Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/988768-f17b-4f59-be09-2deb14c290ed/1/iBmVbdzq4CLP4SPaNzxrERZANo0.mft
File: iBmVbdzq4CLP4SPaNzxrERZANo0.mft (raw, json)
Hash identifier: aMm5tHgsAZ08rjmSxVrnngdTITAQflUpphH/Zg4Ydt0=
Subject key identifier: 1B:0D:7A:E8:25:8E:07:E8:BD:1B:47:28:A4:9D:60:E1:4F:85:89:EE
Authority key identifier: 88:19:95:6D:DC:EA:E0:22:CF:E1:23:DA:37:3C:6B:11:16:40:36:8D
Certificate issuer: /CN=8819956ddceae022cfe123da373c6b111640368d
Certificate serial: 019CADC768AC1ECF70A0506CC4A7D3963A80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iBmVbdzq4CLP4SPaNzxrERZANo0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/988768-f17b-4f59-be09-2deb14c290ed/1/iBmVbdzq4CLP4SPaNzxrERZANo0.mft
Manifest number: 1459
Signing time: Mon 02 Mar 2026 09:00:52 +0000
Manifest this update: Mon 02 Mar 2026 09:00:52 +0000
Manifest next update: Tue 03 Mar 2026 09:00:52 +0000
Files and hashes: 1: Jpa6fmcWWnrngaFT0OUDJvFJNfs.roa (hash: h5s+yud2w3+2pv0SJ9q0YVNu768ah+hczZmwi91mX/Q=)
2: iBmVbdzq4CLP4SPaNzxrERZANo0.crl (hash: EDVxrutALFRTkNAJ4JLRSjdBwwQGTO/BWbWgn/ExwqU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/37/988768-f17b-4f59-be09-2deb14c290ed/1/iBmVbdzq4CLP4SPaNzxrERZANo0.crl
rsync://rpki.ripe.net/repository/DEFAULT/37/988768-f17b-4f59-be09-2deb14c290ed/1/iBmVbdzq4CLP4SPaNzxrERZANo0.mft
rsync://rpki.ripe.net/repository/DEFAULT/iBmVbdzq4CLP4SPaNzxrERZANo0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 09:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ad:c7:68:ac:1e:cf:70:a0:50:6c:c4:a7:d3:96:3a:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8819956ddceae022cfe123da373c6b111640368d
Validity
Not Before: Mar 2 09:00:52 2026 GMT
Not After : Mar 3 09:00:52 2026 GMT
Subject: CN=1b0d7ae8258e07e8bd1b4728a49d60e14f8589ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:d3:39:d4:2f:3f:0d:86:0f:d8:0c:73:7d:39:
d1:92:7b:63:23:69:e3:bb:94:7c:1f:70:9f:db:3e:
43:6a:0d:54:3e:2d:fc:2f:ed:e3:ab:3a:a6:c6:2e:
49:24:48:cc:2d:50:55:f5:43:ff:c2:cd:4d:f5:af:
a9:ef:7b:d0:81:40:fa:7e:8a:56:6a:9d:13:fb:8d:
24:46:31:64:ee:10:21:20:eb:bd:73:94:a8:4d:73:
3a:64:a3:ee:b9:24:f4:c4:b4:f6:be:06:e6:49:f7:
25:f6:7f:9b:c2:08:5d:2e:7c:ca:aa:db:85:fc:53:
bc:38:87:51:77:4c:82:d3:0f:51:7c:f6:19:47:87:
16:5d:42:27:a2:c3:1d:ec:68:36:8a:05:10:d0:1a:
54:d3:af:c2:12:22:39:0b:73:98:54:22:e3:c1:eb:
40:7e:43:72:63:d7:02:3e:cf:1a:64:0b:ca:06:6a:
c3:3e:df:a3:65:cc:45:22:86:89:9c:71:40:81:51:
66:35:6b:df:9f:8a:39:3c:16:8e:24:e5:1c:35:67:
53:e7:f0:e5:a8:65:2e:49:27:a7:c1:bd:9f:b0:dc:
07:67:8d:3a:53:b5:f3:ab:39:f4:8a:4a:d1:92:47:
06:f1:2c:17:c8:5e:62:54:ce:1d:61:71:39:f2:89:
41:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:0D:7A:E8:25:8E:07:E8:BD:1B:47:28:A4:9D:60:E1:4F:85:89:EE
X509v3 Authority Key Identifier:
keyid:88:19:95:6D:DC:EA:E0:22:CF:E1:23:DA:37:3C:6B:11:16:40:36:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iBmVbdzq4CLP4SPaNzxrERZANo0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/988768-f17b-4f59-be09-2deb14c290ed/1/iBmVbdzq4CLP4SPaNzxrERZANo0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/988768-f17b-4f59-be09-2deb14c290ed/1/iBmVbdzq4CLP4SPaNzxrERZANo0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
db:ff:9c:a0:47:e6:eb:8a:37:4b:c6:91:eb:b3:e3:a6:69:3e:
df:e0:92:22:a2:a7:ea:dd:f3:ce:23:c0:a6:e6:d0:e0:e2:7e:
50:d5:64:19:6a:4f:70:1f:4b:9b:16:af:e8:b3:c5:f7:95:71:
2f:80:ff:7d:8d:04:16:80:f5:d8:15:94:e5:09:29:25:1a:a6:
ef:6d:4d:cf:27:2d:fe:29:bf:60:a8:56:4f:98:36:eb:76:6f:
d6:90:2d:8f:c4:c5:49:e5:08:26:d2:b2:e0:62:95:79:a5:56:
28:35:5a:42:1c:38:dc:60:af:89:91:bd:14:31:f7:c5:59:24:
7b:09:c5:37:69:ef:09:38:6a:f8:93:3c:a6:50:1f:fc:06:2b:
d3:8e:59:a0:c4:19:b6:2e:23:b4:48:8b:3e:01:0c:6e:71:dd:
e4:2e:7a:4f:83:96:28:a6:2c:94:96:38:33:c7:2e:d4:49:54:
ee:03:63:a9:40:9d:a0:90:29:5e:0c:00:a0:e3:52:5e:ce:a6:
3a:44:de:3b:58:0b:df:8b:71:0c:26:95:bb:10:17:e0:07:7d:
4f:0e:44:2f:70:7f:b2:da:a1:70:2c:e2:e0:8d:37:ea:6a:5f:
18:cb:a3:ec:77:9d:97:de:17:cb:ab:3c:3a:10:f7:a7:ba:ff:
97:23:78:e6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytx2isHs9woFBsxKfTljqAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4MTk5NTZkZGNlYWUwMjJjZmUxMjNkYTM3M2M2YjExMTY0
MDM2OGQwHhcNMjYwMzAyMDkwMDUyWhcNMjYwMzAzMDkwMDUyWjAzMTEwLwYDVQQD
EygxYjBkN2FlODI1OGUwN2U4YmQxYjQ3MjhhNDlkNjBlMTRmODU4OWVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlNM51C8/DYYP2AxzfTnRkntjI2nj
u5R8H3Cf2z5Dag1UPi38L+3jqzqmxi5JJEjMLVBV9UP/ws1N9a+p73vQgUD6fopW
ap0T+40kRjFk7hAhIOu9c5SoTXM6ZKPuuST0xLT2vgbmSfcl9n+bwghdLnzKqtuF
/FO8OIdRd0yC0w9RfPYZR4cWXUInosMd7Gg2igUQ0BpU06/CEiI5C3OYVCLjwetA
fkNyY9cCPs8aZAvKBmrDPt+jZcxFIoaJnHFAgVFmNWvfn4o5PBaOJOUcNWdT5/Dl
qGUuSSenwb2fsNwHZ406U7Xzqzn0ikrRkkcG8SwXyF5iVM4dYXE58olBGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBsNeugljgfovRtHKKSdYOFPhYnuMB8GA1UdIwQY
MBaAFIgZlW3c6uAiz+Ej2jc8axEWQDaNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUJtVmJkenE0Q0xQNFNQYU56eHJFUlpBTm8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy85ODg3NjgtZjE3Yi00ZjU5LWJlMDkt
MmRlYjE0YzI5MGVkLzEvaUJtVmJkenE0Q0xQNFNQYU56eHJFUlpBTm8wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy85ODg3NjgtZjE3Yi00ZjU5LWJlMDktMmRlYjE0YzI5MGVk
LzEvaUJtVmJkenE0Q0xQNFNQYU56eHJFUlpBTm8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA2/+coEfm
64o3S8aR67Pjpmk+3+CSIqKn6t3zziPApubQ4OJ+UNVkGWpPcB9Lmxav6LPF95Vx
L4D/fY0EFoD12BWU5QkpJRqm721Nzyct/im/YKhWT5g263Zv1pAtj8TFSeUIJtKy
4GKVeaVWKDVaQhw43GCviZG9FDH3xVkkewnFN2nvCThq+JM8plAf/AYr045ZoMQZ
ti4jtEiLPgEMbnHd5C56T4OWKKYslJY4M8cu1ElU7gNjqUCdoJApXgwAoONSXs6m
OkTeO1gL34txDCaVuxAX4Ad9Tw5EL3B/stqhcCzi4I036mpfGMuj7Hedl94Xy6s8
OhD3p7r/lyN45g==
-----END CERTIFICATE-----
Generated at Mon Mar 2 16:49:22 2026 by rpki-client