Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/67b42a-cac3-4216-b518-d74a4d4f52b4/1/IKo_sAxQTBoJEqNJWo49uvPZako.mft
File: IKo_sAxQTBoJEqNJWo49uvPZako.mft (raw, json)
Hash identifier: WA+pYk/rStw6IOYY4KHPTlPYMKfjwwxU+PcVbbL9Jjg=
Subject key identifier: 20:66:BE:7E:23:F7:5A:83:3D:70:3A:C0:F1:C6:BA:C0:56:A2:B4:2B
Authority key identifier: 20:AA:3F:B0:0C:50:4C:1A:09:12:A3:49:5A:8E:3D:BA:F3:D9:6A:4A
Certificate issuer: /CN=20aa3fb00c504c1a0912a3495a8e3dbaf3d96a4a
Certificate serial: 019D28F221C08ADD6FCAEF3E8B719922050F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IKo_sAxQTBoJEqNJWo49uvPZako.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/67b42a-cac3-4216-b518-d74a4d4f52b4/1/IKo_sAxQTBoJEqNJWo49uvPZako.mft
Manifest number: 08AB
Signing time: Thu 26 Mar 2026 07:00:49 +0000
Manifest this update: Thu 26 Mar 2026 07:00:49 +0000
Manifest next update: Fri 27 Mar 2026 07:00:49 +0000
Files and hashes: 1: IKo_sAxQTBoJEqNJWo49uvPZako.crl (hash: xOf4L5UI6OSc2rklNjo56+42VmGp0Vj1ps83N2M5RSM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/22/67b42a-cac3-4216-b518-d74a4d4f52b4/1/IKo_sAxQTBoJEqNJWo49uvPZako.crl
rsync://rpki.ripe.net/repository/DEFAULT/22/67b42a-cac3-4216-b518-d74a4d4f52b4/1/IKo_sAxQTBoJEqNJWo49uvPZako.mft
rsync://rpki.ripe.net/repository/DEFAULT/IKo_sAxQTBoJEqNJWo49uvPZako.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:28:f2:21:c0:8a:dd:6f:ca:ef:3e:8b:71:99:22:05:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20aa3fb00c504c1a0912a3495a8e3dbaf3d96a4a
Validity
Not Before: Mar 26 07:00:49 2026 GMT
Not After : Mar 27 07:00:49 2026 GMT
Subject: CN=2066be7e23f75a833d703ac0f1c6bac056a2b42b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:4c:d8:0a:01:f7:fe:9c:85:0d:bc:3e:4a:be:
2b:60:76:80:82:cf:d6:4c:01:4d:7a:1f:95:26:0a:
d3:66:38:5e:bf:74:a9:7f:7c:2b:83:a7:98:8a:c2:
04:d2:cf:11:43:f3:82:93:7c:4a:18:46:db:1a:6f:
ce:03:9c:d1:d4:2d:63:e3:4f:64:de:2d:0c:8f:cb:
62:27:bf:59:1a:44:32:e3:98:f9:91:b3:ee:e1:71:
c6:2a:c8:dc:2d:d7:1d:f7:8d:5b:4d:39:dc:4c:79:
93:c9:f3:a1:cd:9b:66:92:7a:3c:3e:f6:33:37:18:
8d:a5:b3:3a:b4:04:4b:25:f9:0a:3d:96:d6:d1:17:
b1:52:44:7e:2f:c1:ce:a7:aa:17:c7:46:c3:24:86:
05:de:17:1f:59:bc:99:92:78:ae:d7:4f:d5:63:fa:
5c:45:ce:33:25:7e:a0:a0:20:e9:e1:48:9d:83:af:
ef:30:ff:85:72:74:c8:e3:fc:78:e1:15:69:ef:fb:
a0:6e:5a:48:c3:7c:41:5c:af:46:85:11:a1:37:6c:
49:36:1b:d3:29:aa:64:8b:1c:0d:2e:2a:7b:8e:0b:
94:c5:0d:20:83:d2:1d:ba:9a:f3:fe:8a:08:ee:c4:
6b:f7:43:b4:e1:fb:a2:64:64:1e:e1:8c:0c:d5:b7:
99:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:66:BE:7E:23:F7:5A:83:3D:70:3A:C0:F1:C6:BA:C0:56:A2:B4:2B
X509v3 Authority Key Identifier:
keyid:20:AA:3F:B0:0C:50:4C:1A:09:12:A3:49:5A:8E:3D:BA:F3:D9:6A:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IKo_sAxQTBoJEqNJWo49uvPZako.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/67b42a-cac3-4216-b518-d74a4d4f52b4/1/IKo_sAxQTBoJEqNJWo49uvPZako.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/67b42a-cac3-4216-b518-d74a4d4f52b4/1/IKo_sAxQTBoJEqNJWo49uvPZako.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0e:1d:ff:bb:9a:a1:9b:5d:63:ae:cf:ee:43:f5:33:02:f1:fa:
c0:6d:05:fb:3b:df:d7:eb:e0:90:ef:b2:e7:1f:d3:c6:8f:27:
a6:a2:7c:fd:6d:46:e8:e0:bf:50:3f:05:07:1c:43:29:bf:18:
cf:a5:b5:bb:df:cf:e7:5d:b9:a8:29:bb:89:9a:8b:ad:41:99:
a3:9a:bc:a2:82:d3:92:56:7e:87:1c:31:fe:e8:1b:01:7f:8b:
a0:fb:0c:79:cc:bb:a5:42:b3:c6:d6:57:22:c8:27:f0:b4:14:
aa:f6:f4:f6:42:12:52:69:d7:39:d9:28:27:79:46:af:44:7b:
34:87:63:dc:58:4d:91:28:8f:2d:2f:30:de:9c:20:ef:6c:a8:
16:49:17:28:d2:1f:d0:59:06:8e:1e:86:f5:e7:62:4b:a1:e7:
30:f3:cd:af:43:2a:14:34:b3:5a:e0:f5:07:bd:c6:e8:56:da:
e1:27:11:cc:1f:bd:41:31:0c:82:59:c4:e0:06:e6:b9:c8:74:
a1:f0:77:d7:92:ad:fc:f0:54:3a:42:27:a6:b6:28:83:13:04:
fe:0c:ab:73:6c:ec:72:56:0d:af:97:ab:91:bf:08:8b:e5:dc:
ae:55:99:10:27:69:23:7f:b5:84:62:f4:4f:6c:92:f9:c0:97:
0a:6b:cc:f3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0o8iHAit1vyu8+i3GZIgUPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwYWEzZmIwMGM1MDRjMWEwOTEyYTM0OTVhOGUzZGJhZjNk
OTZhNGEwHhcNMjYwMzI2MDcwMDQ5WhcNMjYwMzI3MDcwMDQ5WjAzMTEwLwYDVQQD
EygyMDY2YmU3ZTIzZjc1YTgzM2Q3MDNhYzBmMWM2YmFjMDU2YTJiNDJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5UzYCgH3/pyFDbw+Sr4rYHaAgs/W
TAFNeh+VJgrTZjhev3Spf3wrg6eYisIE0s8RQ/OCk3xKGEbbGm/OA5zR1C1j409k
3i0Mj8tiJ79ZGkQy45j5kbPu4XHGKsjcLdcd941bTTncTHmTyfOhzZtmkno8PvYz
NxiNpbM6tARLJfkKPZbW0RexUkR+L8HOp6oXx0bDJIYF3hcfWbyZkniu10/VY/pc
Rc4zJX6goCDp4Uidg6/vMP+FcnTI4/x44RVp7/ugblpIw3xBXK9GhRGhN2xJNhvT
KapkixwNLip7jguUxQ0gg9Iduprz/ooI7sRr90O04fuiZGQe4YwM1beZyQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCBmvn4j91qDPXA6wPHGusBWorQrMB8GA1UdIwQY
MBaAFCCqP7AMUEwaCRKjSVqOPbrz2WpKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUtvX3NBeFFUQm9KRXFOSldvNDl1dlBaYWtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi82N2I0MmEtY2FjMy00MjE2LWI1MTgt
ZDc0YTRkNGY1MmI0LzEvSUtvX3NBeFFUQm9KRXFOSldvNDl1dlBaYWtvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi82N2I0MmEtY2FjMy00MjE2LWI1MTgtZDc0YTRkNGY1MmI0
LzEvSUtvX3NBeFFUQm9KRXFOSldvNDl1dlBaYWtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADh3/u5qh
m11jrs/uQ/UzAvH6wG0F+zvf1+vgkO+y5x/Txo8npqJ8/W1G6OC/UD8FBxxDKb8Y
z6W1u9/P5125qCm7iZqLrUGZo5q8ooLTklZ+hxwx/ugbAX+LoPsMecy7pUKzxtZX
Isgn8LQUqvb09kISUmnXOdkoJ3lGr0R7NIdj3FhNkSiPLS8w3pwg72yoFkkXKNIf
0FkGjh6G9ediS6HnMPPNr0MqFDSzWuD1B73G6Fba4ScRzB+9QTEMglnE4Abmuch0
ofB315Kt/PBUOkInprYogxME/gyrc2zsclYNr5erkb8Ii+XcrlWZECdpI3+1hGL0
T2yS+cCXCmvM8w==
-----END CERTIFICATE-----
Generated at Thu Mar 26 10:57:47 2026 by rpki-client