Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/2fa725-945c-48df-b629-2d140e4c5a3f/1/iPdXItsls3I97Npdhw32m_DYZa4.mft
File: iPdXItsls3I97Npdhw32m_DYZa4.mft (raw, json)
Hash identifier: OTpG2v3doMBc3vtAD0MmYt1a49bHEONi/r4kfcBCYqU=
Subject key identifier: 3B:FE:17:58:2B:CC:A1:E4:5E:7B:03:F7:41:1C:CF:CA:A5:80:B8:6D
Authority key identifier: 88:F7:57:22:DB:25:B3:72:3D:EC:DA:5D:87:0D:F6:9B:F0:D8:65:AE
Certificate issuer: /CN=88f75722db25b3723decda5d870df69bf0d865ae
Certificate serial: 019D98F45C48B86FFB8B12E1647833B3D90F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iPdXItsls3I97Npdhw32m_DYZa4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/2fa725-945c-48df-b629-2d140e4c5a3f/1/iPdXItsls3I97Npdhw32m_DYZa4.mft
Manifest number: 12B9
Signing time: Fri 17 Apr 2026 01:00:44 +0000
Manifest this update: Fri 17 Apr 2026 01:00:44 +0000
Manifest next update: Sat 18 Apr 2026 01:00:44 +0000
Files and hashes: 1: iPdXItsls3I97Npdhw32m_DYZa4.crl (hash: ZDAVjIuQnT9blB2+ded1WeJ9NClsOcArwVTk5HCbJCo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/2fa725-945c-48df-b629-2d140e4c5a3f/1/iPdXItsls3I97Npdhw32m_DYZa4.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/2fa725-945c-48df-b629-2d140e4c5a3f/1/iPdXItsls3I97Npdhw32m_DYZa4.mft
rsync://rpki.ripe.net/repository/DEFAULT/iPdXItsls3I97Npdhw32m_DYZa4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:98:f4:5c:48:b8:6f:fb:8b:12:e1:64:78:33:b3:d9:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88f75722db25b3723decda5d870df69bf0d865ae
Validity
Not Before: Apr 17 01:00:44 2026 GMT
Not After : Apr 18 01:00:44 2026 GMT
Subject: CN=3bfe17582bcca1e45e7b03f7411ccfcaa580b86d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:ef:22:69:19:87:dd:97:a6:a1:3c:1e:eb:cb:
e3:6d:71:b9:b8:f2:f9:cb:dd:a0:b4:a8:06:e2:84:
f6:45:06:5d:3f:e0:5b:35:c1:75:67:89:50:1f:eb:
9f:48:a8:4e:e6:0f:8c:c1:a9:e9:fa:a7:28:95:59:
c8:53:92:0a:24:72:84:ff:d0:69:cc:c8:d3:2c:7b:
64:2e:6d:a9:b8:10:e1:7e:ae:8a:d0:60:ae:07:33:
b2:3c:38:91:08:fc:49:6c:c6:e5:f4:ea:34:36:6f:
de:c7:aa:bf:0f:33:d1:71:3b:7d:09:b4:cf:10:57:
0a:69:5f:22:6b:b7:ca:fa:5e:1c:07:ee:3d:0f:2f:
b0:6e:62:a3:9d:6a:4d:cf:3a:92:cf:45:f3:81:85:
57:90:30:dd:83:bd:3c:64:99:f1:9b:1c:43:ff:4f:
8a:52:d3:7c:3d:e9:8d:88:c9:b0:af:ab:c7:b4:ae:
fc:5f:2d:ea:a3:e7:dd:24:cb:84:10:63:03:8a:28:
95:bd:7f:28:11:73:d2:9c:ad:dd:8d:ba:df:75:dd:
bd:56:da:54:7f:be:9c:6b:31:06:99:d2:d2:f6:b1:
ca:8f:96:85:b9:e0:26:46:70:8f:d4:9a:ad:6f:b1:
a6:3b:39:f1:7d:89:1a:04:99:13:72:dc:63:b8:e0:
6c:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:FE:17:58:2B:CC:A1:E4:5E:7B:03:F7:41:1C:CF:CA:A5:80:B8:6D
X509v3 Authority Key Identifier:
keyid:88:F7:57:22:DB:25:B3:72:3D:EC:DA:5D:87:0D:F6:9B:F0:D8:65:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iPdXItsls3I97Npdhw32m_DYZa4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/2fa725-945c-48df-b629-2d140e4c5a3f/1/iPdXItsls3I97Npdhw32m_DYZa4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/2fa725-945c-48df-b629-2d140e4c5a3f/1/iPdXItsls3I97Npdhw32m_DYZa4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b4:3d:54:0e:18:ce:42:1c:5c:7e:8a:aa:f5:b0:b2:17:6a:8d:
47:7e:81:95:72:f9:73:02:89:37:04:2d:b8:67:13:0e:f7:c8:
49:a8:f9:67:09:ef:88:5d:6d:83:d7:26:d9:c0:4a:1b:9b:6f:
39:f0:d4:8d:81:db:62:bc:6a:ce:1e:ca:61:14:5b:fb:e5:63:
37:14:6a:b3:4c:53:88:ad:9e:f6:40:cf:7f:03:5b:af:a4:10:
b8:b7:f8:1a:d8:80:fd:ab:38:b0:4c:a7:1a:66:9f:b9:cb:0d:
fb:7d:88:0e:cf:e5:7e:d9:ea:b2:f3:55:e3:84:66:22:8d:23:
4d:58:a3:8e:fb:ba:be:1a:89:52:6a:6e:cf:a4:4c:7f:25:ab:
5b:ca:1c:59:8e:ef:59:7a:97:d3:ef:16:70:79:a0:3b:56:4a:
5e:77:72:57:30:21:c0:1e:0f:a6:7e:b2:23:4f:61:97:d2:d2:
ef:eb:9a:12:a1:a6:11:36:03:16:77:a4:cb:3a:00:46:51:c5:
d6:85:6e:3a:06:e1:42:56:fe:6e:b4:c5:e5:6a:6c:ae:b2:77:
07:cc:66:ec:ad:9d:5c:d9:70:e7:a6:2f:54:80:95:e4:41:06:
2a:ec:cb:ff:4f:d7:71:82:8f:fc:da:aa:93:d8:77:12:d7:e9:
7e:0c:b3:5f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Y9FxIuG/7ixLhZHgzs9kPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4Zjc1NzIyZGIyNWIzNzIzZGVjZGE1ZDg3MGRmNjliZjBk
ODY1YWUwHhcNMjYwNDE3MDEwMDQ0WhcNMjYwNDE4MDEwMDQ0WjAzMTEwLwYDVQQD
EygzYmZlMTc1ODJiY2NhMWU0NWU3YjAzZjc0MTFjY2ZjYWE1ODBiODZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAte8iaRmH3ZemoTwe68vjbXG5uPL5
y92gtKgG4oT2RQZdP+BbNcF1Z4lQH+ufSKhO5g+Mwanp+qcolVnIU5IKJHKE/9Bp
zMjTLHtkLm2puBDhfq6K0GCuBzOyPDiRCPxJbMbl9Oo0Nm/ex6q/DzPRcTt9CbTP
EFcKaV8ia7fK+l4cB+49Dy+wbmKjnWpNzzqSz0XzgYVXkDDdg708ZJnxmxxD/0+K
UtN8PemNiMmwr6vHtK78Xy3qo+fdJMuEEGMDiiiVvX8oEXPSnK3djbrfdd29VtpU
f76cazEGmdLS9rHKj5aFueAmRnCP1Jqtb7GmOznxfYkaBJkTctxjuOBsQwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDv+F1grzKHkXnsD90Ecz8qlgLhtMB8GA1UdIwQY
MBaAFIj3VyLbJbNyPezaXYcN9pvw2GWuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVBkWEl0c2xzM0k5N05wZGh3MzJtX0RZWmE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yZmE3MjUtOTQ1Yy00OGRmLWI2Mjkt
MmQxNDBlNGM1YTNmLzEvaVBkWEl0c2xzM0k5N05wZGh3MzJtX0RZWmE0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8yZmE3MjUtOTQ1Yy00OGRmLWI2MjktMmQxNDBlNGM1YTNm
LzEvaVBkWEl0c2xzM0k5N05wZGh3MzJtX0RZWmE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtD1UDhjO
Qhxcfoqq9bCyF2qNR36BlXL5cwKJNwQtuGcTDvfISaj5ZwnviF1tg9cm2cBKG5tv
OfDUjYHbYrxqzh7KYRRb++VjNxRqs0xTiK2e9kDPfwNbr6QQuLf4GtiA/as4sEyn
GmafucsN+32IDs/lftnqsvNV44RmIo0jTVijjvu6vhqJUmpuz6RMfyWrW8ocWY7v
WXqX0+8WcHmgO1ZKXndyVzAhwB4Ppn6yI09hl9LS7+uaEqGmETYDFnekyzoARlHF
1oVuOgbhQlb+brTF5WpsrrJ3B8xm7K2dXNlw56YvVICV5EEGKuzL/0/XcYKP/Nqq
k9h3EtfpfgyzXw==
-----END CERTIFICATE-----
Generated at Fri Apr 17 07:56:23 2026 by rpki-client