
Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/dcd15e-eb12-4631-b220-0226d45a7532/1/IYHFs8t-6x5JWCFVoZGOxhL5WsY.mft
File: IYHFs8t-6x5JWCFVoZGOxhL5WsY.mft (raw, json)
Hash identifier: fWy2p/h9yt4/Th43NHd6C2nryn9GCPXIWdNpRzCHBtg=
Subject key identifier: B1:C3:71:AA:0C:FA:04:8F:8B:72:4C:A9:2A:2C:D8:93:F7:09:D9:C0
Authority key identifier: 21:81:C5:B3:CB:7E:EB:1E:49:58:21:55:A1:91:8E:C6:12:F9:5A:C6
Certificate issuer: /CN=2181c5b3cb7eeb1e49582155a1918ec612f95ac6
Certificate serial: 019CADC7B534D31F776E2D1093CC7732A247
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYHFs8t-6x5JWCFVoZGOxhL5WsY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/dcd15e-eb12-4631-b220-0226d45a7532/1/IYHFs8t-6x5JWCFVoZGOxhL5WsY.mft
Manifest number: 01D4
Signing time: Mon 02 Mar 2026 09:01:12 +0000
Manifest this update: Mon 02 Mar 2026 09:01:12 +0000
Manifest next update: Tue 03 Mar 2026 09:01:12 +0000
Files and hashes: 1: IYHFs8t-6x5JWCFVoZGOxhL5WsY.crl (hash: 0DI9+RXiT9pcmMYWoNew7dF1YECt4IQE2z29MOviLSI=)
2: l8MRszfSe4qexC-9JyLTk4XoVgk.roa (hash: 9EV7cJFTRMkileOYn43dLtuQWD4NKNC4K7WAWUwzDvY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/dcd15e-eb12-4631-b220-0226d45a7532/1/IYHFs8t-6x5JWCFVoZGOxhL5WsY.crl
rsync://rpki.ripe.net/repository/DEFAULT/ca/dcd15e-eb12-4631-b220-0226d45a7532/1/IYHFs8t-6x5JWCFVoZGOxhL5WsY.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYHFs8t-6x5JWCFVoZGOxhL5WsY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 09:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ad:c7:b5:34:d3:1f:77:6e:2d:10:93:cc:77:32:a2:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2181c5b3cb7eeb1e49582155a1918ec612f95ac6
Validity
Not Before: Mar 2 09:01:12 2026 GMT
Not After : Mar 3 09:01:12 2026 GMT
Subject: CN=b1c371aa0cfa048f8b724ca92a2cd893f709d9c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:4b:e9:31:3b:9d:44:9f:f8:ce:59:ae:f5:4a:
c6:df:fc:7c:89:ad:2d:a5:fa:35:fc:46:dc:96:cb:
7c:dc:ca:ae:b4:36:be:14:99:1d:cb:29:fd:bb:23:
81:bd:f8:c7:9e:a6:8a:05:25:13:cf:4c:1e:85:5e:
8d:ac:49:3a:a3:1d:5f:9f:a4:02:25:fc:94:62:a7:
16:c1:22:8c:1a:26:e8:a0:f1:52:a2:aa:ff:12:dd:
30:9c:a7:c7:c6:5b:1a:2b:5b:4e:6e:95:a0:97:24:
bc:d5:3a:06:8a:a6:e9:b5:e4:15:0a:be:6d:0c:42:
22:e7:85:d0:97:a8:83:43:77:0a:1a:98:67:b0:62:
96:43:fe:b8:ca:1e:0f:4a:27:32:e4:fc:02:e2:38:
1a:8b:da:51:b3:64:9b:e8:70:d1:b1:64:ca:ab:0c:
29:1e:a5:ca:d0:3a:51:7f:68:24:35:99:cb:dd:b0:
0a:6f:3a:7c:14:b1:e0:3b:3f:fb:9b:03:fe:04:d2:
41:2e:7e:fe:24:68:07:f2:e3:97:4e:55:be:1b:58:
19:a3:95:a2:aa:ad:9e:8c:36:36:4f:1a:d9:e4:84:
2a:90:61:27:87:a0:9c:f3:00:bc:48:84:99:0d:b5:
c2:99:df:02:af:57:1d:08:da:dd:20:39:a3:07:f8:
1f:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:C3:71:AA:0C:FA:04:8F:8B:72:4C:A9:2A:2C:D8:93:F7:09:D9:C0
X509v3 Authority Key Identifier:
keyid:21:81:C5:B3:CB:7E:EB:1E:49:58:21:55:A1:91:8E:C6:12:F9:5A:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYHFs8t-6x5JWCFVoZGOxhL5WsY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/dcd15e-eb12-4631-b220-0226d45a7532/1/IYHFs8t-6x5JWCFVoZGOxhL5WsY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/dcd15e-eb12-4631-b220-0226d45a7532/1/IYHFs8t-6x5JWCFVoZGOxhL5WsY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a6:fc:01:39:33:95:42:82:05:01:d3:f8:3f:9c:04:46:44:09:
34:a9:6f:f8:4c:3d:6d:0b:64:97:45:73:e8:68:1c:6d:c0:f2:
66:c9:55:44:c9:9c:9d:c1:1a:26:17:e6:ec:38:01:bc:1a:43:
45:0f:fc:13:b8:8a:d6:af:35:d8:c8:8d:58:22:7d:a1:c0:e2:
39:5d:4c:eb:54:c7:01:bf:f9:10:9e:39:35:4b:08:58:8a:61:
94:58:c1:88:38:17:01:8d:94:5b:44:00:f3:39:3c:2f:43:37:
14:7d:3a:49:21:5e:a2:ba:17:9b:42:6e:b7:c9:f8:1c:11:27:
bf:43:54:f6:74:a3:ea:20:c5:5c:fa:18:d3:43:78:62:97:6d:
1f:df:d5:cf:5b:ac:80:6a:cf:a1:fd:72:e0:48:06:57:98:c2:
38:19:ec:6e:58:f4:03:12:b3:d2:47:77:c1:03:fc:a3:58:64:
59:82:84:83:48:2e:d9:cd:a3:8c:71:11:f9:c0:7b:1b:42:66:
fc:42:5c:d6:1b:6b:99:73:de:d1:f4:0a:f6:e5:af:2f:1e:1b:
61:20:c5:71:2f:6c:4a:22:be:5d:e4:74:1a:47:b4:21:4c:93:
6f:32:fc:3e:84:3a:ef:42:ad:82:d0:29:e3:54:b0:e1:1d:49:
2e:ee:d9:53
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytx7U00x93bi0Qk8x3MqJHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxODFjNWIzY2I3ZWViMWU0OTU4MjE1NWExOTE4ZWM2MTJm
OTVhYzYwHhcNMjYwMzAyMDkwMTEyWhcNMjYwMzAzMDkwMTEyWjAzMTEwLwYDVQQD
EyhiMWMzNzFhYTBjZmEwNDhmOGI3MjRjYTkyYTJjZDg5M2Y3MDlkOWMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwEvpMTudRJ/4zlmu9UrG3/x8ia0t
pfo1/Ebclst83MqutDa+FJkdyyn9uyOBvfjHnqaKBSUTz0wehV6NrEk6ox1fn6QC
JfyUYqcWwSKMGibooPFSoqr/Et0wnKfHxlsaK1tObpWglyS81ToGiqbpteQVCr5t
DEIi54XQl6iDQ3cKGphnsGKWQ/64yh4PSicy5PwC4jgai9pRs2Sb6HDRsWTKqwwp
HqXK0DpRf2gkNZnL3bAKbzp8FLHgOz/7mwP+BNJBLn7+JGgH8uOXTlW+G1gZo5Wi
qq2ejDY2TxrZ5IQqkGEnh6Cc8wC8SISZDbXCmd8Cr1cdCNrdIDmjB/gf/QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLHDcaoM+gSPi3JMqSos2JP3CdnAMB8GA1UdIwQY
MBaAFCGBxbPLfuseSVghVaGRjsYS+VrGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVlIRnM4dC02eDVKV0NGVm9aR094aEw1V3NZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9kY2QxNWUtZWIxMi00NjMxLWIyMjAt
MDIyNmQ0NWE3NTMyLzEvSVlIRnM4dC02eDVKV0NGVm9aR094aEw1V3NZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9kY2QxNWUtZWIxMi00NjMxLWIyMjAtMDIyNmQ0NWE3NTMy
LzEvSVlIRnM4dC02eDVKV0NGVm9aR094aEw1V3NZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApvwBOTOV
QoIFAdP4P5wERkQJNKlv+Ew9bQtkl0Vz6GgcbcDyZslVRMmcncEaJhfm7DgBvBpD
RQ/8E7iK1q812MiNWCJ9ocDiOV1M61THAb/5EJ45NUsIWIphlFjBiDgXAY2UW0QA
8zk8L0M3FH06SSFeoroXm0Jut8n4HBEnv0NU9nSj6iDFXPoY00N4YpdtH9/Vz1us
gGrPof1y4EgGV5jCOBnsblj0AxKz0kd3wQP8o1hkWYKEg0gu2c2jjHER+cB7G0Jm
/EJc1htrmXPe0fQK9uWvLx4bYSDFcS9sSiK+XeR0Gke0IUyTbzL8PoQ670KtgtAp
41Sw4R1JLu7ZUw==
-----END CERTIFICATE-----
Generated at Mon Mar 2 13:19:49 2026 by rpki-client