Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/c3f3cc-c56b-4d35-b77f-3bc6eb0a347f/1/I--d4hUq7xsqYqMfsvNehZCzrYQ.mft
File: I--d4hUq7xsqYqMfsvNehZCzrYQ.mft (raw, json)
Hash identifier: +W9D56UW5q9wOkdcTDlmTjjm80XAa4lHDZZjp2UB1cY=
Subject key identifier: 9E:54:F4:47:D0:2D:9E:AF:BE:B7:7C:36:96:4F:99:29:19:6B:4D:DA
Authority key identifier: 23:EF:9D:E2:15:2A:EF:1B:2A:62:A3:1F:B2:F3:5E:85:90:B3:AD:84
Certificate issuer: /CN=23ef9de2152aef1b2a62a31fb2f35e8590b3ad84
Certificate serial: 019D333EFC0B08A72D30AD7FAC067A574EE4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I--d4hUq7xsqYqMfsvNehZCzrYQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/c3f3cc-c56b-4d35-b77f-3bc6eb0a347f/1/I--d4hUq7xsqYqMfsvNehZCzrYQ.mft
Manifest number: 08DD
Signing time: Sat 28 Mar 2026 07:00:58 +0000
Manifest this update: Sat 28 Mar 2026 07:00:58 +0000
Manifest next update: Sun 29 Mar 2026 07:00:58 +0000
Files and hashes: 1: I--d4hUq7xsqYqMfsvNehZCzrYQ.crl (hash: jjskLA/LgyZOVX026QXzJjXlduPqPXcAVTMu4P8IsQU=)
2: c3qGT-HlNIbOpWOWtGq8wzGlzo8.roa (hash: dkOdUS1B4RLrr1wGef0PpA8JuUzSKd3BvzN3ojn4kHA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/c3f3cc-c56b-4d35-b77f-3bc6eb0a347f/1/I--d4hUq7xsqYqMfsvNehZCzrYQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/21/c3f3cc-c56b-4d35-b77f-3bc6eb0a347f/1/I--d4hUq7xsqYqMfsvNehZCzrYQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/I--d4hUq7xsqYqMfsvNehZCzrYQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Mar 2026 04:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:33:3e:fc:0b:08:a7:2d:30:ad:7f:ac:06:7a:57:4e:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23ef9de2152aef1b2a62a31fb2f35e8590b3ad84
Validity
Not Before: Mar 28 07:00:58 2026 GMT
Not After : Mar 29 07:00:58 2026 GMT
Subject: CN=9e54f447d02d9eafbeb77c36964f9929196b4dda
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:81:02:08:ea:d2:79:32:7f:05:e0:bc:f9:57:
f6:07:75:ad:4f:f7:6d:b5:cc:70:33:1e:ef:00:52:
fc:c4:32:40:a9:e1:d6:f0:c4:69:c0:57:f8:d7:f0:
37:f8:22:cd:88:12:0e:4f:06:6e:85:ac:c4:85:2e:
b5:e1:19:ec:8f:4d:09:65:a1:c0:70:97:cb:ab:2f:
86:f6:ee:cd:2a:f3:fe:df:08:2b:e2:c7:e8:34:6a:
8c:2f:a9:29:83:17:55:19:18:1a:2f:6e:45:6e:32:
dd:d3:31:42:70:22:13:23:17:3d:7f:45:e8:6d:33:
44:14:34:82:8d:24:41:b0:ef:ab:0d:4e:a5:f0:d9:
cb:93:7a:09:78:b2:b5:61:e6:13:09:90:ca:56:3b:
04:ce:06:e0:5b:98:82:dd:b5:a9:9d:cc:11:94:60:
1f:9e:2a:37:52:c6:af:43:0e:8a:b9:39:7b:c2:d5:
8c:a9:46:1b:86:40:24:fe:f4:5f:d9:76:56:79:ce:
d8:7d:fd:89:b5:ef:26:f7:b8:32:0a:10:20:30:3c:
6e:6a:49:97:10:62:e8:bd:45:cd:79:dd:f8:96:ee:
4b:14:2b:6a:50:a9:07:51:9e:82:a9:16:f9:c7:79:
7c:e9:d0:b4:6c:03:c6:4d:99:b3:c5:46:03:1e:a9:
b8:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:54:F4:47:D0:2D:9E:AF:BE:B7:7C:36:96:4F:99:29:19:6B:4D:DA
X509v3 Authority Key Identifier:
