Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/31952a-608c-468e-a00e-d633aa70dd66/1/iP4ZBc16825jraY2bBR7Ydhcnys.mft
File: iP4ZBc16825jraY2bBR7Ydhcnys.mft (raw, json)
Hash identifier: GsICyhrInoLywvSrzWADJgUR1t7h0r853O5hL3c3L3s=
Subject key identifier: 99:E1:BD:3A:16:D3:91:28:21:B0:8E:8F:34:8E:A2:7D:4F:FB:59:D6
Authority key identifier: 88:FE:19:05:CD:7A:F3:6E:63:AD:A6:36:6C:14:7B:61:D8:5C:9F:2B
Certificate issuer: /CN=88fe1905cd7af36e63ada6366c147b61d85c9f2b
Certificate serial: 019D299752AF78090807EF83CC1646C408CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iP4ZBc16825jraY2bBR7Ydhcnys.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/31952a-608c-468e-a00e-d633aa70dd66/1/iP4ZBc16825jraY2bBR7Ydhcnys.mft
Manifest number: 09CA
Signing time: Thu 26 Mar 2026 10:01:16 +0000
Manifest this update: Thu 26 Mar 2026 10:01:16 +0000
Manifest next update: Fri 27 Mar 2026 10:01:16 +0000
Files and hashes: 1: 1-kKT9I5hXcGMY4BXtI91L6PWY5Q.roa (hash: hWaDKKuFN6+6e36Ikm8e0jjTVm6uyDQ92iqKklLnoi4=)
2: NEQkMGAJAfKugYCF_SBXZZt_zOA.roa (hash: 1zriG+EOUPPANFuX8FQR4exMMCMJ2lG+QMPasFhRCHE=)
3: iP4ZBc16825jraY2bBR7Ydhcnys.crl (hash: 4N94Jfn+miK6dH/XLWHhJ0uhEhWysNVM+N6aZKctaJc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f7/31952a-608c-468e-a00e-d633aa70dd66/1/iP4ZBc16825jraY2bBR7Ydhcnys.crl
rsync://rpki.ripe.net/repository/DEFAULT/f7/31952a-608c-468e-a00e-d633aa70dd66/1/iP4ZBc16825jraY2bBR7Ydhcnys.mft
rsync://rpki.ripe.net/repository/DEFAULT/iP4ZBc16825jraY2bBR7Ydhcnys.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:29:97:52:af:78:09:08:07:ef:83:cc:16:46:c4:08:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88fe1905cd7af36e63ada6366c147b61d85c9f2b
Validity
Not Before: Mar 26 10:01:16 2026 GMT
Not After : Mar 27 10:01:16 2026 GMT
Subject: CN=99e1bd3a16d3912821b08e8f348ea27d4ffb59d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:da:d3:5c:a1:d8:42:e4:f0:08:d2:e0:57:6f:
f4:0f:10:2d:64:9e:56:57:31:90:93:b1:16:22:c4:
e6:b2:59:b2:4b:14:e5:96:42:c6:35:a3:cb:7c:c5:
c9:46:d3:4b:7e:b3:bc:e4:2d:2f:b3:1e:4f:4c:5e:
21:44:77:60:28:db:22:4e:b0:3c:7b:5f:4a:33:ab:
ef:d6:b7:a7:72:8d:f1:57:e0:df:90:6b:db:bd:fa:
68:97:62:aa:85:3c:16:02:1f:11:6a:0f:72:ef:d1:
35:68:6c:b9:1e:97:52:d0:c8:ab:a9:9c:d3:53:42:
43:d6:f9:4f:4e:84:0c:ec:dd:05:a7:44:a9:2b:5f:
cc:a5:93:d5:ad:71:1f:1a:ba:08:d7:5b:37:08:fd:
48:2d:df:10:af:f6:10:6e:1b:bd:48:9e:c4:eb:b6:
fb:89:d7:67:0b:e7:bc:77:06:c4:61:3d:50:fe:ff:
6f:a7:f2:ae:c5:ef:63:83:36:b4:f6:e5:c8:94:ce:
a3:52:f7:3a:33:16:59:ca:6a:8f:04:80:f9:63:7c:
bd:26:d2:32:4e:ce:7c:83:c7:e3:12:3f:f5:77:d9:
f5:a4:1b:e4:92:7a:2a:77:2e:58:cc:9d:95:02:ae:
12:69:d3:ea:4a:35:03:ea:88:94:98:ba:ca:ff:18:
64:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:E1:BD:3A:16:D3:91:28:21:B0:8E:8F:34:8E:A2:7D:4F:FB:59:D6
X509v3 Authority Key Identifier:
