Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/89bb71-3fe9-42d2-a73b-13ae98aa7d33/1/i4gBVDgSBAR31HRCKUZshTfUUXE.mft
File: i4gBVDgSBAR31HRCKUZshTfUUXE.mft (raw, json)
Hash identifier: vwK+iVTUMB5F1Sjmmd1T3csUhjSqVdvX4Y3BIoMPnQo=
Subject key identifier: 83:6E:3E:95:EE:50:A5:5C:EE:C9:34:85:26:FC:06:68:8C:85:AA:ED
Authority key identifier: 8B:88:01:54:38:12:04:04:77:D4:74:42:29:46:6C:85:37:D4:51:71
Certificate issuer: /CN=8b8801543812040477d4744229466c8537d45171
Certificate serial: 019D273AEC367A55ECB55D3D54FDD77AFC3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i4gBVDgSBAR31HRCKUZshTfUUXE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/89bb71-3fe9-42d2-a73b-13ae98aa7d33/1/i4gBVDgSBAR31HRCKUZshTfUUXE.mft
Manifest number: 0FCF
Signing time: Wed 25 Mar 2026 23:01:06 +0000
Manifest this update: Wed 25 Mar 2026 23:01:06 +0000
Manifest next update: Thu 26 Mar 2026 23:01:06 +0000
Files and hashes: 1: 5qOXZsZ0BHNAbp3kT3SWOZkhYW4.roa (hash: DBxKLTH87HKe59x6vClNlaxgF86/cqJNz234XOYz+0Y=)
2: i4gBVDgSBAR31HRCKUZshTfUUXE.crl (hash: qtpHtJu5nQNOttD5n2SM0ZttIduC6++sSLQHpPs+DQ0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/69/89bb71-3fe9-42d2-a73b-13ae98aa7d33/1/i4gBVDgSBAR31HRCKUZshTfUUXE.crl
rsync://rpki.ripe.net/repository/DEFAULT/69/89bb71-3fe9-42d2-a73b-13ae98aa7d33/1/i4gBVDgSBAR31HRCKUZshTfUUXE.mft
rsync://rpki.ripe.net/repository/DEFAULT/i4gBVDgSBAR31HRCKUZshTfUUXE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 23:01:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:27:3a:ec:36:7a:55:ec:b5:5d:3d:54:fd:d7:7a:fc:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b8801543812040477d4744229466c8537d45171
Validity
Not Before: Mar 25 23:01:06 2026 GMT
Not After : Mar 26 23:01:06 2026 GMT
Subject: CN=836e3e95ee50a55ceec9348526fc06688c85aaed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:27:b2:77:d4:18:ff:0a:56:ce:49:e9:b5:51:
d8:0b:96:8c:8f:75:4b:12:12:a9:11:d7:da:96:42:
75:6a:e6:86:f9:66:52:51:1c:6b:79:e0:3c:5a:09:
e8:b1:69:53:67:40:57:bd:59:15:c1:90:05:99:55:
28:fb:21:b8:ea:f7:33:6c:e8:e9:b4:00:57:84:25:
09:df:95:73:15:6c:c3:32:20:f3:91:af:11:f5:e1:
e8:ee:db:02:f3:13:1c:15:be:f8:93:57:1e:69:47:
3d:08:ee:41:18:34:6f:8f:7d:86:84:03:a1:b1:c9:
11:47:77:26:23:a3:96:12:85:ec:c8:50:a1:6f:95:
02:5b:a2:43:92:bf:b6:b5:f1:7f:4d:c2:d7:e1:4d:
15:e6:a0:d2:8f:b6:3f:6a:c7:6c:48:50:90:a0:18:
1c:47:19:91:ab:0a:3a:4d:eb:66:1f:7a:2c:15:04:
84:9f:a4:7f:5b:46:11:bb:f4:81:87:d3:39:c4:3e:
18:40:c6:82:87:0b:c6:33:da:04:19:74:96:22:cb:
33:20:89:cb:0b:6c:56:d3:9f:46:1b:4a:42:76:ca:
04:bd:25:03:56:c5:8c:1a:c1:1f:28:9a:dd:0c:f1:
94:6c:24:41:00:f1:a1:7f:92:bc:c8:ae:b8:08:72:
4d:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:6E:3E:95:EE:50:A5:5C:EE:C9:34:85:26:FC:06:68:8C:85:AA:ED
X509v3 Authority Key Identifier:
