Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/177f1d-ac39-4a9d-941d-fa8d8ca9495b/1/IONyheqmIxC8nncrST2dYrqKeTg.mft
File: IONyheqmIxC8nncrST2dYrqKeTg.mft (raw, json)
Hash identifier: LYk/6RiY5R5Wb+ZQCxb6fy3KTSEPBc6Y8e7eK33TEu0=
Subject key identifier: 2E:B2:1E:D2:36:70:34:90:BD:5B:B4:FF:40:1E:5C:F2:0F:22:3B:8A
Authority key identifier: 20:E3:72:85:EA:A6:23:10:BC:9E:77:2B:49:3D:9D:62:BA:8A:79:38
Certificate issuer: /CN=20e37285eaa62310bc9e772b493d9d62ba8a7938
Certificate serial: 019CAD903974DC025188E83EBAF76480B4AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IONyheqmIxC8nncrST2dYrqKeTg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/177f1d-ac39-4a9d-941d-fa8d8ca9495b/1/IONyheqmIxC8nncrST2dYrqKeTg.mft
Manifest number: 0884
Signing time: Mon 02 Mar 2026 08:00:36 +0000
Manifest this update: Mon 02 Mar 2026 08:00:36 +0000
Manifest next update: Tue 03 Mar 2026 08:00:36 +0000
Files and hashes: 1: IONyheqmIxC8nncrST2dYrqKeTg.crl (hash: CThzxZOMirQFMMPygnaa9HPRyevxVQIfMb1bIuG/nJM=)
2: dshUZvB4McXbpCwuJto_ABAOvNQ.roa (hash: V5ln1lpZELvPyBOpg3oQ56WAm93C6lBYruWQT9Rpyxo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a4/177f1d-ac39-4a9d-941d-fa8d8ca9495b/1/IONyheqmIxC8nncrST2dYrqKeTg.crl
rsync://rpki.ripe.net/repository/DEFAULT/a4/177f1d-ac39-4a9d-941d-fa8d8ca9495b/1/IONyheqmIxC8nncrST2dYrqKeTg.mft
rsync://rpki.ripe.net/repository/DEFAULT/IONyheqmIxC8nncrST2dYrqKeTg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ad:90:39:74:dc:02:51:88:e8:3e:ba:f7:64:80:b4:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20e37285eaa62310bc9e772b493d9d62ba8a7938
Validity
Not Before: Mar 2 08:00:36 2026 GMT
Not After : Mar 3 08:00:36 2026 GMT
Subject: CN=2eb21ed236703490bd5bb4ff401e5cf20f223b8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:e1:41:51:b5:3f:33:67:81:3d:d0:49:16:2a:
39:dc:c9:48:52:94:ff:07:0e:85:b0:0f:06:1a:1f:
54:78:6b:73:74:b2:2d:b7:bf:58:a3:16:8a:34:90:
6f:ba:8d:4e:a4:72:5b:df:e7:a6:76:51:60:10:49:
9e:f0:c1:04:94:d4:85:ed:d7:ff:81:0f:33:ec:b4:
49:e6:0d:ca:e0:37:8b:31:37:37:c9:1c:82:08:6d:
3c:e0:21:47:8b:fd:8c:f4:87:e0:4c:b1:b8:60:11:
0a:80:8e:76:fd:0f:6a:00:94:e7:14:89:5c:1e:a3:
96:07:c5:a4:28:9a:da:60:3c:6c:10:74:36:ba:82:
e0:00:b3:68:f3:48:0d:12:5d:e1:b8:81:8c:0e:ef:
5a:89:f1:cb:0f:2c:d8:d7:e2:6b:1d:38:cc:8a:43:
91:00:cf:24:ef:a2:eb:c7:b6:49:7a:9d:33:61:5d:
73:ed:3e:65:60:ac:84:1e:c5:48:6b:ab:e1:ab:45:
d9:11:1a:43:5c:2c:70:4a:21:a5:30:30:32:e6:db:
15:c3:a4:a3:be:41:af:1f:16:65:ca:e3:bf:86:91:
d9:ec:0f:11:83:3b:af:f7:22:8b:6f:b5:18:93:b1:
f2:a4:5d:0b:55:a2:33:64:76:ed:bf:11:d5:08:91:
ca:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:B2:1E:D2:36:70:34:90:BD:5B:B4:FF:40:1E:5C:F2:0F:22:3B:8A
X509v3 Authority Key Identifier:
keyid:20:E3:72:85:EA:A6:23:10:BC:9E:77:2B:49:3D:9D:62:BA:8A:79:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IONyheqmIxC8nncrST2dYrqKeTg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/177f1d-ac39-4a9d-941d-fa8d8ca9495b/1/IONyheqmIxC8nncrST2dYrqKeTg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/177f1d-ac39-4a9d-941d-fa8d8ca9495b/1/IONyheqmIxC8nncrST2dYrqKeTg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
79:0e:7e:dd:f2:d1:38:17:80:80:f3:c1:61:a9:6d:f9:9f:c8:
c6:06:e6:9d:67:06:41:b8:77:e4:2e:61:7d:25:b0:fa:45:89:
1c:cb:ed:fe:3c:5e:48:13:c8:70:cd:ed:cd:16:99:74:2a:f4:
1b:fd:f0:1f:96:87:76:ea:35:94:37:7f:5f:f4:98:04:68:63:
5e:d3:0d:3b:7e:fc:4a:14:79:fd:2e:39:e7:73:73:bf:0c:8b:
50:32:ff:4e:5c:54:43:73:4b:82:68:65:7f:cb:91:75:cb:b2:
31:e8:9c:a0:c7:29:44:ab:6c:56:36:56:04:2f:5a:1b:ae:2a:
c8:e9:4d:5a:20:df:74:63:f6:a3:b1:48:cf:10:a4:1e:ce:1e:
ee:cc:f5:a2:ef:20:fa:45:cb:29:63:60:9b:59:4a:be:1c:00:
a0:e6:85:75:92:4e:05:f6:80:80:8f:3a:3d:51:93:41:53:0d:
12:03:cc:3f:be:07:02:63:c5:ba:b1:9e:1a:4d:8b:1f:35:27:
55:46:e9:9b:09:e2:70:2e:cd:a8:50:79:67:b9:65:fb:4a:40:
44:c6:d7:15:ce:36:2d:a8:3b:c9:99:4a:b4:ad:df:3f:c7:ac:
41:6a:8b:f2:4b:d9:aa:b8:65:5e:af:b9:a4:2d:62:52:57:74:
41:bd:c6:30
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytkDl03AJRiOg+uvdkgLSsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwZTM3Mjg1ZWFhNjIzMTBiYzllNzcyYjQ5M2Q5ZDYyYmE4
YTc5MzgwHhcNMjYwMzAyMDgwMDM2WhcNMjYwMzAzMDgwMDM2WjAzMTEwLwYDVQQD
EygyZWIyMWVkMjM2NzAzNDkwYmQ1YmI0ZmY0MDFlNWNmMjBmMjIzYjhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAveFBUbU/M2eBPdBJFio53MlIUpT/
Bw6FsA8GGh9UeGtzdLItt79YoxaKNJBvuo1OpHJb3+emdlFgEEme8MEElNSF7df/
gQ8z7LRJ5g3K4DeLMTc3yRyCCG084CFHi/2M9IfgTLG4YBEKgI52/Q9qAJTnFIlc
HqOWB8WkKJraYDxsEHQ2uoLgALNo80gNEl3huIGMDu9aifHLDyzY1+JrHTjMikOR
AM8k76Lrx7ZJep0zYV1z7T5lYKyEHsVIa6vhq0XZERpDXCxwSiGlMDAy5tsVw6Sj
vkGvHxZlyuO/hpHZ7A8Rgzuv9yKLb7UYk7HypF0LVaIzZHbtvxHVCJHKUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC6yHtI2cDSQvVu0/0AeXPIPIjuKMB8GA1UdIwQY
MBaAFCDjcoXqpiMQvJ53K0k9nWK6ink4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSU9OeWhlcW1JeEM4bm5jclNUMmRZcnFLZVRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC8xNzdmMWQtYWMzOS00YTlkLTk0MWQt
ZmE4ZDhjYTk0OTViLzEvSU9OeWhlcW1JeEM4bm5jclNUMmRZcnFLZVRnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC8xNzdmMWQtYWMzOS00YTlkLTk0MWQtZmE4ZDhjYTk0OTVi
LzEvSU9OeWhlcW1JeEM4bm5jclNUMmRZcnFLZVRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeQ5+3fLR
OBeAgPPBYalt+Z/IxgbmnWcGQbh35C5hfSWw+kWJHMvt/jxeSBPIcM3tzRaZdCr0
G/3wH5aHduo1lDd/X/SYBGhjXtMNO378ShR5/S4553NzvwyLUDL/TlxUQ3NLgmhl
f8uRdcuyMeicoMcpRKtsVjZWBC9aG64qyOlNWiDfdGP2o7FIzxCkHs4e7sz1ou8g
+kXLKWNgm1lKvhwAoOaFdZJOBfaAgI86PVGTQVMNEgPMP74HAmPFurGeGk2LHzUn
VUbpmwnicC7NqFB5Z7ll+0pARMbXFc42Lag7yZlKtK3fP8esQWqL8kvZqrhlXq+5
pC1iUld0Qb3GMA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 10:54:53 2026 by rpki-client