Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/02fde7-d326-43de-8520-6d71fe13d61d/1/1QibzgjFXapXtPOjyQcPs5GFPM8.mft
File: 1QibzgjFXapXtPOjyQcPs5GFPM8.mft (raw, json)
Hash identifier: IplvCE2feOVAlTeW9N/+ErrIeE7ZpRDjpP3UQfpF+8Q=
Subject key identifier: 72:17:B3:DC:DA:84:29:F1:7B:6D:17:0B:50:FD:07:8F:38:AE:FF:4F
Authority key identifier: D5:08:9B:CE:08:C5:5D:AA:57:B4:F3:A3:C9:07:0F:B3:91:85:3C:CF
Certificate issuer: /CN=d5089bce08c55daa57b4f3a3c9070fb391853ccf
Certificate serial: 019CEBCB0D55A04F4C77BF55230C2A0BD132
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1QibzgjFXapXtPOjyQcPs5GFPM8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/02fde7-d326-43de-8520-6d71fe13d61d/1/1QibzgjFXapXtPOjyQcPs5GFPM8.mft
Manifest number: 0D3C
Signing time: Sat 14 Mar 2026 10:01:18 +0000
Manifest this update: Sat 14 Mar 2026 10:01:18 +0000
Manifest next update: Sun 15 Mar 2026 10:01:18 +0000
Files and hashes: 1: 1QibzgjFXapXtPOjyQcPs5GFPM8.crl (hash: FbfzT+4s2q5DPScwaWTSr65T7Ea8dSvzOgtMu07nd+I=)
2: PnfxL11O3EjH9h0EH3Rg7luqnAM.roa (hash: i4lQXSpeif5iY7JiCTfcDMb/7WzWvaV3TLIqruxq13Q=)
3: x6wY1hh1UMR03dRTbKZ1rvUylzo.roa (hash: jSu5cUSFLGmQIwJTQdJ25XCFgFKf8LZSMzXzmSmg5w0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e7/02fde7-d326-43de-8520-6d71fe13d61d/1/1QibzgjFXapXtPOjyQcPs5GFPM8.crl
rsync://rpki.ripe.net/repository/DEFAULT/e7/02fde7-d326-43de-8520-6d71fe13d61d/1/1QibzgjFXapXtPOjyQcPs5GFPM8.mft
rsync://rpki.ripe.net/repository/DEFAULT/1QibzgjFXapXtPOjyQcPs5GFPM8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Mar 2026 10:01:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:eb:cb:0d:55:a0:4f:4c:77:bf:55:23:0c:2a:0b:d1:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5089bce08c55daa57b4f3a3c9070fb391853ccf
Validity
Not Before: Mar 14 10:01:18 2026 GMT
Not After : Mar 15 10:01:18 2026 GMT
Subject: CN=7217b3dcda8429f17b6d170b50fd078f38aeff4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:2e:66:7f:cb:28:b2:b6:1a:4b:31:fb:f7:64:
82:39:00:b4:af:8e:45:e7:ba:5f:79:9b:e1:69:06:
ed:84:15:da:6f:e1:7f:2f:f5:f8:ed:77:f5:0b:50:
09:bb:a4:a4:55:7b:72:9d:8d:c3:25:1b:95:e7:d2:
f2:54:39:56:0d:43:ec:89:6c:59:82:00:de:1d:09:
ec:4f:61:d4:70:ad:07:b6:6b:6d:1a:20:78:76:c9:
09:76:2f:ee:5b:b8:7e:07:bf:8c:63:e7:9f:35:da:
84:c1:4d:aa:cc:23:63:3b:79:7e:1a:d5:27:18:c6:
de:10:47:ce:5f:49:7a:58:f7:82:af:51:14:82:95:
53:20:d4:e7:20:25:8d:6a:b3:3f:ed:cf:c3:c5:19:
94:bd:70:62:84:f1:d2:21:68:f6:6f:66:60:25:d6:
48:78:95:6e:57:c7:6f:eb:dc:9f:23:9d:df:18:1b:
4e:05:12:39:d3:53:e8:93:59:fd:0b:9f:55:94:47:
5b:3c:a0:34:6a:c3:a2:2b:82:b4:23:a8:14:4e:4f:
9d:24:06:b6:6d:d0:59:5d:d3:ef:b3:b2:43:9e:56:
4f:6d:18:31:c3:d3:0b:a5:67:0f:41:e9:c8:05:91:
aa:0b:3f:8f:98:8c:68:5b:df:2f:d6:23:15:d1:cf:
95:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:17:B3:DC:DA:84:29:F1:7B:6D:17:0B:50:FD:07:8F:38:AE:FF:4F
X509v3 Authority Key Identifier:
