Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/33d226-7c43-4c83-94ad-218289d81c53/1/immKFPthpoevCmP3xlXAAfZwEoI.mft
File: immKFPthpoevCmP3xlXAAfZwEoI.mft (raw, json)
Hash identifier: LarH5MmA8g73vFljU0uhvGtdHdrvkQYvOoKMZvjwUEw=
Subject key identifier: 72:76:64:49:70:5E:7D:30:78:91:03:BB:78:9B:95:A6:20:61:78:46
Authority key identifier: 8A:69:8A:14:FB:61:A6:87:AF:0A:63:F7:C6:55:C0:01:F6:70:12:82
Certificate issuer: /CN=8a698a14fb61a687af0a63f7c655c001f6701282
Certificate serial: 019D284D801A0F75742253533A6804A9959C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/immKFPthpoevCmP3xlXAAfZwEoI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/33d226-7c43-4c83-94ad-218289d81c53/1/immKFPthpoevCmP3xlXAAfZwEoI.mft
Manifest number: 0621
Signing time: Thu 26 Mar 2026 04:01:00 +0000
Manifest this update: Thu 26 Mar 2026 04:01:00 +0000
Manifest next update: Fri 27 Mar 2026 04:01:00 +0000
Files and hashes: 1: HxmIn0AGzA-g9k-4bheqqTcmLgI.roa (hash: uHSpZAAfzcw7ixBYZphuiZW4nA4GJ515tOk36J46Jqw=)
2: immKFPthpoevCmP3xlXAAfZwEoI.crl (hash: EU9DFy5bf4KSMsYO1S0ykMvj1vhKbgFCus0HBWHSDcQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4e/33d226-7c43-4c83-94ad-218289d81c53/1/immKFPthpoevCmP3xlXAAfZwEoI.crl
rsync://rpki.ripe.net/repository/DEFAULT/4e/33d226-7c43-4c83-94ad-218289d81c53/1/immKFPthpoevCmP3xlXAAfZwEoI.mft
rsync://rpki.ripe.net/repository/DEFAULT/immKFPthpoevCmP3xlXAAfZwEoI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:28:4d:80:1a:0f:75:74:22:53:53:3a:68:04:a9:95:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8a698a14fb61a687af0a63f7c655c001f6701282
Validity
Not Before: Mar 26 04:01:00 2026 GMT
Not After : Mar 27 04:01:00 2026 GMT
Subject: CN=72766449705e7d30789103bb789b95a620617846
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:88:9e:f1:40:3a:16:9b:d5:b5:3a:05:ff:9d:
52:a4:fe:4f:84:c7:f8:d4:9d:94:66:13:7e:73:bd:
67:2f:e9:73:75:cd:a6:51:7b:a4:60:1c:ca:bd:21:
37:de:62:af:7f:ed:59:a3:31:e3:46:35:3b:5c:07:
92:e6:a9:18:4f:82:51:e9:ab:12:d0:69:92:5e:96:
34:69:25:5c:c4:69:21:11:9d:e9:7c:7d:a4:d9:4a:
5d:c3:1d:25:8b:07:64:33:d2:17:b0:1b:bc:f4:e4:
15:28:78:53:b7:12:20:41:b1:cc:f9:10:46:22:d5:
14:53:9e:8e:8b:1a:3d:08:cf:09:ec:82:b6:07:f7:
f3:9a:b0:0f:85:9b:43:e1:30:d3:e9:89:2b:67:a3:
8f:55:b6:f7:60:c4:0f:24:07:81:0c:9e:0f:b5:bb:
2c:88:49:17:4b:0a:4d:4b:98:88:8b:bc:0d:5e:09:
f3:b8:07:a9:5a:3e:6c:98:e5:4d:86:82:3f:2a:0b:
39:b4:dd:48:7f:93:c4:e7:95:dc:ff:e3:0f:fc:cb:
21:b5:dc:75:49:0d:78:ad:fe:88:56:a6:ff:16:f8:
80:fe:b7:2e:7e:8d:c1:27:84:82:96:86:a1:22:ae:
48:56:5c:f3:5e:68:10:4d:82:39:de:91:2f:37:7a:
6b:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:76:64:49:70:5E:7D:30:78:91:03:BB:78:9B:95:A6:20:61:78:46
X509v3 Authority Key Identifier:
