Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/dd42d9-ff88-4ca0-883c-317645cd7885/1/iET8SuEGSZ4Fdf88oVVtvA2bRlE.mft
File: iET8SuEGSZ4Fdf88oVVtvA2bRlE.mft (raw, json)
Hash identifier: tUmJMDhobkIr3IuQ2IEoqEGhXhrvhDZKUqcrnu1LZaA=
Subject key identifier: D2:68:C3:8D:B0:73:8C:76:61:82:05:DB:F4:4A:C8:26:E6:6A:42:BF
Authority key identifier: 88:44:FC:4A:E1:06:49:9E:05:75:FF:3C:A1:55:6D:BC:0D:9B:46:51
Certificate issuer: /CN=8844fc4ae106499e0575ff3ca1556dbc0d9b4651
Certificate serial: 019D25BA6746EE69EF48622CECE5BE24DB96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iET8SuEGSZ4Fdf88oVVtvA2bRlE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/dd42d9-ff88-4ca0-883c-317645cd7885/1/iET8SuEGSZ4Fdf88oVVtvA2bRlE.mft
Manifest number: 17DE
Signing time: Wed 25 Mar 2026 16:01:06 +0000
Manifest this update: Wed 25 Mar 2026 16:01:06 +0000
Manifest next update: Thu 26 Mar 2026 16:01:06 +0000
Files and hashes: 1: aeU9_Yx1c9nw1y-4xtz44SqG1m0.roa (hash: 0t0fFg5NYuzbKW5UvLMqmaiFIgFM8FNQ8jsxvVeiMB0=)
2: iET8SuEGSZ4Fdf88oVVtvA2bRlE.crl (hash: ZQEb3FPC2h9BiSK6d8xVwtgQjbBPZFl/Japv8AA9oro=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/32/dd42d9-ff88-4ca0-883c-317645cd7885/1/iET8SuEGSZ4Fdf88oVVtvA2bRlE.crl
rsync://rpki.ripe.net/repository/DEFAULT/32/dd42d9-ff88-4ca0-883c-317645cd7885/1/iET8SuEGSZ4Fdf88oVVtvA2bRlE.mft
rsync://rpki.ripe.net/repository/DEFAULT/iET8SuEGSZ4Fdf88oVVtvA2bRlE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:25:ba:67:46:ee:69:ef:48:62:2c:ec:e5:be:24:db:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8844fc4ae106499e0575ff3ca1556dbc0d9b4651
Validity
Not Before: Mar 25 16:01:06 2026 GMT
Not After : Mar 26 16:01:06 2026 GMT
Subject: CN=d268c38db0738c76618205dbf44ac826e66a42bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:79:df:0b:46:0a:bd:7d:74:0a:a3:57:23:a4:
f5:83:ed:c7:4f:eb:05:e8:e2:47:8d:29:a6:cd:a6:
9c:0b:d8:20:bf:b3:25:2c:a9:7b:a2:35:a4:03:66:
62:0b:b0:89:6a:79:81:69:7d:3b:4a:94:0e:b6:f3:
c9:00:f1:f7:68:88:ee:63:8a:f8:6b:76:3f:47:90:
dc:38:b3:b8:43:d9:c1:58:b8:cd:5f:2c:77:f4:01:
e4:38:60:a1:e5:d0:26:6f:c4:35:46:b1:58:60:84:
b4:03:3c:bf:00:2a:d7:95:0e:3f:08:30:f8:dc:7c:
77:12:7f:cd:8e:35:ce:6e:45:5c:64:53:36:07:3c:
f1:c3:16:9a:ff:40:47:61:21:4b:e2:40:b0:63:11:
a5:92:0e:27:b7:8f:16:92:31:ab:ef:d3:64:92:9c:
a0:ca:f9:a1:5d:07:1b:c0:c7:fa:44:74:87:1c:0b:
5b:a1:23:54:ac:2a:f2:32:f4:ed:7e:13:3f:2d:3c:
39:ad:af:20:ab:3a:d2:ec:c0:ee:28:e7:70:1f:c3:
d3:6c:ae:8a:f7:35:e2:d5:3d:22:7b:fd:9c:7f:5c:
e6:6d:bd:f9:63:10:6e:35:be:b0:43:b4:65:a8:3a:
6b:4b:26:ef:52:c8:59:6d:08:4f:cb:4e:6b:df:96:
22:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:68:C3:8D:B0:73:8C:76:61:82:05:DB:F4:4A:C8:26:E6:6A:42:BF
X509v3 Authority Key Identifier:
