Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/3f7a06-2b45-4a0b-ba6c-958c376506ed/1/Iycd4-AQWavm0aWTxKJP9uGI1k8.mft
File: Iycd4-AQWavm0aWTxKJP9uGI1k8.mft (raw, json)
Hash identifier: OkX2ahc67qxn3sfDqmpLGWTmLj46W6v96kZhiepi8Vs=
Subject key identifier: 95:9A:FF:C1:7C:FA:CB:D3:68:F0:E2:F5:67:D7:68:58:55:3D:4E:85
Authority key identifier: 23:27:1D:E3:E0:10:59:AB:E6:D1:A5:93:C4:A2:4F:F6:E1:88:D6:4F
Certificate issuer: /CN=23271de3e01059abe6d1a593c4a24ff6e188d64f
Certificate serial: 019CA97D16F43E1E22250AEC0D8259C58541
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Iycd4-AQWavm0aWTxKJP9uGI1k8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/3f7a06-2b45-4a0b-ba6c-958c376506ed/1/Iycd4-AQWavm0aWTxKJP9uGI1k8.mft
Manifest number: 1045
Signing time: Sun 01 Mar 2026 13:01:13 +0000
Manifest this update: Sun 01 Mar 2026 13:01:13 +0000
Manifest next update: Mon 02 Mar 2026 13:01:13 +0000
Files and hashes: 1: Iycd4-AQWavm0aWTxKJP9uGI1k8.crl (hash: +2/zNVnMMuKDN0tIuNu/DMfz2PhYqiSNjEpZgprEu7Y=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/3f7a06-2b45-4a0b-ba6c-958c376506ed/1/Iycd4-AQWavm0aWTxKJP9uGI1k8.crl
rsync://rpki.ripe.net/repository/DEFAULT/a3/3f7a06-2b45-4a0b-ba6c-958c376506ed/1/Iycd4-AQWavm0aWTxKJP9uGI1k8.mft
rsync://rpki.ripe.net/repository/DEFAULT/Iycd4-AQWavm0aWTxKJP9uGI1k8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 13:01:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:a9:7d:16:f4:3e:1e:22:25:0a:ec:0d:82:59:c5:85:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23271de3e01059abe6d1a593c4a24ff6e188d64f
Validity
Not Before: Mar 1 13:01:13 2026 GMT
Not After : Mar 2 13:01:13 2026 GMT
Subject: CN=959affc17cfacbd368f0e2f567d76858553d4e85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:f7:fd:5b:64:8e:05:b0:53:8b:79:f8:d3:d1:
60:b3:b3:af:c0:46:0f:5e:bc:77:65:2c:a9:71:50:
25:a8:7d:24:8f:6a:60:f4:1c:d6:62:61:3d:cb:97:
37:53:0d:01:d0:25:0b:e9:16:66:d0:11:32:f7:31:
15:e3:b1:aa:fa:81:7b:24:17:d8:31:ef:09:f8:64:
f9:09:2c:48:a0:af:ac:b0:44:78:48:94:b2:3f:97:
32:03:cb:8e:39:3c:d7:fc:4d:8c:3a:6b:af:69:7a:
f3:11:3f:a2:ee:f2:a8:1e:db:01:46:03:6f:2f:84:
54:a2:dc:7a:cd:03:ed:15:52:d9:c0:8c:25:28:d5:
97:d1:3e:ad:2a:d6:6b:c7:50:49:58:86:9b:a1:37:
d5:08:c2:af:a8:99:b6:f8:be:18:fa:66:88:c5:55:
57:76:e8:28:f6:81:4d:f7:64:65:2e:d3:65:6f:50:
15:11:ea:70:93:12:48:bd:43:d3:66:66:82:10:e5:
d8:c7:e2:a5:45:42:c8:40:cb:3f:e3:33:87:7b:bf:
25:06:ff:85:48:d2:43:ab:be:fb:97:76:c6:0e:1e:
9b:c2:05:0b:9f:8e:c3:61:42:24:6d:91:27:5b:d7:
3d:82:2d:6d:db:9a:5d:0d:6e:00:aa:3e:a1:41:dd:
d9:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:9A:FF:C1:7C:FA:CB:D3:68:F0:E2:F5:67:D7:68:58:55:3D:4E:85
X509v3 Authority Key Identifier:
