Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/2fa725-945c-48df-b629-2d140e4c5a3f/1/iPdXItsls3I97Npdhw32m_DYZa4.mft
File: iPdXItsls3I97Npdhw32m_DYZa4.mft (raw, json)
Hash identifier: mHzEqURiEzSzVDFg22g1PlYjmZT8uo1UhSXXB2fR+Mk=
Subject key identifier: 84:3A:43:0B:D0:90:F6:52:6B:9B:F5:F3:77:6B:DA:52:49:0E:17:6C
Authority key identifier: 88:F7:57:22:DB:25:B3:72:3D:EC:DA:5D:87:0D:F6:9B:F0:D8:65:AE
Certificate issuer: /CN=88f75722db25b3723decda5d870df69bf0d865ae
Certificate serial: 019D2703EFA86E38D23F78878D7ACABA3686
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iPdXItsls3I97Npdhw32m_DYZa4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/2fa725-945c-48df-b629-2d140e4c5a3f/1/iPdXItsls3I97Npdhw32m_DYZa4.mft
Manifest number: 127E
Signing time: Wed 25 Mar 2026 22:01:02 +0000
Manifest this update: Wed 25 Mar 2026 22:01:02 +0000
Manifest next update: Thu 26 Mar 2026 22:01:02 +0000
Files and hashes: 1: iPdXItsls3I97Npdhw32m_DYZa4.crl (hash: KokHtkooeyQUHAI+I0OkIEho4WBUBZHS+HpHKvwxGF0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/2fa725-945c-48df-b629-2d140e4c5a3f/1/iPdXItsls3I97Npdhw32m_DYZa4.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/2fa725-945c-48df-b629-2d140e4c5a3f/1/iPdXItsls3I97Npdhw32m_DYZa4.mft
rsync://rpki.ripe.net/repository/DEFAULT/iPdXItsls3I97Npdhw32m_DYZa4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:27:03:ef:a8:6e:38:d2:3f:78:87:8d:7a:ca:ba:36:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88f75722db25b3723decda5d870df69bf0d865ae
Validity
Not Before: Mar 25 22:01:02 2026 GMT
Not After : Mar 26 22:01:02 2026 GMT
Subject: CN=843a430bd090f6526b9bf5f3776bda52490e176c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:12:80:54:41:74:12:f5:5c:d0:f7:20:db:72:
ca:b6:ec:8b:97:a4:af:52:93:20:15:4a:11:38:24:
49:d5:e6:df:e7:9c:d5:21:b1:16:7f:8e:48:42:58:
86:77:7f:2d:7d:09:2c:47:ff:de:76:4a:e8:47:ae:
bb:22:0f:3e:f1:cb:f8:2b:a8:6e:5c:51:db:25:84:
ce:7c:00:51:01:a4:9a:bd:d3:18:ce:aa:44:2d:0f:
4d:d0:97:5d:ff:be:49:e2:ee:2d:8e:49:d4:6e:d3:
9a:92:d9:12:2f:36:8d:2e:e0:1d:8e:44:b7:f1:ae:
8c:b9:c2:fa:6c:62:20:94:dd:ed:3d:36:7d:25:c3:
fb:a7:1e:c8:8a:93:ce:cc:03:89:05:8f:8f:37:2e:
79:39:89:d2:1b:0f:3c:8d:48:a2:75:ac:c6:12:4b:
1e:60:7d:5e:73:57:99:7c:bb:4f:ba:ec:0e:de:5c:
a7:97:4f:bf:90:ff:00:ab:26:1c:75:22:2e:07:1e:
98:4e:3c:11:f0:ca:aa:6f:00:e5:43:73:49:08:00:
3a:8c:0a:3a:83:05:db:9e:0d:a3:f7:6f:db:65:b2:
69:29:6b:17:a9:04:74:ba:ae:13:dc:63:e1:50:ac:
10:8c:74:3f:5d:2a:1b:ad:af:69:9e:57:54:66:dd:
1c:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:3A:43:0B:D0:90:F6:52:6B:9B:F5:F3:77:6B:DA:52:49:0E:17:6C
X509v3 Authority Key Identifier:
keyid:88:F7:57:22:DB:25:B3:72:3D:EC:DA:5D:87:0D:F6:9B:F0:D8:65:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iPdXItsls3I97Npdhw32m_DYZa4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/2fa725-945c-48df-b629-2d140e4c5a3f/1/iPdXItsls3I97Npdhw32m_DYZa4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/2fa725-945c-48df-b629-2d140e4c5a3f/1/iPdXItsls3I97Npdhw32m_DYZa4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0d:7c:74:31:68:74:1c:bc:8a:47:c7:a8:99:e7:3f:78:d6:20:
a6:aa:8c:3f:5b:de:c4:57:d4:37:37:47:28:b6:f0:51:b7:07:
13:8b:c8:9b:6f:7b:4d:78:50:5b:0c:06:7f:d1:da:86:e7:59:
b6:28:d6:5d:a9:24:d2:c2:81:d2:d8:34:d3:6a:19:b6:42:c8:
c5:67:6b:82:a8:24:dd:0b:26:49:37:3a:1f:23:70:8f:a8:4b:
5b:1f:4a:79:9e:3f:83:ba:0b:bb:e8:c0:c8:9c:59:34:2a:f6:
8d:76:f9:44:4e:29:23:79:4b:c9:ef:d4:ad:d4:0b:49:e5:21:
6b:32:6b:6b:e5:28:72:6f:b8:60:3f:e0:e9:8d:b6:db:c8:95:
63:d4:ad:03:04:7b:cc:ec:f2:f6:d9:7b:4b:4f:20:11:ae:e0:
ae:81:b9:ca:07:eb:97:b2:e0:88:3a:be:0f:87:23:74:ac:74:
0a:69:bd:1f:76:50:8a:1c:d5:4d:8d:f3:b8:56:ef:99:49:4a:
85:a9:e7:77:00:b1:7e:7f:8d:0d:77:fa:a2:7c:4a:70:89:c9:
e6:18:c4:8b:b9:2c:73:98:18:d9:a2:d7:93:2d:53:54:5e:97:
93:2b:2f:f5:23:65:30:f8:70:dd:7e:0c:57:77:0c:87:84:eb:
a8:d5:a3:24
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nA++objjSP3iHjXrKujaGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4Zjc1NzIyZGIyNWIzNzIzZGVjZGE1ZDg3MGRmNjliZjBk
ODY1YWUwHhcNMjYwMzI1MjIwMTAyWhcNMjYwMzI2MjIwMTAyWjAzMTEwLwYDVQQD
Eyg4NDNhNDMwYmQwOTBmNjUyNmI5YmY1ZjM3NzZiZGE1MjQ5MGUxNzZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoxKAVEF0EvVc0Pcg23LKtuyLl6Sv
UpMgFUoROCRJ1ebf55zVIbEWf45IQliGd38tfQksR//edkroR667Ig8+8cv4K6hu
XFHbJYTOfABRAaSavdMYzqpELQ9N0Jdd/75J4u4tjknUbtOaktkSLzaNLuAdjkS3
8a6MucL6bGIglN3tPTZ9JcP7px7IipPOzAOJBY+PNy55OYnSGw88jUiidazGEkse
YH1ec1eZfLtPuuwO3lynl0+/kP8AqyYcdSIuBx6YTjwR8MqqbwDlQ3NJCAA6jAo6
gwXbng2j92/bZbJpKWsXqQR0uq4T3GPhUKwQjHQ/XSobra9pnldUZt0cRQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIQ6QwvQkPZSa5v183dr2lJJDhdsMB8GA1UdIwQY
MBaAFIj3VyLbJbNyPezaXYcN9pvw2GWuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVBkWEl0c2xzM0k5N05wZGh3MzJtX0RZWmE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yZmE3MjUtOTQ1Yy00OGRmLWI2Mjkt
MmQxNDBlNGM1YTNmLzEvaVBkWEl0c2xzM0k5N05wZGh3MzJtX0RZWmE0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8yZmE3MjUtOTQ1Yy00OGRmLWI2MjktMmQxNDBlNGM1YTNm
LzEvaVBkWEl0c2xzM0k5N05wZGh3MzJtX0RZWmE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADXx0MWh0
HLyKR8eomec/eNYgpqqMP1vexFfUNzdHKLbwUbcHE4vIm297TXhQWwwGf9HahudZ
tijWXakk0sKB0tg002oZtkLIxWdrgqgk3QsmSTc6HyNwj6hLWx9KeZ4/g7oLu+jA
yJxZNCr2jXb5RE4pI3lLye/UrdQLSeUhazJra+Uocm+4YD/g6Y2228iVY9StAwR7
zOzy9tl7S08gEa7groG5ygfrl7LgiDq+D4cjdKx0Cmm9H3ZQihzVTY3zuFbvmUlK
hanndwCxfn+NDXf6onxKcInJ5hjEi7ksc5gY2aLXky1TVF6Xkysv9SNlMPhw3X4M
V3cMh4TrqNWjJA==
-----END CERTIFICATE-----
Generated at Thu Mar 26 02:06:44 2026 by rpki-client