Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/0aa4d0-05e4-4802-99d8-ecae41446b77/1/iYgl0vBkmJs4x4HyqFNRiaJpKMM.mft
File: iYgl0vBkmJs4x4HyqFNRiaJpKMM.mft (raw, json)
Hash identifier: QdlBkwQ6nwjvk2K4JcMPd2l63qdKcPGviqvWlpErVB0=
Subject key identifier: 44:B2:D5:0B:FE:5C:60:82:39:6F:1D:3B:02:0B:33:16:B3:93:08:A0
Authority key identifier: 89:88:25:D2:F0:64:98:9B:38:C7:81:F2:A8:53:51:89:A2:69:28:C3
Certificate issuer: /CN=898825d2f064989b38c781f2a8535189a26928c3
Certificate serial: 019D27DFA471E54A52F80E343003D5EBE5C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iYgl0vBkmJs4x4HyqFNRiaJpKMM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/0aa4d0-05e4-4802-99d8-ecae41446b77/1/iYgl0vBkmJs4x4HyqFNRiaJpKMM.mft
Manifest number: 1709
Signing time: Thu 26 Mar 2026 02:01:01 +0000
Manifest this update: Thu 26 Mar 2026 02:01:01 +0000
Manifest next update: Fri 27 Mar 2026 02:01:01 +0000
Files and hashes: 1: OdO1hcbdWYz_Iw6xZ112ZRiYkk8.roa (hash: 4Z+DfcMImSYQjotfAvXCJO8hXTfYciHRXkQJqaBymoc=)
2: iYgl0vBkmJs4x4HyqFNRiaJpKMM.crl (hash: zIbOzVziuqGn2mmZnbchXpCvpZxQPOMlf6PLaZwvVdg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/0aa4d0-05e4-4802-99d8-ecae41446b77/1/iYgl0vBkmJs4x4HyqFNRiaJpKMM.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/0aa4d0-05e4-4802-99d8-ecae41446b77/1/iYgl0vBkmJs4x4HyqFNRiaJpKMM.mft
rsync://rpki.ripe.net/repository/DEFAULT/iYgl0vBkmJs4x4HyqFNRiaJpKMM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:27:df:a4:71:e5:4a:52:f8:0e:34:30:03:d5:eb:e5:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=898825d2f064989b38c781f2a8535189a26928c3
Validity
Not Before: Mar 26 02:01:01 2026 GMT
Not After : Mar 27 02:01:01 2026 GMT
Subject: CN=44b2d50bfe5c6082396f1d3b020b3316b39308a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:57:5e:80:e6:dd:a2:54:d8:5e:85:e5:19:7e:
86:8c:37:18:f0:a6:30:46:e8:aa:32:07:49:bf:b0:
a7:7c:57:f1:3a:33:5e:3c:95:5c:f0:74:47:2d:c8:
6d:9f:98:e1:e8:4e:5e:c5:3c:b3:03:45:c3:2c:ef:
a6:61:95:73:48:ad:67:d3:e5:d9:a4:9c:16:12:2b:
2c:90:29:93:66:a5:c0:dc:70:04:23:04:97:cb:63:
69:01:82:94:15:72:0d:d6:87:8a:d4:3c:ca:ec:05:
52:45:f5:91:8d:62:85:09:56:b6:ee:08:e2:7e:b9:
5b:94:61:17:b0:95:65:d7:9b:e3:70:35:7e:d2:a4:
6d:2e:3f:3d:20:1c:ba:f1:d5:c0:c5:b0:a4:2b:86:
80:d1:1a:c4:ed:97:6b:98:d1:2c:73:70:97:ca:52:
c7:f4:5f:a4:87:a1:44:0b:49:f1:0c:ad:42:90:b1:
b3:c8:b7:38:66:fb:de:42:0e:50:48:97:9d:2e:30:
e4:08:e5:7d:40:03:ef:41:72:c3:b5:3e:8e:05:f7:
2d:fc:25:8b:31:a4:70:b3:aa:89:58:13:99:20:37:
8d:14:d1:33:22:f6:ed:31:a6:26:22:ac:6d:ed:6f:
ae:eb:b0:67:4c:ff:67:08:31:c6:39:09:7a:34:00:
bb:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:B2:D5:0B:FE:5C:60:82:39:6F:1D:3B:02:0B:33:16:B3:93:08:A0
X509v3 Authority Key Identifier:
