Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/988768-f17b-4f59-be09-2deb14c290ed/1/iBmVbdzq4CLP4SPaNzxrERZANo0.mft
File: iBmVbdzq4CLP4SPaNzxrERZANo0.mft (raw, json)
Hash identifier: 2E+5MjbSRAWskIUSlD+PfdiOkUCTHZxGPT+6POrKaVg=
Subject key identifier: 7D:2B:77:E0:B7:4C:B7:65:81:7B:70:69:0C:20:75:07:0E:4A:BA:E1
Authority key identifier: 88:19:95:6D:DC:EA:E0:22:CF:E1:23:DA:37:3C:6B:11:16:40:36:8D
Certificate issuer: /CN=8819956ddceae022cfe123da373c6b111640368d
Certificate serial: 019D2960DEC7E170E5B6C1C914AC0F35AEF7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iBmVbdzq4CLP4SPaNzxrERZANo0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/988768-f17b-4f59-be09-2deb14c290ed/1/iBmVbdzq4CLP4SPaNzxrERZANo0.mft
Manifest number: 1499
Signing time: Thu 26 Mar 2026 09:01:47 +0000
Manifest this update: Thu 26 Mar 2026 09:01:47 +0000
Manifest next update: Fri 27 Mar 2026 09:01:47 +0000
Files and hashes: 1: Jpa6fmcWWnrngaFT0OUDJvFJNfs.roa (hash: h5s+yud2w3+2pv0SJ9q0YVNu768ah+hczZmwi91mX/Q=)
2: iBmVbdzq4CLP4SPaNzxrERZANo0.crl (hash: whkSn1a15nyixByDT69XTfmPQ5EZiXStqjqCrpht6rM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/37/988768-f17b-4f59-be09-2deb14c290ed/1/iBmVbdzq4CLP4SPaNzxrERZANo0.crl
rsync://rpki.ripe.net/repository/DEFAULT/37/988768-f17b-4f59-be09-2deb14c290ed/1/iBmVbdzq4CLP4SPaNzxrERZANo0.mft
rsync://rpki.ripe.net/repository/DEFAULT/iBmVbdzq4CLP4SPaNzxrERZANo0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:29:60:de:c7:e1:70:e5:b6:c1:c9:14:ac:0f:35:ae:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8819956ddceae022cfe123da373c6b111640368d
Validity
Not Before: Mar 26 09:01:47 2026 GMT
Not After : Mar 27 09:01:47 2026 GMT
Subject: CN=7d2b77e0b74cb765817b70690c2075070e4abae1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:eb:fb:e5:a1:d8:7b:6c:6f:89:07:91:28:00:
25:92:0a:17:32:75:aa:92:e8:56:5e:8f:82:3b:58:
55:38:0e:2f:c5:aa:10:8e:d5:e8:01:46:ec:5f:88:
c0:d1:90:b1:ce:ca:2c:1a:21:7b:3b:b5:43:4a:25:
d7:4d:87:01:eb:48:9f:49:7c:8e:84:6e:91:8b:a3:
f0:1d:56:16:20:dd:1a:a2:d5:56:36:02:92:3a:7e:
c4:fe:fd:29:ea:d8:87:e4:53:1a:b0:09:b9:97:f3:
fd:c3:7a:ac:7e:b8:31:c2:a2:d3:67:85:aa:e4:94:
2c:83:39:49:6f:dc:ca:7b:86:79:9c:bb:60:a2:ee:
38:42:74:9f:be:da:1d:7e:1a:b3:6e:d9:28:13:2e:
45:9e:c0:26:7b:54:fc:6d:ae:1c:dd:fa:46:d7:8a:
35:e5:d6:23:f8:5a:a9:33:36:21:8b:37:ab:95:e2:
d2:79:0f:48:1c:20:5f:08:71:fc:97:bf:5e:94:0a:
f4:96:e7:ed:34:dd:7b:98:ff:45:3c:8f:19:0c:e4:
7e:2a:4a:9a:77:05:56:49:4d:ea:2e:51:59:a1:46:
a9:c2:69:3d:1a:41:b2:e3:8f:e3:7e:fa:d0:fb:94:
3a:70:bc:3a:fb:08:0d:c4:f4:e4:3e:6c:01:e8:d1:
40:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:2B:77:E0:B7:4C:B7:65:81:7B:70:69:0C:20:75:07:0E:4A:BA:E1
X509v3 Authority Key Identifier:
