Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/0aa4d0-05e4-4802-99d8-ecae41446b77/1/iYgl0vBkmJs4x4HyqFNRiaJpKMM.mft
File: iYgl0vBkmJs4x4HyqFNRiaJpKMM.mft (raw, json)
Hash identifier: qb1k9iGENQkqgfxtAwMXfGnsmPfBO/akfCowsTF+MrI=
Subject key identifier: 7D:C1:63:64:36:9E:04:73:65:DE:73:A4:37:15:49:D2:4F:3E:AC:CB
Authority key identifier: 89:88:25:D2:F0:64:98:9B:38:C7:81:F2:A8:53:51:89:A2:69:28:C3
Certificate issuer: /CN=898825d2f064989b38c781f2a8535189a26928c3
Certificate serial: 019CAC47094EF7C429330B8C2FE7FDDBB6C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iYgl0vBkmJs4x4HyqFNRiaJpKMM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/0aa4d0-05e4-4802-99d8-ecae41446b77/1/iYgl0vBkmJs4x4HyqFNRiaJpKMM.mft
Manifest number: 16C9
Signing time: Mon 02 Mar 2026 02:01:02 +0000
Manifest this update: Mon 02 Mar 2026 02:01:02 +0000
Manifest next update: Tue 03 Mar 2026 02:01:02 +0000
Files and hashes: 1: OdO1hcbdWYz_Iw6xZ112ZRiYkk8.roa (hash: 4Z+DfcMImSYQjotfAvXCJO8hXTfYciHRXkQJqaBymoc=)
2: iYgl0vBkmJs4x4HyqFNRiaJpKMM.crl (hash: /6+AGNiy1sMXhI19rio4zjZDq7rKB5Q08EysaDp5UlQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/0aa4d0-05e4-4802-99d8-ecae41446b77/1/iYgl0vBkmJs4x4HyqFNRiaJpKMM.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/0aa4d0-05e4-4802-99d8-ecae41446b77/1/iYgl0vBkmJs4x4HyqFNRiaJpKMM.mft
rsync://rpki.ripe.net/repository/DEFAULT/iYgl0vBkmJs4x4HyqFNRiaJpKMM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ac:47:09:4e:f7:c4:29:33:0b:8c:2f:e7:fd:db:b6:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=898825d2f064989b38c781f2a8535189a26928c3
Validity
Not Before: Mar 2 02:01:02 2026 GMT
Not After : Mar 3 02:01:02 2026 GMT
Subject: CN=7dc16364369e047365de73a4371549d24f3eaccb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:1b:02:37:0f:90:ed:b4:5a:65:f0:6d:26:04:
0d:24:de:ce:09:2c:e4:e1:59:5d:47:37:4b:40:8e:
23:70:e1:24:c6:0c:48:24:29:24:b3:63:f5:94:d5:
08:d6:7d:6f:66:db:01:5d:61:1e:2e:d5:12:0f:a6:
d8:96:23:b9:65:2d:24:a2:5f:3d:f1:99:32:cf:ef:
b6:25:ae:2c:e0:45:34:5f:1d:f8:e8:4f:41:9d:1a:
5e:89:93:cb:69:92:5f:c7:27:63:66:0f:97:d1:81:
5a:f2:76:fa:7f:0f:90:18:88:b7:ee:ef:2c:87:03:
4d:78:bc:56:69:41:28:6a:94:2c:f1:8b:ba:a8:9e:
78:46:42:97:e8:7f:0c:47:4a:a0:72:01:b6:d9:70:
2a:a0:14:cd:86:cb:d0:be:9e:81:75:19:30:6d:ba:
92:62:fe:e6:a4:4d:6a:82:c2:b2:f0:05:7b:c0:2c:
aa:47:1a:92:9a:86:ef:09:95:7f:18:bf:64:c7:18:
87:9d:7e:bd:3d:a4:40:07:2c:87:7b:30:a2:84:9c:
e6:f7:00:51:3f:7e:ad:84:5d:d8:59:bb:57:2b:f2:
30:79:ac:2c:3a:59:23:00:d7:ad:53:b1:aa:bf:61:
62:69:8d:ff:3e:5e:1c:7b:05:69:a2:cb:8f:64:79:
e3:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:C1:63:64:36:9E:04:73:65:DE:73:A4:37:15:49:D2:4F:3E:AC:CB
X509v3 Authority Key Identifier:
