Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/89f845-5765-4c11-92cd-8472ca40f7a7/1/I9FK_odQITwoDltovvsYhm95SX8.mft
File: I9FK_odQITwoDltovvsYhm95SX8.mft (raw, json)
Hash identifier: P0CuIOCxda97W2sbat/HLEVwyT7APX2eStjGnxUj4Hk=
Subject key identifier: 1C:9E:2C:10:9E:05:BE:27:66:A3:72:82:30:BF:F6:C7:4F:D1:3E:C1
Authority key identifier: 23:D1:4A:FE:87:50:21:3C:28:0E:5B:68:BE:FB:18:86:6F:79:49:7F
Certificate issuer: /CN=23d14afe8750213c280e5b68befb18866f79497f
Certificate serial: 019CAD9090FB1A83ABEE6D9CF5003CB4B149
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I9FK_odQITwoDltovvsYhm95SX8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/89f845-5765-4c11-92cd-8472ca40f7a7/1/I9FK_odQITwoDltovvsYhm95SX8.mft
Manifest number: 04C9
Signing time: Mon 02 Mar 2026 08:00:58 +0000
Manifest this update: Mon 02 Mar 2026 08:00:58 +0000
Manifest next update: Tue 03 Mar 2026 08:00:58 +0000
Files and hashes: 1: I9FK_odQITwoDltovvsYhm95SX8.crl (hash: rsFxvivU5ogSlc7/G75eIGtqtt/jUgaaTx8Sccp+QTA=)
2: RIbu27-D1A3-MonubZ_zZNoyyNM.roa (hash: /mnXw1tu71r9fbtUEEZDR8gD0rD8atHLNSZPRm849T8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/05/89f845-5765-4c11-92cd-8472ca40f7a7/1/I9FK_odQITwoDltovvsYhm95SX8.crl
rsync://rpki.ripe.net/repository/DEFAULT/05/89f845-5765-4c11-92cd-8472ca40f7a7/1/I9FK_odQITwoDltovvsYhm95SX8.mft
rsync://rpki.ripe.net/repository/DEFAULT/I9FK_odQITwoDltovvsYhm95SX8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 08:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ad:90:90:fb:1a:83:ab:ee:6d:9c:f5:00:3c:b4:b1:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23d14afe8750213c280e5b68befb18866f79497f
Validity
Not Before: Mar 2 08:00:58 2026 GMT
Not After : Mar 3 08:00:58 2026 GMT
Subject: CN=1c9e2c109e05be2766a3728230bff6c74fd13ec1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:ab:27:44:00:d4:2e:44:7d:58:15:5f:a0:d2:
45:cb:b5:91:44:d4:81:27:59:4b:73:a4:4d:dc:01:
1c:f0:df:7b:40:5a:f1:08:7e:fd:ac:a6:bd:8f:5f:
62:a8:58:09:ab:70:b4:45:eb:9c:f8:8e:2a:ee:10:
0f:a8:30:f3:e6:58:e1:4e:75:f5:e3:17:bd:e7:3b:
6f:16:a7:7a:61:88:04:96:a6:38:64:41:00:46:93:
38:a3:47:98:55:55:7a:7d:c2:04:e2:61:1c:f4:35:
31:85:55:de:43:4f:8e:20:20:79:03:fa:65:32:38:
6f:7c:93:be:f4:13:25:d3:75:4f:69:27:03:35:f3:
da:ba:f4:c3:44:dd:b5:41:a8:1c:b7:53:ff:cf:51:
13:8b:55:87:29:bc:78:56:a3:9e:e3:92:4e:96:8f:
a2:d6:e6:ae:f3:77:b4:27:41:8b:a2:bc:cc:e8:d9:
65:e8:12:0f:c9:e5:fb:96:d1:49:3b:ac:80:34:59:
5d:af:cb:19:67:2f:e8:a1:8e:ba:7e:01:50:92:b6:
4a:8a:39:48:45:09:ce:d8:00:61:4a:52:36:04:f9:
53:71:c7:53:18:85:96:be:6b:29:c1:a5:4f:ad:af:
b1:47:18:e4:ea:32:27:5a:91:ec:2b:b9:c9:94:cc:
78:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:9E:2C:10:9E:05:BE:27:66:A3:72:82:30:BF:F6:C7:4F:D1:3E:C1
X509v3 Authority Key Identifier:
keyid:23:D1:4A:FE:87:50:21:3C:28:0E:5B:68:BE:FB:18:86:6F:79:49:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I9FK_odQITwoDltovvsYhm95SX8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/89f845-5765-4c11-92cd-8472ca40f7a7/1/I9FK_odQITwoDltovvsYhm95SX8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/89f845-5765-4c11-92cd-8472ca40f7a7/1/I9FK_odQITwoDltovvsYhm95SX8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
37:d9:c8:df:27:42:36:01:e6:34:87:c2:11:91:47:13:4b:4c:
c3:3c:df:17:36:70:e5:94:c7:74:cd:fc:bf:4e:4d:50:fb:4b:
74:8c:5c:2b:a7:27:71:8a:8a:28:4a:b5:22:ac:3e:f2:aa:53:
cc:85:56:db:e5:6e:97:0c:54:72:a3:10:9f:56:46:7f:77:3a:
10:28:24:fd:b7:76:3f:16:5e:ad:ca:b0:65:5f:05:29:99:72:
28:55:e7:2c:7d:5e:c6:5f:6f:58:59:d4:5a:1e:65:03:cf:95:
25:be:7a:d7:2f:86:22:71:c5:47:9b:c2:5a:52:4e:4a:8c:c7:
bf:74:d3:24:e1:53:03:83:5b:b0:fe:59:44:c2:2c:bd:10:5a:
ea:97:dd:ff:b2:10:b0:05:69:a7:e3:e1:71:b9:7f:17:a0:ef:
f3:64:b6:61:3a:e5:44:8b:d8:41:a0:cf:3e:02:88:74:37:a7:
f8:c2:d5:e0:18:85:de:8b:4e:5b:83:33:43:d8:48:c5:e2:b4:
f2:42:3d:b5:a3:ca:f7:39:0d:03:f4:e1:06:02:71:94:b6:c6:
bc:d5:dc:b4:01:a5:6e:f6:b7:f6:03:c5:ed:90:9d:d7:6f:18:
b3:d7:60:81:a9:05:26:b9:5d:55:ee:b8:73:34:2f:40:bc:8a:
d1:9f:1b:4c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytkJD7GoOr7m2c9QA8tLFJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzZDE0YWZlODc1MDIxM2MyODBlNWI2OGJlZmIxODg2NmY3
OTQ5N2YwHhcNMjYwMzAyMDgwMDU4WhcNMjYwMzAzMDgwMDU4WjAzMTEwLwYDVQQD
EygxYzllMmMxMDllMDViZTI3NjZhMzcyODIzMGJmZjZjNzRmZDEzZWMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwqsnRADULkR9WBVfoNJFy7WRRNSB
J1lLc6RN3AEc8N97QFrxCH79rKa9j19iqFgJq3C0Reuc+I4q7hAPqDDz5ljhTnX1
4xe95ztvFqd6YYgElqY4ZEEARpM4o0eYVVV6fcIE4mEc9DUxhVXeQ0+OICB5A/pl
MjhvfJO+9BMl03VPaScDNfPauvTDRN21Qagct1P/z1ETi1WHKbx4VqOe45JOlo+i
1uau83e0J0GLorzM6Nll6BIPyeX7ltFJO6yANFldr8sZZy/ooY66fgFQkrZKijlI
RQnO2ABhSlI2BPlTccdTGIWWvmspwaVPra+xRxjk6jInWpHsK7nJlMx4awIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFByeLBCeBb4nZqNygjC/9sdP0T7BMB8GA1UdIwQY
MBaAFCPRSv6HUCE8KA5baL77GIZveUl/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTlGS19vZFFJVHdvRGx0b3Z2c1lobTk1U1g4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS84OWY4NDUtNTc2NS00YzExLTkyY2Qt
ODQ3MmNhNDBmN2E3LzEvSTlGS19vZFFJVHdvRGx0b3Z2c1lobTk1U1g4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS84OWY4NDUtNTc2NS00YzExLTkyY2QtODQ3MmNhNDBmN2E3
LzEvSTlGS19vZFFJVHdvRGx0b3Z2c1lobTk1U1g4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAN9nI3ydC
NgHmNIfCEZFHE0tMwzzfFzZw5ZTHdM38v05NUPtLdIxcK6cncYqKKEq1Iqw+8qpT
zIVW2+VulwxUcqMQn1ZGf3c6ECgk/bd2PxZercqwZV8FKZlyKFXnLH1exl9vWFnU
Wh5lA8+VJb561y+GInHFR5vCWlJOSozHv3TTJOFTA4NbsP5ZRMIsvRBa6pfd/7IQ
sAVpp+Phcbl/F6Dv82S2YTrlRIvYQaDPPgKIdDen+MLV4BiF3otOW4MzQ9hIxeK0
8kI9taPK9zkNA/ThBgJxlLbGvNXctAGlbva39gPF7ZCd128Ys9dggakFJrldVe64
czQvQLyK0Z8bTA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 16:07:27 2026 by rpki-client