Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/c216ca-aa9d-4d21-841e-49b5687fee6d/1/IM1XQoSmAY5bA2Neml1lj99XNPA.mft
File: IM1XQoSmAY5bA2Neml1lj99XNPA.mft (raw, json)
Hash identifier: +gyuhlRy1gmcvvtno+Zg8Qjm1dtiV4xbCoIM33rl5TY=
Subject key identifier: C9:FE:03:33:AC:F6:09:6D:C8:74:AE:75:16:75:CD:6D:56:06:1B:1C
Authority key identifier: 20:CD:57:42:84:A6:01:8E:5B:03:63:5E:9A:5D:65:8F:DF:57:34:F0
Certificate issuer: /CN=20cd574284a6018e5b03635e9a5d658fdf5734f0
Certificate serial: 019D2960E68B2E64655C720602B7DAA6B7A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IM1XQoSmAY5bA2Neml1lj99XNPA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/c216ca-aa9d-4d21-841e-49b5687fee6d/1/IM1XQoSmAY5bA2Neml1lj99XNPA.mft
Manifest number: 15CD
Signing time: Thu 26 Mar 2026 09:01:49 +0000
Manifest this update: Thu 26 Mar 2026 09:01:49 +0000
Manifest next update: Fri 27 Mar 2026 09:01:49 +0000
Files and hashes: 1: IM1XQoSmAY5bA2Neml1lj99XNPA.crl (hash: ax46lDrKvQ0G1d0UtPRSpuGsTK88aY92pH+U2DzsDUg=)
2: ImTLWt2g0cY7V35wRVv87mBniEg.roa (hash: VJYLeV7M13GLWx8pAqlJxHBxVDnSY7dG5v0w8WshUfs=)
3: xsbeeqBrYcrCh1XkX_yalGrpwlg.roa (hash: C6xVrKshvFw2VHF914TCAq+YdHSq0Ozgs9as5bzKGhE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/37/c216ca-aa9d-4d21-841e-49b5687fee6d/1/IM1XQoSmAY5bA2Neml1lj99XNPA.crl
rsync://rpki.ripe.net/repository/DEFAULT/37/c216ca-aa9d-4d21-841e-49b5687fee6d/1/IM1XQoSmAY5bA2Neml1lj99XNPA.mft
rsync://rpki.ripe.net/repository/DEFAULT/IM1XQoSmAY5bA2Neml1lj99XNPA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:29:60:e6:8b:2e:64:65:5c:72:06:02:b7:da:a6:b7:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20cd574284a6018e5b03635e9a5d658fdf5734f0
Validity
Not Before: Mar 26 09:01:49 2026 GMT
Not After : Mar 27 09:01:49 2026 GMT
Subject: CN=c9fe0333acf6096dc874ae751675cd6d56061b1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:40:da:81:88:93:d8:65:70:76:4f:97:d0:1d:
c6:35:27:d2:d8:28:a2:53:60:f2:7b:b2:19:95:c4:
12:22:2f:f4:87:b9:1c:b7:2b:8d:22:8d:cd:a3:b0:
e5:28:9c:c6:9b:06:ce:c3:af:0c:7e:2e:f4:8d:7a:
78:3d:b8:c5:34:e6:37:66:b3:99:da:65:1c:c0:bc:
20:86:e8:01:6d:a0:50:57:83:3c:0b:93:c1:96:35:
30:53:50:4f:4c:33:ee:63:13:fb:26:3c:5c:3c:e6:
5b:1b:fb:76:ce:4b:c2:fb:ec:ba:40:75:3a:fd:17:
3f:23:7d:79:ca:6e:da:79:f5:cb:87:92:de:f2:51:
a0:fe:2c:62:42:15:b5:38:a0:9c:bf:78:07:6a:48:
61:bb:84:90:98:41:fe:2d:5c:97:52:54:9e:60:61:
c8:81:e0:59:f3:30:a3:f7:26:01:fd:6c:f5:3c:7d:
ad:da:1b:ee:5e:e1:63:a5:ae:c9:7b:70:01:47:c7:
6f:90:df:0e:0a:24:bd:30:90:c3:3f:ec:8f:f5:27:
a9:7e:08:5d:d4:3e:c8:e3:16:57:c3:c6:21:44:e6:
e9:d3:67:c6:0b:61:e6:cf:ae:7a:db:a8:fd:47:89:
bd:65:93:3f:66:70:f5:2b:99:cb:db:12:27:2a:d7:
b0:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:FE:03:33:AC:F6:09:6D:C8:74:AE:75:16:75:CD:6D:56:06:1B:1C
X509v3 Authority Key Identifier:
keyid:20:CD:57:42:84:A6:01:8E:5B:03:63:5E:9A:5D:65:8F:DF:57:34:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IM1XQoSmAY5bA2Neml1lj99XNPA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/c216ca-aa9d-4d21-841e-49b5687fee6d/1/IM1XQoSmAY5bA2Neml1lj99XNPA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/c216ca-aa9d-4d21-841e-49b5687fee6d/1/IM1XQoSmAY5bA2Neml1lj99XNPA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5b:8b:6e:89:14:40:a8:6a:93:cf:b5:01:99:e3:03:13:72:cd:
23:9e:1e:f5:fd:93:3b:b4:6f:0a:e3:55:85:46:d1:bb:93:b4:
d0:73:c7:35:29:02:da:5d:5a:eb:81:13:c1:a0:4e:ff:09:92:
c5:5b:08:f9:84:6a:43:33:ae:b6:86:41:63:c7:53:21:1b:0f:
85:2b:a4:f9:30:cd:f0:3a:06:04:00:3e:09:b4:29:12:e2:ca:
31:22:65:99:a1:63:dc:aa:e3:0d:49:26:da:f9:aa:4b:2c:cd:
8f:9c:aa:23:03:04:9a:d4:22:3d:2a:fd:6e:3d:04:0a:15:81:
90:75:a6:46:24:f3:f4:5e:eb:3d:12:4c:b7:f0:01:ec:ef:0d:
5a:bd:7b:5b:9c:8b:13:7e:62:25:19:e4:8d:81:48:ed:d9:75:
0c:c9:8b:18:3a:4c:6a:75:fd:82:52:01:8f:66:71:72:68:46:
12:12:ee:03:e0:cd:6b:44:9e:88:16:ab:e8:0c:ca:57:2b:0d:
a4:61:fd:5d:de:75:ba:cf:58:2c:fe:93:28:ad:b7:f4:d6:5b:
e8:e6:a9:85:a1:71:58:97:ef:98:eb:2a:5b:7c:bc:d6:88:33:
98:1e:c8:3d:ab:1e:41:04:1a:38:f5:64:05:ef:35:6f:c5:5e:
48:5a:d5:b8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pYOaLLmRlXHIGArfaprenMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwY2Q1NzQyODRhNjAxOGU1YjAzNjM1ZTlhNWQ2NThmZGY1
NzM0ZjAwHhcNMjYwMzI2MDkwMTQ5WhcNMjYwMzI3MDkwMTQ5WjAzMTEwLwYDVQQD
EyhjOWZlMDMzM2FjZjYwOTZkYzg3NGFlNzUxNjc1Y2Q2ZDU2MDYxYjFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmkDagYiT2GVwdk+X0B3GNSfS2Cii
U2Dye7IZlcQSIi/0h7kctyuNIo3No7DlKJzGmwbOw68Mfi70jXp4PbjFNOY3ZrOZ
2mUcwLwghugBbaBQV4M8C5PBljUwU1BPTDPuYxP7JjxcPOZbG/t2zkvC++y6QHU6
/Rc/I315ym7aefXLh5Le8lGg/ixiQhW1OKCcv3gHakhhu4SQmEH+LVyXUlSeYGHI
geBZ8zCj9yYB/Wz1PH2t2hvuXuFjpa7Je3ABR8dvkN8OCiS9MJDDP+yP9Sepfghd
1D7I4xZXw8YhRObp02fGC2Hmz65626j9R4m9ZZM/ZnD1K5nL2xInKtewkwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMn+AzOs9gltyHSudRZ1zW1WBhscMB8GA1UdIwQY
MBaAFCDNV0KEpgGOWwNjXppdZY/fVzTwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSU0xWFFvU21BWTViQTJOZW1sMWxqOTlYTlBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy9jMjE2Y2EtYWE5ZC00ZDIxLTg0MWUt
NDliNTY4N2ZlZTZkLzEvSU0xWFFvU21BWTViQTJOZW1sMWxqOTlYTlBBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy9jMjE2Y2EtYWE5ZC00ZDIxLTg0MWUtNDliNTY4N2ZlZTZk
LzEvSU0xWFFvU21BWTViQTJOZW1sMWxqOTlYTlBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAW4tuiRRA
qGqTz7UBmeMDE3LNI54e9f2TO7RvCuNVhUbRu5O00HPHNSkC2l1a64ETwaBO/wmS
xVsI+YRqQzOutoZBY8dTIRsPhSuk+TDN8DoGBAA+CbQpEuLKMSJlmaFj3KrjDUkm
2vmqSyzNj5yqIwMEmtQiPSr9bj0EChWBkHWmRiTz9F7rPRJMt/AB7O8NWr17W5yL
E35iJRnkjYFI7dl1DMmLGDpManX9glIBj2ZxcmhGEhLuA+DNa0SeiBar6AzKVysN
pGH9Xd51us9YLP6TKK239NZb6OaphaFxWJfvmOsqW3y81ogzmB7IPaseQQQaOPVk
Be81b8VeSFrVuA==
-----END CERTIFICATE-----
Generated at Thu Mar 26 12:58:45 2026 by rpki-client