPOa6IiuMnYQm7qALkWAE.mft
File: iJiSZOUPOa6IiuMnYQm7qALkWAE.mft (raw, json)
Hash identifier: 7gZv9n6GdekoSfm60YCLELAcBvbpqsTrpFHU2DgIPJQ=
Subject key identifier: B9:55:25:EA:D2:73:19:39:D9:C8:10:31:95:DA:20:3B:E7:7D:90:5A
Authority key identifier: 88:98:92:64:E5:0F:39:AE:88:8A:E3:27:61:09:BB:A8:02:E4:58:01
Certificate issuer: /CN=88989264e50f39ae888ae3276109bba802e45801
Certificate serial: 019D38D2E96D7A32696C0B9CFA0CF29D3F42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iJiSZOUPOa6IiuMnYQm7qALkWAE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/571244-9c9a-43ac-930c-370c80769831/1/iJiSZOUPOa6IiuMnYQm7qALkWAE.mft
Manifest number: 0527
Signing time: Sun 29 Mar 2026 09:00:39 +0000
Manifest this update: Sun 29 Mar 2026 09:00:39 +0000
Manifest next update: Mon 30 Mar 2026 09:00:39 +0000
Files and hashes: 1: PatdG5AHcJXdhxLeM5tM5L_BcII.roa (hash: 5h1/nVhqLUoRO6qPdWe0A5C0Fr5YO1aWm/IO1htZdyc=)
2: iJiSZOUPOa6IiuMnYQm7qALkWAE.crl (hash: b2rpJO6Zp5+j58ecnbpf7DIoRZPUlRIp/MnndrdrY+0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/571244-9c9a-43ac-930c-370c80769831/1/iJiSZOUPOa6IiuMnYQm7qALkWAE.crl
rsync://rpki.ripe.net/repository/DEFAULT/da/571244-9c9a-43ac-930c-370c80769831/1/iJiSZOUPOa6IiuMnYQm7qALkWAE.mft
rsync://rpki.ripe.net/repository/DEFAULT/iJiSZOUPOa6IiuMnYQm7qALkWAE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:d2:e9:6d:7a:32:69:6c:0b:9c:fa:0c:f2:9d:3f:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88989264e50f39ae888ae3276109bba802e45801
Validity
Not Before: Mar 29 09:00:39 2026 GMT
Not After : Mar 30 09:00:39 2026 GMT
Subject: CN=b95525ead2731939d9c8103195da203be77d905a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:53:f8:a0:1e:fa:bf:27:03:e4:d5:4e:5b:b1:
43:b7:93:ff:44:14:7a:7c:d2:e9:bd:65:db:4e:07:
db:a1:e4:ec:fa:46:c7:e7:f5:2d:6f:48:c8:ba:c0:
b2:8c:ca:e6:65:13:c9:f8:70:71:ad:6d:a3:5a:ca:
92:a0:f9:b0:6f:c9:f5:9a:98:ca:9f:51:aa:9d:61:
f2:34:65:5d:01:44:fa:89:ce:6c:5a:47:9b:b0:33:
d3:a7:b6:7a:8e:b0:92:e0:02:49:df:ee:bd:af:3c:
92:20:77:75:86:10:c2:4e:75:92:c1:cc:83:26:af:
fb:ad:c3:57:f1:90:01:af:34:6a:17:40:24:1b:f6:
3a:4a:4d:ae:95:1f:40:f5:76:ef:69:c2:94:54:7e:
3c:26:5a:b7:da:44:57:ed:14:a9:5c:b0:e1:17:4f:
a4:a9:03:35:d3:db:aa:fd:9f:3e:b1:30:32:b4:fa:
49:4e:3b:58:ab:f4:e5:80:15:cd:05:6e:0a:3b:cc:
51:70:dd:53:cf:fb:65:e2:66:ba:96:a1:d8:3b:66:
14:4f:cd:c6:42:1e:5a:21:90:06:9d:f3:5e:08:8c:
01:15:c0:43:87:e1:8d:0d:e7:19:ee:c7:a9:c2:ca:
68:f4:65:c5:eb:c8:84:c7:7b:7e:09:c8:8b:4f:4f:
91:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:55:25:EA:D2:73:19:39:D9:C8:10:31:95:DA:20:3B:E7:7D:90:5A
X509v3 Authority Key Identifier:
