Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/0aa4d0-05e4-4802-99d8-ecae41446b77/1/iYgl0vBkmJs4x4HyqFNRiaJpKMM.mft
File: iYgl0vBkmJs4x4HyqFNRiaJpKMM.mft (raw, json)
Hash identifier: 3qXlMIkbuQDMr0RDjr7To/1BEh6PW1leGNnEVtz3ZWY=
Subject key identifier: FF:11:4E:46:02:D7:51:97:F4:EA:BE:91:B7:44:6F:F3:AE:91:96:00
Authority key identifier: 89:88:25:D2:F0:64:98:9B:38:C7:81:F2:A8:53:51:89:A2:69:28:C3
Certificate issuer: /CN=898825d2f064989b38c781f2a8535189a26928c3
Certificate serial: 019D97E20CC8B6C0CCB9AA66F76A3E088918
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iYgl0vBkmJs4x4HyqFNRiaJpKMM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/0aa4d0-05e4-4802-99d8-ecae41446b77/1/iYgl0vBkmJs4x4HyqFNRiaJpKMM.mft
Manifest number: 1743
Signing time: Thu 16 Apr 2026 20:01:07 +0000
Manifest this update: Thu 16 Apr 2026 20:01:07 +0000
Manifest next update: Fri 17 Apr 2026 20:01:07 +0000
Files and hashes: 1: OdO1hcbdWYz_Iw6xZ112ZRiYkk8.roa (hash: 4Z+DfcMImSYQjotfAvXCJO8hXTfYciHRXkQJqaBymoc=)
2: iYgl0vBkmJs4x4HyqFNRiaJpKMM.crl (hash: MEMxlbPDE1rvn3ZLYkTWUr3F5Pd7k3VubXkncXqtAzM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/0aa4d0-05e4-4802-99d8-ecae41446b77/1/iYgl0vBkmJs4x4HyqFNRiaJpKMM.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/0aa4d0-05e4-4802-99d8-ecae41446b77/1/iYgl0vBkmJs4x4HyqFNRiaJpKMM.mft
rsync://rpki.ripe.net/repository/DEFAULT/iYgl0vBkmJs4x4HyqFNRiaJpKMM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 20:01:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:97:e2:0c:c8:b6:c0:cc:b9:aa:66:f7:6a:3e:08:89:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=898825d2f064989b38c781f2a8535189a26928c3
Validity
Not Before: Apr 16 20:01:07 2026 GMT
Not After : Apr 17 20:01:07 2026 GMT
Subject: CN=ff114e4602d75197f4eabe91b7446ff3ae919600
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:09:4d:8d:22:d1:b1:da:a0:dd:2d:4d:2c:ab:
b6:c9:89:b1:d5:8e:ba:92:32:f7:ce:22:48:e4:a6:
4b:2a:8a:84:bd:90:23:b3:4b:36:61:d8:76:db:10:
2b:a8:88:1d:4d:53:e6:da:3c:5c:1d:28:30:c7:fc:
6f:5b:75:74:50:b0:cc:e7:51:08:5b:11:54:fb:4c:
ca:61:ad:64:88:09:77:f4:fa:cc:1f:78:8d:66:ef:
7e:76:97:51:4c:a8:a6:bb:b8:44:11:12:c3:33:91:
62:7c:15:54:45:22:74:17:b7:8e:64:85:47:fd:13:
ee:83:1c:3c:f5:15:f2:13:2f:05:45:15:3b:13:a9:
f8:01:fb:c2:a5:a9:b2:57:29:96:1b:ea:b5:ac:59:
e7:23:74:52:4e:16:2f:da:17:06:de:0a:d1:05:30:
85:ae:66:a7:db:20:8c:a1:9f:83:e5:c3:0d:43:2b:
72:70:14:09:94:06:14:05:33:5e:a4:c3:ed:89:4c:
cd:5a:a3:38:3b:e0:30:3d:04:6e:d0:eb:98:f4:c6:
d4:f9:d1:d5:35:1c:44:f8:b2:9a:f7:5a:66:6e:c0:
2c:91:78:a9:0f:7b:fe:08:20:f4:16:61:35:41:bf:
f9:80:e5:94:d6:5d:5f:f5:c6:48:82:95:6f:14:7f:
4c:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:11:4E:46:02:D7:51:97:F4:EA:BE:91:B7:44:6F:F3:AE:91:96:00
X509v3 Authority Key Identifier:
