Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/0455d5-ae56-4820-a1e9-9b437dbfd353/1/IEBQzFlTby2UB2koI4kMzdqFRQg.mft
File: IEBQzFlTby2UB2koI4kMzdqFRQg.mft (raw, json)
Hash identifier: sY3H0Fd0LwO4qMfuB00C28+dZF8EG1EqwNb/5yT7l+Q=
Subject key identifier: 64:79:2A:F7:5A:E6:54:F3:BD:A4:0E:69:8B:55:34:DE:4E:10:47:D2
Authority key identifier: 20:40:50:CC:59:53:6F:2D:94:07:69:28:23:89:0C:CD:DA:85:45:08
Certificate issuer: /CN=204050cc59536f2d9407692823890ccdda854508
Certificate serial: 019CAF47FB524236F969402F5EAF5C137C35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IEBQzFlTby2UB2koI4kMzdqFRQg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/0455d5-ae56-4820-a1e9-9b437dbfd353/1/IEBQzFlTby2UB2koI4kMzdqFRQg.mft
Manifest number: 0657
Signing time: Mon 02 Mar 2026 16:00:56 +0000
Manifest this update: Mon 02 Mar 2026 16:00:56 +0000
Manifest next update: Tue 03 Mar 2026 16:00:56 +0000
Files and hashes: 1: IEBQzFlTby2UB2koI4kMzdqFRQg.crl (hash: d7GZe1YXMrdT5hzUeO+DC5qC48F6Z0pI4+4OWt4ZamI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/24/0455d5-ae56-4820-a1e9-9b437dbfd353/1/IEBQzFlTby2UB2koI4kMzdqFRQg.crl
rsync://rpki.ripe.net/repository/DEFAULT/24/0455d5-ae56-4820-a1e9-9b437dbfd353/1/IEBQzFlTby2UB2koI4kMzdqFRQg.mft
rsync://rpki.ripe.net/repository/DEFAULT/IEBQzFlTby2UB2koI4kMzdqFRQg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 15:05:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:af:47:fb:52:42:36:f9:69:40:2f:5e:af:5c:13:7c:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=204050cc59536f2d9407692823890ccdda854508
Validity
Not Before: Mar 2 16:00:56 2026 GMT
Not After : Mar 3 16:00:56 2026 GMT
Subject: CN=64792af75ae654f3bda40e698b5534de4e1047d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:93:42:7b:17:5d:3c:17:52:87:12:4a:3a:b0:
bd:ae:c2:bc:50:4f:8b:d7:ac:68:31:91:5e:e9:7c:
54:d5:12:f7:97:e6:81:87:95:f3:b1:3e:2d:47:75:
d9:61:66:82:94:bd:aa:72:c2:0f:22:ec:a5:ee:c7:
26:e2:a5:e6:46:b0:e8:a6:bb:23:eb:c1:07:95:ba:
fc:27:40:c9:e6:29:95:8c:75:f2:31:ef:cf:67:e1:
99:3c:11:49:c1:bd:07:74:0d:8e:bd:9a:51:0b:32:
8c:22:58:b0:cb:bb:d7:6f:4c:dd:86:4b:eb:c6:ec:
62:f9:eb:92:8c:5a:24:07:a1:d2:96:f5:fd:d9:2a:
1d:80:3b:ef:7d:da:13:a6:8c:f5:24:e2:62:a5:4b:
60:cc:12:d5:89:7b:6e:80:3d:ec:ef:d8:b4:9b:ef:
b3:b4:67:e7:9c:10:e0:32:5d:9b:0e:0e:d4:53:64:
77:e6:9c:70:12:8a:1e:78:aa:54:3e:da:c5:92:0c:
d6:5e:7a:df:31:1c:54:55:4d:89:8f:2d:9f:9a:94:
8b:5f:04:40:3d:c8:bf:97:9a:37:1e:8f:ed:35:b7:
32:22:02:28:f1:8d:9c:ab:d6:51:22:82:b0:7d:f4:
79:4d:6a:f9:2c:58:9d:d1:ff:5d:bf:66:ff:77:66:
b9:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:79:2A:F7:5A:E6:54:F3:BD:A4:0E:69:8B:55:34:DE:4E:10:47:D2
X509v3 Authority Key Identifier:
keyid:20:40:50:CC:59:53:6F:2D:94:07:69:28:23:89:0C:CD:DA:85:45:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IEBQzFlTby2UB2koI4kMzdqFRQg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/0455d5-ae56-4820-a1e9-9b437dbfd353/1/IEBQzFlTby2UB2koI4kMzdqFRQg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/0455d5-ae56-4820-a1e9-9b437dbfd353/1/IEBQzFlTby2UB2koI4kMzdqFRQg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4f:4c:6d:5b:d7:f2:65:70:34:75:b3:ca:da:80:3a:f1:99:39:
f5:9b:7a:36:ca:f7:82:e4:c2:6c:4a:f5:d3:24:27:c7:4c:96:
87:80:e7:ca:5d:72:b5:28:0b:eb:a9:3b:76:b0:07:d1:fd:b3:
2b:8e:d7:fb:45:6b:96:ac:14:23:b3:56:a2:3d:e5:3e:b1:aa:
6e:62:b3:ff:bb:45:fb:92:28:48:87:7b:59:1c:cf:db:ad:60:
b4:d2:98:5a:90:be:00:ff:72:f4:a4:ea:63:13:61:fe:53:9c:
2b:68:87:8d:00:2f:0d:aa:9b:fb:cb:8f:58:d4:28:85:8c:15:
6d:01:a7:90:8f:f9:4f:cc:fd:16:b2:d5:0c:14:ae:d3:92:08:
7f:4a:0d:04:23:cb:49:6f:02:74:34:e5:db:20:06:3e:f8:5b:
28:cc:cc:c5:31:ad:62:47:65:7d:a6:df:b8:5e:42:c2:65:db:
3d:d1:fc:56:86:71:76:33:37:74:8e:4d:5a:3a:19:a5:0b:2c:
cf:59:34:10:8c:12:e0:95:ed:5a:04:95:a5:55:7d:97:5c:6b:
c0:9e:de:59:1c:50:4a:b0:3d:f0:04:6b:0f:a1:39:d1:73:bd:
b8:b9:4e:18:37:c5:c6:0f:79:26:cb:e7:cf:71:6a:6d:3a:fa:
10:da:e7:99
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyvR/tSQjb5aUAvXq9cE3w1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwNDA1MGNjNTk1MzZmMmQ5NDA3NjkyODIzODkwY2NkZGE4
NTQ1MDgwHhcNMjYwMzAyMTYwMDU2WhcNMjYwMzAzMTYwMDU2WjAzMTEwLwYDVQQD
Eyg2NDc5MmFmNzVhZTY1NGYzYmRhNDBlNjk4YjU1MzRkZTRlMTA0N2QyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA15NCexddPBdShxJKOrC9rsK8UE+L
16xoMZFe6XxU1RL3l+aBh5XzsT4tR3XZYWaClL2qcsIPIuyl7scm4qXmRrDoprsj
68EHlbr8J0DJ5imVjHXyMe/PZ+GZPBFJwb0HdA2OvZpRCzKMIliwy7vXb0zdhkvr
xuxi+euSjFokB6HSlvX92SodgDvvfdoTpoz1JOJipUtgzBLViXtugD3s79i0m++z
tGfnnBDgMl2bDg7UU2R35pxwEooeeKpUPtrFkgzWXnrfMRxUVU2Jjy2fmpSLXwRA
Pci/l5o3Ho/tNbcyIgIo8Y2cq9ZRIoKwffR5TWr5LFid0f9dv2b/d2a5SQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGR5Kvda5lTzvaQOaYtVNN5OEEfSMB8GA1UdIwQY
MBaAFCBAUMxZU28tlAdpKCOJDM3ahUUIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUVCUXpGbFRieTJVQjJrb0k0a016ZHFGUlFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8wNDU1ZDUtYWU1Ni00ODIwLWExZTkt
OWI0MzdkYmZkMzUzLzEvSUVCUXpGbFRieTJVQjJrb0k0a016ZHFGUlFnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC8wNDU1ZDUtYWU1Ni00ODIwLWExZTktOWI0MzdkYmZkMzUz
LzEvSUVCUXpGbFRieTJVQjJrb0k0a016ZHFGUlFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAT0xtW9fy
ZXA0dbPK2oA68Zk59Zt6Nsr3guTCbEr10yQnx0yWh4Dnyl1ytSgL66k7drAH0f2z
K47X+0VrlqwUI7NWoj3lPrGqbmKz/7tF+5IoSId7WRzP261gtNKYWpC+AP9y9KTq
YxNh/lOcK2iHjQAvDaqb+8uPWNQohYwVbQGnkI/5T8z9FrLVDBSu05IIf0oNBCPL
SW8CdDTl2yAGPvhbKMzMxTGtYkdlfabfuF5CwmXbPdH8VoZxdjM3dI5NWjoZpQss
z1k0EIwS4JXtWgSVpVV9l1xrwJ7eWRxQSrA98ARrD6E50XO9uLlOGDfFxg95Jsvn
z3FqbTr6ENrnmQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 21:13:51 2026 by rpki-client