Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/09c980-38eb-4222-b225-d71130c6c0f9/1/IQ0cDbWqGIDXdH4i8dv0cW0xAak.mft
File: IQ0cDbWqGIDXdH4i8dv0cW0xAak.mft (raw, json)
Hash identifier: WLEv8H5mvCh19y9itqmv5hd2c0eILVsJUAWLur4q7QU=
Subject key identifier: 5B:BA:0A:CB:39:3C:2E:22:1E:63:19:FF:94:60:81:80:D4:EA:72:C5
Authority key identifier: 21:0D:1C:0D:B5:AA:18:80:D7:74:7E:22:F1:DB:F4:71:6D:31:01:A9
Certificate issuer: /CN=210d1c0db5aa1880d7747e22f1dbf4716d3101a9
Certificate serial: 019D25BA205138EF23CBB30A35BD6B4C3137
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IQ0cDbWqGIDXdH4i8dv0cW0xAak.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/09c980-38eb-4222-b225-d71130c6c0f9/1/IQ0cDbWqGIDXdH4i8dv0cW0xAak.mft
Manifest number: 0876
Signing time: Wed 25 Mar 2026 16:00:48 +0000
Manifest this update: Wed 25 Mar 2026 16:00:48 +0000
Manifest next update: Thu 26 Mar 2026 16:00:48 +0000
Files and hashes: 1: IQ0cDbWqGIDXdH4i8dv0cW0xAak.crl (hash: sGUf379JDkDRJLpw1xN6hi7a1pHckTJ41qWyImxZqUY=)
2: hwKJwCCAFCL_7LuTGUs9t1cSL7E.roa (hash: 8W8T46xmoGGEFuN0xJIwYy5B+d+w5bYaaExN07s/4nM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cf/09c980-38eb-4222-b225-d71130c6c0f9/1/IQ0cDbWqGIDXdH4i8dv0cW0xAak.crl
rsync://rpki.ripe.net/repository/DEFAULT/cf/09c980-38eb-4222-b225-d71130c6c0f9/1/IQ0cDbWqGIDXdH4i8dv0cW0xAak.mft
rsync://rpki.ripe.net/repository/DEFAULT/IQ0cDbWqGIDXdH4i8dv0cW0xAak.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:25:ba:20:51:38:ef:23:cb:b3:0a:35:bd:6b:4c:31:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=210d1c0db5aa1880d7747e22f1dbf4716d3101a9
Validity
Not Before: Mar 25 16:00:48 2026 GMT
Not After : Mar 26 16:00:48 2026 GMT
Subject: CN=5bba0acb393c2e221e6319ff94608180d4ea72c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:cc:30:71:16:f8:d6:1c:77:24:f5:c8:d3:ba:
c3:76:47:27:da:7b:6d:74:ac:70:87:3f:5f:2c:0d:
db:56:0a:a9:e5:62:b0:9a:2c:bc:22:e6:99:f7:97:
1f:c9:6e:8c:e3:77:98:04:31:07:42:e2:5b:70:69:
fa:67:db:b1:ae:6f:b4:d7:7e:e9:47:3f:47:66:92:
44:cf:df:b4:f5:b4:d0:8f:ca:97:c5:60:16:a0:46:
c5:03:af:3f:54:b4:28:02:52:a8:04:10:a8:65:5a:
2d:eb:f1:80:e7:4b:2d:f1:16:d9:f0:84:b2:3f:4a:
64:e5:1c:b9:3f:2a:b6:5b:76:65:6a:2e:58:a1:d7:
44:16:f1:16:9a:69:f5:f7:82:bd:28:e2:a2:bb:1e:
17:ad:cd:1e:95:f5:76:2c:c3:e3:92:d7:92:f0:4a:
d6:06:05:ab:a3:9e:5e:fd:2c:92:0f:36:37:2c:d6:
73:b5:d7:9f:4b:60:b8:62:08:70:65:0c:a8:a5:ba:
af:5c:00:8c:5b:be:ea:11:38:86:06:9c:72:cc:2f:
3f:fe:91:c5:90:2f:2e:ad:31:6e:af:20:3f:47:13:
98:f1:1c:9b:7b:5b:8d:85:48:59:3b:7c:dd:ea:47:
c9:50:6a:9d:fb:5e:63:2e:00:6f:fd:1d:5e:83:fa:
88:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:BA:0A:CB:39:3C:2E:22:1E:63:19:FF:94:60:81:80:D4:EA:72:C5
X509v3 Authority Key Identifier:
keyid:21:0D:1C:0D:B5:AA:18:80:D7:74:7E:22:F1:DB:F4:71:6D:31:01:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IQ0cDbWqGIDXdH4i8dv0cW0xAak.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/09c980-38eb-4222-b225-d71130c6c0f9/1/IQ0cDbWqGIDXdH4i8dv0cW0xAak.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/09c980-38eb-4222-b225-d71130c6c0f9/1/IQ0cDbWqGIDXdH4i8dv0cW0xAak.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
ad:19:44:12:73:ed:6f:5e:88:21:2c:4f:23:24:3e:b4:ed:df:
81:df:ac:44:92:c2:96:6c:51:db:de:4b:06:25:fe:ed:bf:8a:
f4:1a:2d:a3:9b:ef:02:c6:86:89:09:d4:73:66:5d:93:99:73:
f3:ca:b2:41:9f:d1:05:55:4f:54:7c:80:98:1e:8a:85:26:c0:
27:57:52:b7:87:0e:f7:7d:ef:67:47:db:c7:06:8f:c0:26:cb:
59:35:72:16:e8:a6:43:d6:d6:05:50:c4:cb:da:d9:75:76:f8:
d7:6f:ea:e8:a5:59:42:7c:a4:76:e8:eb:86:4f:14:6c:48:7b:
58:66:0d:c6:16:e5:21:7d:30:70:fa:bd:44:86:85:4d:58:1c:
20:5c:8a:a9:69:b8:25:4d:bf:d7:00:53:e7:6b:e4:d3:cd:02:
9d:63:33:d7:7f:76:5f:7b:54:0c:36:78:14:5d:ba:aa:98:11:
39:04:78:70:a2:7d:14:e4:ed:e1:90:dd:97:3f:c0:0b:b4:dc:
f2:38:c6:ba:31:c6:37:82:9c:65:2a:7c:80:26:dd:e5:9a:18:
d5:9a:f6:1f:87:fe:81:97:c9:cf:6c:7d:65:ea:e0:32:01:11:
ff:81:34:bf:2a:16:69:75:70:6e:b4:35:a7:b7:48:6f:1e:13:
99:70:70:0c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0luiBROO8jy7MKNb1rTDE3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMGQxYzBkYjVhYTE4ODBkNzc0N2UyMmYxZGJmNDcxNmQz
MTAxYTkwHhcNMjYwMzI1MTYwMDQ4WhcNMjYwMzI2MTYwMDQ4WjAzMTEwLwYDVQQD
Eyg1YmJhMGFjYjM5M2MyZTIyMWU2MzE5ZmY5NDYwODE4MGQ0ZWE3MmM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA08wwcRb41hx3JPXI07rDdkcn2ntt
dKxwhz9fLA3bVgqp5WKwmiy8IuaZ95cfyW6M43eYBDEHQuJbcGn6Z9uxrm+0137p
Rz9HZpJEz9+09bTQj8qXxWAWoEbFA68/VLQoAlKoBBCoZVot6/GA50st8RbZ8ISy
P0pk5Ry5Pyq2W3Zlai5YoddEFvEWmmn194K9KOKiux4Xrc0elfV2LMPjkteS8ErW
BgWro55e/SySDzY3LNZztdefS2C4YghwZQyopbqvXACMW77qETiGBpxyzC8//pHF
kC8urTFuryA/RxOY8Rybe1uNhUhZO3zd6kfJUGqd+15jLgBv/R1eg/qIAwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFu6Css5PC4iHmMZ/5RggYDU6nLFMB8GA1UdIwQY
MBaAFCENHA21qhiA13R+IvHb9HFtMQGpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVEwY0RiV3FHSURYZEg0aThkdjBjVzB4QWFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi8wOWM5ODAtMzhlYi00MjIyLWIyMjUt
ZDcxMTMwYzZjMGY5LzEvSVEwY0RiV3FHSURYZEg0aThkdjBjVzB4QWFrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi8wOWM5ODAtMzhlYi00MjIyLWIyMjUtZDcxMTMwYzZjMGY5
LzEvSVEwY0RiV3FHSURYZEg0aThkdjBjVzB4QWFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArRlEEnPt
b16IISxPIyQ+tO3fgd+sRJLClmxR295LBiX+7b+K9Boto5vvAsaGiQnUc2Zdk5lz
88qyQZ/RBVVPVHyAmB6KhSbAJ1dSt4cO933vZ0fbxwaPwCbLWTVyFuimQ9bWBVDE
y9rZdXb412/q6KVZQnykdujrhk8UbEh7WGYNxhblIX0wcPq9RIaFTVgcIFyKqWm4
JU2/1wBT52vk080CnWMz1392X3tUDDZ4FF26qpgROQR4cKJ9FOTt4ZDdlz/AC7Tc
8jjGujHGN4KcZSp8gCbd5ZoY1Zr2H4f+gZfJz2x9ZergMgER/4E0vyoWaXVwbrQ1
p7dIbx4TmXBwDA==
-----END CERTIFICATE-----
Generated at Thu Mar 26 02:06:13 2026 by rpki-client