keyid:89:88:25:D2:F0:64:98:9B:38:C7:81:F2:A8:53:51:89:A2:69:28:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iYgl0vBkmJs4x4HyqFNRiaJpKMM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/0aa4d0-05e4-4802-99d8-ecae41446b77/1/iYgl0vBkmJs4x4HyqFNRiaJpKMM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/0aa4d0-05e4-4802-99d8-ecae41446b77/1/iYgl0vBkmJs4x4HyqFNRiaJpKMM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5e:4c:7d:b9:7a:c1:9f:dc:62:ba:e7:d3:a5:4a:f5:2d:2b:63:
0f:69:38:03:bf:50:68:8a:e7:89:3e:6d:24:ed:11:dc:57:c5:
f6:31:7d:4f:1b:2a:3f:98:33:8e:b7:9b:d8:f6:f5:b7:cb:10:
49:fd:6f:6e:51:2b:84:75:e7:22:00:14:a7:53:cd:3b:09:14:
99:e8:07:80:bf:95:28:57:cf:d8:d1:68:f5:44:a4:ea:54:6d:
dc:97:63:28:94:d8:99:ec:25:e6:37:00:67:2b:dd:a2:ac:9c:
b3:93:ff:12:03:70:5e:08:65:3c:28:cf:8b:c7:a1:fc:70:a2:
3b:34:55:8f:77:5a:a6:5e:f6:01:b5:22:4b:5a:8a:2e:3a:b0:
6c:ba:d4:62:fb:01:39:3f:99:8a:64:1e:0d:d6:07:a2:d4:83:
ab:ef:a2:6b:4f:d2:84:97:6b:0e:63:64:10:99:0c:28:ed:69:
8a:0b:43:49:c3:a3:c7:2d:bc:62:f8:ed:86:ea:49:a4:bd:44:
9a:1a:72:91:91:83:4b:b0:55:12:9d:08:81:ea:45:1d:2c:e1:
3e:59:ca:d8:29:61:b3:31:e6:15:28:ca:5e:fa:68:11:04:54:
cc:12:2b:d6:d2:23:87:fd:64:9a:b5:27:be:d4:f7:10:1e:c9:
38:92:54:f8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZysRwlO98QpMwuML+f927bCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5ODgyNWQyZjA2NDk4OWIzOGM3ODFmMmE4NTM1MTg5YTI2
OTI4YzMwHhcNMjYwMzAyMDIwMTAyWhcNMjYwMzAzMDIwMTAyWjAzMTEwLwYDVQQD
Eyg3ZGMxNjM2NDM2OWUwNDczNjVkZTczYTQzNzE1NDlkMjRmM2VhY2NiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvhsCNw+Q7bRaZfBtJgQNJN7OCSzk
4VldRzdLQI4jcOEkxgxIJCkks2P1lNUI1n1vZtsBXWEeLtUSD6bYliO5ZS0kol89
8Zkyz++2Ja4s4EU0Xx346E9BnRpeiZPLaZJfxydjZg+X0YFa8nb6fw+QGIi37u8s
hwNNeLxWaUEoapQs8Yu6qJ54RkKX6H8MR0qgcgG22XAqoBTNhsvQvp6BdRkwbbqS
Yv7mpE1qgsKy8AV7wCyqRxqSmobvCZV/GL9kxxiHnX69PaRAByyHezCihJzm9wBR
P36thF3YWbtXK/IweawsOlkjANetU7Gqv2FiaY3/Pl4cewVposuPZHnjGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH3BY2Q2ngRzZd5zpDcVSdJPPqzLMB8GA1UdIwQY
MBaAFImIJdLwZJibOMeB8qhTUYmiaSjDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVlnbDB2QmttSnM0eDRIeXFGTlJpYUpwS01NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi8wYWE0ZDAtMDVlNC00ODAyLTk5ZDgt
ZWNhZTQxNDQ2Yjc3LzEvaVlnbDB2QmttSnM0eDRIeXFGTlJpYUpwS01NLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi8wYWE0ZDAtMDVlNC00ODAyLTk5ZDgtZWNhZTQxNDQ2Yjc3
LzEvaVlnbDB2QmttSnM0eDRIeXFGTlJpYUpwS01NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXkx9uXrB
n9xiuufTpUr1LStjD2k4A79QaIrniT5tJO0R3FfF9jF9TxsqP5gzjreb2Pb1t8sQ
Sf1vblErhHXnIgAUp1PNOwkUmegHgL+VKFfP2NFo9USk6lRt3JdjKJTYmewl5jcA
Zyvdoqycs5P/EgNwXghlPCjPi8eh/HCiOzRVj3dapl72AbUiS1qKLjqwbLrUYvsB
OT+ZimQeDdYHotSDq++ia0/ShJdrDmNkEJkMKO1pigtDScOjxy28YvjthupJpL1E
mhpykZGDS7BVEp0IgepFHSzhPlnK2ClhszHmFSjKXvpoEQRUzBIr1tIjh/1kmrUn
vtT3EB7JOJJU+A==
-----END CERTIFICATE-----
Generated at Mon Mar 2 06:49:35 2026 by rpki-client