Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/f89b2e-53a3-4157-a960-42dafb4b51d2/1/lI1Fz-NIK49h2uAAsAekZ-zdTuY.mft
File: lI1Fz-NIK49h2uAAsAekZ-zdTuY.mft (raw, json)
Hash identifier: SCFGNE8fD3DfM8g3fnrGdrXbhkyUgHOGnNzCDJEuQN4=
Subject key identifier: AF:8C:57:DE:F6:88:8C:61:E4:2E:44:5B:50:37:48:52:5B:EF:F3:A5
Authority key identifier: 94:8D:45:CF:E3:48:2B:8F:61:DA:E0:00:B0:07:A4:67:EC:DD:4E:E6
Certificate issuer: /CN=948d45cfe3482b8f61dae000b007a467ecdd4ee6
Certificate serial: 019CAE6C8C3E936FA5A24961E84AC5116D7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lI1Fz-NIK49h2uAAsAekZ-zdTuY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/f89b2e-53a3-4157-a960-42dafb4b51d2/1/lI1Fz-NIK49h2uAAsAekZ-zdTuY.mft
Manifest number: 184E
Signing time: Mon 02 Mar 2026 12:01:15 +0000
Manifest this update: Mon 02 Mar 2026 12:01:15 +0000
Manifest next update: Tue 03 Mar 2026 12:01:15 +0000
Files and hashes: 1: ecQlKj5CIp8VLDI4rKO0OH9DeqI.roa (hash: iQJDM30z8fYynMrfjXIbza+TCD7vD5Lcd4NjgJS6pYQ=)
2: lI1Fz-NIK49h2uAAsAekZ-zdTuY.crl (hash: CLLCbcb9lNpk2ueY6ozDHqPP7s89kKoqt9iibHnd7d0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4a/f89b2e-53a3-4157-a960-42dafb4b51d2/1/lI1Fz-NIK49h2uAAsAekZ-zdTuY.crl
rsync://rpki.ripe.net/repository/DEFAULT/4a/f89b2e-53a3-4157-a960-42dafb4b51d2/1/lI1Fz-NIK49h2uAAsAekZ-zdTuY.mft
rsync://rpki.ripe.net/repository/DEFAULT/lI1Fz-NIK49h2uAAsAekZ-zdTuY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 12:01:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ae:6c:8c:3e:93:6f:a5:a2:49:61:e8:4a:c5:11:6d:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=948d45cfe3482b8f61dae000b007a467ecdd4ee6
Validity
Not Before: Mar 2 12:01:15 2026 GMT
Not After : Mar 3 12:01:15 2026 GMT
Subject: CN=af8c57def6888c61e42e445b503748525beff3a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:7a:39:03:1a:1e:ca:a8:5c:3b:06:02:83:bc:
9a:a0:bf:fe:15:25:ce:aa:38:a2:34:0f:83:a9:5b:
89:34:99:b9:95:c9:45:a9:2c:63:6b:54:86:b9:30:
6b:6d:9f:ae:42:4d:da:77:e5:f1:d0:f1:d0:29:72:
fc:f7:69:e5:3e:01:3b:65:3b:64:36:86:79:2f:cd:
70:32:87:0e:34:41:6e:5e:09:cf:c1:05:8e:2f:01:
94:23:1b:42:5f:56:06:fb:b5:71:06:08:d2:cf:bb:
47:f8:7c:a0:e3:2d:53:f7:44:58:6a:05:dc:1b:40:
5c:17:96:c9:15:70:5c:41:04:16:4a:07:18:13:fb:
a8:4f:cf:73:6d:ca:d0:78:5d:d3:34:30:79:85:9e:
7e:30:c0:7c:e0:7a:96:c8:2f:6d:b2:01:b4:8b:9d:
db:4f:aa:94:73:3c:21:60:d0:71:98:81:e4:32:ac:
47:26:66:c7:5b:19:14:2d:3a:7f:18:3f:49:cb:df:
4f:63:3a:05:9f:a7:32:07:e2:83:3a:7a:4d:7c:ce:
e5:93:f5:f6:de:5d:5c:bb:11:44:63:98:72:07:b7:
c9:88:ba:53:52:21:d9:87:0e:53:bb:83:ec:25:eb:
94:8b:35:68:7a:0c:dd:d9:b6:a5:64:ba:4d:ac:20:
ab:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:8C:57:DE:F6:88:8C:61:E4:2E:44:5B:50:37:48:52:5B:EF:F3:A5
X509v3 Authority Key Identifier:
keyid:94:8D:45:CF:E3:48:2B:8F:61:DA:E0:00:B0:07:A4:67:EC:DD:4E:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lI1Fz-NIK49h2uAAsAekZ-zdTuY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/f89b2e-53a3-4157-a960-42dafb4b51d2/1/lI1Fz-NIK49h2uAAsAekZ-zdTuY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/f89b2e-53a3-4157-a960-42dafb4b51d2/1/lI1Fz-NIK49h2uAAsAekZ-zdTuY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
24:56:e9:2d:fc:ed:2c:be:3f:40:6a:37:97:83:95:57:1f:04:
42:c5:5a:15:9a:ea:1b:58:81:7d:1c:30:b1:ae:29:ea:74:66:
26:82:1a:36:fd:1a:3d:fc:df:92:14:b4:b2:33:23:29:f8:e4:
4e:f8:93:ed:07:90:ec:41:aa:91:cd:17:39:7f:eb:db:96:ec:
5d:d9:92:92:fb:20:68:d8:4f:68:3b:2e:f1:39:00:e4:0f:ed:
6b:ca:0a:50:f8:7b:5e:64:99:43:56:06:5c:b9:7b:8c:17:7e:
e6:c9:18:43:29:50:d2:44:68:bc:c4:7f:77:15:7c:fd:bd:19:
a2:a3:a9:f5:21:03:39:53:98:28:b3:a4:0d:b7:10:a0:54:45:
65:86:7a:04:62:9b:ef:ee:77:1a:63:ab:5f:5c:b3:f6:51:53:
c6:da:46:2c:11:85:5e:9b:36:76:7f:a1:bc:4b:2b:75:c4:12:
fb:c8:f3:69:15:26:fa:76:8e:8e:54:dc:a9:3c:59:c9:3b:a3:
51:98:63:85:ce:ae:9d:e9:d1:7f:60:74:2f:8e:21:52:a2:27:
ff:20:f4:7a:af:2d:da:50:d1:b2:c7:5a:02:85:9c:6c:2f:0f:
0a:7f:b0:b5:2a:00:d2:7f:51:24:af:67:d9:a8:eb:4f:8f:27:
0d:42:61:9e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyubIw+k2+loklh6ErFEW18MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0OGQ0NWNmZTM0ODJiOGY2MWRhZTAwMGIwMDdhNDY3ZWNk
ZDRlZTYwHhcNMjYwMzAyMTIwMTE1WhcNMjYwMzAzMTIwMTE1WjAzMTEwLwYDVQQD
EyhhZjhjNTdkZWY2ODg4YzYxZTQyZTQ0NWI1MDM3NDg1MjViZWZmM2E1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs3o5AxoeyqhcOwYCg7yaoL/+FSXO
qjiiNA+DqVuJNJm5lclFqSxja1SGuTBrbZ+uQk3ad+Xx0PHQKXL892nlPgE7ZTtk
NoZ5L81wMocONEFuXgnPwQWOLwGUIxtCX1YG+7VxBgjSz7tH+Hyg4y1T90RYagXc
G0BcF5bJFXBcQQQWSgcYE/uoT89zbcrQeF3TNDB5hZ5+MMB84HqWyC9tsgG0i53b
T6qUczwhYNBxmIHkMqxHJmbHWxkULTp/GD9Jy99PYzoFn6cyB+KDOnpNfM7lk/X2
3l1cuxFEY5hyB7fJiLpTUiHZhw5Tu4PsJeuUizVoegzd2balZLpNrCCrEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK+MV972iIxh5C5EW1A3SFJb7/OlMB8GA1UdIwQY
MBaAFJSNRc/jSCuPYdrgALAHpGfs3U7mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEkxRnotTklLNDloMnVBQXNBZWtaLXpkVHVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS9mODliMmUtNTNhMy00MTU3LWE5NjAt
NDJkYWZiNGI1MWQyLzEvbEkxRnotTklLNDloMnVBQXNBZWtaLXpkVHVZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS9mODliMmUtNTNhMy00MTU3LWE5NjAtNDJkYWZiNGI1MWQy
LzEvbEkxRnotTklLNDloMnVBQXNBZWtaLXpkVHVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJFbpLfzt
LL4/QGo3l4OVVx8EQsVaFZrqG1iBfRwwsa4p6nRmJoIaNv0aPfzfkhS0sjMjKfjk
TviT7QeQ7EGqkc0XOX/r25bsXdmSkvsgaNhPaDsu8TkA5A/ta8oKUPh7XmSZQ1YG
XLl7jBd+5skYQylQ0kRovMR/dxV8/b0ZoqOp9SEDOVOYKLOkDbcQoFRFZYZ6BGKb
7+53GmOrX1yz9lFTxtpGLBGFXps2dn+hvEsrdcQS+8jzaRUm+naOjlTcqTxZyTuj
UZhjhc6unenRf2B0L44hUqIn/yD0eq8t2lDRssdaAoWcbC8PCn+wtSoA0n9RJK9n
2ajrT48nDUJhng==
-----END CERTIFICATE-----
Generated at Mon Mar 2 18:35:24 2026 by rpki-client