Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/559e8c-3825-493d-a8c7-fb893e3908d2/1/iydIPcFsMY5a__gyKTDIF_0ZLJE.mft
File: iydIPcFsMY5a__gyKTDIF_0ZLJE.mft (raw, json)
Hash identifier: sQts3LwTGeiGS7iFp6y2hKe1mcspP11D2VYZRc4zEBk=
Subject key identifier: A6:E6:46:82:82:1B:22:22:C9:CC:A9:48:47:AC:8E:A0:81:A5:5E:3B
Authority key identifier: 8B:27:48:3D:C1:6C:31:8E:5A:FF:F8:32:29:30:C8:17:FD:19:2C:91
Certificate issuer: /CN=8b27483dc16c318e5afff8322930c817fd192c91
Certificate serial: 019CAE6C712E74BD0363FCE43765661BD78B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iydIPcFsMY5a__gyKTDIF_0ZLJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/559e8c-3825-493d-a8c7-fb893e3908d2/1/iydIPcFsMY5a__gyKTDIF_0ZLJE.mft
Manifest number: 0BA8
Signing time: Mon 02 Mar 2026 12:01:08 +0000
Manifest this update: Mon 02 Mar 2026 12:01:08 +0000
Manifest next update: Tue 03 Mar 2026 12:01:08 +0000
Files and hashes: 1: 1-oQkBgC1KtD4YbEgIZgWwDGwMZI.roa (hash: dv8y3sb289eQlJ2it24+CyBcLvJoFUqHwqUDVlJyHUA=)
2: iydIPcFsMY5a__gyKTDIF_0ZLJE.crl (hash: GFW1OIYm3ZUjMeabDhQWnk4slL4/kBg066exq8Afet0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3d/559e8c-3825-493d-a8c7-fb893e3908d2/1/iydIPcFsMY5a__gyKTDIF_0ZLJE.crl
rsync://rpki.ripe.net/repository/DEFAULT/3d/559e8c-3825-493d-a8c7-fb893e3908d2/1/iydIPcFsMY5a__gyKTDIF_0ZLJE.mft
rsync://rpki.ripe.net/repository/DEFAULT/iydIPcFsMY5a__gyKTDIF_0ZLJE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 12:01:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ae:6c:71:2e:74:bd:03:63:fc:e4:37:65:66:1b:d7:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b27483dc16c318e5afff8322930c817fd192c91
Validity
Not Before: Mar 2 12:01:08 2026 GMT
Not After : Mar 3 12:01:08 2026 GMT
Subject: CN=a6e64682821b2222c9cca94847ac8ea081a55e3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:3c:b0:8a:ef:32:a9:3d:c2:a3:a3:d0:50:67:
2c:0e:bb:41:e5:8a:2b:1b:58:62:80:08:a0:87:7c:
c1:ad:2c:a5:93:5d:49:8a:77:9f:c1:d2:76:d2:3c:
b6:32:5e:b1:69:3c:5d:e5:51:34:bc:ac:86:8f:9d:
0f:fb:f1:7f:65:bb:35:b1:61:33:71:bf:ab:cf:98:
74:77:8f:3a:41:4f:3f:82:79:0d:6c:49:68:e7:73:
13:58:d8:46:de:de:32:66:67:3d:79:cc:50:81:2a:
02:4b:1a:5f:b9:49:70:25:cf:0e:2c:10:3f:10:ba:
06:e8:89:6e:95:41:fd:e6:dd:9b:bb:8b:2c:5f:1a:
81:da:4a:4d:b3:da:12:6e:8c:0b:f2:84:e8:1b:82:
d2:fd:01:5a:fc:d1:3c:4a:8a:ca:32:88:b4:a0:7d:
7d:89:84:29:f0:dc:d4:d4:db:42:fd:e3:5e:b2:70:
2e:6f:e3:57:fd:ef:d5:24:b6:13:d2:e8:94:66:99:
21:43:8f:3c:40:74:a3:63:da:33:69:8a:cc:4e:46:
b9:3e:c5:84:68:d7:25:73:a6:18:55:c4:27:05:a7:
ae:17:8d:50:c1:49:a6:38:08:16:1b:f3:71:1f:7e:
c4:6c:cb:71:81:1c:bc:83:09:61:30:1c:8a:b7:4a:
27:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:E6:46:82:82:1B:22:22:C9:CC:A9:48:47:AC:8E:A0:81:A5:5E:3B
X509v3 Authority Key Identifier:
