Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/14099a-e2da-4f6a-b5c4-6fd751de717a/1/idaknSMAf7sSRxkvu3vZgus3M18.mft
File: idaknSMAf7sSRxkvu3vZgus3M18.mft (raw, json)
Hash identifier: fb08HKz9SPK2EP0xYLB325IJrdZTyVkZqBL0bKOZpgY=
Subject key identifier: 0F:65:9D:04:EE:F2:FF:8E:EC:C1:32:91:64:73:90:02:09:AF:B5:62
Authority key identifier: 89:D6:A4:9D:23:00:7F:BB:12:47:19:2F:BB:7B:D9:82:EB:37:33:5F
Certificate issuer: /CN=89d6a49d23007fbb1247192fbb7bd982eb37335f
Certificate serial: 019DCDF4B7319A3B2D264E730959AB21B3C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/idaknSMAf7sSRxkvu3vZgus3M18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/14099a-e2da-4f6a-b5c4-6fd751de717a/1/idaknSMAf7sSRxkvu3vZgus3M18.mft
Manifest number: 03E2
Signing time: Mon 27 Apr 2026 08:01:00 +0000
Manifest this update: Mon 27 Apr 2026 08:01:00 +0000
Manifest next update: Tue 28 Apr 2026 08:01:00 +0000
Files and hashes: 1: Af_5rqEWBhs_t_5t3ubsN4ME7qQ.roa (hash: US3yyitysBySkBj1duM7uaT/kHoh5Ro/nrveWTewP9E=)
2: idaknSMAf7sSRxkvu3vZgus3M18.crl (hash: EwJ8CEWvp2dEeAsHkoaB78UCX8Bpt3cspuKZyoPN/ME=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/14099a-e2da-4f6a-b5c4-6fd751de717a/1/idaknSMAf7sSRxkvu3vZgus3M18.crl
rsync://rpki.ripe.net/repository/DEFAULT/0c/14099a-e2da-4f6a-b5c4-6fd751de717a/1/idaknSMAf7sSRxkvu3vZgus3M18.mft
rsync://rpki.ripe.net/repository/DEFAULT/idaknSMAf7sSRxkvu3vZgus3M18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Apr 2026 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:cd:f4:b7:31:9a:3b:2d:26:4e:73:09:59:ab:21:b3:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89d6a49d23007fbb1247192fbb7bd982eb37335f
Validity
Not Before: Apr 27 08:01:00 2026 GMT
Not After : Apr 28 08:01:00 2026 GMT
Subject: CN=0f659d04eef2ff8eecc132916473900209afb562
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:83:31:1c:bd:53:b6:2c:c3:4d:ce:fc:bd:80:
fb:14:35:b6:7d:d6:93:6c:89:73:6d:29:16:21:0c:
39:f0:0c:de:4b:25:84:43:67:09:d9:dc:db:13:c8:
09:e8:18:6e:6c:41:89:1b:6b:2b:dd:cc:89:e3:65:
71:b6:60:bb:90:99:33:61:47:fe:05:da:16:66:d9:
50:80:54:d0:72:d5:06:f8:44:ad:cd:d9:82:61:b9:
4e:01:b6:0c:18:be:98:32:e0:8b:32:69:7f:3d:5c:
b3:c7:cc:f8:ce:89:9f:8f:f1:6d:3d:0e:3d:fb:13:
a1:b9:e2:25:e5:3c:f6:0b:39:52:a4:79:39:8d:49:
27:67:9d:43:12:8c:c1:d0:bc:3f:77:6a:97:a2:d3:
f4:f0:78:b7:9f:ce:3b:01:b3:09:f8:92:7e:54:51:
b4:13:08:95:91:b6:cf:36:9c:7d:93:91:6c:c3:cf:
0e:f9:c6:fb:0d:de:6f:4f:cc:f3:14:7f:16:a7:e4:
f5:86:8b:5d:ef:75:fe:6f:84:20:3a:e3:55:d4:0b:
60:a6:72:fa:ca:ed:59:0a:a1:d8:ff:88:4c:48:99:
6f:dd:6b:f7:ba:96:91:2f:e7:bf:63:ae:d7:9a:71:
f3:39:7b:1b:b6:32:56:61:cd:09:0b:8b:e3:bb:09:
84:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:65:9D:04:EE:F2:FF:8E:EC:C1:32:91:64:73:90:02:09:AF:B5:62
X509v3 Authority Key Identifier:
