Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/d20b8c-9fac-41f7-9e79-c410062d4d52/1/iZJ3h0cqfL3Zff209Tt077O7vFs.mft
File: iZJ3h0cqfL3Zff209Tt077O7vFs.mft (raw, json)
Hash identifier: aR2JqgC6xGf6xDayHCV0I7urgCAEHqWlYx+c/vAwslI=
Subject key identifier: FF:94:17:FB:0A:AF:E2:0B:5A:CA:D6:5F:FC:E7:DA:C2:6E:5C:68:C9
Authority key identifier: 89:92:77:87:47:2A:7C:BD:D9:7D:FD:B4:F5:3B:74:EF:B3:BB:BC:5B
Certificate issuer: /CN=89927787472a7cbdd97dfdb4f53b74efb3bbbc5b
Certificate serial: 019D25BA2D055C3C7CA7A2FCC47AEFA23633
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iZJ3h0cqfL3Zff209Tt077O7vFs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/d20b8c-9fac-41f7-9e79-c410062d4d52/1/iZJ3h0cqfL3Zff209Tt077O7vFs.mft
Manifest number: 13B6
Signing time: Wed 25 Mar 2026 16:00:51 +0000
Manifest this update: Wed 25 Mar 2026 16:00:51 +0000
Manifest next update: Thu 26 Mar 2026 16:00:51 +0000
Files and hashes: 1: iZJ3h0cqfL3Zff209Tt077O7vFs.crl (hash: Bd1G63P3H6Zfq+QMZTB7vTkq+4Wvo6F48DVVleLr0cQ=)
2: kt-dzWz4ump9exEN1VN1o9bh0sQ.roa (hash: 3EXp+7ZKktgIDQ1+hPu50wusQGozvYQkFp906943fvA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9a/d20b8c-9fac-41f7-9e79-c410062d4d52/1/iZJ3h0cqfL3Zff209Tt077O7vFs.crl
rsync://rpki.ripe.net/repository/DEFAULT/9a/d20b8c-9fac-41f7-9e79-c410062d4d52/1/iZJ3h0cqfL3Zff209Tt077O7vFs.mft
rsync://rpki.ripe.net/repository/DEFAULT/iZJ3h0cqfL3Zff209Tt077O7vFs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:25:ba:2d:05:5c:3c:7c:a7:a2:fc:c4:7a:ef:a2:36:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89927787472a7cbdd97dfdb4f53b74efb3bbbc5b
Validity
Not Before: Mar 25 16:00:51 2026 GMT
Not After : Mar 26 16:00:51 2026 GMT
Subject: CN=ff9417fb0aafe20b5acad65ffce7dac26e5c68c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:97:69:92:f7:9a:c9:ac:ae:d7:d4:8e:9f:7d:
94:48:e7:43:b1:25:fa:d9:16:f7:2f:62:77:cd:6f:
45:29:5f:5a:fe:0d:30:dd:04:f7:dd:10:e2:41:13:
f5:64:c3:95:c9:1d:52:ba:59:25:55:6c:55:d4:f9:
44:0a:3d:76:16:00:b6:80:a3:33:6c:da:76:65:ce:
e5:61:5b:15:45:32:f4:07:d9:c9:bc:ba:b7:53:e7:
f3:4e:a3:06:7c:3a:f8:4a:67:be:5f:e1:bc:da:df:
8b:12:84:95:47:ca:d7:b1:75:2a:6e:d0:9e:c9:cb:
b8:76:f3:c1:7d:96:29:f7:4c:35:b0:9d:e8:0f:89:
1f:a8:e5:7e:3b:56:de:6c:62:42:9d:51:c9:0d:f2:
ee:d2:0d:84:3b:26:fe:d6:15:9d:76:27:b6:25:f7:
1e:d5:59:aa:c7:5d:68:ab:0c:fb:31:c9:33:64:d8:
fc:96:75:8f:fb:54:fa:89:a1:82:b2:57:55:8f:d3:
cc:82:80:25:c9:c2:81:5f:35:8e:11:63:87:cc:31:
bc:57:53:be:97:30:4c:3e:b3:50:87:0c:2b:62:6c:
da:5e:37:f1:c7:8d:26:37:20:74:51:00:1b:1b:d3:
89:21:33:68:87:79:27:4c:a8:3e:26:f7:d8:5a:60:
02:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:94:17:FB:0A:AF:E2:0B:5A:CA:D6:5F:FC:E7:DA:C2:6E:5C:68:C9
X509v3 Authority Key Identifier:
keyid:89:92:77:87:47:2A:7C:BD:D9:7D:FD:B4:F5:3B:74:EF:B3:BB:BC:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iZJ3h0cqfL3Zff209Tt077O7vFs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/d20b8c-9fac-41f7-9e79-c410062d4d52/1/iZJ3h0cqfL3Zff209Tt077O7vFs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/d20b8c-9fac-41f7-9e79-c410062d4d52/1/iZJ3h0cqfL3Zff209Tt077O7vFs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3b:33:09:bb:f0:06:bb:f9:d6:2b:74:72:a7:e9:8f:57:bb:60:
a3:5c:06:18:86:81:b8:48:7c:1c:2b:a7:aa:ec:a2:b9:cc:e1:
c5:21:53:6b:ab:c3:02:ed:a0:93:7c:74:2b:93:9d:29:39:c8:
a4:32:30:01:53:9d:02:62:e7:76:fb:3f:25:1e:b1:bb:6d:6c:
3b:58:3d:c2:ff:1b:fc:cf:5d:54:63:61:6a:cc:d2:e4:97:21:
8e:07:69:ac:6b:cd:64:1c:65:f7:71:1d:55:aa:f7:68:ee:bf:
8f:35:d3:22:c6:99:fe:a3:3e:4f:1e:5d:5c:32:02:39:c1:ef:
61:1f:16:2e:32:e6:67:7c:25:fb:b2:37:19:42:43:fb:e2:af:
0a:b7:3d:cf:36:5d:24:e3:af:e8:33:28:1f:63:29:c0:ca:c6:
50:fd:05:7f:ba:c1:19:68:61:65:9b:82:80:f5:44:87:43:3c:
c8:e1:32:9f:05:02:3d:97:2e:6e:a7:d8:3f:48:dc:ea:57:21:
b4:85:33:3d:55:d4:12:bd:86:6e:96:0b:56:27:b1:78:83:8c:
3b:d1:9e:ef:62:01:a0:da:47:77:32:07:8b:82:1e:1e:56:cc:
d1:9e:3d:23:35:76:da:45:35:dc:06:e9:d2:f6:89:59:6c:cb:
32:7f:39:01
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0lui0FXDx8p6L8xHrvojYzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5OTI3Nzg3NDcyYTdjYmRkOTdkZmRiNGY1M2I3NGVmYjNi
YmJjNWIwHhcNMjYwMzI1MTYwMDUxWhcNMjYwMzI2MTYwMDUxWjAzMTEwLwYDVQQD
EyhmZjk0MTdmYjBhYWZlMjBiNWFjYWQ2NWZmY2U3ZGFjMjZlNWM2OGM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyJdpkveayayu19SOn32USOdDsSX6
2Rb3L2J3zW9FKV9a/g0w3QT33RDiQRP1ZMOVyR1SulklVWxV1PlECj12FgC2gKMz
bNp2Zc7lYVsVRTL0B9nJvLq3U+fzTqMGfDr4Sme+X+G82t+LEoSVR8rXsXUqbtCe
ycu4dvPBfZYp90w1sJ3oD4kfqOV+O1bebGJCnVHJDfLu0g2EOyb+1hWddie2Jfce
1Vmqx11oqwz7MckzZNj8lnWP+1T6iaGCsldVj9PMgoAlycKBXzWOEWOHzDG8V1O+
lzBMPrNQhwwrYmzaXjfxx40mNyB0UQAbG9OJITNoh3knTKg+JvfYWmAC+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP+UF/sKr+ILWsrWX/zn2sJuXGjJMB8GA1UdIwQY
MBaAFImSd4dHKny92X39tPU7dO+zu7xbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVpKM2gwY3FmTDNaZmYyMDlUdDA3N083dkZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS9kMjBiOGMtOWZhYy00MWY3LTllNzkt
YzQxMDA2MmQ0ZDUyLzEvaVpKM2gwY3FmTDNaZmYyMDlUdDA3N083dkZzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS9kMjBiOGMtOWZhYy00MWY3LTllNzktYzQxMDA2MmQ0ZDUy
LzEvaVpKM2gwY3FmTDNaZmYyMDlUdDA3N083dkZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOzMJu/AG
u/nWK3Ryp+mPV7tgo1wGGIaBuEh8HCunquyiuczhxSFTa6vDAu2gk3x0K5OdKTnI
pDIwAVOdAmLndvs/JR6xu21sO1g9wv8b/M9dVGNhaszS5JchjgdprGvNZBxl93Ed
Var3aO6/jzXTIsaZ/qM+Tx5dXDICOcHvYR8WLjLmZ3wl+7I3GUJD++KvCrc9zzZd
JOOv6DMoH2MpwMrGUP0Ff7rBGWhhZZuCgPVEh0M8yOEynwUCPZcubqfYP0jc6lch
tIUzPVXUEr2GbpYLViexeIOMO9Ge72IBoNpHdzIHi4IeHlbM0Z49IzV22kU13Abp
0vaJWWzLMn85AQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 02:24:15 2026 by rpki-client