Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/a3a530-25aa-4023-9a80-4e347d551c3f/1/IlS8wDKT460OGaej_Rsc-9NMCZA.mft
File: IlS8wDKT460OGaej_Rsc-9NMCZA.mft (raw, json)
Hash identifier: ZG+uJQP6dmhfn03HXjm714Z4gH1Zg0m2SYHepbEFRAs=
Subject key identifier: 28:AF:02:7F:29:84:62:9B:05:48:AB:8B:50:CF:E3:C8:44:8D:5A:9A
Authority key identifier: 22:54:BC:C0:32:93:E3:AD:0E:19:A7:A3:FD:1B:1C:FB:D3:4C:09:90
Certificate issuer: /CN=2254bcc03293e3ad0e19a7a3fd1b1cfbd34c0990
Certificate serial: 019D284D463544F62B960825C9B9AD84461A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IlS8wDKT460OGaej_Rsc-9NMCZA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/a3a530-25aa-4023-9a80-4e347d551c3f/1/IlS8wDKT460OGaej_Rsc-9NMCZA.mft
Manifest number: 1629
Signing time: Thu 26 Mar 2026 04:00:45 +0000
Manifest this update: Thu 26 Mar 2026 04:00:45 +0000
Manifest next update: Fri 27 Mar 2026 04:00:45 +0000
Files and hashes: 1: 3umndGzAD5rCZWRXYXf_uY9ZlGQ.roa (hash: +hSbfwDC34My2nrMGTb3S+msbWLWB8nIUFlFpyrQ6XM=)
2: IlS8wDKT460OGaej_Rsc-9NMCZA.crl (hash: vmEzht5v0WBBbRBY5clZ4uBFCz8g7idU7MI1fZS9RVE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/46/a3a530-25aa-4023-9a80-4e347d551c3f/1/IlS8wDKT460OGaej_Rsc-9NMCZA.crl
rsync://rpki.ripe.net/repository/DEFAULT/46/a3a530-25aa-4023-9a80-4e347d551c3f/1/IlS8wDKT460OGaej_Rsc-9NMCZA.mft
rsync://rpki.ripe.net/repository/DEFAULT/IlS8wDKT460OGaej_Rsc-9NMCZA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 04:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:28:4d:46:35:44:f6:2b:96:08:25:c9:b9:ad:84:46:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2254bcc03293e3ad0e19a7a3fd1b1cfbd34c0990
Validity
Not Before: Mar 26 04:00:45 2026 GMT
Not After : Mar 27 04:00:45 2026 GMT
Subject: CN=28af027f2984629b0548ab8b50cfe3c8448d5a9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:41:5b:cb:1f:f7:5d:e7:91:d7:7a:a1:16:80:
c2:55:cc:28:3b:8e:3e:f5:96:e4:95:05:bf:fe:e8:
68:a9:a6:4f:bc:41:5a:5d:54:a7:ab:73:a7:9a:ce:
0b:cd:cb:f9:7e:2e:e4:7c:63:2d:64:16:76:59:21:
0c:e0:04:b7:3c:10:e9:32:d6:5b:f3:e7:02:8a:0d:
7c:da:31:ea:81:6a:b9:f9:d0:3c:1e:f0:19:d2:1b:
b8:e1:0a:da:17:57:1a:a1:7d:f3:e5:1d:8e:16:29:
ca:50:bf:10:cf:32:0b:c2:49:6d:51:c1:9d:cd:24:
20:98:c8:b7:b3:ee:92:af:57:9b:08:c3:03:17:4c:
e3:2f:dc:23:18:83:c4:53:ec:71:9b:df:8f:fc:60:
1e:c5:d7:f5:0b:2f:fc:a5:6d:97:eb:c5:d2:f4:fb:
91:aa:cf:38:0c:17:7e:28:2e:f2:7b:5d:c7:8d:53:
72:63:88:67:b1:c2:fb:26:af:d0:f9:34:c0:73:87:
81:98:da:c6:ed:28:66:be:bf:b6:9e:55:98:d0:d0:
22:73:d3:56:83:df:eb:fe:11:3e:50:60:4b:30:a1:
d5:db:a5:2d:46:ea:b0:29:f0:18:6f:e6:b1:d4:a1:
db:30:8c:83:83:a1:b2:a5:1b:53:2d:11:4e:8f:af:
d6:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:AF:02:7F:29:84:62:9B:05:48:AB:8B:50:CF:E3:C8:44:8D:5A:9A
X509v3 Authority Key Identifier:
keyid:22:54:BC:C0:32:93:E3:AD:0E:19:A7:A3:FD:1B:1C:FB:D3:4C:09:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IlS8wDKT460OGaej_Rsc-9NMCZA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/a3a530-25aa-4023-9a80-4e347d551c3f/1/IlS8wDKT460OGaej_Rsc-9NMCZA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/a3a530-25aa-4023-9a80-4e347d551c3f/1/IlS8wDKT460OGaej_Rsc-9NMCZA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7a:49:43:cb:58:f8:46:68:fe:36:8a:bd:4a:ab:7d:2c:e7:84:
3b:c6:20:46:5f:1a:8d:f0:fb:33:2b:c3:42:15:36:80:c4:3c:
86:a0:a8:b7:ba:dd:90:fd:1e:c1:8d:88:f8:f5:be:4e:c5:cb:
a4:0e:68:0d:fc:3d:11:35:fd:86:62:97:c9:58:be:db:4f:42:
09:d4:20:9e:01:dc:50:79:39:69:c0:65:6b:8d:c5:dd:fd:ab:
5a:12:a6:bf:2f:c6:03:25:b8:4d:2e:51:33:f4:d3:da:a5:e3:
a4:c1:64:ff:63:65:ad:0b:b7:18:31:4f:a6:f5:ec:19:1c:28:
29:06:8a:85:40:8d:71:c5:69:cd:ed:45:3e:31:6c:9c:b8:88:
71:56:6c:67:cd:9e:36:59:ed:18:52:7e:c3:98:11:a5:37:73:
9e:93:b7:4f:09:b1:0a:58:c4:4d:6d:4d:85:c1:5b:ab:3f:0b:
69:0c:e4:0d:ca:a5:db:2f:db:96:1a:0c:16:ff:57:cf:5e:53:
32:a0:c3:bf:81:65:ed:90:a9:c7:84:fe:dc:9b:ec:e3:76:e6:
fe:a7:5b:b9:a8:01:40:b2:bf:a0:1c:e3:3d:fd:5a:82:82:c9:
9a:c9:e7:fb:7f:49:38:f9:75:fa:de:1d:cf:e5:79:bf:07:71:
49:ed:9d:cb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0oTUY1RPYrlgglybmthEYaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyNTRiY2MwMzI5M2UzYWQwZTE5YTdhM2ZkMWIxY2ZiZDM0
YzA5OTAwHhcNMjYwMzI2MDQwMDQ1WhcNMjYwMzI3MDQwMDQ1WjAzMTEwLwYDVQQD
EygyOGFmMDI3ZjI5ODQ2MjliMDU0OGFiOGI1MGNmZTNjODQ0OGQ1YTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArEFbyx/3XeeR13qhFoDCVcwoO44+
9ZbklQW//uhoqaZPvEFaXVSnq3Onms4Lzcv5fi7kfGMtZBZ2WSEM4AS3PBDpMtZb
8+cCig182jHqgWq5+dA8HvAZ0hu44QraF1caoX3z5R2OFinKUL8QzzILwkltUcGd
zSQgmMi3s+6Sr1ebCMMDF0zjL9wjGIPEU+xxm9+P/GAexdf1Cy/8pW2X68XS9PuR
qs84DBd+KC7ye13HjVNyY4hnscL7Jq/Q+TTAc4eBmNrG7Shmvr+2nlWY0NAic9NW
g9/r/hE+UGBLMKHV26UtRuqwKfAYb+ax1KHbMIyDg6GypRtTLRFOj6/WCwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCivAn8phGKbBUiri1DP48hEjVqaMB8GA1UdIwQY
MBaAFCJUvMAyk+OtDhmno/0bHPvTTAmQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWxTOHdES1Q0NjBPR2Flal9Sc2MtOU5NQ1pBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni9hM2E1MzAtMjVhYS00MDIzLTlhODAt
NGUzNDdkNTUxYzNmLzEvSWxTOHdES1Q0NjBPR2Flal9Sc2MtOU5NQ1pBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni9hM2E1MzAtMjVhYS00MDIzLTlhODAtNGUzNDdkNTUxYzNm
LzEvSWxTOHdES1Q0NjBPR2Flal9Sc2MtOU5NQ1pBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeklDy1j4
Rmj+Noq9Sqt9LOeEO8YgRl8ajfD7MyvDQhU2gMQ8hqCot7rdkP0ewY2I+PW+TsXL
pA5oDfw9ETX9hmKXyVi+209CCdQgngHcUHk5acBla43F3f2rWhKmvy/GAyW4TS5R
M/TT2qXjpMFk/2NlrQu3GDFPpvXsGRwoKQaKhUCNccVpze1FPjFsnLiIcVZsZ82e
NlntGFJ+w5gRpTdznpO3TwmxCljETW1NhcFbqz8LaQzkDcql2y/blhoMFv9Xz15T
MqDDv4Fl7ZCpx4T+3Jvs43bm/qdbuagBQLK/oBzjPf1agoLJmsnn+39JOPl1+t4d
z+V5vwdxSe2dyw==
-----END CERTIFICATE-----
Generated at Thu Mar 26 14:25:54 2026 by rpki-client