keyid:88:44:FC:4A:E1:06:49:9E:05:75:FF:3C:A1:55:6D:BC:0D:9B:46:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iET8SuEGSZ4Fdf88oVVtvA2bRlE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/dd42d9-ff88-4ca0-883c-317645cd7885/1/iET8SuEGSZ4Fdf88oVVtvA2bRlE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/dd42d9-ff88-4ca0-883c-317645cd7885/1/iET8SuEGSZ4Fdf88oVVtvA2bRlE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
77:5d:32:51:17:94:54:e4:37:9c:d2:a2:1c:8e:1e:4a:16:16:
18:e9:03:4a:cf:a3:ee:4d:53:d5:32:7a:6d:98:a8:57:70:18:
c4:0d:a5:db:93:bb:3b:92:e2:dd:81:c0:ee:e6:dc:fc:b9:d7:
1f:8b:75:3c:bc:9f:8d:a0:88:6c:2f:ec:73:f4:ec:85:2e:a4:
d9:1c:34:3e:9d:17:17:94:b8:c9:89:1f:94:ff:69:a1:72:16:
60:c0:de:85:25:95:9f:ae:bc:97:a2:93:e4:7d:67:49:2b:fd:
06:5c:68:a8:c1:a6:a9:4e:dd:58:0d:f4:0f:f7:47:cd:ad:3d:
23:b6:11:88:35:41:65:9a:d8:7b:eb:ad:25:a5:69:01:9e:30:
11:6e:a3:fa:7f:a9:e9:b4:96:7c:b2:9b:77:80:84:5d:30:8c:
21:4e:22:f9:34:6d:e1:e2:41:eb:b9:e3:b2:62:29:63:c5:e0:
e0:78:8d:bf:f2:1b:64:89:fd:b8:25:30:21:86:8c:4c:a0:f8:
e8:e7:7a:5d:91:8a:84:cd:14:45:b3:6d:46:c7:ec:5d:02:b3:
df:25:14:03:dc:a9:0e:ec:1e:3c:52:55:80:ed:6f:d3:ac:3e:
aa:a2:2d:8c:1c:b9:33:da:ed:05:45:94:02:26:3f:9a:95:bd:
a9:31:c2:7b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0lumdG7mnvSGIs7OW+JNuWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NDRmYzRhZTEwNjQ5OWUwNTc1ZmYzY2ExNTU2ZGJjMGQ5
YjQ2NTEwHhcNMjYwMzI1MTYwMTA2WhcNMjYwMzI2MTYwMTA2WjAzMTEwLwYDVQQD
EyhkMjY4YzM4ZGIwNzM4Yzc2NjE4MjA1ZGJmNDRhYzgyNmU2NmE0MmJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr3nfC0YKvX10CqNXI6T1g+3HT+sF
6OJHjSmmzaacC9ggv7MlLKl7ojWkA2ZiC7CJanmBaX07SpQOtvPJAPH3aIjuY4r4
a3Y/R5DcOLO4Q9nBWLjNXyx39AHkOGCh5dAmb8Q1RrFYYIS0Azy/ACrXlQ4/CDD4
3Hx3En/NjjXObkVcZFM2Bzzxwxaa/0BHYSFL4kCwYxGlkg4nt48WkjGr79Nkkpyg
yvmhXQcbwMf6RHSHHAtboSNUrCryMvTtfhM/LTw5ra8gqzrS7MDuKOdwH8PTbK6K
9zXi1T0ie/2cf1zmbb35YxBuNb6wQ7RlqDprSybvUshZbQhPy05r35Yi0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNJow42wc4x2YYIF2/RKyCbmakK/MB8GA1UdIwQY
MBaAFIhE/ErhBkmeBXX/PKFVbbwNm0ZRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUVUOFN1RUdTWjRGZGY4OG9WVnR2QTJiUmxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi9kZDQyZDktZmY4OC00Y2EwLTg4M2Mt
MzE3NjQ1Y2Q3ODg1LzEvaUVUOFN1RUdTWjRGZGY4OG9WVnR2QTJiUmxFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi9kZDQyZDktZmY4OC00Y2EwLTg4M2MtMzE3NjQ1Y2Q3ODg1
LzEvaUVUOFN1RUdTWjRGZGY4OG9WVnR2QTJiUmxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAd10yUReU
VOQ3nNKiHI4eShYWGOkDSs+j7k1T1TJ6bZioV3AYxA2l25O7O5Li3YHA7ubc/LnX
H4t1PLyfjaCIbC/sc/TshS6k2Rw0Pp0XF5S4yYkflP9poXIWYMDehSWVn668l6KT
5H1nSSv9BlxoqMGmqU7dWA30D/dHza09I7YRiDVBZZrYe+utJaVpAZ4wEW6j+n+p
6bSWfLKbd4CEXTCMIU4i+TRt4eJB67njsmIpY8Xg4HiNv/IbZIn9uCUwIYaMTKD4
6Od6XZGKhM0URbNtRsfsXQKz3yUUA9ypDuwePFJVgO1v06w+qqItjBy5M9rtBUWU
AiY/mpW9qTHCew==
-----END CERTIFICATE-----
Generated at Thu Mar 26 02:16:37 2026 by rpki-client