keyid:88:98:92:64:E5:0F:39:AE:88:8A:E3:27:61:09:BB:A8:02:E4:58:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iJiSZOUPOa6IiuMnYQm7qALkWAE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/571244-9c9a-43ac-930c-370c80769831/1/iJiSZOUPOa6IiuMnYQm7qALkWAE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/571244-9c9a-43ac-930c-370c80769831/1/iJiSZOUPOa6IiuMnYQm7qALkWAE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
32:d8:cb:17:0e:58:ef:43:e0:01:d7:56:fb:39:5f:91:94:49:
a3:b4:2b:95:df:be:48:99:2c:01:72:52:0f:0a:c9:c3:76:df:
73:33:61:cd:7b:18:73:a2:9f:fe:5f:bf:91:62:94:e5:09:73:
e4:54:bf:18:2d:b0:a2:b6:4b:1d:21:82:31:36:6b:b3:97:fc:
a4:28:8b:cc:a2:09:9d:4d:1f:e0:49:eb:c6:5e:7a:ce:71:b5:
1d:a0:cc:6a:7c:90:75:82:03:74:71:8e:16:14:1c:0a:ac:ce:
21:ce:ea:9a:4c:74:d4:f2:7b:fd:98:85:5c:91:7e:ca:0e:c5:
72:ed:4a:1d:47:05:2e:df:28:0e:2c:69:f1:8c:a5:11:c1:0d:
d4:c7:65:a2:05:2c:c6:94:9d:80:0c:4d:e3:69:c9:be:c1:2a:
00:fe:4b:6e:6b:26:72:99:47:f9:e6:bc:41:92:ab:03:72:8e:
4b:06:37:b8:4e:dd:46:c8:35:0e:d1:8e:2b:6e:09:e6:c4:fe:
1b:9c:1a:61:e2:c0:26:cd:eb:03:e3:ef:83:d7:b1:0e:b8:f6:
1a:ed:63:ac:8e:a5:05:1c:67:f2:65:7d:ea:0e:6d:64:bd:c8:
6b:69:15:68:e3:f4:39:89:bd:df:1d:60:0f:c7:a2:e6:96:14:
2f:5a:11:d6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ040ultejJpbAuc+gzynT9CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4OTg5MjY0ZTUwZjM5YWU4ODhhZTMyNzYxMDliYmE4MDJl
NDU4MDEwHhcNMjYwMzI5MDkwMDM5WhcNMjYwMzMwMDkwMDM5WjAzMTEwLwYDVQQD
EyhiOTU1MjVlYWQyNzMxOTM5ZDljODEwMzE5NWRhMjAzYmU3N2Q5MDVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuVP4oB76vycD5NVOW7FDt5P/RBR6
fNLpvWXbTgfboeTs+kbH5/Utb0jIusCyjMrmZRPJ+HBxrW2jWsqSoPmwb8n1mpjK
n1GqnWHyNGVdAUT6ic5sWkebsDPTp7Z6jrCS4AJJ3+69rzySIHd1hhDCTnWSwcyD
Jq/7rcNX8ZABrzRqF0AkG/Y6Sk2ulR9A9XbvacKUVH48Jlq32kRX7RSpXLDhF0+k
qQM109uq/Z8+sTAytPpJTjtYq/TlgBXNBW4KO8xRcN1Tz/tl4ma6lqHYO2YUT83G
Qh5aIZAGnfNeCIwBFcBDh+GNDecZ7sepwspo9GXF68iEx3t+CciLT0+RDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLlVJerScxk52cgQMZXaIDvnfZBaMB8GA1UdIwQY
MBaAFIiYkmTlDzmuiIrjJ2EJu6gC5FgBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUppU1pPVVBPYTZJaXVNbllRbTdxQUxrV0FFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS81NzEyNDQtOWM5YS00M2FjLTkzMGMt
MzcwYzgwNzY5ODMxLzEvaUppU1pPVVBPYTZJaXVNbllRbTdxQUxrV0FFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS81NzEyNDQtOWM5YS00M2FjLTkzMGMtMzcwYzgwNzY5ODMx
LzEvaUppU1pPVVBPYTZJaXVNbllRbTdxQUxrV0FFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMtjLFw5Y
70PgAddW+zlfkZRJo7Qrld++SJksAXJSDwrJw3bfczNhzXsYc6Kf/l+/kWKU5Qlz
5FS/GC2worZLHSGCMTZrs5f8pCiLzKIJnU0f4Enrxl56znG1HaDManyQdYIDdHGO
FhQcCqzOIc7qmkx01PJ7/ZiFXJF+yg7Fcu1KHUcFLt8oDixp8YylEcEN1MdlogUs
xpSdgAxN42nJvsEqAP5LbmsmcplH+ea8QZKrA3KOSwY3uE7dRsg1DtGOK24J5sT+
G5waYeLAJs3rA+Pvg9exDrj2Gu1jrI6lBRxn8mV96g5tZL3Ia2kVaOP0OYm93x1g
D8ei5pYUL1oR1g==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:51:17 2026 by rpki-client