Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/09db8c-6df0-4cee-ae07-a1e24aaf610f/1/iH-jc3HX1Fk7opDvRWaeoN4pN4I.mft
File: iH-jc3HX1Fk7opDvRWaeoN4pN4I.mft (raw, json)
Hash identifier: TsMniTa7XIrDmN4R9EzwzfLtC1StUUVVl4U/cROqsY8=
Subject key identifier: 4C:16:28:3C:43:8A:59:21:D1:8F:63:4F:32:02:32:83:49:0C:8D:0E
Authority key identifier: 88:7F:A3:73:71:D7:D4:59:3B:A2:90:EF:45:66:9E:A0:DE:29:37:82
Certificate issuer: /CN=887fa37371d7d4593ba290ef45669ea0de293782
Certificate serial: 019D28BB3FBF15A0624ECD2D673DFB042E5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iH-jc3HX1Fk7opDvRWaeoN4pN4I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/09db8c-6df0-4cee-ae07-a1e24aaf610f/1/iH-jc3HX1Fk7opDvRWaeoN4pN4I.mft
Manifest number: 09A9
Signing time: Thu 26 Mar 2026 06:00:53 +0000
Manifest this update: Thu 26 Mar 2026 06:00:53 +0000
Manifest next update: Fri 27 Mar 2026 06:00:53 +0000
Files and hashes: 1: iH-jc3HX1Fk7opDvRWaeoN4pN4I.crl (hash: +g/oBRx4jNQm4RbVba7TFgL9vpif9TEOFcM5yMuQ0/0=)
2: tFxvsrCqJ_cpCZ3yrGcf9YiNSVg.roa (hash: he9pYZaiWZg80bEFSYp2yYFaMXPObGV75JnhpVutWqo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3b/09db8c-6df0-4cee-ae07-a1e24aaf610f/1/iH-jc3HX1Fk7opDvRWaeoN4pN4I.crl
rsync://rpki.ripe.net/repository/DEFAULT/3b/09db8c-6df0-4cee-ae07-a1e24aaf610f/1/iH-jc3HX1Fk7opDvRWaeoN4pN4I.mft
rsync://rpki.ripe.net/repository/DEFAULT/iH-jc3HX1Fk7opDvRWaeoN4pN4I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 06:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:28:bb:3f:bf:15:a0:62:4e:cd:2d:67:3d:fb:04:2e:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=887fa37371d7d4593ba290ef45669ea0de293782
Validity
Not Before: Mar 26 06:00:53 2026 GMT
Not After : Mar 27 06:00:53 2026 GMT
Subject: CN=4c16283c438a5921d18f634f32023283490c8d0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:b6:4b:39:58:60:85:9a:d6:5d:5d:46:3d:46:
d3:c3:82:d4:17:42:70:7c:f5:c3:61:32:ee:34:1c:
40:57:bf:55:6a:78:97:1b:e4:7a:d1:e7:e2:a8:af:
52:40:d2:c6:c7:73:2c:5a:bc:2b:08:89:55:28:92:
9d:c7:25:4d:09:f7:3c:16:c8:b9:0b:90:06:57:4e:
99:98:6a:c0:63:b7:59:4f:d3:58:29:93:5a:4d:8a:
49:d1:d2:d7:4c:cb:ea:fc:cb:ba:28:bc:de:0b:c7:
c0:f4:45:53:cb:d4:f6:5a:bd:6d:96:ba:36:f7:99:
73:c7:67:f4:cc:c2:b3:bd:bd:69:09:85:85:c5:3b:
30:e7:dc:7f:06:af:9d:7b:9a:01:36:88:21:da:c1:
14:6e:a9:fd:72:aa:af:0c:22:f7:80:29:75:23:0e:
ea:54:a0:99:05:29:c9:f0:c3:f7:eb:02:ce:ca:b6:
2f:22:9c:31:ad:d3:2d:61:06:cf:59:d2:e3:2a:81:
99:86:fc:e4:23:5c:0d:d7:15:7d:7f:04:4e:1d:26:
10:7e:22:30:24:63:c9:e2:8d:c1:99:b0:2d:92:d2:
8f:fb:6f:b8:28:a3:e9:59:7b:7b:40:63:9d:5a:8b:
59:c4:ce:5c:56:e3:c9:fe:58:60:b6:6e:43:ff:89:
4e:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:16:28:3C:43:8A:59:21:D1:8F:63:4F:32:02:32:83:49:0C:8D:0E
X509v3 Authority Key Identifier:
keyid:88:7F:A3:73:71:D7:D4:59:3B:A2:90:EF:45:66:9E:A0:DE:29:37:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iH-jc3HX1Fk7opDvRWaeoN4pN4I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/09db8c-6df0-4cee-ae07-a1e24aaf610f/1/iH-jc3HX1Fk7opDvRWaeoN4pN4I.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/09db8c-6df0-4cee-ae07-a1e24aaf610f/1/iH-jc3HX1Fk7opDvRWaeoN4pN4I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2f:bf:87:2e:c3:ba:5a:b4:8c:fc:e5:1f:ca:73:c6:cd:8f:a6:
83:f3:e2:23:0a:40:aa:cd:c1:60:db:7a:29:59:c2:31:c0:4c:
c5:b2:76:e1:53:10:44:14:8f:5e:ae:9b:82:9f:be:c3:f1:8e:
2b:3f:33:39:f6:8e:bd:85:15:da:c8:25:50:dc:a7:5c:fc:30:
fa:28:81:ba:a4:a1:95:ae:4a:ad:ea:c4:eb:df:88:2b:66:0f:
cf:82:6b:df:0e:c1:11:d5:16:07:e3:ac:32:93:c6:3c:44:1b:
9a:80:d9:a2:09:88:8a:17:3c:2a:d8:97:8a:12:c2:98:f5:09:
1b:46:d0:d7:33:34:f5:48:be:4f:ab:62:04:ea:5d:ed:ad:6b:
bc:d3:fa:23:f0:a0:9a:c9:40:28:d2:72:78:c1:3c:f5:98:8d:
54:99:5e:99:1e:07:10:4e:15:fa:20:a2:c6:16:7f:6f:e1:62:
4d:02:fb:dd:e2:68:ed:4d:0e:e8:99:89:9c:ed:60:b4:65:17:
d0:0a:61:76:3a:d4:12:6c:4c:a0:82:58:9f:06:6d:89:a2:5a:
89:10:1d:6d:ef:7d:f6:2f:40:77:1c:5a:ff:c1:6f:d6:b6:7d:
f4:6f:a2:40:ee:7a:41:27:be:04:f7:33:05:10:cd:5f:33:f4:
aa:9b:c5:dd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ouz+/FaBiTs0tZz37BC5bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4N2ZhMzczNzFkN2Q0NTkzYmEyOTBlZjQ1NjY5ZWEwZGUy
OTM3ODIwHhcNMjYwMzI2MDYwMDUzWhcNMjYwMzI3MDYwMDUzWjAzMTEwLwYDVQQD
Eyg0YzE2MjgzYzQzOGE1OTIxZDE4ZjYzNGYzMjAyMzI4MzQ5MGM4ZDBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxLZLOVhghZrWXV1GPUbTw4LUF0Jw
fPXDYTLuNBxAV79VaniXG+R60efiqK9SQNLGx3MsWrwrCIlVKJKdxyVNCfc8Fsi5
C5AGV06ZmGrAY7dZT9NYKZNaTYpJ0dLXTMvq/Mu6KLzeC8fA9EVTy9T2Wr1tlro2
95lzx2f0zMKzvb1pCYWFxTsw59x/Bq+de5oBNogh2sEUbqn9cqqvDCL3gCl1Iw7q
VKCZBSnJ8MP36wLOyrYvIpwxrdMtYQbPWdLjKoGZhvzkI1wN1xV9fwROHSYQfiIw
JGPJ4o3BmbAtktKP+2+4KKPpWXt7QGOdWotZxM5cVuPJ/lhgtm5D/4lOawIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEwWKDxDilkh0Y9jTzICMoNJDI0OMB8GA1UdIwQY
MBaAFIh/o3Nx19RZO6KQ70VmnqDeKTeCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUgtamMzSFgxRms3b3BEdlJXYWVvTjRwTjRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi8wOWRiOGMtNmRmMC00Y2VlLWFlMDct
YTFlMjRhYWY2MTBmLzEvaUgtamMzSFgxRms3b3BEdlJXYWVvTjRwTjRJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi8wOWRiOGMtNmRmMC00Y2VlLWFlMDctYTFlMjRhYWY2MTBm
LzEvaUgtamMzSFgxRms3b3BEdlJXYWVvTjRwTjRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAL7+HLsO6
WrSM/OUfynPGzY+mg/PiIwpAqs3BYNt6KVnCMcBMxbJ24VMQRBSPXq6bgp++w/GO
Kz8zOfaOvYUV2sglUNynXPww+iiBuqShla5KrerE69+IK2YPz4Jr3w7BEdUWB+Os
MpPGPEQbmoDZogmIihc8KtiXihLCmPUJG0bQ1zM09Ui+T6tiBOpd7a1rvNP6I/Cg
mslAKNJyeME89ZiNVJlemR4HEE4V+iCixhZ/b+FiTQL73eJo7U0O6JmJnO1gtGUX
0AphdjrUEmxMoIJYnwZtiaJaiRAdbe999i9Adxxa/8Fv1rZ99G+iQO56QSe+BPcz
BRDNXzP0qpvF3Q==
-----END CERTIFICATE-----
Generated at Thu Mar 26 12:56:59 2026 by rpki-client