Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/63a5bb-24d0-4db9-b510-f9973c576b03/1/Iaoo3iG8kfOdvy0BL9VS0i0PWqo.mft
File: Iaoo3iG8kfOdvy0BL9VS0i0PWqo.mft (raw, json)
Hash identifier: rUNwNMTkWo38/i6BgdqDs1w+PZncodxYRHGRETdxYBA=
Subject key identifier: D4:54:04:9B:42:E9:B3:77:53:34:FA:0A:B9:74:38:EE:C8:BB:A6:A7
Authority key identifier: 21:AA:28:DE:21:BC:91:F3:9D:BF:2D:01:2F:D5:52:D2:2D:0F:5A:AA
Certificate issuer: /CN=21aa28de21bc91f39dbf2d012fd552d22d0f5aaa
Certificate serial: 019D38D38A79AB45DB87FB847B545BCB24DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Iaoo3iG8kfOdvy0BL9VS0i0PWqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/63a5bb-24d0-4db9-b510-f9973c576b03/1/Iaoo3iG8kfOdvy0BL9VS0i0PWqo.mft
Manifest number: 1894
Signing time: Sun 29 Mar 2026 09:01:20 +0000
Manifest this update: Sun 29 Mar 2026 09:01:20 +0000
Manifest next update: Mon 30 Mar 2026 09:01:20 +0000
Files and hashes: 1: Iaoo3iG8kfOdvy0BL9VS0i0PWqo.crl (hash: 5aPnp8JsAvDuUlMOyC5ITGeD1NwSvlfSaTu7VRvBppE=)
2: sgqR4WMwXjyOfh_rWVUf5MMjM8s.roa (hash: spwljFTg//vIfCs+4AV5oovDbFK1ooetV57V5ssw4qo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e1/63a5bb-24d0-4db9-b510-f9973c576b03/1/Iaoo3iG8kfOdvy0BL9VS0i0PWqo.crl
rsync://rpki.ripe.net/repository/DEFAULT/e1/63a5bb-24d0-4db9-b510-f9973c576b03/1/Iaoo3iG8kfOdvy0BL9VS0i0PWqo.mft
rsync://rpki.ripe.net/repository/DEFAULT/Iaoo3iG8kfOdvy0BL9VS0i0PWqo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:d3:8a:79:ab:45:db:87:fb:84:7b:54:5b:cb:24:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21aa28de21bc91f39dbf2d012fd552d22d0f5aaa
Validity
Not Before: Mar 29 09:01:20 2026 GMT
Not After : Mar 30 09:01:20 2026 GMT
Subject: CN=d454049b42e9b3775334fa0ab97438eec8bba6a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:6b:91:90:e1:fe:a2:e5:61:00:6d:c0:17:43:
23:26:5d:ba:a7:62:2c:57:08:26:e0:26:be:82:0d:
9e:79:3b:98:72:55:c5:aa:d5:1f:9d:58:5f:1f:ff:
ee:b4:39:5a:eb:d9:aa:1c:e6:a3:7c:13:53:6f:d4:
4b:32:8f:c4:11:03:f4:2d:14:c2:cb:fa:80:ae:e7:
95:12:3e:08:cb:d2:8b:06:1f:a0:84:d4:7f:60:7a:
c3:34:9b:bc:0c:e2:31:d3:ff:5d:8d:b0:79:97:49:
0c:b6:b7:b6:50:20:40:f3:44:12:cf:e9:5e:10:e7:
07:ce:22:74:61:4d:c7:7d:07:78:27:76:ba:99:08:
f7:c1:7e:7f:5c:fb:fa:79:ed:47:a4:a9:bf:b8:f6:
bd:f9:7f:bf:58:a0:67:fe:ce:d1:1a:5a:9f:7d:af:
d2:ac:66:5f:9c:51:05:7a:af:7a:7a:29:ad:63:88:
a2:ce:22:0f:88:36:5b:dc:4d:02:22:c4:47:b6:b6:
4e:21:fc:ce:90:c8:a9:3b:83:7d:99:46:c7:b6:1d:
ae:51:6a:74:56:22:17:63:40:79:bc:4d:00:ba:bc:
57:27:f7:5d:22:e0:e4:42:ec:5c:88:6b:c8:23:e3:
3f:1f:89:92:86:f5:ed:43:e3:80:73:7a:67:40:09:
82:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:54:04:9B:42:E9:B3:77:53:34:FA:0A:B9:74:38:EE:C8:BB:A6:A7
X509v3 Authority Key Identifier:
keyid:21:AA:28:DE:21:BC:91:F3:9D:BF:2D:01:2F:D5:52:D2:2D:0F:5A:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Iaoo3iG8kfOdvy0BL9VS0i0PWqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/63a5bb-24d0-4db9-b510-f9973c576b03/1/Iaoo3iG8kfOdvy0BL9VS0i0PWqo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/63a5bb-24d0-4db9-b510-f9973c576b03/1/Iaoo3iG8kfOdvy0BL9VS0i0PWqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1a:dc:71:e6:80:b1:26:51:35:03:44:cc:a9:4d:58:90:89:d7:
c2:a8:8e:b9:01:42:65:ec:72:5d:2b:e5:c1:6d:48:8f:02:bf:
f1:a8:30:12:02:5e:68:c3:1a:bd:41:a3:93:0a:e4:6c:a1:6d:
4c:f1:78:1d:37:cf:bf:72:cc:58:e9:70:65:11:d1:c2:3c:29:
de:6e:ef:b0:c2:d1:4b:59:72:c9:d2:ea:bc:69:d6:0c:40:d5:
2c:78:34:3a:d5:35:77:c5:ed:e2:0c:2c:c1:95:16:3c:d8:34:
8f:ff:e6:91:83:dd:1b:61:dd:f7:c6:53:c7:1a:ce:85:f4:5e:
25:6a:7b:fa:e8:ce:86:ec:91:d2:9b:2c:b5:e2:2b:99:56:a9:
2c:ec:dc:b1:22:d7:c5:64:8f:b5:25:7b:ac:1c:f0:6e:fa:0b:
0f:44:1b:60:b8:ea:75:92:b2:b7:01:94:3d:e2:86:b2:e6:ca:
6e:49:25:b2:54:57:2c:6b:70:86:1e:e7:44:34:b2:5b:66:43:
57:80:8a:2a:dc:2a:af:40:ee:ac:a3:c6:6a:b8:1c:c3:11:97:
44:0d:51:1a:bc:ce:37:93:27:94:51:60:d0:26:1a:93:d6:3c:
5a:44:9a:a4:59:4f:14:4b:b3:e0:4f:d4:f8:48:26:13:8d:17:
bf:0e:88:06
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0404p5q0Xbh/uEe1RbyyTaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxYWEyOGRlMjFiYzkxZjM5ZGJmMmQwMTJmZDU1MmQyMmQw
ZjVhYWEwHhcNMjYwMzI5MDkwMTIwWhcNMjYwMzMwMDkwMTIwWjAzMTEwLwYDVQQD
EyhkNDU0MDQ5YjQyZTliMzc3NTMzNGZhMGFiOTc0MzhlZWM4YmJhNmE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmGuRkOH+ouVhAG3AF0MjJl26p2Is
Vwgm4Ca+gg2eeTuYclXFqtUfnVhfH//utDla69mqHOajfBNTb9RLMo/EEQP0LRTC
y/qArueVEj4Iy9KLBh+ghNR/YHrDNJu8DOIx0/9djbB5l0kMtre2UCBA80QSz+le
EOcHziJ0YU3HfQd4J3a6mQj3wX5/XPv6ee1HpKm/uPa9+X+/WKBn/s7RGlqffa/S
rGZfnFEFeq96eimtY4iiziIPiDZb3E0CIsRHtrZOIfzOkMipO4N9mUbHth2uUWp0
ViIXY0B5vE0AurxXJ/ddIuDkQuxciGvII+M/H4mShvXtQ+OAc3pnQAmCQwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNRUBJtC6bN3UzT6Crl0OO7Iu6anMB8GA1UdIwQY
MBaAFCGqKN4hvJHznb8tAS/VUtItD1qqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWFvbzNpRzhrZk9kdnkwQkw5VlMwaTBQV3FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS82M2E1YmItMjRkMC00ZGI5LWI1MTAt
Zjk5NzNjNTc2YjAzLzEvSWFvbzNpRzhrZk9kdnkwQkw5VlMwaTBQV3FvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS82M2E1YmItMjRkMC00ZGI5LWI1MTAtZjk5NzNjNTc2YjAz
LzEvSWFvbzNpRzhrZk9kdnkwQkw5VlMwaTBQV3FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGtxx5oCx
JlE1A0TMqU1YkInXwqiOuQFCZexyXSvlwW1IjwK/8agwEgJeaMMavUGjkwrkbKFt
TPF4HTfPv3LMWOlwZRHRwjwp3m7vsMLRS1lyydLqvGnWDEDVLHg0OtU1d8Xt4gws
wZUWPNg0j//mkYPdG2Hd98ZTxxrOhfReJWp7+ujOhuyR0pssteIrmVapLOzcsSLX
xWSPtSV7rBzwbvoLD0QbYLjqdZKytwGUPeKGsubKbkklslRXLGtwhh7nRDSyW2ZD
V4CKKtwqr0DurKPGargcwxGXRA1RGrzON5MnlFFg0CYak9Y8WkSapFlPFEuz4E/U
+EgmE40Xvw6IBg==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:51:24 2026 by rpki-client