keyid:89:88:25:D2:F0:64:98:9B:38:C7:81:F2:A8:53:51:89:A2:69:28:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iYgl0vBkmJs4x4HyqFNRiaJpKMM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/0aa4d0-05e4-4802-99d8-ecae41446b77/1/iYgl0vBkmJs4x4HyqFNRiaJpKMM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/0aa4d0-05e4-4802-99d8-ecae41446b77/1/iYgl0vBkmJs4x4HyqFNRiaJpKMM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
44:12:f1:68:7e:c4:3e:ec:93:25:d3:82:09:4d:98:5b:c1:05:
d6:e6:e3:ab:48:1f:59:a6:9d:f5:47:b2:ca:b5:cd:a8:1f:f8:
59:45:47:3a:37:9c:3f:47:1f:cf:a9:ea:a1:ab:f6:aa:f4:36:
1e:fa:c2:3f:07:bc:e0:79:0d:b1:22:e0:7e:20:68:56:7c:ad:
a9:ad:9d:c4:63:d9:d7:e6:25:75:ff:92:2c:21:97:23:bd:8e:
cb:97:ac:30:26:3d:ba:ef:43:80:4e:17:37:42:b1:3c:f3:63:
ba:df:d1:53:b0:8a:7f:e8:9b:62:ca:21:e2:fc:5c:a8:09:52:
51:69:94:96:24:83:35:84:48:aa:c0:74:1f:08:6b:0e:77:76:
45:ba:cf:88:b4:09:eb:71:e3:11:b8:0c:4a:b8:37:98:69:74:
99:c5:0a:a2:a6:99:96:32:bf:c4:94:ce:47:74:52:6b:b5:0e:
20:2e:fa:bc:a8:5a:92:bc:e3:77:d0:a9:3c:23:65:c8:a8:ff:
46:b4:2e:4f:0f:6d:dd:46:0b:f3:6d:4c:eb:4a:0f:21:9b:7a:
8b:50:15:c2:aa:17:f9:51:01:20:e5:8f:96:e9:be:8d:1d:10:
ff:ef:98:00:49:11:83:5e:b5:dc:59:7a:da:10:03:d0:38:54:
2a:8a:7f:e3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2X4gzItsDMuapm92o+CIkYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5ODgyNWQyZjA2NDk4OWIzOGM3ODFmMmE4NTM1MTg5YTI2
OTI4YzMwHhcNMjYwNDE2MjAwMTA3WhcNMjYwNDE3MjAwMTA3WjAzMTEwLwYDVQQD
EyhmZjExNGU0NjAyZDc1MTk3ZjRlYWJlOTFiNzQ0NmZmM2FlOTE5NjAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxglNjSLRsdqg3S1NLKu2yYmx1Y66
kjL3ziJI5KZLKoqEvZAjs0s2Ydh22xArqIgdTVPm2jxcHSgwx/xvW3V0ULDM51EI
WxFU+0zKYa1kiAl39PrMH3iNZu9+dpdRTKimu7hEERLDM5FifBVURSJ0F7eOZIVH
/RPugxw89RXyEy8FRRU7E6n4AfvCpamyVymWG+q1rFnnI3RSThYv2hcG3grRBTCF
rman2yCMoZ+D5cMNQytycBQJlAYUBTNepMPtiUzNWqM4O+AwPQRu0OuY9MbU+dHV
NRxE+LKa91pmbsAskXipD3v+CCD0FmE1Qb/5gOWU1l1f9cZIgpVvFH9M/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP8RTkYC11GX9Oq+kbdEb/OukZYAMB8GA1UdIwQY
MBaAFImIJdLwZJibOMeB8qhTUYmiaSjDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVlnbDB2QmttSnM0eDRIeXFGTlJpYUpwS01NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi8wYWE0ZDAtMDVlNC00ODAyLTk5ZDgt
ZWNhZTQxNDQ2Yjc3LzEvaVlnbDB2QmttSnM0eDRIeXFGTlJpYUpwS01NLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi8wYWE0ZDAtMDVlNC00ODAyLTk5ZDgtZWNhZTQxNDQ2Yjc3
LzEvaVlnbDB2QmttSnM0eDRIeXFGTlJpYUpwS01NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARBLxaH7E
PuyTJdOCCU2YW8EF1ubjq0gfWaad9UeyyrXNqB/4WUVHOjecP0cfz6nqoav2qvQ2
HvrCPwe84HkNsSLgfiBoVnytqa2dxGPZ1+Yldf+SLCGXI72Oy5esMCY9uu9DgE4X
N0KxPPNjut/RU7CKf+ibYsoh4vxcqAlSUWmUliSDNYRIqsB0HwhrDnd2RbrPiLQJ
63HjEbgMSrg3mGl0mcUKoqaZljK/xJTOR3RSa7UOIC76vKhakrzjd9CpPCNlyKj/
RrQuTw9t3UYL821M60oPIZt6i1AVwqoX+VEBIOWPlum+jR0Q/++YAEkRg1613Fl6
2hAD0DhUKop/4w==
-----END CERTIFICATE-----
Generated at Fri Apr 17 04:51:07 2026 by rpki-client