keyid:88:19:95:6D:DC:EA:E0:22:CF:E1:23:DA:37:3C:6B:11:16:40:36:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iBmVbdzq4CLP4SPaNzxrERZANo0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/988768-f17b-4f59-be09-2deb14c290ed/1/iBmVbdzq4CLP4SPaNzxrERZANo0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/988768-f17b-4f59-be09-2deb14c290ed/1/iBmVbdzq4CLP4SPaNzxrERZANo0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
c0:51:88:4b:bd:e6:18:1d:1d:eb:6d:9c:ca:f7:97:02:f0:8f:
c3:0c:3a:fe:64:31:01:cf:86:c9:33:65:a3:5e:73:05:f6:92:
d2:ac:c0:90:8f:f5:2a:d8:4a:4d:c9:a6:67:6d:d6:68:7c:ca:
37:a9:d6:64:b9:7e:c5:01:77:a2:2c:a1:1e:2f:95:45:8e:10:
6a:5e:7f:0d:db:63:62:f7:53:61:aa:99:a8:21:5e:e4:bb:bd:
01:aa:dd:9a:30:80:6c:60:cb:c8:eb:92:0b:52:1a:a3:6b:55:
07:c4:21:d2:d3:ac:27:34:f2:58:58:d8:28:2d:b2:f2:32:aa:
0e:6c:36:f1:f4:87:ef:8f:89:e0:2e:0e:66:39:e7:d2:1c:45:
a5:c8:b6:3d:12:85:0c:24:d4:27:c4:e3:10:65:98:52:a3:c8:
1b:85:4b:0b:ce:05:bd:33:7f:86:26:61:a3:fa:64:55:f9:ee:
5e:0a:81:51:b7:94:55:79:9a:b4:59:59:f0:3d:00:26:6a:8c:
51:fa:27:79:b8:d0:3f:ff:59:4d:f9:a2:3b:3b:1e:c0:6c:61:
1e:eb:e8:16:34:aa:a0:dc:b8:6b:7e:05:bf:ac:2e:45:83:b2:
f8:1f:1a:26:3c:f3:48:20:6f:73:d0:9f:8b:6a:61:c4:76:8f:
5e:27:ed:5a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pYN7H4XDltsHJFKwPNa73MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4MTk5NTZkZGNlYWUwMjJjZmUxMjNkYTM3M2M2YjExMTY0
MDM2OGQwHhcNMjYwMzI2MDkwMTQ3WhcNMjYwMzI3MDkwMTQ3WjAzMTEwLwYDVQQD
Eyg3ZDJiNzdlMGI3NGNiNzY1ODE3YjcwNjkwYzIwNzUwNzBlNGFiYWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2uv75aHYe2xviQeRKAAlkgoXMnWq
kuhWXo+CO1hVOA4vxaoQjtXoAUbsX4jA0ZCxzsosGiF7O7VDSiXXTYcB60ifSXyO
hG6Ri6PwHVYWIN0aotVWNgKSOn7E/v0p6tiH5FMasAm5l/P9w3qsfrgxwqLTZ4Wq
5JQsgzlJb9zKe4Z5nLtgou44QnSfvtodfhqzbtkoEy5FnsAme1T8ba4c3fpG14o1
5dYj+FqpMzYhizerleLSeQ9IHCBfCHH8l79elAr0luftNN17mP9FPI8ZDOR+Kkqa
dwVWSU3qLlFZoUapwmk9GkGy44/jfvrQ+5Q6cLw6+wgNxPTkPmwB6NFA/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH0rd+C3TLdlgXtwaQwgdQcOSrrhMB8GA1UdIwQY
MBaAFIgZlW3c6uAiz+Ej2jc8axEWQDaNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUJtVmJkenE0Q0xQNFNQYU56eHJFUlpBTm8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy85ODg3NjgtZjE3Yi00ZjU5LWJlMDkt
MmRlYjE0YzI5MGVkLzEvaUJtVmJkenE0Q0xQNFNQYU56eHJFUlpBTm8wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy85ODg3NjgtZjE3Yi00ZjU5LWJlMDktMmRlYjE0YzI5MGVk
LzEvaUJtVmJkenE0Q0xQNFNQYU56eHJFUlpBTm8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwFGIS73m
GB0d622cyveXAvCPwww6/mQxAc+GyTNlo15zBfaS0qzAkI/1KthKTcmmZ23WaHzK
N6nWZLl+xQF3oiyhHi+VRY4Qal5/DdtjYvdTYaqZqCFe5Lu9AardmjCAbGDLyOuS
C1Iao2tVB8Qh0tOsJzTyWFjYKC2y8jKqDmw28fSH74+J4C4OZjnn0hxFpci2PRKF
DCTUJ8TjEGWYUqPIG4VLC84FvTN/hiZho/pkVfnuXgqBUbeUVXmatFlZ8D0AJmqM
UfonebjQP/9ZTfmiOzsewGxhHuvoFjSqoNy4a34Fv6wuRYOy+B8aJjzzSCBvc9Cf
i2phxHaPXiftWg==
-----END CERTIFICATE-----
Generated at Thu Mar 26 18:30:55 2026 by rpki-client