Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/52384b-e7a4-4269-a0cc-7efc2808d125/1/iveEdzfnSUKyvnS5P9AtkA0wmyA.mft
File: iveEdzfnSUKyvnS5P9AtkA0wmyA.mft (raw, json)
Hash identifier: ZXYguGfJfOEDVWw/CuoiYD+oV5Wa8PNbaiYG42G21ts=
Subject key identifier: F0:58:6E:C6:A9:54:B3:D6:43:18:DC:8F:A9:7C:36:A7:DE:16:41:24
Authority key identifier: 8A:F7:84:77:37:E7:49:42:B2:BE:74:B9:3F:D0:2D:90:0D:30:9B:20
Certificate issuer: /CN=8af7847737e74942b2be74b93fd02d900d309b20
Certificate serial: 019CAAC6EF8DCE96C2E7B385840F1BF3F5A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iveEdzfnSUKyvnS5P9AtkA0wmyA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/52384b-e7a4-4269-a0cc-7efc2808d125/1/iveEdzfnSUKyvnS5P9AtkA0wmyA.mft
Manifest number: 1847
Signing time: Sun 01 Mar 2026 19:01:29 +0000
Manifest this update: Sun 01 Mar 2026 19:01:29 +0000
Manifest next update: Mon 02 Mar 2026 19:01:29 +0000
Files and hashes: 1: FzaSctWTm436xTaHu7cLIoR3zuI.roa (hash: ZWQNCmBRzSOXikzbY8uxPHONXN2ergkv72vrvK6pGEg=)
2: iveEdzfnSUKyvnS5P9AtkA0wmyA.crl (hash: NiOmAacAei7CMFGWyvSGATWQ/kGO+aeLXnnQnSNpzWc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/46/52384b-e7a4-4269-a0cc-7efc2808d125/1/iveEdzfnSUKyvnS5P9AtkA0wmyA.crl
rsync://rpki.ripe.net/repository/DEFAULT/46/52384b-e7a4-4269-a0cc-7efc2808d125/1/iveEdzfnSUKyvnS5P9AtkA0wmyA.mft
rsync://rpki.ripe.net/repository/DEFAULT/iveEdzfnSUKyvnS5P9AtkA0wmyA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:aa:c6:ef:8d:ce:96:c2:e7:b3:85:84:0f:1b:f3:f5:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8af7847737e74942b2be74b93fd02d900d309b20
Validity
Not Before: Mar 1 19:01:29 2026 GMT
Not After : Mar 2 19:01:29 2026 GMT
Subject: CN=f0586ec6a954b3d64318dc8fa97c36a7de164124
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:e1:b4:4e:17:c3:fe:cc:f6:40:09:6d:b0:2f:
1a:61:98:d4:2f:2e:15:7a:0c:86:88:8f:d6:1d:54:
d5:3c:30:a4:dd:80:64:de:da:57:f2:ab:de:d8:ef:
17:e0:3a:c5:2f:ca:92:43:71:18:13:f7:e4:f7:e5:
60:b7:4b:4e:29:5d:d8:91:88:a6:eb:7a:61:e1:42:
83:e8:ba:6e:52:79:62:87:59:be:cd:a5:d9:cb:ac:
f1:21:66:95:e6:2d:7d:8b:29:23:13:8c:8f:95:a6:
fc:04:7f:93:c0:39:65:16:e5:94:b1:1e:5c:da:4f:
9a:e9:99:b3:4e:ea:bc:df:04:74:e0:14:ec:ec:7d:
b8:45:15:e2:14:31:59:a0:b5:bc:01:a2:d7:7d:22:
84:07:72:76:b7:77:5d:75:12:98:c9:27:19:d0:86:
d7:b5:0e:f2:d3:6c:43:38:0b:5a:91:8d:ca:eb:1f:
94:3e:0d:30:7b:fd:bf:e0:e2:6a:69:ed:b0:50:70:
dc:6d:4e:73:dc:75:9c:84:01:30:c4:32:04:af:b4:
28:24:02:a6:e0:29:b3:fe:a1:66:88:d5:cc:cc:a7:
d1:f2:b2:21:d7:ad:04:ce:7c:eb:90:3e:2a:d6:c3:
ae:29:b4:a7:b6:75:36:09:aa:f2:18:cb:b5:29:2e:
ef:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:58:6E:C6:A9:54:B3:D6:43:18:DC:8F:A9:7C:36:A7:DE:16:41:24
X509v3 Authority Key Identifier:
keyid:8A:F7:84:77:37:E7:49:42:B2:BE:74:B9:3F:D0:2D:90:0D:30:9B:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iveEdzfnSUKyvnS5P9AtkA0wmyA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/52384b-e7a4-4269-a0cc-7efc2808d125/1/iveEdzfnSUKyvnS5P9AtkA0wmyA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/52384b-e7a4-4269-a0cc-7efc2808d125/1/iveEdzfnSUKyvnS5P9AtkA0wmyA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0c:b8:86:fd:73:36:84:ae:de:ef:25:b5:23:dc:07:c6:ff:0f:
25:11:9f:f9:6f:d8:97:a2:9d:0a:44:db:34:fb:8a:98:cf:25:
98:c1:56:f2:98:44:1a:b2:37:75:ff:9d:3d:fd:2e:37:77:22:
24:03:cb:db:de:bf:80:61:59:7c:65:81:eb:2d:a5:81:9a:f8:
ec:cb:9e:65:42:50:6a:4e:e4:ec:10:6f:bb:96:1e:b5:59:f3:
46:41:9b:61:35:de:a3:26:12:f7:db:4a:5a:61:2c:ef:16:3c:
73:eb:c9:c0:de:09:0c:ee:1c:a3:51:b8:5b:54:b0:5c:a8:00:
86:4e:bd:8a:8c:fb:85:51:3b:6f:46:60:07:d1:d9:dd:9a:3e:
80:d0:d0:43:c1:cb:28:52:0c:0e:8f:55:1e:91:d5:80:24:b7:
29:50:5e:fc:66:e7:c2:7c:fc:78:9d:27:2c:50:b1:52:42:d1:
08:e7:de:ed:2a:a5:fa:80:98:36:bd:ad:11:e5:2a:c4:0f:24:
dc:d6:c8:0b:ab:2a:7b:95:eb:17:9f:cc:44:eb:1f:a8:07:71:
ce:0f:88:b4:70:f4:a1:b7:b4:c3:e9:31:c6:0d:9d:82:4f:0f:
8d:fe:53:46:20:36:dc:5b:a6:7f:8f:75:0a:cf:0b:ce:03:6b:
cb:3f:76:eb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqxu+NzpbC57OFhA8b8/WhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhZjc4NDc3MzdlNzQ5NDJiMmJlNzRiOTNmZDAyZDkwMGQz
MDliMjAwHhcNMjYwMzAxMTkwMTI5WhcNMjYwMzAyMTkwMTI5WjAzMTEwLwYDVQQD
EyhmMDU4NmVjNmE5NTRiM2Q2NDMxOGRjOGZhOTdjMzZhN2RlMTY0MTI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1uG0ThfD/sz2QAltsC8aYZjULy4V
egyGiI/WHVTVPDCk3YBk3tpX8qve2O8X4DrFL8qSQ3EYE/fk9+Vgt0tOKV3YkYim
63ph4UKD6LpuUnlih1m+zaXZy6zxIWaV5i19iykjE4yPlab8BH+TwDllFuWUsR5c
2k+a6ZmzTuq83wR04BTs7H24RRXiFDFZoLW8AaLXfSKEB3J2t3dddRKYyScZ0IbX
tQ7y02xDOAtakY3K6x+UPg0we/2/4OJqae2wUHDcbU5z3HWchAEwxDIEr7QoJAKm
4Cmz/qFmiNXMzKfR8rIh160EznzrkD4q1sOuKbSntnU2CaryGMu1KS7v3wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPBYbsapVLPWQxjcj6l8NqfeFkEkMB8GA1UdIwQY
MBaAFIr3hHc350lCsr50uT/QLZANMJsgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXZlRWR6Zm5TVUt5dm5TNVA5QXRrQTB3bXlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni81MjM4NGItZTdhNC00MjY5LWEwY2Mt
N2VmYzI4MDhkMTI1LzEvaXZlRWR6Zm5TVUt5dm5TNVA5QXRrQTB3bXlBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni81MjM4NGItZTdhNC00MjY5LWEwY2MtN2VmYzI4MDhkMTI1
LzEvaXZlRWR6Zm5TVUt5dm5TNVA5QXRrQTB3bXlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADLiG/XM2
hK7e7yW1I9wHxv8PJRGf+W/Yl6KdCkTbNPuKmM8lmMFW8phEGrI3df+dPf0uN3ci
JAPL296/gGFZfGWB6y2lgZr47MueZUJQak7k7BBvu5YetVnzRkGbYTXeoyYS99tK
WmEs7xY8c+vJwN4JDO4co1G4W1SwXKgAhk69ioz7hVE7b0ZgB9HZ3Zo+gNDQQ8HL
KFIMDo9VHpHVgCS3KVBe/Gbnwnz8eJ0nLFCxUkLRCOfe7Sql+oCYNr2tEeUqxA8k
3NbIC6sqe5XrF5/MROsfqAdxzg+ItHD0obe0w+kxxg2dgk8Pjf5TRiA23Fumf491
Cs8LzgNryz926w==
-----END CERTIFICATE-----
Generated at Mon Mar 2 03:28:09 2026 by rpki-client