Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/177f1d-ac39-4a9d-941d-fa8d8ca9495b/1/IONyheqmIxC8nncrST2dYrqKeTg.mft
File: IONyheqmIxC8nncrST2dYrqKeTg.mft (raw, json)
Hash identifier: g/zJhpRnbSuqLUY2F9Hgj3l+B/jsYU2mMg2qSpVG3SI=
Subject key identifier: 13:90:89:BB:A8:2D:DD:B2:71:59:35:CE:30:BB:F9:98:E1:68:2B:3C
Authority key identifier: 20:E3:72:85:EA:A6:23:10:BC:9E:77:2B:49:3D:9D:62:BA:8A:79:38
Certificate issuer: /CN=20e37285eaa62310bc9e772b493d9d62ba8a7938
Certificate serial: 019D273B13D66D5D8365293E3954D460A77A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IONyheqmIxC8nncrST2dYrqKeTg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/177f1d-ac39-4a9d-941d-fa8d8ca9495b/1/IONyheqmIxC8nncrST2dYrqKeTg.mft
Manifest number: 08C3
Signing time: Wed 25 Mar 2026 23:01:16 +0000
Manifest this update: Wed 25 Mar 2026 23:01:16 +0000
Manifest next update: Thu 26 Mar 2026 23:01:16 +0000
Files and hashes: 1: IONyheqmIxC8nncrST2dYrqKeTg.crl (hash: ZAPnZ0Cg0b5IG9egQOQMbk6VWuFoM4lnTFjHJIcdmJM=)
2: dshUZvB4McXbpCwuJto_ABAOvNQ.roa (hash: V5ln1lpZELvPyBOpg3oQ56WAm93C6lBYruWQT9Rpyxo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a4/177f1d-ac39-4a9d-941d-fa8d8ca9495b/1/IONyheqmIxC8nncrST2dYrqKeTg.crl
rsync://rpki.ripe.net/repository/DEFAULT/a4/177f1d-ac39-4a9d-941d-fa8d8ca9495b/1/IONyheqmIxC8nncrST2dYrqKeTg.mft
rsync://rpki.ripe.net/repository/DEFAULT/IONyheqmIxC8nncrST2dYrqKeTg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 23:01:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:27:3b:13:d6:6d:5d:83:65:29:3e:39:54:d4:60:a7:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20e37285eaa62310bc9e772b493d9d62ba8a7938
Validity
Not Before: Mar 25 23:01:16 2026 GMT
Not After : Mar 26 23:01:16 2026 GMT
Subject: CN=139089bba82dddb2715935ce30bbf998e1682b3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:83:3a:2a:52:5c:7d:c0:31:33:26:45:a6:af:
82:a8:09:d2:c9:fb:a3:2b:a2:74:7d:70:dc:4f:ab:
dc:5f:4c:80:f6:9d:de:fa:c4:e2:88:9a:82:42:03:
52:3c:c2:58:b1:96:99:97:5e:0a:16:07:b0:cd:ea:
ea:d2:d5:9e:d7:61:68:32:97:30:0c:9f:98:73:9c:
31:0a:1b:a2:49:83:ff:2a:77:bd:52:31:67:8b:df:
16:28:22:53:fe:fe:c7:32:f6:9d:cf:76:a9:92:a3:
31:e4:ec:44:90:bc:15:65:9f:81:7e:c0:18:7c:60:
61:17:6c:15:a9:f4:fd:ec:5c:54:ca:ed:15:b4:96:
95:89:29:3e:2a:b2:65:13:eb:3c:b1:61:24:ad:94:
0a:43:25:84:e0:72:ba:da:f4:65:d0:ee:42:7c:80:
b4:6f:8f:95:4e:d4:dc:19:af:b6:5f:3d:c2:1b:3e:
76:e6:6e:f0:01:be:e6:dc:24:20:89:ba:3a:7a:17:
af:5e:72:bb:2d:d4:f4:01:3a:60:56:4c:6f:fd:a4:
a9:69:6a:ab:76:02:b3:a3:8b:9d:e9:1e:ea:af:b3:
99:11:fe:73:88:ed:a9:50:d6:32:18:bc:e2:00:30:
80:88:20:c2:0b:e4:50:74:8e:2f:ab:9b:a6:b0:c6:
0f:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:90:89:BB:A8:2D:DD:B2:71:59:35:CE:30:BB:F9:98:E1:68:2B:3C
X509v3 Authority Key Identifier:
keyid:20:E3:72:85:EA:A6:23:10:BC:9E:77:2B:49:3D:9D:62:BA:8A:79:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IONyheqmIxC8nncrST2dYrqKeTg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/177f1d-ac39-4a9d-941d-fa8d8ca9495b/1/IONyheqmIxC8nncrST2dYrqKeTg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/177f1d-ac39-4a9d-941d-fa8d8ca9495b/1/IONyheqmIxC8nncrST2dYrqKeTg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8b:fa:5c:c9:ed:b5:9d:27:89:be:bc:cd:fd:dc:9d:7e:4e:9c:
01:79:0c:b7:8c:e7:fc:a9:66:e5:44:fa:48:21:fa:ff:f3:c1:
fd:49:11:17:6b:a0:83:1e:da:0c:5e:3f:f8:f1:aa:7c:35:6e:
b0:37:00:74:ae:a0:00:79:de:32:c4:5c:ec:32:f1:f0:57:07:
79:00:c6:17:f9:c9:f3:b3:37:d7:71:89:d7:f1:a9:ec:be:69:
5d:c1:4d:35:12:cc:64:7f:25:f9:c0:5a:d1:4f:33:ac:a4:59:
d7:80:fd:0f:ab:0a:ac:8a:34:20:7d:a9:30:f4:3b:39:2c:fa:
f8:d4:17:e0:8a:ab:8d:9e:b6:21:77:58:99:24:5d:2d:98:f3:
2b:a0:2e:1a:a8:01:9d:47:8d:5b:30:11:24:19:5d:2c:71:38:
1e:e3:05:ad:32:0b:6c:6b:c4:fc:1f:7e:ec:f4:2f:9d:49:9e:
31:1c:24:71:8c:dc:81:8e:f9:de:60:28:0e:e6:b2:47:b9:9f:
7b:87:96:77:de:83:08:05:b7:c5:ab:ef:b8:67:d4:95:59:3c:
52:58:83:36:65:12:86:e4:21:e6:3b:42:b1:1c:21:35:c2:d3:
67:98:f4:07:ed:60:56:36:8e:a6:87:37:01:80:9a:42:fe:19:
fe:25:ed:45
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nOxPWbV2DZSk+OVTUYKd6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwZTM3Mjg1ZWFhNjIzMTBiYzllNzcyYjQ5M2Q5ZDYyYmE4
YTc5MzgwHhcNMjYwMzI1MjMwMTE2WhcNMjYwMzI2MjMwMTE2WjAzMTEwLwYDVQQD
EygxMzkwODliYmE4MmRkZGIyNzE1OTM1Y2UzMGJiZjk5OGUxNjgyYjNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9oM6KlJcfcAxMyZFpq+CqAnSyfuj
K6J0fXDcT6vcX0yA9p3e+sTiiJqCQgNSPMJYsZaZl14KFgewzerq0tWe12FoMpcw
DJ+Yc5wxChuiSYP/Kne9UjFni98WKCJT/v7HMvadz3apkqMx5OxEkLwVZZ+BfsAY
fGBhF2wVqfT97FxUyu0VtJaViSk+KrJlE+s8sWEkrZQKQyWE4HK62vRl0O5CfIC0
b4+VTtTcGa+2Xz3CGz525m7wAb7m3CQgibo6ehevXnK7LdT0ATpgVkxv/aSpaWqr
dgKzo4ud6R7qr7OZEf5ziO2pUNYyGLziADCAiCDCC+RQdI4vq5umsMYPAwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBOQibuoLd2ycVk1zjC7+ZjhaCs8MB8GA1UdIwQY
MBaAFCDjcoXqpiMQvJ53K0k9nWK6ink4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSU9OeWhlcW1JeEM4bm5jclNUMmRZcnFLZVRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC8xNzdmMWQtYWMzOS00YTlkLTk0MWQt
ZmE4ZDhjYTk0OTViLzEvSU9OeWhlcW1JeEM4bm5jclNUMmRZcnFLZVRnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC8xNzdmMWQtYWMzOS00YTlkLTk0MWQtZmE4ZDhjYTk0OTVi
LzEvSU9OeWhlcW1JeEM4bm5jclNUMmRZcnFLZVRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAi/pcye21
nSeJvrzN/dydfk6cAXkMt4zn/Klm5UT6SCH6//PB/UkRF2uggx7aDF4/+PGqfDVu
sDcAdK6gAHneMsRc7DLx8FcHeQDGF/nJ87M313GJ1/Gp7L5pXcFNNRLMZH8l+cBa
0U8zrKRZ14D9D6sKrIo0IH2pMPQ7OSz6+NQX4IqrjZ62IXdYmSRdLZjzK6AuGqgB
nUeNWzARJBldLHE4HuMFrTILbGvE/B9+7PQvnUmeMRwkcYzcgY753mAoDuayR7mf
e4eWd96DCAW3xavvuGfUlVk8UliDNmUShuQh5jtCsRwhNcLTZ5j0B+1gVjaOpoc3
AYCaQv4Z/iXtRQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 06:55:21 2026 by rpki-client