Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/30cdbe-11e1-44ca-b654-029e63f0889a/1/iwPcp2MZkDFS8kbgXAaf0aHbXFk.mft
File: iwPcp2MZkDFS8kbgXAaf0aHbXFk.mft (raw, json)
Hash identifier: TIpDMQTscDM8Wkp412meCQZTe2BE4mnmudRoy9VGPyA=
Subject key identifier: 13:45:19:02:A1:F8:7F:58:37:CD:AC:43:A7:37:7B:46:19:A8:83:D6
Authority key identifier: 8B:03:DC:A7:63:19:90:31:52:F2:46:E0:5C:06:9F:D1:A1:DB:5C:59
Certificate issuer: /CN=8b03dca76319903152f246e05c069fd1a1db5c59
Certificate serial: 019CAAC602D3F955326F4F6EE5C828BB2FF2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iwPcp2MZkDFS8kbgXAaf0aHbXFk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/30cdbe-11e1-44ca-b654-029e63f0889a/1/iwPcp2MZkDFS8kbgXAaf0aHbXFk.mft
Manifest number: 0951
Signing time: Sun 01 Mar 2026 19:00:29 +0000
Manifest this update: Sun 01 Mar 2026 19:00:29 +0000
Manifest next update: Mon 02 Mar 2026 19:00:29 +0000
Files and hashes: 1: iwPcp2MZkDFS8kbgXAaf0aHbXFk.crl (hash: x2WFiMrUilxSjlIpPeDaWWis6qYzDdy/N650LBnfSLU=)
2: rTrNf2BtsL1vlw_R__r7UKcCZJk.roa (hash: lQAxfhbBIAhm99xgTizcCxmFSvD0y0yK3pththJkeEg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d7/30cdbe-11e1-44ca-b654-029e63f0889a/1/iwPcp2MZkDFS8kbgXAaf0aHbXFk.crl
rsync://rpki.ripe.net/repository/DEFAULT/d7/30cdbe-11e1-44ca-b654-029e63f0889a/1/iwPcp2MZkDFS8kbgXAaf0aHbXFk.mft
rsync://rpki.ripe.net/repository/DEFAULT/iwPcp2MZkDFS8kbgXAaf0aHbXFk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:aa:c6:02:d3:f9:55:32:6f:4f:6e:e5:c8:28:bb:2f:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b03dca76319903152f246e05c069fd1a1db5c59
Validity
Not Before: Mar 1 19:00:29 2026 GMT
Not After : Mar 2 19:00:29 2026 GMT
Subject: CN=13451902a1f87f5837cdac43a7377b4619a883d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:80:3e:d5:40:ba:44:e3:92:85:70:27:04:df:
14:87:3d:8a:d6:f2:50:d5:4f:36:fd:cc:cb:42:4a:
2d:22:02:97:cd:57:58:27:d9:f2:f5:f2:3d:6a:df:
bf:d5:cb:d4:a5:48:29:e3:20:8e:d6:dc:d1:78:6b:
75:7b:3f:53:5d:e7:75:a1:bd:b2:75:b7:d7:1c:c5:
90:2a:fa:29:5d:23:23:49:95:42:9b:8e:9b:9a:3b:
af:da:87:32:fc:a4:e5:df:6e:d9:78:98:2f:64:35:
74:bd:51:be:30:9a:71:9c:4d:69:b7:f8:78:d3:17:
37:cd:d4:ba:3e:a2:6c:61:10:cb:e2:01:2f:93:56:
73:eb:ee:b0:35:d8:08:17:bc:3b:08:69:55:80:1f:
fb:6a:34:d2:1b:94:59:46:79:55:48:03:4d:de:ac:
72:6f:6d:3b:44:ca:a9:4b:1a:2b:eb:3f:dc:55:5f:
4d:d3:fb:48:75:e7:e9:c5:6d:d5:cf:5a:45:d2:4a:
1b:d4:e1:03:2d:2c:c4:56:7f:c3:28:e7:e9:ce:32:
d2:d1:53:c8:9c:9a:4f:3b:68:0d:c3:8c:82:14:2f:
13:54:a7:bc:ca:d4:c2:c0:74:48:6e:e7:86:17:3a:
66:2d:b8:73:81:73:a5:4d:e3:74:bf:51:6b:81:b2:
3f:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:45:19:02:A1:F8:7F:58:37:CD:AC:43:A7:37:7B:46:19:A8:83:D6
X509v3 Authority Key Identifier:
keyid:8B:03:DC:A7:63:19:90:31:52:F2:46:E0:5C:06:9F:D1:A1:DB:5C:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iwPcp2MZkDFS8kbgXAaf0aHbXFk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/30cdbe-11e1-44ca-b654-029e63f0889a/1/iwPcp2MZkDFS8kbgXAaf0aHbXFk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/30cdbe-11e1-44ca-b654-029e63f0889a/1/iwPcp2MZkDFS8kbgXAaf0aHbXFk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5e:d5:f5:d3:4d:52:d8:c7:e8:73:65:b2:6d:0c:d8:2f:df:cc:
98:a4:e0:8c:84:fd:4e:3b:e2:ce:dc:f8:f7:9a:a4:23:c1:16:
a5:9e:61:6c:9d:a0:23:cc:f0:24:4b:9e:79:ec:c0:e9:29:e4:
5b:0d:b0:1e:c8:e6:9a:64:4b:02:41:48:54:60:3a:6e:14:f5:
b7:d9:43:c9:08:76:e5:f6:f7:3f:d4:52:12:7e:53:39:1e:6d:
91:52:34:5a:3d:5a:60:70:b2:99:c8:cb:75:ab:d4:97:e8:e1:
74:a4:96:38:45:1f:9a:03:3d:ef:4d:db:b5:d5:f2:85:1c:6f:
78:5f:e1:05:2b:ad:5d:7d:a7:a3:59:30:09:e4:68:98:37:6d:
82:7f:45:a2:fd:06:c5:08:de:7c:fe:cf:a6:e4:6a:bf:20:89:
44:fb:b0:40:6e:f1:42:49:a1:cd:87:21:ec:23:fc:c9:5a:15:
2a:fe:3b:b8:f6:99:0f:50:c0:97:02:65:55:ec:fb:61:6e:e9:
23:ef:06:66:9f:7f:3a:39:8c:20:e6:60:51:5a:d0:e0:c6:36:
94:66:53:99:e6:6a:9a:77:b3:3c:7b:be:4c:f4:ff:99:d8:d0:
70:9b:55:7b:3c:d9:25:84:f9:e6:4b:98:98:52:6e:df:94:cb:
88:d0:c7:0c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqxgLT+VUyb09u5cgouy/yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiMDNkY2E3NjMxOTkwMzE1MmYyNDZlMDVjMDY5ZmQxYTFk
YjVjNTkwHhcNMjYwMzAxMTkwMDI5WhcNMjYwMzAyMTkwMDI5WjAzMTEwLwYDVQQD
EygxMzQ1MTkwMmExZjg3ZjU4MzdjZGFjNDNhNzM3N2I0NjE5YTg4M2Q2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvYA+1UC6ROOShXAnBN8Uhz2K1vJQ
1U82/czLQkotIgKXzVdYJ9ny9fI9at+/1cvUpUgp4yCO1tzReGt1ez9TXed1ob2y
dbfXHMWQKvopXSMjSZVCm46bmjuv2ocy/KTl327ZeJgvZDV0vVG+MJpxnE1pt/h4
0xc3zdS6PqJsYRDL4gEvk1Zz6+6wNdgIF7w7CGlVgB/7ajTSG5RZRnlVSANN3qxy
b207RMqpSxor6z/cVV9N0/tIdefpxW3Vz1pF0kob1OEDLSzEVn/DKOfpzjLS0VPI
nJpPO2gNw4yCFC8TVKe8ytTCwHRIbueGFzpmLbhzgXOlTeN0v1FrgbI/uQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBNFGQKh+H9YN82sQ6c3e0YZqIPWMB8GA1UdIwQY
MBaAFIsD3KdjGZAxUvJG4FwGn9Gh21xZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXdQY3AyTVprREZTOGtiZ1hBYWYwYUhiWEZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy8zMGNkYmUtMTFlMS00NGNhLWI2NTQt
MDI5ZTYzZjA4ODlhLzEvaXdQY3AyTVprREZTOGtiZ1hBYWYwYUhiWEZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy8zMGNkYmUtMTFlMS00NGNhLWI2NTQtMDI5ZTYzZjA4ODlh
LzEvaXdQY3AyTVprREZTOGtiZ1hBYWYwYUhiWEZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXtX1001S
2Mfoc2WybQzYL9/MmKTgjIT9Tjviztz495qkI8EWpZ5hbJ2gI8zwJEueeezA6Snk
Ww2wHsjmmmRLAkFIVGA6bhT1t9lDyQh25fb3P9RSEn5TOR5tkVI0Wj1aYHCymcjL
davUl+jhdKSWOEUfmgM9703btdXyhRxveF/hBSutXX2no1kwCeRomDdtgn9Fov0G
xQjefP7PpuRqvyCJRPuwQG7xQkmhzYch7CP8yVoVKv47uPaZD1DAlwJlVez7YW7p
I+8GZp9/OjmMIOZgUVrQ4MY2lGZTmeZqmnezPHu+TPT/mdjQcJtVezzZJYT55kuY
mFJu35TLiNDHDA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 03:44:44 2026 by rpki-client