keyid:89:88:25:D2:F0:64:98:9B:38:C7:81:F2:A8:53:51:89:A2:69:28:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iYgl0vBkmJs4x4HyqFNRiaJpKMM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/0aa4d0-05e4-4802-99d8-ecae41446b77/1/iYgl0vBkmJs4x4HyqFNRiaJpKMM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/0aa4d0-05e4-4802-99d8-ecae41446b77/1/iYgl0vBkmJs4x4HyqFNRiaJpKMM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5b:cc:6d:7e:79:f5:99:38:76:6e:5f:ec:d4:17:7f:b9:66:53:
ba:9d:30:07:a9:08:4e:eb:36:c8:2e:ac:84:ae:44:37:37:94:
b1:b7:d0:9b:87:7e:dd:b3:7b:ff:d9:eb:09:1c:f5:1e:1b:2f:
5f:74:3c:b0:3d:d3:22:9d:36:a1:c8:b0:17:ab:e7:93:a0:e2:
02:cd:b2:98:60:a3:95:c0:c7:9b:d9:65:cb:86:91:b4:6e:b2:
c4:34:da:89:a1:51:2e:03:55:09:1b:85:4d:9a:4b:b0:58:32:
d9:9e:cb:94:6e:78:c3:7d:bf:d7:18:c0:e5:75:ff:e1:d8:06:
c8:4f:66:f5:d6:02:c9:8b:f2:12:f1:37:89:23:8e:63:f1:6f:
9f:3d:5e:fd:c7:32:3e:4c:63:65:51:dd:10:52:7c:cc:3a:2c:
62:04:c8:8a:63:55:93:8d:65:98:92:d9:34:06:30:af:b7:61:
8d:0e:6a:67:19:fe:7b:1a:47:d0:80:5f:ee:9a:1f:f8:ef:76:
ed:27:9c:40:cc:ea:b3:09:f8:72:60:8b:8d:da:76:de:f6:62:
17:55:5f:d5:66:15:39:76:41:20:b3:98:f9:8d:59:25:f4:c6:
d0:8d:de:a4:ee:de:a9:0f:e3:71:df:3d:07:10:96:5e:47:43:
06:8f:0e:99
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0n36Rx5UpS+A40MAPV6+XJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5ODgyNWQyZjA2NDk4OWIzOGM3ODFmMmE4NTM1MTg5YTI2
OTI4YzMwHhcNMjYwMzI2MDIwMTAxWhcNMjYwMzI3MDIwMTAxWjAzMTEwLwYDVQQD
Eyg0NGIyZDUwYmZlNWM2MDgyMzk2ZjFkM2IwMjBiMzMxNmIzOTMwOGEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6VdegObdolTYXoXlGX6GjDcY8KYw
RuiqMgdJv7CnfFfxOjNePJVc8HRHLchtn5jh6E5exTyzA0XDLO+mYZVzSK1n0+XZ
pJwWEisskCmTZqXA3HAEIwSXy2NpAYKUFXIN1oeK1DzK7AVSRfWRjWKFCVa27gji
frlblGEXsJVl15vjcDV+0qRtLj89IBy68dXAxbCkK4aA0RrE7ZdrmNEsc3CXylLH
9F+kh6FEC0nxDK1CkLGzyLc4ZvveQg5QSJedLjDkCOV9QAPvQXLDtT6OBfct/CWL
MaRws6qJWBOZIDeNFNEzIvbtMaYmIqxt7W+u67BnTP9nCDHGOQl6NAC7xQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFESy1Qv+XGCCOW8dOwILMxazkwigMB8GA1UdIwQY
MBaAFImIJdLwZJibOMeB8qhTUYmiaSjDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVlnbDB2QmttSnM0eDRIeXFGTlJpYUpwS01NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi8wYWE0ZDAtMDVlNC00ODAyLTk5ZDgt
ZWNhZTQxNDQ2Yjc3LzEvaVlnbDB2QmttSnM0eDRIeXFGTlJpYUpwS01NLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi8wYWE0ZDAtMDVlNC00ODAyLTk5ZDgtZWNhZTQxNDQ2Yjc3
LzEvaVlnbDB2QmttSnM0eDRIeXFGTlJpYUpwS01NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAW8xtfnn1
mTh2bl/s1Bd/uWZTup0wB6kITus2yC6shK5ENzeUsbfQm4d+3bN7/9nrCRz1Hhsv
X3Q8sD3TIp02ociwF6vnk6DiAs2ymGCjlcDHm9lly4aRtG6yxDTaiaFRLgNVCRuF
TZpLsFgy2Z7LlG54w32/1xjA5XX/4dgGyE9m9dYCyYvyEvE3iSOOY/Fvnz1e/ccy
PkxjZVHdEFJ8zDosYgTIimNVk41lmJLZNAYwr7dhjQ5qZxn+expH0IBf7pof+O92
7SecQMzqswn4cmCLjdp23vZiF1Vf1WYVOXZBILOY+Y1ZJfTG0I3epO7eqQ/jcd89
BxCWXkdDBo8OmQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 06:56:14 2026 by rpki-client