Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/559e8c-3825-493d-a8c7-fb893e3908d2/1/iydIPcFsMY5a__gyKTDIF_0ZLJE.mft
File: iydIPcFsMY5a__gyKTDIF_0ZLJE.mft (raw, json)
Hash identifier: 4HgmiqXcyXLevBAL6/ddB8oVBPdEOlPlI0sGOsG2F+g=
Subject key identifier: 66:52:12:62:6E:09:19:EB:88:C3:33:F6:BA:C2:D2:BE:F4:20:32:FB
Authority key identifier: 8B:27:48:3D:C1:6C:31:8E:5A:FF:F8:32:29:30:C8:17:FD:19:2C:91
Certificate issuer: /CN=8b27483dc16c318e5afff8322930c817fd192c91
Certificate serial: 019D981854D5D2407AC518EE327C5D82AAAF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iydIPcFsMY5a__gyKTDIF_0ZLJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/559e8c-3825-493d-a8c7-fb893e3908d2/1/iydIPcFsMY5a__gyKTDIF_0ZLJE.mft
Manifest number: 0C21
Signing time: Thu 16 Apr 2026 21:00:24 +0000
Manifest this update: Thu 16 Apr 2026 21:00:24 +0000
Manifest next update: Fri 17 Apr 2026 21:00:24 +0000
Files and hashes: 1: 1-oQkBgC1KtD4YbEgIZgWwDGwMZI.roa (hash: dv8y3sb289eQlJ2it24+CyBcLvJoFUqHwqUDVlJyHUA=)
2: iydIPcFsMY5a__gyKTDIF_0ZLJE.crl (hash: HugmOnUYnajyZ9+g/JT77goCdyXGNWZoVQlKJu2ScNI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3d/559e8c-3825-493d-a8c7-fb893e3908d2/1/iydIPcFsMY5a__gyKTDIF_0ZLJE.crl
rsync://rpki.ripe.net/repository/DEFAULT/3d/559e8c-3825-493d-a8c7-fb893e3908d2/1/iydIPcFsMY5a__gyKTDIF_0ZLJE.mft
rsync://rpki.ripe.net/repository/DEFAULT/iydIPcFsMY5a__gyKTDIF_0ZLJE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 21:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:98:18:54:d5:d2:40:7a:c5:18:ee:32:7c:5d:82:aa:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b27483dc16c318e5afff8322930c817fd192c91
Validity
Not Before: Apr 16 21:00:24 2026 GMT
Not After : Apr 17 21:00:24 2026 GMT
Subject: CN=665212626e0919eb88c333f6bac2d2bef42032fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:80:ff:17:94:d7:41:bb:8a:7f:d0:9f:b2:c2:
93:3e:28:40:2e:fe:c2:a0:14:d5:6b:8d:b0:f5:36:
4d:a9:08:0e:88:a2:d9:8f:7c:b8:54:24:8a:93:e6:
5f:68:d8:9b:a8:f0:ad:2f:ff:22:bd:3b:2a:b8:bb:
1a:06:ab:d6:a1:c0:41:0c:79:0f:be:1d:ac:60:b8:
39:26:b3:d2:5d:a7:7f:d9:56:69:1e:9e:df:a4:10:
08:35:44:4c:25:96:6a:3e:53:b3:d0:95:11:a4:32:
b8:b5:4d:8c:18:9b:19:c1:60:ca:20:44:f2:13:76:
78:85:71:8d:5e:95:33:a4:a4:5a:ae:51:53:b2:ae:
69:4c:a5:2f:77:1c:00:87:d4:6c:57:81:9f:c4:f0:
32:59:68:20:e3:e1:b9:db:00:06:b8:1b:31:e5:63:
b1:45:5e:39:70:3a:98:43:c0:05:38:ff:a4:74:8c:
c0:b5:8c:4d:0e:c0:a2:a7:0f:33:f9:10:ad:e2:cc:
37:cf:8c:77:54:a6:6f:8e:c6:0f:a0:d7:32:68:ad:
9b:e1:2c:89:19:56:49:2d:fc:15:97:7a:0f:05:0d:
6f:92:53:d3:e0:52:21:f1:0b:1f:9d:19:ea:4e:5d:
50:f3:ca:1b:0a:bb:a0:69:25:14:da:ef:8a:40:12:
3d:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:52:12:62:6E:09:19:EB:88:C3:33:F6:BA:C2:D2:BE:F4:20:32:FB
X509v3 Authority Key Identifier:
keyid:8B:27:48:3D:C1:6C:31:8E:5A:FF:F8:32:29:30:C8:17:FD:19:2C:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iydIPcFsMY5a__gyKTDIF_0ZLJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/559e8c-3825-493d-a8c7-fb893e3908d2/1/iydIPcFsMY5a__gyKTDIF_0ZLJE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/559e8c-3825-493d-a8c7-fb893e3908d2/1/iydIPcFsMY5a__gyKTDIF_0ZLJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
bf:06:b1:95:8d:cd:cf:e2:52:f0:7c:b1:f0:3a:dc:95:50:87:
47:5b:6b:53:b6:73:e6:07:b2:76:e4:f1:8a:33:f8:8c:a5:57:
29:fe:1e:1f:d2:00:69:d3:05:9c:cd:8f:31:0c:89:54:f8:d9:
8a:bf:ef:79:67:1f:f2:bf:b1:4e:c7:9c:dd:95:88:e0:4b:21:
88:6f:2d:a0:73:0e:74:87:8c:a9:34:0f:d2:c1:60:f5:1e:25:
b3:a0:48:ba:4f:13:0b:1e:0a:fb:6a:43:94:59:ea:80:2e:16:
b7:a2:26:8f:50:2a:0b:1d:99:37:38:1e:13:3a:e4:f3:09:49:
6e:8f:ea:01:f0:38:b3:16:d9:6a:ea:40:e2:48:32:8f:de:17:
a8:06:03:7d:b6:2d:8e:cb:2d:b6:6f:01:8e:34:2a:6c:c3:b3:
d4:be:bd:ae:b8:f0:e0:e1:fb:1a:1d:5c:e3:27:a3:c8:68:38:
d2:1b:c5:12:39:87:56:e9:a1:8d:2c:8f:0f:44:b4:94:8e:5a:
be:4f:3f:44:d7:f4:82:ce:44:48:18:00:9d:d9:eb:9b:af:41:
a7:6e:05:b8:dc:46:fb:e1:3c:13:79:a0:d6:a6:49:2e:12:1c:
64:e9:4b:d9:fd:8f:1b:87:25:2a:0c:ce:4d:ca:37:44:40:0d:
54:07:6d:71
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2YGFTV0kB6xRjuMnxdgqqvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiMjc0ODNkYzE2YzMxOGU1YWZmZjgzMjI5MzBjODE3ZmQx
OTJjOTEwHhcNMjYwNDE2MjEwMDI0WhcNMjYwNDE3MjEwMDI0WjAzMTEwLwYDVQQD
Eyg2NjUyMTI2MjZlMDkxOWViODhjMzMzZjZiYWMyZDJiZWY0MjAzMmZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAooD/F5TXQbuKf9CfssKTPihALv7C
oBTVa42w9TZNqQgOiKLZj3y4VCSKk+ZfaNibqPCtL/8ivTsquLsaBqvWocBBDHkP
vh2sYLg5JrPSXad/2VZpHp7fpBAINURMJZZqPlOz0JURpDK4tU2MGJsZwWDKIETy
E3Z4hXGNXpUzpKRarlFTsq5pTKUvdxwAh9RsV4GfxPAyWWgg4+G52wAGuBsx5WOx
RV45cDqYQ8AFOP+kdIzAtYxNDsCipw8z+RCt4sw3z4x3VKZvjsYPoNcyaK2b4SyJ
GVZJLfwVl3oPBQ1vklPT4FIh8QsfnRnqTl1Q88obCrugaSUU2u+KQBI9UQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGZSEmJuCRnriMMz9rrC0r70IDL7MB8GA1UdIwQY
MBaAFIsnSD3BbDGOWv/4MikwyBf9GSyRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXlkSVBjRnNNWTVhX19neUtURElGXzBaTEpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC81NTllOGMtMzgyNS00OTNkLWE4Yzct
ZmI4OTNlMzkwOGQyLzEvaXlkSVBjRnNNWTVhX19neUtURElGXzBaTEpFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC81NTllOGMtMzgyNS00OTNkLWE4YzctZmI4OTNlMzkwOGQy
LzEvaXlkSVBjRnNNWTVhX19neUtURElGXzBaTEpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvwaxlY3N
z+JS8Hyx8DrclVCHR1trU7Zz5geyduTxijP4jKVXKf4eH9IAadMFnM2PMQyJVPjZ
ir/veWcf8r+xTsec3ZWI4EshiG8toHMOdIeMqTQP0sFg9R4ls6BIuk8TCx4K+2pD
lFnqgC4Wt6Imj1AqCx2ZNzgeEzrk8wlJbo/qAfA4sxbZaupA4kgyj94XqAYDfbYt
jssttm8BjjQqbMOz1L69rrjw4OH7Gh1c4yejyGg40hvFEjmHVumhjSyPD0S0lI5a
vk8/RNf0gs5ESBgAndnrm69Bp24FuNxG++E8E3mg1qZJLhIcZOlL2f2PG4clKgzO
Tco3REANVAdtcQ==
-----END CERTIFICATE-----
Generated at Fri Apr 17 07:56:20 2026 by rpki-client