keyid:23:27:1D:E3:E0:10:59:AB:E6:D1:A5:93:C4:A2:4F:F6:E1:88:D6:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Iycd4-AQWavm0aWTxKJP9uGI1k8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/3f7a06-2b45-4a0b-ba6c-958c376506ed/1/Iycd4-AQWavm0aWTxKJP9uGI1k8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/3f7a06-2b45-4a0b-ba6c-958c376506ed/1/Iycd4-AQWavm0aWTxKJP9uGI1k8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
99:87:be:07:2e:d8:b7:a3:58:29:0e:72:16:fe:8a:33:ac:b8:
4e:53:3c:f9:0e:7c:94:8f:da:f7:1c:53:52:94:33:4c:0f:82:
13:9f:37:54:97:d6:79:10:68:eb:fc:99:a6:eb:09:c8:09:86:
e1:21:9e:de:97:a8:53:9a:bc:12:82:45:86:1c:06:0b:07:6e:
f1:36:ae:53:f0:cf:41:2e:6f:2f:01:32:f7:1d:6d:6a:6e:80:
84:b8:f9:af:5a:70:a5:99:1b:eb:5c:11:1c:a7:20:e7:a3:54:
9a:8b:d4:00:dc:cd:6b:68:68:08:7f:04:f2:5f:5e:c2:f6:f5:
3e:bb:9f:76:12:0e:64:9c:c5:2c:46:cf:5d:b1:66:a6:16:c6:
ed:47:0c:91:f9:2d:c3:7f:ad:42:da:3b:9e:79:1e:f1:9e:40:
05:3c:c5:5e:0e:36:99:ed:d1:f2:d2:4f:91:3e:72:dd:ef:30:
5b:46:76:69:da:6b:7b:a6:28:fe:00:6c:00:fa:ca:48:07:75:
f5:fb:ac:e8:e1:19:ad:f0:e3:39:2a:82:c5:2c:c5:d5:db:4f:
39:ba:1c:40:57:3b:ae:c8:3e:81:ef:37:c7:e5:80:e0:60:56:
dd:94:c9:d1:06:90:a1:bb:ba:e4:e5:95:4d:bf:ec:66:80:a3:
e6:4f:5e:e6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZypfRb0Ph4iJQrsDYJZxYVBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzMjcxZGUzZTAxMDU5YWJlNmQxYTU5M2M0YTI0ZmY2ZTE4
OGQ2NGYwHhcNMjYwMzAxMTMwMTEzWhcNMjYwMzAyMTMwMTEzWjAzMTEwLwYDVQQD
Eyg5NTlhZmZjMTdjZmFjYmQzNjhmMGUyZjU2N2Q3Njg1ODU1M2Q0ZTg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnff9W2SOBbBTi3n409Fgs7OvwEYP
Xrx3ZSypcVAlqH0kj2pg9BzWYmE9y5c3Uw0B0CUL6RZm0BEy9zEV47Gq+oF7JBfY
Me8J+GT5CSxIoK+ssER4SJSyP5cyA8uOOTzX/E2MOmuvaXrzET+i7vKoHtsBRgNv
L4RUotx6zQPtFVLZwIwlKNWX0T6tKtZrx1BJWIaboTfVCMKvqJm2+L4Y+maIxVVX
dugo9oFN92RlLtNlb1AVEepwkxJIvUPTZmaCEOXYx+KlRULIQMs/4zOHe78lBv+F
SNJDq777l3bGDh6bwgULn47DYUIkbZEnW9c9gi1t25pdDW4Aqj6hQd3ZcwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJWa/8F8+svTaPDi9WfXaFhVPU6FMB8GA1UdIwQY
MBaAFCMnHePgEFmr5tGlk8SiT/bhiNZPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXljZDQtQVFXYXZtMGFXVHhLSlA5dUdJMWs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy8zZjdhMDYtMmI0NS00YTBiLWJhNmMt
OTU4YzM3NjUwNmVkLzEvSXljZDQtQVFXYXZtMGFXVHhLSlA5dUdJMWs4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy8zZjdhMDYtMmI0NS00YTBiLWJhNmMtOTU4YzM3NjUwNmVk
LzEvSXljZDQtQVFXYXZtMGFXVHhLSlA5dUdJMWs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmYe+By7Y
t6NYKQ5yFv6KM6y4TlM8+Q58lI/a9xxTUpQzTA+CE583VJfWeRBo6/yZpusJyAmG
4SGe3peoU5q8EoJFhhwGCwdu8TauU/DPQS5vLwEy9x1tam6AhLj5r1pwpZkb61wR
HKcg56NUmovUANzNa2hoCH8E8l9ewvb1PrufdhIOZJzFLEbPXbFmphbG7UcMkfkt
w3+tQto7nnke8Z5ABTzFXg42me3R8tJPkT5y3e8wW0Z2adpre6Yo/gBsAPrKSAd1
9fus6OEZrfDjOSqCxSzF1dtPObocQFc7rsg+ge83x+WA4GBW3ZTJ0QaQobu65OWV
Tb/sZoCj5k9e5g==
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:58:34 2026 by rpki-client