keyid:8B:27:48:3D:C1:6C:31:8E:5A:FF:F8:32:29:30:C8:17:FD:19:2C:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iydIPcFsMY5a__gyKTDIF_0ZLJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/559e8c-3825-493d-a8c7-fb893e3908d2/1/iydIPcFsMY5a__gyKTDIF_0ZLJE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/559e8c-3825-493d-a8c7-fb893e3908d2/1/iydIPcFsMY5a__gyKTDIF_0ZLJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
20:25:c2:b8:c4:08:84:7d:e7:66:61:67:aa:16:dd:cc:15:e3:
a0:8f:4d:28:14:f6:6c:ca:47:2b:99:8e:12:47:59:aa:1f:46:
05:17:dd:5f:fc:8b:1c:c0:80:8a:29:3b:28:01:92:24:99:11:
ef:0c:b1:26:33:42:38:93:58:f9:cb:c1:d9:c3:c2:c0:67:42:
8f:37:46:3e:4b:6a:c9:58:85:ed:db:aa:ea:d0:ef:f2:06:0d:
79:63:14:70:b0:95:68:c8:e8:d8:17:43:c5:01:22:fb:79:0c:
40:a1:e0:35:1b:50:73:bb:e2:b1:af:96:20:ae:a0:14:dd:56:
7d:f5:9a:24:10:65:18:dc:9f:0c:46:4b:b7:ba:12:ff:95:d0:
fe:36:11:e3:d5:92:d7:99:88:9c:c3:a8:33:b0:3d:5e:a3:bd:
1e:38:8e:e1:09:13:b6:49:00:3f:ca:ba:fc:99:ef:ec:c0:51:
79:97:cf:9b:a1:cb:0d:d8:ee:e0:03:08:61:f1:5d:df:59:a7:
dd:d8:f8:cd:48:53:04:d6:c3:4e:06:78:cd:13:01:55:56:d8:
38:31:1e:8d:53:67:a8:6e:6c:6e:b1:60:3a:37:6e:83:97:5e:
bb:33:cf:14:c5:a2:41:a6:8a:19:99:c6:65:3e:33:e2:e6:66:
30:f8:cb:04
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyubHEudL0DY/zkN2VmG9eLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiMjc0ODNkYzE2YzMxOGU1YWZmZjgzMjI5MzBjODE3ZmQx
OTJjOTEwHhcNMjYwMzAyMTIwMTA4WhcNMjYwMzAzMTIwMTA4WjAzMTEwLwYDVQQD
EyhhNmU2NDY4MjgyMWIyMjIyYzljY2E5NDg0N2FjOGVhMDgxYTU1ZTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtTywiu8yqT3Co6PQUGcsDrtB5Yor
G1higAigh3zBrSylk11JinefwdJ20jy2Ml6xaTxd5VE0vKyGj50P+/F/Zbs1sWEz
cb+rz5h0d486QU8/gnkNbElo53MTWNhG3t4yZmc9ecxQgSoCSxpfuUlwJc8OLBA/
ELoG6IlulUH95t2bu4ssXxqB2kpNs9oSbowL8oToG4LS/QFa/NE8SorKMoi0oH19
iYQp8NzU1NtC/eNesnAub+NX/e/VJLYT0uiUZpkhQ488QHSjY9ozaYrMTka5PsWE
aNclc6YYVcQnBaeuF41QwUmmOAgWG/NxH37EbMtxgRy8gwlhMByKt0onPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKbmRoKCGyIiycypSEesjqCBpV47MB8GA1UdIwQY
MBaAFIsnSD3BbDGOWv/4MikwyBf9GSyRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXlkSVBjRnNNWTVhX19neUtURElGXzBaTEpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC81NTllOGMtMzgyNS00OTNkLWE4Yzct
ZmI4OTNlMzkwOGQyLzEvaXlkSVBjRnNNWTVhX19neUtURElGXzBaTEpFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC81NTllOGMtMzgyNS00OTNkLWE4YzctZmI4OTNlMzkwOGQy
LzEvaXlkSVBjRnNNWTVhX19neUtURElGXzBaTEpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAICXCuMQI
hH3nZmFnqhbdzBXjoI9NKBT2bMpHK5mOEkdZqh9GBRfdX/yLHMCAiik7KAGSJJkR
7wyxJjNCOJNY+cvB2cPCwGdCjzdGPktqyViF7duq6tDv8gYNeWMUcLCVaMjo2BdD
xQEi+3kMQKHgNRtQc7visa+WIK6gFN1WffWaJBBlGNyfDEZLt7oS/5XQ/jYR49WS
15mInMOoM7A9XqO9HjiO4QkTtkkAP8q6/Jnv7MBReZfPm6HLDdju4AMIYfFd31mn
3dj4zUhTBNbDTgZ4zRMBVVbYODEejVNnqG5sbrFgOjdug5deuzPPFMWiQaaKGZnG
ZT4z4uZmMPjLBA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 18:26:31 2026 by rpki-client