Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/8878d9-4f1c-426b-8a40-658120ae68e1/1/ICZNUaES0LwizqcxTLBs9aGuM-k.mft
File: ICZNUaES0LwizqcxTLBs9aGuM-k.mft (raw, json)
Hash identifier: QAp+pIVE84j3qfOu/rHcc86NdUbZyF+Mru9RrvERqxg=
Subject key identifier: 64:49:58:C4:82:0E:70:EE:BA:F3:AC:55:5D:AC:F2:3F:E4:17:67:BF
Authority key identifier: 20:26:4D:51:A1:12:D0:BC:22:CE:A7:31:4C:B0:6C:F5:A1:AE:33:E9
Certificate issuer: /CN=20264d51a112d0bc22cea7314cb06cf5a1ae33e9
Certificate serial: 019CAAC6B90597676624A846F5FB9F01C186
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ICZNUaES0LwizqcxTLBs9aGuM-k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/8878d9-4f1c-426b-8a40-658120ae68e1/1/ICZNUaES0LwizqcxTLBs9aGuM-k.mft
Manifest number: 17D9
Signing time: Sun 01 Mar 2026 19:01:16 +0000
Manifest this update: Sun 01 Mar 2026 19:01:16 +0000
Manifest next update: Mon 02 Mar 2026 19:01:16 +0000
Files and hashes: 1: ICZNUaES0LwizqcxTLBs9aGuM-k.crl (hash: tzQTcibi56dWNFpW360pr58ZR04cWNu8ynxt4mpO4Hs=)
2: TlCjshw48MI80zaCqZRdp10HXmU.roa (hash: IUaeg0F1EJZvlebFMhAdUjihSrKer72rVZfI7a/WmYI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b7/8878d9-4f1c-426b-8a40-658120ae68e1/1/ICZNUaES0LwizqcxTLBs9aGuM-k.crl
rsync://rpki.ripe.net/repository/DEFAULT/b7/8878d9-4f1c-426b-8a40-658120ae68e1/1/ICZNUaES0LwizqcxTLBs9aGuM-k.mft
rsync://rpki.ripe.net/repository/DEFAULT/ICZNUaES0LwizqcxTLBs9aGuM-k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:aa:c6:b9:05:97:67:66:24:a8:46:f5:fb:9f:01:c1:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20264d51a112d0bc22cea7314cb06cf5a1ae33e9
Validity
Not Before: Mar 1 19:01:16 2026 GMT
Not After : Mar 2 19:01:16 2026 GMT
Subject: CN=644958c4820e70eebaf3ac555dacf23fe41767bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:1b:e5:ea:d0:a0:d3:2f:02:f7:b6:4e:68:b7:
2c:08:c4:9d:ce:15:f7:e1:b7:39:2a:5d:3c:1f:02:
53:e0:f5:d5:cd:43:cb:b1:de:35:0c:11:81:ee:30:
9c:c3:17:c2:0d:19:31:50:94:d7:a0:ba:da:a8:61:
00:6e:58:26:fc:7f:04:6a:55:ac:ca:78:27:21:1b:
ce:c9:68:7e:b6:7a:7f:8b:82:ca:3e:7b:76:2e:8d:
b9:b5:e8:bd:68:69:1a:c5:0d:ff:bf:a9:4e:1e:1c:
92:56:01:47:3a:69:7d:bd:bf:8d:e3:22:d4:71:fd:
28:15:57:2f:ff:52:89:2e:51:46:35:79:61:b4:10:
59:dc:c3:73:4e:aa:d6:f3:7f:37:85:cb:70:aa:83:
e1:4d:1a:99:e8:b7:2e:ec:26:fa:20:3b:de:c0:bc:
dd:07:86:93:03:83:70:a8:6f:2e:6f:8f:f9:1b:83:
76:37:7b:8c:54:7c:fe:dd:34:27:51:87:60:ef:17:
40:e1:e3:52:f7:cf:9e:e6:07:bb:b5:19:6a:9d:aa:
74:d1:61:a8:e1:69:ba:c2:c1:e3:48:dc:c2:e8:f8:
1f:aa:33:60:67:c7:87:55:d6:97:48:ab:57:1b:21:
d2:22:37:a1:de:2c:87:6e:6a:6d:ff:83:49:e4:db:
71:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:49:58:C4:82:0E:70:EE:BA:F3:AC:55:5D:AC:F2:3F:E4:17:67:BF
X509v3 Authority Key Identifier:
keyid:20:26:4D:51:A1:12:D0:BC:22:CE:A7:31:4C:B0:6C:F5:A1:AE:33:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ICZNUaES0LwizqcxTLBs9aGuM-k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/8878d9-4f1c-426b-8a40-658120ae68e1/1/ICZNUaES0LwizqcxTLBs9aGuM-k.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/8878d9-4f1c-426b-8a40-658120ae68e1/1/ICZNUaES0LwizqcxTLBs9aGuM-k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b1:3b:fc:ed:8b:8d:10:6a:d5:7e:af:cd:9b:33:41:ca:8d:2a:
63:4e:74:82:23:e0:7b:81:64:fe:86:d8:0c:05:90:4e:9b:85:
ff:05:80:51:be:e0:1e:7a:8b:1e:e9:5d:9c:c6:d1:71:63:b4:
cb:fb:d4:53:42:b4:18:e6:b4:15:8b:98:a5:84:7e:67:60:4c:
a7:ce:62:75:9c:c8:10:d4:8a:88:84:82:f5:2f:2d:82:8b:ae:
0d:2e:b6:db:38:12:bd:b8:56:8f:6f:dc:5a:f0:16:5a:90:c9:
98:6b:0b:c0:81:31:f2:c5:7e:aa:d7:d5:01:30:7a:67:3e:18:
3b:86:c2:74:c4:58:ce:68:a6:da:24:5b:72:4f:3f:2d:d8:52:
f8:2f:4f:d4:8b:46:46:c0:2f:27:14:9e:c0:08:5f:3f:70:6f:
fc:17:b3:4d:5b:4a:87:fd:56:a8:e8:92:7d:29:46:7e:52:f8:
19:e4:89:0d:13:9f:6b:c3:e2:c5:5a:7a:54:7b:53:eb:b5:f1:
bd:03:b7:99:27:88:00:c1:0b:cc:d7:44:de:8e:83:17:d6:c9:
4e:c4:f5:00:19:56:d5:19:b9:df:d7:53:ce:ca:92:79:44:f7:
46:33:30:c4:19:9f:cd:b1:1c:e6:2d:5e:f8:99:a2:99:00:58:
3d:1c:18:f0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqxrkFl2dmJKhG9fufAcGGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwMjY0ZDUxYTExMmQwYmMyMmNlYTczMTRjYjA2Y2Y1YTFh
ZTMzZTkwHhcNMjYwMzAxMTkwMTE2WhcNMjYwMzAyMTkwMTE2WjAzMTEwLwYDVQQD
Eyg2NDQ5NThjNDgyMGU3MGVlYmFmM2FjNTU1ZGFjZjIzZmU0MTc2N2JmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuhvl6tCg0y8C97ZOaLcsCMSdzhX3
4bc5Kl08HwJT4PXVzUPLsd41DBGB7jCcwxfCDRkxUJTXoLraqGEAblgm/H8EalWs
yngnIRvOyWh+tnp/i4LKPnt2Lo25tei9aGkaxQ3/v6lOHhySVgFHOml9vb+N4yLU
cf0oFVcv/1KJLlFGNXlhtBBZ3MNzTqrW8383hctwqoPhTRqZ6Lcu7Cb6IDvewLzd
B4aTA4NwqG8ub4/5G4N2N3uMVHz+3TQnUYdg7xdA4eNS98+e5ge7tRlqnap00WGo
4Wm6wsHjSNzC6PgfqjNgZ8eHVdaXSKtXGyHSIjeh3iyHbmpt/4NJ5Ntx1wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGRJWMSCDnDuuvOsVV2s8j/kF2e/MB8GA1UdIwQY
MBaAFCAmTVGhEtC8Is6nMUywbPWhrjPpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUNaTlVhRVMwTHdpenFjeFRMQnM5YUd1TS1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy84ODc4ZDktNGYxYy00MjZiLThhNDAt
NjU4MTIwYWU2OGUxLzEvSUNaTlVhRVMwTHdpenFjeFRMQnM5YUd1TS1rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy84ODc4ZDktNGYxYy00MjZiLThhNDAtNjU4MTIwYWU2OGUx
LzEvSUNaTlVhRVMwTHdpenFjeFRMQnM5YUd1TS1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsTv87YuN
EGrVfq/NmzNByo0qY050giPge4Fk/obYDAWQTpuF/wWAUb7gHnqLHuldnMbRcWO0
y/vUU0K0GOa0FYuYpYR+Z2BMp85idZzIENSKiISC9S8tgouuDS622zgSvbhWj2/c
WvAWWpDJmGsLwIEx8sV+qtfVATB6Zz4YO4bCdMRYzmim2iRbck8/LdhS+C9P1ItG
RsAvJxSewAhfP3Bv/BezTVtKh/1WqOiSfSlGflL4GeSJDROfa8PixVp6VHtT67Xx
vQO3mSeIAMELzNdE3o6DF9bJTsT1ABlW1Rm539dTzsqSeUT3RjMwxBmfzbEc5i1e
+JmimQBYPRwY8A==
-----END CERTIFICATE-----
Generated at Mon Mar 2 00:47:03 2026 by rpki-client