Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/645bb2-fc34-429b-a7f0-cf03fa4ca083/1/iKjTJfl7A3EzQmgvxAjVM2h0Dn0.mft
File: iKjTJfl7A3EzQmgvxAjVM2h0Dn0.mft (raw, json)
Hash identifier: RE3mPwopnDm1VzdkqSc2BuheXB9a8BuGtiAy84koCkA=
Subject key identifier: 22:25:54:23:42:83:28:DE:D4:56:75:DC:13:3D:71:76:7D:58:40:02
Authority key identifier: 88:A8:D3:25:F9:7B:03:71:33:42:68:2F:C4:08:D5:33:68:74:0E:7D
Certificate issuer: /CN=88a8d325f97b03713342682fc408d53368740e7d
Certificate serial: 019D2960AFE4A96FBE5C67EFBBC2AD313BE2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iKjTJfl7A3EzQmgvxAjVM2h0Dn0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/645bb2-fc34-429b-a7f0-cf03fa4ca083/1/iKjTJfl7A3EzQmgvxAjVM2h0Dn0.mft
Manifest number: 1315
Signing time: Thu 26 Mar 2026 09:01:35 +0000
Manifest this update: Thu 26 Mar 2026 09:01:35 +0000
Manifest next update: Fri 27 Mar 2026 09:01:35 +0000
Files and hashes: 1: 5lnasV2204ovFjXYLSXNVvtyrOk.roa (hash: xjGig7wrwgL+6zENtEl5DMDRUc85WEr4TmfLvxx+0vU=)
2: iKjTJfl7A3EzQmgvxAjVM2h0Dn0.crl (hash: XUx36TEDP8EBQGrnwJF3oAW+RbHCULdfHL7or3LKcfE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/645bb2-fc34-429b-a7f0-cf03fa4ca083/1/iKjTJfl7A3EzQmgvxAjVM2h0Dn0.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/645bb2-fc34-429b-a7f0-cf03fa4ca083/1/iKjTJfl7A3EzQmgvxAjVM2h0Dn0.mft
rsync://rpki.ripe.net/repository/DEFAULT/iKjTJfl7A3EzQmgvxAjVM2h0Dn0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:29:60:af:e4:a9:6f:be:5c:67:ef:bb:c2:ad:31:3b:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88a8d325f97b03713342682fc408d53368740e7d
Validity
Not Before: Mar 26 09:01:35 2026 GMT
Not After : Mar 27 09:01:35 2026 GMT
Subject: CN=22255423428328ded45675dc133d71767d584002
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:d8:df:33:03:00:86:e9:5c:38:66:9a:cb:65:
b1:86:af:52:bf:9f:2e:99:66:80:19:f6:df:84:ef:
84:b1:d8:07:0c:9d:05:23:03:ac:17:87:a4:80:21:
04:e2:de:9f:20:4b:48:58:df:00:89:8e:3a:97:9f:
ab:d2:71:17:0e:2b:68:cb:ef:8d:b5:f7:94:0e:9c:
e9:bf:8a:bd:89:0c:18:98:11:f2:3f:6b:90:e6:0b:
25:06:95:bb:fa:e1:11:cf:cf:67:a1:77:ea:cf:62:
ce:84:24:6e:07:69:86:8e:f9:cd:e8:f0:d5:82:11:
fa:24:d9:9e:19:e6:52:8f:1c:d7:2d:c4:6e:81:c8:
cd:c1:7e:5b:eb:82:5f:cb:04:55:8c:60:72:db:a2:
59:bf:07:ab:71:80:e2:08:e5:77:11:0f:57:69:a4:
a4:eb:5e:ea:9b:25:4e:5f:af:62:b1:0e:e0:44:1b:
8c:7e:7d:49:05:f5:e0:5b:b3:a6:d0:76:f4:a7:77:
9a:51:ef:1f:cf:8f:8f:de:ed:a4:d2:db:bf:bb:0e:
eb:d1:15:7b:4b:1c:46:2e:c3:1f:0c:f3:0d:cd:69:
f6:87:5b:ee:61:7d:3e:9e:47:b1:c5:3c:a3:65:fd:
53:74:36:d9:09:db:11:ec:93:1a:d8:98:c7:20:8c:
67:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:25:54:23:42:83:28:DE:D4:56:75:DC:13:3D:71:76:7D:58:40:02
X509v3 Authority Key Identifier:
keyid:88:A8:D3:25:F9:7B:03:71:33:42:68:2F:C4:08:D5:33:68:74:0E:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iKjTJfl7A3EzQmgvxAjVM2h0Dn0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/645bb2-fc34-429b-a7f0-cf03fa4ca083/1/iKjTJfl7A3EzQmgvxAjVM2h0Dn0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/645bb2-fc34-429b-a7f0-cf03fa4ca083/1/iKjTJfl7A3EzQmgvxAjVM2h0Dn0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9b:a8:73:f2:00:17:aa:6f:8a:61:98:0a:dd:8d:84:3b:0b:29:
24:0a:81:3b:4d:ce:fd:a9:05:7b:7f:f1:90:bd:0b:23:8e:8a:
16:4e:f4:b3:6b:9e:3c:c4:bb:01:18:2f:23:55:3a:ae:81:04:
1a:a7:9e:5a:23:17:ae:ec:7e:88:0c:9a:b6:c9:e0:94:92:74:
8f:de:20:ac:e5:fd:52:3d:9b:b5:ae:0d:69:b2:bb:f8:10:5a:
45:45:f6:b3:ac:ec:70:49:50:1e:42:ea:e5:a7:e5:cb:a0:e6:
99:8f:c2:c6:ea:3f:82:24:a9:39:32:ef:68:6a:c9:aa:8c:3b:
a1:db:c3:37:61:64:96:af:5b:21:3c:62:c3:74:12:51:45:f6:
7e:b2:2d:dd:c7:2f:b9:ea:7d:ae:40:62:cf:a1:0a:56:af:3c:
bc:1b:24:0f:f4:65:54:b2:44:c8:99:96:95:30:c4:c0:64:8d:
b9:ab:6a:2c:1f:95:41:19:f2:5d:6f:57:13:d9:fb:ff:de:fc:
14:36:30:f4:8d:d8:a5:24:14:da:e2:1a:ef:a4:0b:95:6a:58:
92:46:cb:69:b3:fa:be:74:60:6d:40:e5:db:3d:39:4b:8f:31:
b0:9c:49:32:0e:d8:fe:dc:b9:2b:58:ae:24:df:a6:be:f0:83:
34:bb:39:02
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pYK/kqW++XGfvu8KtMTviMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4YThkMzI1Zjk3YjAzNzEzMzQyNjgyZmM0MDhkNTMzNjg3
NDBlN2QwHhcNMjYwMzI2MDkwMTM1WhcNMjYwMzI3MDkwMTM1WjAzMTEwLwYDVQQD
EygyMjI1NTQyMzQyODMyOGRlZDQ1Njc1ZGMxMzNkNzE3NjdkNTg0MDAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvtjfMwMAhulcOGaay2Wxhq9Sv58u
mWaAGfbfhO+EsdgHDJ0FIwOsF4ekgCEE4t6fIEtIWN8AiY46l5+r0nEXDitoy++N
tfeUDpzpv4q9iQwYmBHyP2uQ5gslBpW7+uERz89noXfqz2LOhCRuB2mGjvnN6PDV
ghH6JNmeGeZSjxzXLcRugcjNwX5b64JfywRVjGBy26JZvwercYDiCOV3EQ9XaaSk
617qmyVOX69isQ7gRBuMfn1JBfXgW7Om0Hb0p3eaUe8fz4+P3u2k0tu/uw7r0RV7
SxxGLsMfDPMNzWn2h1vuYX0+nkexxTyjZf1TdDbZCdsR7JMa2JjHIIxnyQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCIlVCNCgyje1FZ13BM9cXZ9WEACMB8GA1UdIwQY
MBaAFIio0yX5ewNxM0JoL8QI1TNodA59MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUtqVEpmbDdBM0V6UW1ndnhBalZNMmgwRG4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy82NDViYjItZmMzNC00MjliLWE3ZjAt
Y2YwM2ZhNGNhMDgzLzEvaUtqVEpmbDdBM0V6UW1ndnhBalZNMmgwRG4wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy82NDViYjItZmMzNC00MjliLWE3ZjAtY2YwM2ZhNGNhMDgz
LzEvaUtqVEpmbDdBM0V6UW1ndnhBalZNMmgwRG4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAm6hz8gAX
qm+KYZgK3Y2EOwspJAqBO03O/akFe3/xkL0LI46KFk70s2uePMS7ARgvI1U6roEE
GqeeWiMXrux+iAyatsnglJJ0j94grOX9Uj2bta4NabK7+BBaRUX2s6zscElQHkLq
5afly6DmmY/Cxuo/giSpOTLvaGrJqow7odvDN2Fklq9bITxiw3QSUUX2frIt3ccv
uep9rkBiz6EKVq88vBskD/RlVLJEyJmWlTDEwGSNuatqLB+VQRnyXW9XE9n7/978
FDYw9I3YpSQU2uIa76QLlWpYkkbLabP6vnRgbUDl2z05S48xsJxJMg7Y/ty5K1iu
JN+mvvCDNLs5Ag==
-----END CERTIFICATE-----
Generated at Thu Mar 26 18:18:49 2026 by rpki-client