keyid:D5:08:9B:CE:08:C5:5D:AA:57:B4:F3:A3:C9:07:0F:B3:91:85:3C:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1QibzgjFXapXtPOjyQcPs5GFPM8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/02fde7-d326-43de-8520-6d71fe13d61d/1/1QibzgjFXapXtPOjyQcPs5GFPM8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/02fde7-d326-43de-8520-6d71fe13d61d/1/1QibzgjFXapXtPOjyQcPs5GFPM8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
10:cb:e1:09:17:64:05:6c:3d:02:87:c5:18:31:59:f4:4a:93:
8a:7d:a9:c1:da:6c:4a:a6:db:37:9c:53:74:8e:ae:c5:73:28:
9f:7d:c5:28:06:f4:26:ea:5c:c5:f4:8d:6a:e0:f8:ab:d1:a8:
eb:2d:8b:d5:b1:c4:fb:b3:61:1a:9c:8a:1c:5f:dc:21:65:dc:
0e:00:95:8f:6f:b8:b8:0d:87:8f:57:56:c0:e1:6c:64:b3:b5:
43:1f:61:ad:74:02:10:73:48:cc:05:dc:d7:b5:7f:89:15:14:
4d:2b:f7:e4:5e:73:7e:a6:46:38:af:13:4c:89:f0:32:a2:f3:
6c:f5:41:ed:a8:e6:79:71:c3:d8:1a:35:12:47:e4:4b:fc:75:
b0:1a:cd:14:81:10:8a:d2:31:5c:04:a6:ee:96:0d:cb:4d:47:
60:0e:90:36:3a:a9:0a:8b:a0:80:ac:1c:a5:b7:23:20:3d:58:
2b:ed:cc:4e:5e:e1:76:98:69:9d:32:82:7a:70:2b:23:10:a7:
9b:68:26:b5:df:48:50:04:1b:58:71:9f:96:50:e2:39:fb:52:
28:a4:7e:e7:81:f7:61:4c:29:f0:ed:2b:ad:a6:63:55:58:83:
d0:c2:f6:a2:45:a1:27:4c:f5:52:94:cf:1a:1c:a2:6b:a2:b2:
69:8d:36:75
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZzryw1VoE9Md79VIwwqC9EyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1MDg5YmNlMDhjNTVkYWE1N2I0ZjNhM2M5MDcwZmIzOTE4
NTNjY2YwHhcNMjYwMzE0MTAwMTE4WhcNMjYwMzE1MTAwMTE4WjAzMTEwLwYDVQQD
Eyg3MjE3YjNkY2RhODQyOWYxN2I2ZDE3MGI1MGZkMDc4ZjM4YWVmZjRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0y5mf8sosrYaSzH792SCOQC0r45F
57pfeZvhaQbthBXab+F/L/X47Xf1C1AJu6SkVXtynY3DJRuV59LyVDlWDUPsiWxZ
ggDeHQnsT2HUcK0HtmttGiB4dskJdi/uW7h+B7+MY+efNdqEwU2qzCNjO3l+GtUn
GMbeEEfOX0l6WPeCr1EUgpVTINTnICWNarM/7c/DxRmUvXBihPHSIWj2b2ZgJdZI
eJVuV8dv69yfI53fGBtOBRI501Pok1n9C59VlEdbPKA0asOiK4K0I6gUTk+dJAa2
bdBZXdPvs7JDnlZPbRgxw9MLpWcPQenIBZGqCz+PmIxoW98v1iMV0c+VbQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHIXs9zahCnxe20XC1D9B484rv9PMB8GA1UdIwQY
MBaAFNUIm84IxV2qV7Tzo8kHD7ORhTzPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVFpYnpnakZYYXBYdFBPanlRY1BzNUdGUE04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy8wMmZkZTctZDMyNi00M2RlLTg1MjAt
NmQ3MWZlMTNkNjFkLzEvMVFpYnpnakZYYXBYdFBPanlRY1BzNUdGUE04Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy8wMmZkZTctZDMyNi00M2RlLTg1MjAtNmQ3MWZlMTNkNjFk
LzEvMVFpYnpnakZYYXBYdFBPanlRY1BzNUdGUE04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEMvhCRdk
BWw9AofFGDFZ9EqTin2pwdpsSqbbN5xTdI6uxXMon33FKAb0JupcxfSNauD4q9Go
6y2L1bHE+7NhGpyKHF/cIWXcDgCVj2+4uA2Hj1dWwOFsZLO1Qx9hrXQCEHNIzAXc
17V/iRUUTSv35F5zfqZGOK8TTInwMqLzbPVB7ajmeXHD2Bo1EkfkS/x1sBrNFIEQ
itIxXASm7pYNy01HYA6QNjqpCouggKwcpbcjID1YK+3MTl7hdphpnTKCenArIxCn
m2gmtd9IUAQbWHGfllDiOftSKKR+54H3YUwp8O0rraZjVViD0ML2okWhJ0z1UpTP
Ghyia6KyaY02dQ==
-----END CERTIFICATE-----
Generated at Sat Mar 14 19:18:26 2026 by rpki-client