Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/9145cb-02bd-47e6-b04b-0871152a1aa3/1/iaWq49f3LuzoOWtBSSIIrdUhhDU.mft
File: iaWq49f3LuzoOWtBSSIIrdUhhDU.mft (raw, json)
Hash identifier: YI3VBG3u8eqVV5uev2g/AI6U0xStKwmMQhJlO9A5kTo=
Subject key identifier: 48:8D:6D:F1:E3:16:01:C2:E6:1C:EE:88:DA:CB:6D:4E:29:73:9D:50
Authority key identifier: 89:A5:AA:E3:D7:F7:2E:EC:E8:39:6B:41:49:22:08:AD:D5:21:84:35
Certificate issuer: /CN=89a5aae3d7f72eece8396b41492208add5218435
Certificate serial: 019D99CFF585FB6A78A47F698CDF4402E29E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iaWq49f3LuzoOWtBSSIIrdUhhDU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/9145cb-02bd-47e6-b04b-0871152a1aa3/1/iaWq49f3LuzoOWtBSSIIrdUhhDU.mft
Manifest number: 17B2
Signing time: Fri 17 Apr 2026 05:00:35 +0000
Manifest this update: Fri 17 Apr 2026 05:00:35 +0000
Manifest next update: Sat 18 Apr 2026 05:00:35 +0000
Files and hashes: 1: iaWq49f3LuzoOWtBSSIIrdUhhDU.crl (hash: E26l560hfbwnRS5obOp3gCxE1tLrH7oARcXYI25SBeE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/9145cb-02bd-47e6-b04b-0871152a1aa3/1/iaWq49f3LuzoOWtBSSIIrdUhhDU.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/9145cb-02bd-47e6-b04b-0871152a1aa3/1/iaWq49f3LuzoOWtBSSIIrdUhhDU.mft
rsync://rpki.ripe.net/repository/DEFAULT/iaWq49f3LuzoOWtBSSIIrdUhhDU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:99:cf:f5:85:fb:6a:78:a4:7f:69:8c:df:44:02:e2:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89a5aae3d7f72eece8396b41492208add5218435
Validity
Not Before: Apr 17 05:00:35 2026 GMT
Not After : Apr 18 05:00:35 2026 GMT
Subject: CN=488d6df1e31601c2e61cee88dacb6d4e29739d50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:e7:ec:71:b7:94:b4:da:c7:f1:df:10:0a:22:
fc:6c:90:0e:8f:18:7e:b0:fd:c0:2a:cf:bb:45:e3:
8c:26:0d:91:1a:3d:a1:cb:92:8f:14:27:9b:14:00:
61:07:ed:8e:36:7c:56:3c:c8:98:d7:1b:85:0a:2e:
4a:ef:de:80:e4:12:8b:8c:b5:5d:f2:03:3c:c6:1b:
5c:f2:c8:0b:da:e5:63:79:63:0d:9c:be:11:28:cd:
a0:e4:7c:53:b2:58:a1:94:b5:76:47:c6:c8:0b:eb:
48:e7:41:d6:a8:c3:9e:51:75:49:55:2e:25:0f:05:
f8:3e:5c:47:6d:44:9a:ed:1f:1a:20:25:de:28:9f:
64:37:23:1e:07:d8:53:02:99:ad:46:b3:67:49:7c:
8b:e6:cd:ea:35:0c:b4:b7:52:2c:c4:b6:19:be:7a:
51:f7:f9:f6:32:87:98:e4:91:cc:f2:3a:ce:db:50:
ea:33:40:0f:d2:62:42:d4:9c:d8:ad:e5:2b:08:0b:
cb:aa:17:ee:eb:a5:d9:37:fb:52:77:03:f0:ee:69:
63:23:8a:5f:fe:61:28:f2:0e:f4:fc:24:88:83:75:
f9:e2:b5:6d:bb:a0:4c:e5:4c:60:7b:2c:71:f2:5c:
54:9d:e4:70:76:6e:04:6e:da:20:79:b9:d4:b2:e2:
db:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:8D:6D:F1:E3:16:01:C2:E6:1C:EE:88:DA:CB:6D:4E:29:73:9D:50
X509v3 Authority Key Identifier:
