Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/affcbb-c1b3-444a-876c-5b72fb927d1c/1/ivfzLTP2ZGd5pR-yMgHGRC0UUco.mft
File: ivfzLTP2ZGd5pR-yMgHGRC0UUco.mft (raw, json)
Hash identifier: 4ddOeUdNbYSiwhMVhdL5eAnVao0a9EHiRZfADeawp0o=
Subject key identifier: BD:10:C2:D0:10:25:40:06:E5:13:28:7D:C1:2C:52:16:75:A3:01:EE
Authority key identifier: 8A:F7:F3:2D:33:F6:64:67:79:A5:1F:B2:32:01:C6:44:2D:14:51:CA
Certificate issuer: /CN=8af7f32d33f6646779a51fb23201c6442d1451ca
Certificate serial: 019CABD91DC062E6D0384D11AA6E52A1ECD4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ivfzLTP2ZGd5pR-yMgHGRC0UUco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/affcbb-c1b3-444a-876c-5b72fb927d1c/1/ivfzLTP2ZGd5pR-yMgHGRC0UUco.mft
Manifest number: 0C2E
Signing time: Mon 02 Mar 2026 00:00:58 +0000
Manifest this update: Mon 02 Mar 2026 00:00:58 +0000
Manifest next update: Tue 03 Mar 2026 00:00:58 +0000
Files and hashes: 1: 1gk0sLtkOinOBhMkUiRN6708AVA.roa (hash: qx4BeBMu/olO2Xz1c+ij7UE+dLcw4YvlNY6rUOImv/o=)
2: ivfzLTP2ZGd5pR-yMgHGRC0UUco.crl (hash: NRliCgiqsEtPzWYYsZVkONB48uvywJRDUfMFsdhqymg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/affcbb-c1b3-444a-876c-5b72fb927d1c/1/ivfzLTP2ZGd5pR-yMgHGRC0UUco.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/affcbb-c1b3-444a-876c-5b72fb927d1c/1/ivfzLTP2ZGd5pR-yMgHGRC0UUco.mft
rsync://rpki.ripe.net/repository/DEFAULT/ivfzLTP2ZGd5pR-yMgHGRC0UUco.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ab:d9:1d:c0:62:e6:d0:38:4d:11:aa:6e:52:a1:ec:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8af7f32d33f6646779a51fb23201c6442d1451ca
Validity
Not Before: Mar 2 00:00:58 2026 GMT
Not After : Mar 3 00:00:58 2026 GMT
Subject: CN=bd10c2d010254006e513287dc12c521675a301ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:7f:66:74:cc:e1:07:33:2e:ac:de:d4:11:50:
e5:7c:39:24:70:8f:df:f2:49:aa:16:60:a0:6b:e0:
e1:5e:9f:0f:5b:78:e0:85:72:10:7c:31:7c:9c:4c:
0c:bb:68:22:21:1e:e7:65:14:e8:68:64:3c:f7:86:
8e:d2:4a:04:16:14:dc:14:25:60:09:f4:a0:2b:e8:
47:67:2f:04:dc:28:04:42:7d:88:f4:b5:f9:70:87:
40:6c:23:75:46:8f:53:79:81:1a:68:14:fb:fb:15:
d3:7d:eb:36:8f:6b:43:8c:c9:84:f3:e7:18:e7:19:
16:20:7a:26:e3:f3:c4:a7:f6:91:c7:be:3c:a2:23:
3e:e9:8a:78:01:9d:f7:29:bb:ad:39:53:36:06:98:
40:cb:8e:cc:9b:bd:c9:64:89:f4:11:cf:84:d2:a7:
86:f9:07:80:e4:31:51:31:3c:63:dd:6a:a4:ee:94:
35:2e:d2:a1:5d:71:92:ff:99:83:0b:ed:16:ea:15:
51:71:b4:24:ae:a7:32:46:f4:b9:e1:fd:fb:26:b5:
a1:42:de:c7:25:c1:12:38:31:d8:bf:82:c9:ea:a9:
03:70:74:a6:9e:7b:a8:0b:aa:2e:4f:fe:b1:05:42:
fb:dd:6d:f3:88:e0:b5:99:5a:6b:f6:de:f5:39:3f:
94:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:10:C2:D0:10:25:40:06:E5:13:28:7D:C1:2C:52:16:75:A3:01:EE
X509v3 Authority Key Identifier:
keyid:8A:F7:F3:2D:33:F6:64:67:79:A5:1F:B2:32:01:C6:44:2D:14:51:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ivfzLTP2ZGd5pR-yMgHGRC0UUco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/affcbb-c1b3-444a-876c-5b72fb927d1c/1/ivfzLTP2ZGd5pR-yMgHGRC0UUco.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/affcbb-c1b3-444a-876c-5b72fb927d1c/1/ivfzLTP2ZGd5pR-yMgHGRC0UUco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
39:5b:e6:65:04:bb:7f:57:d7:27:60:8b:9d:8e:b6:29:0f:f2:
a3:9e:a4:cd:88:97:f2:cf:4a:eb:13:fd:ea:89:f6:ac:09:13:
1d:50:b2:b5:04:36:a9:14:36:a2:8d:d7:a2:b4:ca:67:f1:9e:
95:9a:7d:be:3b:70:58:09:be:77:b5:1b:20:58:eb:17:b8:d9:
1b:91:37:6d:79:8a:1f:ca:38:1f:91:53:7a:a9:da:5e:62:dd:
7c:b2:90:63:1a:e7:3f:55:c0:1c:0f:11:be:cd:de:12:a5:a4:
88:c9:5a:4f:8a:21:90:ff:54:ed:90:c5:1e:34:21:9d:f6:a3:
b6:5d:ee:eb:dd:67:12:22:d1:22:39:c8:c6:94:eb:5f:da:0f:
37:e2:cd:b6:66:9a:89:6d:f8:5e:34:81:31:fd:d3:16:c1:9d:
8d:5f:38:fa:a4:3f:c5:92:f3:04:6c:20:3f:1e:2c:23:3e:b3:
ea:9a:90:7e:be:be:05:42:45:58:e5:96:d7:24:65:ad:41:46:
0b:b8:c4:6f:75:49:61:1e:1e:38:2b:85:db:b2:aa:ff:96:86:
6a:de:4a:ee:4b:c9:b3:bc:92:55:0e:ad:fd:48:93:86:80:7b:
47:5f:5b:1d:47:44:6a:d4:80:6d:70:a8:5b:cd:f3:5b:1c:d8:
24:9d:ee:3f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyr2R3AYubQOE0Rqm5SoezUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhZjdmMzJkMzNmNjY0Njc3OWE1MWZiMjMyMDFjNjQ0MmQx
NDUxY2EwHhcNMjYwMzAyMDAwMDU4WhcNMjYwMzAzMDAwMDU4WjAzMTEwLwYDVQQD
EyhiZDEwYzJkMDEwMjU0MDA2ZTUxMzI4N2RjMTJjNTIxNjc1YTMwMWVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtX9mdMzhBzMurN7UEVDlfDkkcI/f
8kmqFmCga+DhXp8PW3jghXIQfDF8nEwMu2giIR7nZRToaGQ894aO0koEFhTcFCVg
CfSgK+hHZy8E3CgEQn2I9LX5cIdAbCN1Ro9TeYEaaBT7+xXTfes2j2tDjMmE8+cY
5xkWIHom4/PEp/aRx748oiM+6Yp4AZ33KbutOVM2BphAy47Mm73JZIn0Ec+E0qeG
+QeA5DFRMTxj3Wqk7pQ1LtKhXXGS/5mDC+0W6hVRcbQkrqcyRvS54f37JrWhQt7H
JcESODHYv4LJ6qkDcHSmnnuoC6ouT/6xBUL73W3ziOC1mVpr9t71OT+UEwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL0QwtAQJUAG5RMofcEsUhZ1owHuMB8GA1UdIwQY
MBaAFIr38y0z9mRneaUfsjIBxkQtFFHKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXZmekxUUDJaR2Q1cFIteU1nSEdSQzBVVWNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9hZmZjYmItYzFiMy00NDRhLTg3NmMt
NWI3MmZiOTI3ZDFjLzEvaXZmekxUUDJaR2Q1cFIteU1nSEdSQzBVVWNvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9hZmZjYmItYzFiMy00NDRhLTg3NmMtNWI3MmZiOTI3ZDFj
LzEvaXZmekxUUDJaR2Q1cFIteU1nSEdSQzBVVWNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOVvmZQS7
f1fXJ2CLnY62KQ/yo56kzYiX8s9K6xP96on2rAkTHVCytQQ2qRQ2oo3XorTKZ/Ge
lZp9vjtwWAm+d7UbIFjrF7jZG5E3bXmKH8o4H5FTeqnaXmLdfLKQYxrnP1XAHA8R
vs3eEqWkiMlaT4ohkP9U7ZDFHjQhnfajtl3u691nEiLRIjnIxpTrX9oPN+LNtmaa
iW34XjSBMf3TFsGdjV84+qQ/xZLzBGwgPx4sIz6z6pqQfr6+BUJFWOWW1yRlrUFG
C7jEb3VJYR4eOCuF27Kq/5aGat5K7kvJs7ySVQ6t/UiThoB7R19bHUdEatSAbXCo
W83zWxzYJJ3uPw==
-----END CERTIFICATE-----
Generated at Mon Mar 2 06:47:17 2026 by rpki-client