keyid:23:EF:9D:E2:15:2A:EF:1B:2A:62:A3:1F:B2:F3:5E:85:90:B3:AD:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I--d4hUq7xsqYqMfsvNehZCzrYQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/c3f3cc-c56b-4d35-b77f-3bc6eb0a347f/1/I--d4hUq7xsqYqMfsvNehZCzrYQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/c3f3cc-c56b-4d35-b77f-3bc6eb0a347f/1/I--d4hUq7xsqYqMfsvNehZCzrYQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
36:f9:8c:99:18:9a:da:ab:05:81:a2:0d:dd:8c:10:8f:bf:3d:
82:ec:6b:6c:37:b4:3b:3f:47:e4:cb:9a:c8:ac:95:c9:f4:b2:
0c:23:4a:c2:c3:8b:f8:23:44:5a:33:d4:ae:53:c8:bb:4e:53:
38:e1:db:dd:60:79:b2:14:8c:db:c2:40:7f:ff:e2:37:9c:28:
07:85:31:b2:89:3d:16:ac:76:13:71:ff:7c:3d:93:30:67:d0:
16:81:1a:f6:60:09:43:9d:af:2a:ce:ba:4c:74:46:7c:ff:45:
de:10:8b:c9:5d:bb:29:f2:84:63:57:a3:f5:cf:6b:84:02:0b:
4d:cc:5c:ba:d7:36:1d:e3:99:f9:ec:9e:ce:fd:15:f5:60:b1:
7c:39:7f:23:ae:54:a1:70:e8:49:76:84:75:14:14:b8:3c:9c:
39:e2:15:93:0e:5e:3b:5d:dd:a6:92:cd:29:ea:9a:c0:94:1b:
61:e4:bd:ec:93:b8:cd:7d:68:bf:a8:65:73:4e:11:1a:97:67:
46:03:61:c3:6b:cf:93:f3:b7:23:88:06:6a:11:66:59:f1:93:
e6:88:88:13:84:1b:92:bb:9a:41:cf:3d:73:fd:9c:d2:4f:c5:
17:26:13:eb:4b:48:d6:65:92:fd:83:4e:a0:36:f6:19:91:6d:
0c:06:92:66
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0zPvwLCKctMK1/rAZ6V07kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzZWY5ZGUyMTUyYWVmMWIyYTYyYTMxZmIyZjM1ZTg1OTBi
M2FkODQwHhcNMjYwMzI4MDcwMDU4WhcNMjYwMzI5MDcwMDU4WjAzMTEwLwYDVQQD
Eyg5ZTU0ZjQ0N2QwMmQ5ZWFmYmViNzdjMzY5NjRmOTkyOTE5NmI0ZGRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3IECCOrSeTJ/BeC8+Vf2B3WtT/dt
tcxwMx7vAFL8xDJAqeHW8MRpwFf41/A3+CLNiBIOTwZuhazEhS614Rnsj00JZaHA
cJfLqy+G9u7NKvP+3wgr4sfoNGqML6kpgxdVGRgaL25FbjLd0zFCcCITIxc9f0Xo
bTNEFDSCjSRBsO+rDU6l8NnLk3oJeLK1YeYTCZDKVjsEzgbgW5iC3bWpncwRlGAf
nio3UsavQw6KuTl7wtWMqUYbhkAk/vRf2XZWec7Yff2Jte8m97gyChAgMDxuakmX
EGLovUXNed34lu5LFCtqUKkHUZ6CqRb5x3l86dC0bAPGTZmzxUYDHqm4bQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ5U9EfQLZ6vvrd8NpZPmSkZa03aMB8GA1UdIwQY
MBaAFCPvneIVKu8bKmKjH7LzXoWQs62EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSS0tZDRoVXE3eHNxWXFNZnN2TmVoWkN6cllRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9jM2YzY2MtYzU2Yi00ZDM1LWI3N2Yt
M2JjNmViMGEzNDdmLzEvSS0tZDRoVXE3eHNxWXFNZnN2TmVoWkN6cllRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9jM2YzY2MtYzU2Yi00ZDM1LWI3N2YtM2JjNmViMGEzNDdm
LzEvSS0tZDRoVXE3eHNxWXFNZnN2TmVoWkN6cllRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANvmMmRia
2qsFgaIN3YwQj789guxrbDe0Oz9H5MuayKyVyfSyDCNKwsOL+CNEWjPUrlPIu05T
OOHb3WB5shSM28JAf//iN5woB4Uxsok9Fqx2E3H/fD2TMGfQFoEa9mAJQ52vKs66
THRGfP9F3hCLyV27KfKEY1ej9c9rhAILTcxcutc2HeOZ+eyezv0V9WCxfDl/I65U
oXDoSXaEdRQUuDycOeIVkw5eO13dppLNKeqawJQbYeS97JO4zX1ov6hlc04RGpdn
RgNhw2vPk/O3I4gGahFmWfGT5oiIE4QbkruaQc89c/2c0k/FFyYT60tI1mWS/YNO
oDb2GZFtDAaSZg==
-----END CERTIFICATE-----
Generated at Sat Mar 28 12:14:12 2026 by rpki-client