keyid:8B:88:01:54:38:12:04:04:77:D4:74:42:29:46:6C:85:37:D4:51:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i4gBVDgSBAR31HRCKUZshTfUUXE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/89bb71-3fe9-42d2-a73b-13ae98aa7d33/1/i4gBVDgSBAR31HRCKUZshTfUUXE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/89bb71-3fe9-42d2-a73b-13ae98aa7d33/1/i4gBVDgSBAR31HRCKUZshTfUUXE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9d:4e:11:b2:58:2e:4c:89:6c:11:c4:82:ea:d6:dd:eb:de:a8:
a5:e6:9a:e8:40:4b:9c:50:57:6c:44:e7:fd:c9:78:82:6b:bc:
fc:8e:c0:b6:b1:98:4c:cd:03:49:a1:c6:f8:da:32:69:40:3f:
6a:17:94:21:92:32:1d:ae:29:91:f0:71:b6:37:30:89:f7:b3:
69:ee:2e:5e:be:bb:6d:09:a5:7f:dd:53:36:16:0e:5d:13:95:
dc:ff:28:db:77:e4:bf:03:9e:e9:08:c0:0e:71:51:aa:2e:32:
2d:4c:4d:ff:be:0e:f2:4c:c2:91:8b:00:0a:9d:d9:c7:17:8b:
3a:21:44:65:6c:f2:83:53:a2:6f:3e:fb:38:32:a8:03:80:a3:
9b:f5:fe:b6:2b:62:4d:7b:7b:3d:fd:34:83:e2:74:23:7f:90:
bf:24:b0:93:2e:eb:4a:2e:6f:fb:17:c9:66:cb:8a:59:2d:83:
4f:64:65:68:7b:ba:c1:ef:a0:44:b1:cb:8c:2d:ba:c8:1a:82:
3d:c9:2d:63:f4:bd:c9:d4:48:17:e9:37:27:31:e8:f0:9d:b6:
7c:5c:1b:19:8d:99:db:31:e5:45:c4:9a:4a:9e:4c:bd:4d:84:
39:87:a7:59:f0:23:50:63:ff:cc:6c:4d:48:f4:1c:73:6c:9e:
94:88:75:92
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nOuw2elXstV09VP3Xevw6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiODgwMTU0MzgxMjA0MDQ3N2Q0NzQ0MjI5NDY2Yzg1Mzdk
NDUxNzEwHhcNMjYwMzI1MjMwMTA2WhcNMjYwMzI2MjMwMTA2WjAzMTEwLwYDVQQD
Eyg4MzZlM2U5NWVlNTBhNTVjZWVjOTM0ODUyNmZjMDY2ODhjODVhYWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6yeyd9QY/wpWzknptVHYC5aMj3VL
EhKpEdfalkJ1auaG+WZSURxreeA8WgnosWlTZ0BXvVkVwZAFmVUo+yG46vczbOjp
tABXhCUJ35VzFWzDMiDzka8R9eHo7tsC8xMcFb74k1ceaUc9CO5BGDRvj32GhAOh
sckRR3cmI6OWEoXsyFChb5UCW6JDkr+2tfF/TcLX4U0V5qDSj7Y/asdsSFCQoBgc
RxmRqwo6TetmH3osFQSEn6R/W0YRu/SBh9M5xD4YQMaChwvGM9oEGXSWIsszIInL
C2xW059GG0pCdsoEvSUDVsWMGsEfKJrdDPGUbCRBAPGhf5K8yK64CHJNfQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFINuPpXuUKVc7sk0hSb8BmiMhartMB8GA1UdIwQY
MBaAFIuIAVQ4EgQEd9R0QilGbIU31FFxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTRnQlZEZ1NCQVIzMUhSQ0tVWnNoVGZVVVhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS84OWJiNzEtM2ZlOS00MmQyLWE3M2It
MTNhZTk4YWE3ZDMzLzEvaTRnQlZEZ1NCQVIzMUhSQ0tVWnNoVGZVVVhFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS84OWJiNzEtM2ZlOS00MmQyLWE3M2ItMTNhZTk4YWE3ZDMz
LzEvaTRnQlZEZ1NCQVIzMUhSQ0tVWnNoVGZVVVhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnU4Rslgu
TIlsEcSC6tbd696opeaa6EBLnFBXbETn/cl4gmu8/I7AtrGYTM0DSaHG+NoyaUA/
aheUIZIyHa4pkfBxtjcwifezae4uXr67bQmlf91TNhYOXROV3P8o23fkvwOe6QjA
DnFRqi4yLUxN/74O8kzCkYsACp3ZxxeLOiFEZWzyg1Oibz77ODKoA4Cjm/X+titi
TXt7Pf00g+J0I3+QvySwky7rSi5v+xfJZsuKWS2DT2RlaHu6we+gRLHLjC26yBqC
PcktY/S9ydRIF+k3JzHo8J22fFwbGY2Z2zHlRcSaSp5MvU2EOYenWfAjUGP/zGxN
SPQcc2yelIh1kg==
-----END CERTIFICATE-----
Generated at Thu Mar 26 08:26:47 2026 by rpki-client