keyid:8A:69:8A:14:FB:61:A6:87:AF:0A:63:F7:C6:55:C0:01:F6:70:12:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/immKFPthpoevCmP3xlXAAfZwEoI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/33d226-7c43-4c83-94ad-218289d81c53/1/immKFPthpoevCmP3xlXAAfZwEoI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/33d226-7c43-4c83-94ad-218289d81c53/1/immKFPthpoevCmP3xlXAAfZwEoI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
33:04:d9:8f:e8:75:db:63:2c:6e:7b:3d:f5:99:f1:0a:5e:52:
a0:ee:8d:7d:63:82:b1:46:64:ac:45:49:f7:70:a5:01:08:27:
89:0d:1f:d3:bb:2c:6c:bf:a8:7d:91:ed:44:bd:70:a3:db:99:
e6:7b:85:54:e3:6b:99:ba:ce:50:14:77:d7:c4:40:85:b8:7b:
e5:4d:2a:7a:a2:e3:61:12:b3:95:f3:c8:9d:54:a8:38:df:b5:
33:1c:52:60:c4:95:77:27:b9:cc:0b:9d:bb:db:73:8c:ae:1b:
26:ad:ba:36:cb:ff:c1:41:2c:bb:1b:d0:69:18:2c:dc:2f:43:
5a:82:e3:b1:f8:2b:78:53:9b:bc:5c:8e:85:c5:fb:28:f5:5c:
80:5c:18:f2:21:5d:b4:cf:ac:f8:99:c9:50:aa:1f:60:f6:7b:
9f:4f:82:3e:72:b1:eb:40:56:e5:db:05:2c:8e:7a:3a:63:1f:
5d:91:cb:96:55:7b:90:0e:80:cc:9b:88:8a:78:36:39:47:e8:
0d:0e:48:bf:c1:05:69:1c:ff:09:f2:a3:4b:31:38:13:c8:64:
fb:23:b7:5b:ff:10:cd:18:66:65:a9:86:4b:b8:dc:64:fd:6f:
7d:48:14:50:f1:f9:f6:86:8c:6d:17:27:e8:3c:73:ba:de:41:
82:8d:9e:9f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0oTYAaD3V0IlNTOmgEqZWcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhNjk4YTE0ZmI2MWE2ODdhZjBhNjNmN2M2NTVjMDAxZjY3
MDEyODIwHhcNMjYwMzI2MDQwMTAwWhcNMjYwMzI3MDQwMTAwWjAzMTEwLwYDVQQD
Eyg3Mjc2NjQ0OTcwNWU3ZDMwNzg5MTAzYmI3ODliOTVhNjIwNjE3ODQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz4ie8UA6FpvVtToF/51SpP5PhMf4
1J2UZhN+c71nL+lzdc2mUXukYBzKvSE33mKvf+1ZozHjRjU7XAeS5qkYT4JR6asS
0GmSXpY0aSVcxGkhEZ3pfH2k2Updwx0liwdkM9IXsBu89OQVKHhTtxIgQbHM+RBG
ItUUU56Oixo9CM8J7IK2B/fzmrAPhZtD4TDT6YkrZ6OPVbb3YMQPJAeBDJ4Ptbss
iEkXSwpNS5iIi7wNXgnzuAepWj5smOVNhoI/Kgs5tN1If5PE55Xc/+MP/Mshtdx1
SQ14rf6IVqb/FviA/rcufo3BJ4SCloahIq5IVlzzXmgQTYI53pEvN3prwwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHJ2ZElwXn0weJEDu3iblaYgYXhGMB8GA1UdIwQY
MBaAFIppihT7YaaHrwpj98ZVwAH2cBKCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaW1tS0ZQdGhwb2V2Q21QM3hsWEFBZlp3RW9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS8zM2QyMjYtN2M0My00YzgzLTk0YWQt
MjE4Mjg5ZDgxYzUzLzEvaW1tS0ZQdGhwb2V2Q21QM3hsWEFBZlp3RW9JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS8zM2QyMjYtN2M0My00YzgzLTk0YWQtMjE4Mjg5ZDgxYzUz
LzEvaW1tS0ZQdGhwb2V2Q21QM3hsWEFBZlp3RW9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMwTZj+h1
22Msbns99ZnxCl5SoO6NfWOCsUZkrEVJ93ClAQgniQ0f07ssbL+ofZHtRL1wo9uZ
5nuFVONrmbrOUBR318RAhbh75U0qeqLjYRKzlfPInVSoON+1MxxSYMSVdye5zAud
u9tzjK4bJq26Nsv/wUEsuxvQaRgs3C9DWoLjsfgreFObvFyOhcX7KPVcgFwY8iFd
tM+s+JnJUKofYPZ7n0+CPnKx60BW5dsFLI56OmMfXZHLllV7kA6AzJuIing2OUfo
DQ5Iv8EFaRz/CfKjSzE4E8hk+yO3W/8QzRhmZamGS7jcZP1vfUgUUPH59oaMbRcn
6Dxzut5Bgo2enw==
-----END CERTIFICATE-----
Generated at Thu Mar 26 08:41:18 2026 by rpki-client