keyid:89:A5:AA:E3:D7:F7:2E:EC:E8:39:6B:41:49:22:08:AD:D5:21:84:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iaWq49f3LuzoOWtBSSIIrdUhhDU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/9145cb-02bd-47e6-b04b-0871152a1aa3/1/iaWq49f3LuzoOWtBSSIIrdUhhDU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/9145cb-02bd-47e6-b04b-0871152a1aa3/1/iaWq49f3LuzoOWtBSSIIrdUhhDU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4b:bd:0d:9f:c3:27:fc:16:5c:23:e4:99:87:91:24:25:a8:d6:
1b:72:00:67:ff:a5:c0:c7:49:98:d1:6a:bf:36:4b:e8:c3:33:
e1:be:c7:81:e8:01:5b:b9:47:44:a1:7b:ea:b9:f6:36:ae:61:
9f:b8:7b:fa:37:cf:11:ab:65:2f:d9:ef:c6:94:79:1a:ae:df:
de:3c:77:39:58:10:df:01:1b:b3:73:38:dd:16:ae:a2:d1:d7:
d9:ea:be:f7:94:5b:8d:15:00:dd:c6:cd:7c:4f:64:82:90:33:
82:47:3a:d2:a9:cc:8b:79:5a:7c:94:a1:03:92:c0:a3:d6:fd:
35:c9:9a:cb:44:52:ca:db:48:e0:cf:14:16:da:15:95:43:02:
9b:40:30:bd:aa:73:fe:b1:39:b4:24:6a:45:20:c9:d7:73:09:
73:f6:96:2e:17:d8:d6:e8:9c:bc:0c:07:56:06:96:00:13:32:
22:3f:fa:f5:dc:a5:06:ed:5d:0d:4f:c5:6a:1a:1c:bf:e1:11:
a8:d8:2a:29:7a:f8:bb:ac:4e:08:1b:d6:25:4b:94:d5:dd:33:
59:4d:14:3b:ee:15:64:04:8c:51:9a:c9:75:0d:f6:41:7c:d9:
82:35:37:be:6c:42:2f:7c:e4:d0:59:51:49:94:97:c8:bb:8c:
c5:83:e9:54
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Zz/WF+2p4pH9pjN9EAuKeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5YTVhYWUzZDdmNzJlZWNlODM5NmI0MTQ5MjIwOGFkZDUy
MTg0MzUwHhcNMjYwNDE3MDUwMDM1WhcNMjYwNDE4MDUwMDM1WjAzMTEwLwYDVQQD
Eyg0ODhkNmRmMWUzMTYwMWMyZTYxY2VlODhkYWNiNmQ0ZTI5NzM5ZDUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk+fscbeUtNrH8d8QCiL8bJAOjxh+
sP3AKs+7ReOMJg2RGj2hy5KPFCebFABhB+2ONnxWPMiY1xuFCi5K796A5BKLjLVd
8gM8xhtc8sgL2uVjeWMNnL4RKM2g5HxTslihlLV2R8bIC+tI50HWqMOeUXVJVS4l
DwX4PlxHbUSa7R8aICXeKJ9kNyMeB9hTApmtRrNnSXyL5s3qNQy0t1IsxLYZvnpR
9/n2MoeY5JHM8jrO21DqM0AP0mJC1JzYreUrCAvLqhfu66XZN/tSdwPw7mljI4pf
/mEo8g70/CSIg3X54rVtu6BM5Uxgeyxx8lxUneRwdm4EbtogebnUsuLbMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEiNbfHjFgHC5hzuiNrLbU4pc51QMB8GA1UdIwQY
MBaAFImlquPX9y7s6DlrQUkiCK3VIYQ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWFXcTQ5ZjNMdXpvT1d0QlNTSUlyZFVoaERVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy85MTQ1Y2ItMDJiZC00N2U2LWIwNGIt
MDg3MTE1MmExYWEzLzEvaWFXcTQ5ZjNMdXpvT1d0QlNTSUlyZFVoaERVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy85MTQ1Y2ItMDJiZC00N2U2LWIwNGItMDg3MTE1MmExYWEz
LzEvaWFXcTQ5ZjNMdXpvT1d0QlNTSUlyZFVoaERVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAS70Nn8Mn
/BZcI+SZh5EkJajWG3IAZ/+lwMdJmNFqvzZL6MMz4b7HgegBW7lHRKF76rn2Nq5h
n7h7+jfPEatlL9nvxpR5Gq7f3jx3OVgQ3wEbs3M43RauotHX2eq+95RbjRUA3cbN
fE9kgpAzgkc60qnMi3lafJShA5LAo9b9Ncmay0RSyttI4M8UFtoVlUMCm0Awvapz
/rE5tCRqRSDJ13MJc/aWLhfY1uicvAwHVgaWABMyIj/69dylBu1dDU/Fahocv+ER
qNgqKXr4u6xOCBvWJUuU1d0zWU0UO+4VZASMUZrJdQ32QXzZgjU3vmxCL3zk0FlR
SZSXyLuMxYPpVA==
-----END CERTIFICATE-----
Generated at Fri Apr 17 07:06:51 2026 by rpki-client