Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/d7bcb7-94f2-4908-977d-a20da56c4184/1/ISApS0bJAtk8B5wWhs_kW7ozGMs.mft
File: ISApS0bJAtk8B5wWhs_kW7ozGMs.mft (raw, json)
Hash identifier: /l+XOS8a1fmfaLNMASKzuiVHAHxRdcRJ8mLO7ZrbWX4=
Subject key identifier: AF:5F:AA:7E:FD:12:BA:FC:79:A5:E4:9C:91:D2:B8:01:45:DE:CE:52
Authority key identifier: 21:20:29:4B:46:C9:02:D9:3C:07:9C:16:86:CF:E4:5B:BA:33:18:CB
Certificate issuer: /CN=2120294b46c902d93c079c1686cfe45bba3318cb
Certificate serial: 019CAD59D6B0001FBE2E4C48B2F3E6C05032
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ISApS0bJAtk8B5wWhs_kW7ozGMs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/d7bcb7-94f2-4908-977d-a20da56c4184/1/ISApS0bJAtk8B5wWhs_kW7ozGMs.mft
Manifest number: 0FDD
Signing time: Mon 02 Mar 2026 07:01:11 +0000
Manifest this update: Mon 02 Mar 2026 07:01:11 +0000
Manifest next update: Tue 03 Mar 2026 07:01:11 +0000
Files and hashes: 1: ISApS0bJAtk8B5wWhs_kW7ozGMs.crl (hash: G0Y+34oxzwN7mMrFiraSA/K215wTZ+ZmyInzqyw02X0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/d7bcb7-94f2-4908-977d-a20da56c4184/1/ISApS0bJAtk8B5wWhs_kW7ozGMs.crl
rsync://rpki.ripe.net/repository/DEFAULT/41/d7bcb7-94f2-4908-977d-a20da56c4184/1/ISApS0bJAtk8B5wWhs_kW7ozGMs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ISApS0bJAtk8B5wWhs_kW7ozGMs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ad:59:d6:b0:00:1f:be:2e:4c:48:b2:f3:e6:c0:50:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2120294b46c902d93c079c1686cfe45bba3318cb
Validity
Not Before: Mar 2 07:01:11 2026 GMT
Not After : Mar 3 07:01:11 2026 GMT
Subject: CN=af5faa7efd12bafc79a5e49c91d2b80145dece52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:5e:c2:d0:87:f9:7d:8e:aa:13:05:44:33:12:
72:e2:ac:d2:3d:70:aa:12:64:00:f9:63:1d:4a:b6:
60:aa:68:7e:a4:22:37:13:53:b8:9d:27:1a:e3:bd:
24:38:09:6c:79:31:2f:7b:1a:8c:f4:cc:5c:50:1d:
cf:f0:e1:c6:d2:cf:0c:67:cb:90:fa:24:32:3b:32:
71:07:b8:84:43:03:53:48:31:4c:d6:96:58:a6:22:
58:44:f3:6d:fd:95:37:91:05:ce:48:f9:c0:05:a6:
c0:fe:e4:12:39:ea:f3:f8:ea:a1:6a:56:e0:44:ad:
47:3b:6f:a9:d3:55:96:ea:f2:bf:b1:78:6e:3c:f2:
05:10:3d:36:89:8e:24:10:fe:0e:07:48:aa:89:66:
28:49:b9:24:34:bc:03:37:5a:be:83:48:4f:c1:61:
73:eb:4a:3d:45:66:de:ae:11:18:6c:b7:85:58:bd:
9b:dc:3e:20:75:db:13:15:ce:ce:c3:24:cd:51:e2:
a3:e2:71:42:c4:35:de:e8:06:b0:4a:ed:f0:ba:17:
dc:45:df:c7:2c:ff:e1:c4:a4:66:20:6a:b3:39:48:
bf:89:71:e1:29:09:d2:70:7a:62:ba:81:50:13:a9:
20:f5:17:75:72:d9:dd:5d:7e:04:20:49:c5:19:0b:
bc:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:5F:AA:7E:FD:12:BA:FC:79:A5:E4:9C:91:D2:B8:01:45:DE:CE:52
X509v3 Authority Key Identifier:
keyid:21:20:29:4B:46:C9:02:D9:3C:07:9C:16:86:CF:E4:5B:BA:33:18:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ISApS0bJAtk8B5wWhs_kW7ozGMs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/d7bcb7-94f2-4908-977d-a20da56c4184/1/ISApS0bJAtk8B5wWhs_kW7ozGMs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/d7bcb7-94f2-4908-977d-a20da56c4184/1/ISApS0bJAtk8B5wWhs_kW7ozGMs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3f:0a:6d:18:09:25:e4:fb:62:9a:a1:f9:8d:dc:5a:31:cd:fe:
3d:9a:72:0f:e2:1f:3e:2a:f0:15:e7:06:89:7b:9d:5d:88:9f:
51:d2:09:46:5c:d9:7f:b7:7d:ce:c3:a8:a7:e3:da:b3:5a:fd:
6a:2f:df:a3:90:33:ec:4a:f4:71:b5:1e:44:01:e2:c2:2e:27:
ce:eb:7d:ea:aa:6a:c2:5a:4d:9a:71:34:ce:62:b8:d7:90:5a:
7c:74:24:ca:7b:2c:7b:57:3d:a0:b4:8d:fa:af:d6:60:81:12:
46:42:c2:b5:19:6f:c5:07:4e:0d:a0:20:5e:22:19:83:3d:f7:
ad:c5:2c:09:01:65:bb:2f:c0:0c:86:d2:bd:65:e2:9e:a8:5b:
64:94:f2:38:68:66:63:94:3a:60:15:d1:14:50:3f:ed:84:8b:
6f:47:20:f0:3b:0f:c6:2a:ef:60:2a:b3:7f:a0:00:f3:ca:41:
82:a6:79:89:10:c8:14:56:ad:9e:a8:03:b3:1f:d3:a1:e6:75:
83:8b:13:f5:19:af:e6:73:9c:8f:28:0b:64:ed:3c:9e:7a:cd:
80:9d:b3:c7:ab:3f:e1:34:3b:0f:f8:13:12:67:1b:ec:96:f4:
6c:74:66:0e:6f:51:08:55:1f:b5:b5:76:76:da:4e:a2:88:6f:
a8:0d:05:21
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytWdawAB++LkxIsvPmwFAyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMjAyOTRiNDZjOTAyZDkzYzA3OWMxNjg2Y2ZlNDViYmEz
MzE4Y2IwHhcNMjYwMzAyMDcwMTExWhcNMjYwMzAzMDcwMTExWjAzMTEwLwYDVQQD
EyhhZjVmYWE3ZWZkMTJiYWZjNzlhNWU0OWM5MWQyYjgwMTQ1ZGVjZTUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAml7C0If5fY6qEwVEMxJy4qzSPXCq
EmQA+WMdSrZgqmh+pCI3E1O4nSca470kOAlseTEvexqM9MxcUB3P8OHG0s8MZ8uQ
+iQyOzJxB7iEQwNTSDFM1pZYpiJYRPNt/ZU3kQXOSPnABabA/uQSOerz+Oqhalbg
RK1HO2+p01WW6vK/sXhuPPIFED02iY4kEP4OB0iqiWYoSbkkNLwDN1q+g0hPwWFz
60o9RWberhEYbLeFWL2b3D4gddsTFc7OwyTNUeKj4nFCxDXe6AawSu3wuhfcRd/H
LP/hxKRmIGqzOUi/iXHhKQnScHpiuoFQE6kg9Rd1ctndXX4EIEnFGQu83wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK9fqn79Err8eaXknJHSuAFF3s5SMB8GA1UdIwQY
MBaAFCEgKUtGyQLZPAecFobP5Fu6MxjLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVNBcFMwYkpBdGs4QjV3V2hzX2tXN296R01zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS9kN2JjYjctOTRmMi00OTA4LTk3N2Qt
YTIwZGE1NmM0MTg0LzEvSVNBcFMwYkpBdGs4QjV3V2hzX2tXN296R01zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS9kN2JjYjctOTRmMi00OTA4LTk3N2QtYTIwZGE1NmM0MTg0
LzEvSVNBcFMwYkpBdGs4QjV3V2hzX2tXN296R01zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPwptGAkl
5PtimqH5jdxaMc3+PZpyD+IfPirwFecGiXudXYifUdIJRlzZf7d9zsOop+Pas1r9
ai/fo5Az7Er0cbUeRAHiwi4nzut96qpqwlpNmnE0zmK415BafHQkynsse1c9oLSN
+q/WYIESRkLCtRlvxQdODaAgXiIZgz33rcUsCQFluy/ADIbSvWXinqhbZJTyOGhm
Y5Q6YBXRFFA/7YSLb0cg8DsPxirvYCqzf6AA88pBgqZ5iRDIFFatnqgDsx/ToeZ1
g4sT9Rmv5nOcjygLZO08nnrNgJ2zx6s/4TQ7D/gTEmcb7Jb0bHRmDm9RCFUftbV2
dtpOoohvqA0FIQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 09:41:52 2026 by rpki-client