Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/b98adc-ede0-4c2a-8c56-a44c8e654df6/1/ICsQHBBwOrYDIfxj3NZpClJNuxA.mft
File: ICsQHBBwOrYDIfxj3NZpClJNuxA.mft (raw, json)
Hash identifier: Wk8XtHXfIWWtqArnQRJY3Sy+3ad7DN5FKcm734fkhT4=
Subject key identifier: 2A:68:79:97:10:06:2C:59:27:D4:C6:3D:2C:3D:3D:DA:B3:D8:8B:72
Authority key identifier: 20:2B:10:1C:10:70:3A:B6:03:21:FC:63:DC:D6:69:0A:52:4D:BB:10
Certificate issuer: /CN=202b101c10703ab60321fc63dcd6690a524dbb10
Certificate serial: 019D9AE350F3C688294AAA7ABB0FB45AF008
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ICsQHBBwOrYDIfxj3NZpClJNuxA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/b98adc-ede0-4c2a-8c56-a44c8e654df6/1/ICsQHBBwOrYDIfxj3NZpClJNuxA.mft
Manifest number: 0C35
Signing time: Fri 17 Apr 2026 10:01:21 +0000
Manifest this update: Fri 17 Apr 2026 10:01:21 +0000
Manifest next update: Sat 18 Apr 2026 10:01:21 +0000
Files and hashes: 1: ICsQHBBwOrYDIfxj3NZpClJNuxA.crl (hash: f2DU9tEqYgJt8uERP15YUkJgs36qE1m7/P1FxzjKJf4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3e/b98adc-ede0-4c2a-8c56-a44c8e654df6/1/ICsQHBBwOrYDIfxj3NZpClJNuxA.crl
rsync://rpki.ripe.net/repository/DEFAULT/3e/b98adc-ede0-4c2a-8c56-a44c8e654df6/1/ICsQHBBwOrYDIfxj3NZpClJNuxA.mft
rsync://rpki.ripe.net/repository/DEFAULT/ICsQHBBwOrYDIfxj3NZpClJNuxA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9a:e3:50:f3:c6:88:29:4a:aa:7a:bb:0f:b4:5a:f0:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=202b101c10703ab60321fc63dcd6690a524dbb10
Validity
Not Before: Apr 17 10:01:21 2026 GMT
Not After : Apr 18 10:01:21 2026 GMT
Subject: CN=2a68799710062c5927d4c63d2c3d3ddab3d88b72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:da:ad:ca:4e:e8:63:17:e0:6d:90:da:a6:c8:
46:4a:fe:e7:34:7f:23:0b:ed:46:ff:87:96:b2:ff:
46:6f:53:05:ee:25:7f:00:a2:8f:1e:1f:0e:7c:52:
fc:e6:6c:53:ad:f5:9e:40:1f:04:5d:cf:ee:65:27:
a8:c3:a9:18:fe:9b:07:eb:38:64:47:62:ae:22:c3:
a9:0e:00:4f:52:bd:68:be:51:6d:b1:dd:57:68:27:
94:db:a2:16:12:32:62:d5:70:52:e9:2a:f9:37:a1:
4d:28:75:80:2b:bb:93:a7:92:8b:55:1f:4a:49:ba:
1b:97:63:d9:22:02:d1:85:04:83:bb:ac:4c:16:9f:
5f:a0:95:a7:cd:cc:88:d4:cd:13:8d:28:a1:7e:7b:
2b:2a:47:68:aa:b0:c8:71:3a:95:1b:4f:18:6c:05:
9e:12:27:36:9f:55:d0:72:8e:4d:dd:53:9c:1e:a0:
f2:74:21:83:c2:91:f8:00:e0:83:2d:74:52:27:36:
a0:c6:81:e4:b6:e4:a1:c0:d2:90:5f:4b:e4:e4:99:
77:1a:01:17:1b:2b:7a:74:f9:f3:25:80:33:74:d4:
49:50:1c:54:0d:aa:56:9c:8d:83:d9:ac:40:59:3a:
8f:d4:69:81:5d:f7:34:b7:f1:9b:4e:c9:67:ee:64:
cb:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:68:79:97:10:06:2C:59:27:D4:C6:3D:2C:3D:3D:DA:B3:D8:8B:72
X509v3 Authority Key Identifier:
keyid:20:2B:10:1C:10:70:3A:B6:03:21:FC:63:DC:D6:69:0A:52:4D:BB:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ICsQHBBwOrYDIfxj3NZpClJNuxA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/b98adc-ede0-4c2a-8c56-a44c8e654df6/1/ICsQHBBwOrYDIfxj3NZpClJNuxA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/b98adc-ede0-4c2a-8c56-a44c8e654df6/1/ICsQHBBwOrYDIfxj3NZpClJNuxA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
59:02:3f:a0:2e:61:ab:0d:02:2e:7a:74:96:01:6e:d2:d0:2a:
38:3f:7e:38:43:34:27:26:3c:e5:e2:af:55:fd:61:07:0c:d8:
54:d0:f6:d0:94:04:d5:db:32:15:90:a2:1f:f9:c8:8f:d4:99:
d8:ec:de:80:e8:be:43:94:ff:70:13:b4:31:a9:9a:81:75:2c:
0e:3b:bf:3c:bd:3d:93:20:8f:3c:6c:1b:de:31:8d:45:f8:9f:
bb:55:72:b4:7b:2e:ef:5e:4c:8f:a3:ff:ba:fb:c4:4a:83:7d:
32:3c:b2:9f:16:a5:67:1c:cf:97:85:64:4e:4f:b4:f0:19:7f:
2d:a9:6e:d7:1e:65:62:6d:20:46:90:9c:41:38:da:eb:e3:34:
03:31:75:2c:cd:62:1a:5b:ad:6a:1e:53:ea:2d:a0:c1:74:9c:
a8:e4:d5:94:aa:cd:bd:cb:ee:73:c2:c2:39:42:66:f2:7d:3a:
71:1e:9f:d6:fa:91:8e:f0:dd:ef:60:4b:db:ed:fd:64:26:9a:
37:1c:b3:62:43:9c:75:3a:82:82:ca:79:a3:ac:79:15:1c:a0:
71:bd:09:e5:0e:b8:59:87:69:db:50:8c:03:f7:cd:51:9e:44:
d5:0d:84:b7:17:13:9d:75:a0:da:31:bf:ee:93:6b:c4:17:46:
c0:cc:40:7d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2a41DzxogpSqp6uw+0WvAIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwMmIxMDFjMTA3MDNhYjYwMzIxZmM2M2RjZDY2OTBhNTI0
ZGJiMTAwHhcNMjYwNDE3MTAwMTIxWhcNMjYwNDE4MTAwMTIxWjAzMTEwLwYDVQQD
EygyYTY4Nzk5NzEwMDYyYzU5MjdkNGM2M2QyYzNkM2RkYWIzZDg4YjcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Nqtyk7oYxfgbZDapshGSv7nNH8j
C+1G/4eWsv9Gb1MF7iV/AKKPHh8OfFL85mxTrfWeQB8EXc/uZSeow6kY/psH6zhk
R2KuIsOpDgBPUr1ovlFtsd1XaCeU26IWEjJi1XBS6Sr5N6FNKHWAK7uTp5KLVR9K
Sbobl2PZIgLRhQSDu6xMFp9foJWnzcyI1M0TjSihfnsrKkdoqrDIcTqVG08YbAWe
Eic2n1XQco5N3VOcHqDydCGDwpH4AOCDLXRSJzagxoHktuShwNKQX0vk5Jl3GgEX
Gyt6dPnzJYAzdNRJUBxUDapWnI2D2axAWTqP1GmBXfc0t/GbTsln7mTLeQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCpoeZcQBixZJ9TGPSw9Pdqz2ItyMB8GA1UdIwQY
MBaAFCArEBwQcDq2AyH8Y9zWaQpSTbsQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUNzUUhCQndPcllESWZ4ajNOWnBDbEpOdXhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS9iOThhZGMtZWRlMC00YzJhLThjNTYt
YTQ0YzhlNjU0ZGY2LzEvSUNzUUhCQndPcllESWZ4ajNOWnBDbEpOdXhBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS9iOThhZGMtZWRlMC00YzJhLThjNTYtYTQ0YzhlNjU0ZGY2
LzEvSUNzUUhCQndPcllESWZ4ajNOWnBDbEpOdXhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWQI/oC5h
qw0CLnp0lgFu0tAqOD9+OEM0JyY85eKvVf1hBwzYVND20JQE1dsyFZCiH/nIj9SZ
2OzegOi+Q5T/cBO0MamagXUsDju/PL09kyCPPGwb3jGNRfifu1VytHsu715Mj6P/
uvvESoN9MjyynxalZxzPl4VkTk+08Bl/Lalu1x5lYm0gRpCcQTja6+M0AzF1LM1i
Glutah5T6i2gwXScqOTVlKrNvcvuc8LCOUJm8n06cR6f1vqRjvDd72BL2+39ZCaa
NxyzYkOcdTqCgsp5o6x5FRygcb0J5Q64WYdp21CMA/fNUZ5E1Q2EtxcTnXWg2jG/
7pNrxBdGwMxAfQ==
-----END CERTIFICATE-----
Generated at Fri Apr 17 13:03:16 2026 by rpki-client