Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/850e96-191f-4dcb-9edb-cd58fa2014dd/1/Iv0bWdXKr3UGvA1cNPMMIVmwQ5g.mft
File: Iv0bWdXKr3UGvA1cNPMMIVmwQ5g.mft (raw, json)
Hash identifier: F7sO05/4X2eSLlU2iqTpzKLVzVjxA/PEqJLPK8BGS3o=
Subject key identifier: 47:44:85:46:3D:09:72:01:29:B3:B6:6F:52:BC:60:4F:D9:F6:55:FC
Authority key identifier: 22:FD:1B:59:D5:CA:AF:75:06:BC:0D:5C:34:F3:0C:21:59:B0:43:98
Certificate issuer: /CN=22fd1b59d5caaf7506bc0d5c34f30c2159b04398
Certificate serial: 019CAEA3CA96648BCF619FA13F2EAC97C69B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Iv0bWdXKr3UGvA1cNPMMIVmwQ5g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/850e96-191f-4dcb-9edb-cd58fa2014dd/1/Iv0bWdXKr3UGvA1cNPMMIVmwQ5g.mft
Manifest number: 0F32
Signing time: Mon 02 Mar 2026 13:01:35 +0000
Manifest this update: Mon 02 Mar 2026 13:01:35 +0000
Manifest next update: Tue 03 Mar 2026 13:01:35 +0000
Files and hashes: 1: Iv0bWdXKr3UGvA1cNPMMIVmwQ5g.crl (hash: Js1JI4EIgOpnjM49C3kAHZl29Ppepk5AYADo1HjphxY=)
2: R843p-38WteuOkSHzbf3qrehiDw.roa (hash: lL8mH/XViDvpJ3MkMI6sLi0P2Yyq2Vj6DtB1Dgsh4+g=)
3: lz_WC5uJeICfjQzpAPaUtpnLmOE.roa (hash: RYYydhlLpv7/DuyZEPW9/qv3fOSivSmlz/esgSVQG5U=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/850e96-191f-4dcb-9edb-cd58fa2014dd/1/Iv0bWdXKr3UGvA1cNPMMIVmwQ5g.crl
rsync://rpki.ripe.net/repository/DEFAULT/20/850e96-191f-4dcb-9edb-cd58fa2014dd/1/Iv0bWdXKr3UGvA1cNPMMIVmwQ5g.mft
rsync://rpki.ripe.net/repository/DEFAULT/Iv0bWdXKr3UGvA1cNPMMIVmwQ5g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 13:01:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ae:a3:ca:96:64:8b:cf:61:9f:a1:3f:2e:ac:97:c6:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22fd1b59d5caaf7506bc0d5c34f30c2159b04398
Validity
Not Before: Mar 2 13:01:35 2026 GMT
Not After : Mar 3 13:01:35 2026 GMT
Subject: CN=474485463d09720129b3b66f52bc604fd9f655fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:d3:f6:ce:59:4c:fc:a2:93:ea:9c:20:a8:f6:
c0:6a:83:13:0a:7f:20:5f:3c:52:36:af:73:e0:8c:
84:ad:8e:72:74:e1:9e:8b:69:1c:0e:74:8b:51:f1:
f2:3e:21:00:83:3b:34:67:37:70:72:c5:a8:cf:d4:
aa:21:3c:db:b3:9b:9d:61:0e:20:67:47:a9:8c:3d:
ec:c3:22:36:b7:56:5c:6e:63:68:ba:55:22:26:1e:
52:3b:b6:38:e3:90:e9:9d:94:39:a2:32:bc:89:2b:
e4:d3:5d:62:c6:7d:67:2a:91:df:f8:81:b4:0a:4e:
76:94:b0:54:0d:d2:25:b9:ba:c5:da:33:18:fa:22:
29:40:32:2b:a3:c3:6f:cb:2e:71:69:e2:e9:19:78:
24:93:48:b0:35:fa:6b:f0:00:ed:4d:46:c9:62:21:
70:76:f8:73:d3:39:f5:ea:ec:58:fa:4a:ef:74:0c:
83:26:14:24:85:3e:74:a8:d1:bc:64:22:ca:e2:fd:
89:d3:b6:6c:c9:cc:37:ff:a8:4a:0c:52:9c:94:cf:
a8:cf:f5:1c:24:69:e8:41:7c:40:5e:c5:f0:92:83:
17:de:0b:5b:17:b0:8d:a7:68:52:84:a1:f2:dd:27:
4c:d7:80:06:c2:2b:77:b5:e3:ab:16:72:1a:eb:20:
2b:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:44:85:46:3D:09:72:01:29:B3:B6:6F:52:BC:60:4F:D9:F6:55:FC
X509v3 Authority Key Identifier:
keyid:22:FD:1B:59:D5:CA:AF:75:06:BC:0D:5C:34:F3:0C:21:59:B0:43:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Iv0bWdXKr3UGvA1cNPMMIVmwQ5g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/850e96-191f-4dcb-9edb-cd58fa2014dd/1/Iv0bWdXKr3UGvA1cNPMMIVmwQ5g.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/850e96-191f-4dcb-9edb-cd58fa2014dd/1/Iv0bWdXKr3UGvA1cNPMMIVmwQ5g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
aa:9b:e3:2e:b9:5b:ad:10:de:a6:e8:a9:89:2e:b7:28:65:5f:
8b:e0:9b:f2:0a:1d:89:d6:bd:1a:82:a9:18:7b:a1:ca:d7:8e:
93:43:1e:32:b3:2b:a7:2a:f2:ce:c9:c9:ac:2e:8b:8a:1b:91:
a7:d2:d6:6c:60:8d:fd:41:8a:32:96:be:6a:9a:24:06:a3:95:
c4:62:07:a5:68:98:f5:b7:df:96:83:ee:2d:5e:dc:95:26:df:
e7:b7:2a:c5:79:57:a1:6f:c6:ae:12:ee:99:39:47:d3:ee:45:
a0:83:fa:b1:04:e9:59:5e:2d:51:6d:b7:be:2e:76:34:b3:e1:
4c:66:4f:22:aa:9b:43:5b:98:53:14:94:3f:5c:57:d0:3c:e5:
46:67:5f:74:f4:33:15:ed:7b:29:9e:38:00:d2:3d:24:cb:7f:
f4:7c:5b:cc:d7:1f:1e:12:42:30:b2:03:91:d8:5d:83:15:d5:
66:55:86:27:29:52:a8:92:27:bd:8e:19:bc:fe:9d:f8:39:0d:
82:83:2b:71:15:f4:f6:2e:fa:43:b2:99:c5:0e:2c:63:78:ff:
8b:54:da:fd:e9:8f:cb:44:f0:03:07:a0:10:99:77:b2:6a:25:
0e:c7:07:55:e8:13:01:ef:2a:72:95:4b:23:7b:5b:3a:16:ec:
c1:2c:72:83
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyuo8qWZIvPYZ+hPy6sl8abMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZmQxYjU5ZDVjYWFmNzUwNmJjMGQ1YzM0ZjMwYzIxNTli
MDQzOTgwHhcNMjYwMzAyMTMwMTM1WhcNMjYwMzAzMTMwMTM1WjAzMTEwLwYDVQQD
Eyg0NzQ0ODU0NjNkMDk3MjAxMjliM2I2NmY1MmJjNjA0ZmQ5ZjY1NWZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm9P2zllM/KKT6pwgqPbAaoMTCn8g
XzxSNq9z4IyErY5ydOGei2kcDnSLUfHyPiEAgzs0ZzdwcsWoz9SqITzbs5udYQ4g
Z0epjD3swyI2t1ZcbmNoulUiJh5SO7Y445DpnZQ5ojK8iSvk011ixn1nKpHf+IG0
Ck52lLBUDdIlubrF2jMY+iIpQDIro8Nvyy5xaeLpGXgkk0iwNfpr8ADtTUbJYiFw
dvhz0zn16uxY+krvdAyDJhQkhT50qNG8ZCLK4v2J07Zsycw3/6hKDFKclM+oz/Uc
JGnoQXxAXsXwkoMX3gtbF7CNp2hShKHy3SdM14AGwit3teOrFnIa6yArDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEdEhUY9CXIBKbO2b1K8YE/Z9lX8MB8GA1UdIwQY
MBaAFCL9G1nVyq91BrwNXDTzDCFZsEOYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXYwYldkWEtyM1VHdkExY05QTU1JVm13UTVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC84NTBlOTYtMTkxZi00ZGNiLTllZGIt
Y2Q1OGZhMjAxNGRkLzEvSXYwYldkWEtyM1VHdkExY05QTU1JVm13UTVnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC84NTBlOTYtMTkxZi00ZGNiLTllZGItY2Q1OGZhMjAxNGRk
LzEvSXYwYldkWEtyM1VHdkExY05QTU1JVm13UTVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqpvjLrlb
rRDepuipiS63KGVfi+Cb8godida9GoKpGHuhyteOk0MeMrMrpyryzsnJrC6LihuR
p9LWbGCN/UGKMpa+apokBqOVxGIHpWiY9bffloPuLV7clSbf57cqxXlXoW/GrhLu
mTlH0+5FoIP6sQTpWV4tUW23vi52NLPhTGZPIqqbQ1uYUxSUP1xX0DzlRmdfdPQz
Fe17KZ44ANI9JMt/9HxbzNcfHhJCMLIDkdhdgxXVZlWGJylSqJInvY4ZvP6d+DkN
goMrcRX09i76Q7KZxQ4sY3j/i1Ta/emPy0TwAwegEJl3smolDscHVegTAe8qcpVL
I3tbOhbswSxygw==
-----END CERTIFICATE-----
Generated at Mon Mar 2 17:54:56 2026 by rpki-client