Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/8540db-f901-433b-81bb-97d55f391561/1/IZUnwiTwCiiy9MtOExLXSNXKUWk.mft
File: IZUnwiTwCiiy9MtOExLXSNXKUWk.mft (raw, json)
Hash identifier: Pv97IUyoZKbbmklA7q4SWpfC8wEkfKr9Q9jRgqdXoDc=
Subject key identifier: 87:79:83:F7:88:D7:0A:67:3E:47:2E:90:71:43:13:F2:E9:4D:FB:04
Authority key identifier: 21:95:27:C2:24:F0:0A:28:B2:F4:CB:4E:13:12:D7:48:D5:CA:51:69
Certificate issuer: /CN=219527c224f00a28b2f4cb4e1312d748d5ca5169
Certificate serial: 019D2B4EA77B070154097454681C2A3D7FEF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IZUnwiTwCiiy9MtOExLXSNXKUWk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/8540db-f901-433b-81bb-97d55f391561/1/IZUnwiTwCiiy9MtOExLXSNXKUWk.mft
Manifest number: 1887
Signing time: Thu 26 Mar 2026 18:01:08 +0000
Manifest this update: Thu 26 Mar 2026 18:01:08 +0000
Manifest next update: Fri 27 Mar 2026 18:01:08 +0000
Files and hashes: 1: IZUnwiTwCiiy9MtOExLXSNXKUWk.crl (hash: /iNWEluAi9JmHzMN/FCI+WVJEu8/RmJ2XFVoPsGc7KM=)
2: Pz5uDO36uCaZgMBeox8vqbmKHOg.roa (hash: /MvU2/lfD5F6OULHF8n131jvUg9dUspo4biaeM0hQ48=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/8540db-f901-433b-81bb-97d55f391561/1/IZUnwiTwCiiy9MtOExLXSNXKUWk.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/8540db-f901-433b-81bb-97d55f391561/1/IZUnwiTwCiiy9MtOExLXSNXKUWk.mft
rsync://rpki.ripe.net/repository/DEFAULT/IZUnwiTwCiiy9MtOExLXSNXKUWk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 16:32:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:2b:4e:a7:7b:07:01:54:09:74:54:68:1c:2a:3d:7f:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=219527c224f00a28b2f4cb4e1312d748d5ca5169
Validity
Not Before: Mar 26 18:01:08 2026 GMT
Not After : Mar 27 18:01:08 2026 GMT
Subject: CN=877983f788d70a673e472e90714313f2e94dfb04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:05:53:b5:e4:d7:cf:c9:53:e9:fc:24:2e:a0:
05:6b:e7:db:ac:93:c4:13:3b:87:a0:bd:07:ee:5f:
ee:4b:e7:27:74:ba:a6:0b:c3:51:31:cb:1a:6d:67:
86:f7:5e:bd:95:bb:bf:72:94:3a:ee:1c:3f:98:02:
35:4f:03:94:9f:3c:f0:aa:76:dd:05:54:21:8c:f8:
6d:d3:5a:e9:0e:80:7e:c9:ba:c3:2f:b5:14:36:fd:
43:37:d4:05:ba:21:b6:b7:fb:4b:f9:46:03:96:0d:
ce:42:1e:7d:39:81:7c:43:45:3c:06:29:6d:9a:c7:
07:07:60:2d:30:99:90:b4:39:d4:a9:1a:b5:c3:b5:
f2:e6:79:53:b4:35:2a:72:3b:66:b2:d8:8e:ff:56:
a5:8a:fc:93:fb:96:af:f8:68:5a:e6:19:46:1a:48:
e8:da:fd:02:53:2d:b9:11:82:dd:09:ae:e1:bc:7c:
7c:a9:fc:77:65:5c:dd:07:59:09:3f:50:ff:f2:37:
a8:ff:a4:08:e2:4d:26:aa:e7:7f:97:7c:ba:6b:c4:
a6:09:bc:65:4f:b9:b1:2a:7c:0d:75:70:97:aa:fd:
74:1a:95:bc:c2:23:25:87:4a:81:c3:8c:0f:d9:b2:
97:2f:b6:ac:07:fd:38:50:37:ee:c2:82:ea:46:75:
c0:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:79:83:F7:88:D7:0A:67:3E:47:2E:90:71:43:13:F2:E9:4D:FB:04
X509v3 Authority Key Identifier:
keyid:21:95:27:C2:24:F0:0A:28:B2:F4:CB:4E:13:12:D7:48:D5:CA:51:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IZUnwiTwCiiy9MtOExLXSNXKUWk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/8540db-f901-433b-81bb-97d55f391561/1/IZUnwiTwCiiy9MtOExLXSNXKUWk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/8540db-f901-433b-81bb-97d55f391561/1/IZUnwiTwCiiy9MtOExLXSNXKUWk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0d:04:b0:d8:15:c0:52:41:c4:86:fb:33:fe:ea:fd:a2:91:cb:
05:a0:c8:d1:21:99:3e:f4:5e:72:e6:98:7d:48:7f:15:45:bf:
1f:32:5d:35:e5:57:e7:29:c8:b8:4b:ed:26:c9:b1:b8:00:08:
b0:cd:20:5d:c5:d7:12:c7:2a:47:9f:a5:cf:ee:cd:f9:56:7b:
97:b3:a5:dd:09:dd:9f:22:5e:d7:cf:10:6d:d3:a3:8e:89:80:
45:09:7d:40:34:d9:bf:00:36:62:d9:64:b4:f7:fe:c2:16:74:
48:6e:d5:17:b9:61:e4:c2:fe:55:bf:a9:b7:07:07:65:59:37:
0f:2c:03:42:78:30:01:8a:65:1e:e0:86:a0:f7:1f:cf:6c:87:
b6:e9:9e:50:f6:84:75:6e:c1:52:5b:11:ce:83:d3:50:19:46:
5f:3d:10:3a:67:f6:6f:2a:d1:83:a7:a5:41:3d:49:6d:51:74:
99:f3:79:2b:f5:7a:d3:6c:60:71:11:3c:1a:77:ff:de:22:c9:
28:c7:74:fc:b5:63:ec:a7:ab:9b:ca:16:59:83:2b:0a:6b:28:
a6:ae:a9:6e:dc:4f:88:e8:bd:bf:fa:13:e4:92:85:f9:9e:a9:
d9:fa:e5:a2:72:dd:93:9a:45:13:9b:59:16:de:3e:24:d2:3f:
f1:4a:b7:6a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0rTqd7BwFUCXRUaBwqPX/vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxOTUyN2MyMjRmMDBhMjhiMmY0Y2I0ZTEzMTJkNzQ4ZDVj
YTUxNjkwHhcNMjYwMzI2MTgwMTA4WhcNMjYwMzI3MTgwMTA4WjAzMTEwLwYDVQQD
Eyg4Nzc5ODNmNzg4ZDcwYTY3M2U0NzJlOTA3MTQzMTNmMmU5NGRmYjA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqAVTteTXz8lT6fwkLqAFa+fbrJPE
EzuHoL0H7l/uS+cndLqmC8NRMcsabWeG9169lbu/cpQ67hw/mAI1TwOUnzzwqnbd
BVQhjPht01rpDoB+ybrDL7UUNv1DN9QFuiG2t/tL+UYDlg3OQh59OYF8Q0U8Bilt
mscHB2AtMJmQtDnUqRq1w7Xy5nlTtDUqcjtmstiO/1alivyT+5av+Gha5hlGGkjo
2v0CUy25EYLdCa7hvHx8qfx3ZVzdB1kJP1D/8jeo/6QI4k0mqud/l3y6a8SmCbxl
T7mxKnwNdXCXqv10GpW8wiMlh0qBw4wP2bKXL7asB/04UDfuwoLqRnXASwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFId5g/eI1wpnPkcukHFDE/LpTfsEMB8GA1UdIwQY
MBaAFCGVJ8Ik8AoosvTLThMS10jVylFpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVpVbndpVHdDaWl5OU10T0V4TFhTTlhLVVdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi84NTQwZGItZjkwMS00MzNiLTgxYmIt
OTdkNTVmMzkxNTYxLzEvSVpVbndpVHdDaWl5OU10T0V4TFhTTlhLVVdrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi84NTQwZGItZjkwMS00MzNiLTgxYmItOTdkNTVmMzkxNTYx
LzEvSVpVbndpVHdDaWl5OU10T0V4TFhTTlhLVVdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADQSw2BXA
UkHEhvsz/ur9opHLBaDI0SGZPvRecuaYfUh/FUW/HzJdNeVX5ynIuEvtJsmxuAAI
sM0gXcXXEscqR5+lz+7N+VZ7l7Ol3QndnyJe188QbdOjjomARQl9QDTZvwA2Ytlk
tPf+whZ0SG7VF7lh5ML+Vb+ptwcHZVk3DywDQngwAYplHuCGoPcfz2yHtumeUPaE
dW7BUlsRzoPTUBlGXz0QOmf2byrRg6elQT1JbVF0mfN5K/V602xgcRE8Gnf/3iLJ
KMd0/LVj7Kerm8oWWYMrCmsopq6pbtxPiOi9v/oT5JKF+Z6p2frlonLdk5pFE5tZ
Ft4+JNI/8Uq3ag==
-----END CERTIFICATE-----
Generated at Fri Mar 27 02:03:04 2026 by rpki-client