keyid:88:FE:19:05:CD:7A:F3:6E:63:AD:A6:36:6C:14:7B:61:D8:5C:9F:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iP4ZBc16825jraY2bBR7Ydhcnys.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/31952a-608c-468e-a00e-d633aa70dd66/1/iP4ZBc16825jraY2bBR7Ydhcnys.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/31952a-608c-468e-a00e-d633aa70dd66/1/iP4ZBc16825jraY2bBR7Ydhcnys.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
04:b5:a3:d2:dd:04:26:04:d8:4b:55:e6:b5:c9:07:65:c7:3f:
f9:5a:c6:5a:6c:30:4c:88:53:80:37:54:04:28:65:7a:7a:eb:
00:26:82:41:26:80:9a:22:b7:8f:5d:55:15:d4:76:a5:06:5f:
94:6b:12:aa:b2:d9:eb:1e:8f:41:90:8a:40:b2:fe:d1:8a:45:
cb:d0:d8:e7:53:91:70:ff:12:07:99:34:9d:a1:b3:0e:cd:8c:
a8:46:3b:91:83:b1:42:ab:38:a0:40:ce:35:e6:80:4e:c9:0e:
e5:07:e4:3e:bd:9f:c2:ce:4f:8b:fe:b0:3e:90:1d:73:0c:bb:
0c:f1:4c:a9:37:cc:56:75:65:4d:eb:93:ee:ac:56:4d:d0:31:
8f:bd:aa:14:e6:6c:b4:91:26:6e:f6:0f:97:38:8f:16:36:f2:
5d:c0:7a:32:9d:84:ad:44:1d:86:01:e7:bd:e9:b5:07:51:19:
da:38:ac:af:b5:a1:9b:27:5a:bf:b3:2d:ad:4e:50:e6:58:3a:
84:50:82:71:c9:b5:53:61:8f:ca:71:1d:cb:49:c0:63:57:96:
0d:a1:4e:0d:9a:64:22:d7:25:bd:89:a9:03:1c:3d:3b:0e:1f:
e1:5c:19:73:d7:92:67:0f:f7:d5:f3:c8:ce:1b:41:83:f7:65:
b6:3f:d0:e6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pl1KveAkIB++DzBZGxAjNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4ZmUxOTA1Y2Q3YWYzNmU2M2FkYTYzNjZjMTQ3YjYxZDg1
YzlmMmIwHhcNMjYwMzI2MTAwMTE2WhcNMjYwMzI3MTAwMTE2WjAzMTEwLwYDVQQD
Eyg5OWUxYmQzYTE2ZDM5MTI4MjFiMDhlOGYzNDhlYTI3ZDRmZmI1OWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApdrTXKHYQuTwCNLgV2/0DxAtZJ5W
VzGQk7EWIsTmslmySxTllkLGNaPLfMXJRtNLfrO85C0vsx5PTF4hRHdgKNsiTrA8
e19KM6vv1renco3xV+DfkGvbvfpol2KqhTwWAh8Rag9y79E1aGy5HpdS0MirqZzT
U0JD1vlPToQM7N0Fp0SpK1/MpZPVrXEfGroI11s3CP1ILd8Qr/YQbhu9SJ7E67b7
iddnC+e8dwbEYT1Q/v9vp/Kuxe9jgza09uXIlM6jUvc6MxZZymqPBID5Y3y9JtIy
Ts58g8fjEj/1d9n1pBvkknoqdy5YzJ2VAq4SadPqSjUD6oiUmLrK/xhkMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJnhvToW05EoIbCOjzSOon1P+1nWMB8GA1UdIwQY
MBaAFIj+GQXNevNuY62mNmwUe2HYXJ8rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVA0WkJjMTY4MjVqcmFZMmJCUjdZZGhjbnlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy8zMTk1MmEtNjA4Yy00NjhlLWEwMGUt
ZDYzM2FhNzBkZDY2LzEvaVA0WkJjMTY4MjVqcmFZMmJCUjdZZGhjbnlzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy8zMTk1MmEtNjA4Yy00NjhlLWEwMGUtZDYzM2FhNzBkZDY2
LzEvaVA0WkJjMTY4MjVqcmFZMmJCUjdZZGhjbnlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABLWj0t0E
JgTYS1XmtckHZcc/+VrGWmwwTIhTgDdUBChlenrrACaCQSaAmiK3j11VFdR2pQZf
lGsSqrLZ6x6PQZCKQLL+0YpFy9DY51ORcP8SB5k0naGzDs2MqEY7kYOxQqs4oEDO
NeaATskO5QfkPr2fws5Pi/6wPpAdcwy7DPFMqTfMVnVlTeuT7qxWTdAxj72qFOZs
tJEmbvYPlziPFjbyXcB6Mp2ErUQdhgHnvem1B1EZ2jisr7Whmydav7MtrU5Q5lg6
hFCCccm1U2GPynEdy0nAY1eWDaFODZpkItclvYmpAxw9Ow4f4VwZc9eSZw/31fPI
zhtBg/dltj/Q5g==
-----END CERTIFICATE-----
Generated at Thu Mar 26 18:19:39 2026 by rpki-client