keyid:89:D6:A4:9D:23:00:7F:BB:12:47:19:2F:BB:7B:D9:82:EB:37:33:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/idaknSMAf7sSRxkvu3vZgus3M18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/14099a-e2da-4f6a-b5c4-6fd751de717a/1/idaknSMAf7sSRxkvu3vZgus3M18.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/14099a-e2da-4f6a-b5c4-6fd751de717a/1/idaknSMAf7sSRxkvu3vZgus3M18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
49:a5:5d:bf:8d:05:2f:b9:7b:f9:4b:bf:e2:f9:00:5b:72:a5:
3e:20:d9:e2:7a:91:46:f2:de:7c:36:70:41:3b:b8:3a:bc:19:
d6:9d:a3:82:f4:32:fe:b4:69:5b:9d:64:7c:05:bb:3e:3f:1e:
89:a6:8b:f4:3a:7e:52:c4:a7:67:a7:43:da:0d:8a:0e:95:e5:
22:b4:eb:0f:f0:3d:01:74:73:a7:47:2b:ae:e8:09:f3:85:cc:
b3:2f:30:e3:61:f0:c1:8b:48:43:e4:b0:35:ad:4b:6a:97:5c:
7d:e1:b5:73:82:39:c3:b3:90:20:7d:00:15:9d:d9:99:1e:f5:
68:90:e6:42:0f:b4:f1:8c:0a:28:5c:53:15:a3:01:3d:41:7d:
b2:da:36:02:a6:92:7a:c2:21:ed:33:b1:2c:38:c3:af:c5:dc:
dc:54:e7:85:ac:5f:c8:c4:3d:97:f9:cb:97:35:16:d5:36:73:
72:31:c3:5c:8c:4c:e3:de:eb:17:02:6d:f4:48:49:b1:a7:55:
20:a8:11:b8:92:61:0c:01:4c:4e:dc:6a:9a:8c:00:d0:d3:30:
c6:6a:85:f4:68:a7:17:ce:e0:13:19:9b:aa:76:12:6a:a2:67:
06:25:75:cd:0e:6d:57:a1:e8:1e:af:d0:90:fe:78:02:8e:8a:
f3:3f:49:1b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ3N9LcxmjstJk5zCVmrIbPEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5ZDZhNDlkMjMwMDdmYmIxMjQ3MTkyZmJiN2JkOTgyZWIz
NzMzNWYwHhcNMjYwNDI3MDgwMTAwWhcNMjYwNDI4MDgwMTAwWjAzMTEwLwYDVQQD
EygwZjY1OWQwNGVlZjJmZjhlZWNjMTMyOTE2NDczOTAwMjA5YWZiNTYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA44MxHL1TtizDTc78vYD7FDW2fdaT
bIlzbSkWIQw58AzeSyWEQ2cJ2dzbE8gJ6BhubEGJG2sr3cyJ42VxtmC7kJkzYUf+
BdoWZtlQgFTQctUG+EStzdmCYblOAbYMGL6YMuCLMml/PVyzx8z4zomfj/FtPQ49
+xOhueIl5Tz2CzlSpHk5jUknZ51DEozB0Lw/d2qXotP08Hi3n847AbMJ+JJ+VFG0
EwiVkbbPNpx9k5Fsw88O+cb7Dd5vT8zzFH8Wp+T1hotd73X+b4QgOuNV1AtgpnL6
yu1ZCqHY/4hMSJlv3Wv3upaRL+e/Y67XmnHzOXsbtjJWYc0JC4vjuwmElwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA9lnQTu8v+O7MEykWRzkAIJr7ViMB8GA1UdIwQY
MBaAFInWpJ0jAH+7EkcZL7t72YLrNzNfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWRha25TTUFmN3NTUnhrdnUzdlpndXMzTTE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy8xNDA5OWEtZTJkYS00ZjZhLWI1YzQt
NmZkNzUxZGU3MTdhLzEvaWRha25TTUFmN3NTUnhrdnUzdlpndXMzTTE4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy8xNDA5OWEtZTJkYS00ZjZhLWI1YzQtNmZkNzUxZGU3MTdh
LzEvaWRha25TTUFmN3NTUnhrdnUzdlpndXMzTTE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASaVdv40F
L7l7+Uu/4vkAW3KlPiDZ4nqRRvLefDZwQTu4OrwZ1p2jgvQy/rRpW51kfAW7Pj8e
iaaL9Dp+UsSnZ6dD2g2KDpXlIrTrD/A9AXRzp0crrugJ84XMsy8w42HwwYtIQ+Sw
Na1LapdcfeG1c4I5w7OQIH0AFZ3ZmR71aJDmQg+08YwKKFxTFaMBPUF9sto2AqaS
esIh7TOxLDjDr8Xc3FTnhaxfyMQ9l/nLlzUW1TZzcjHDXIxM497rFwJt9EhJsadV
IKgRuJJhDAFMTtxqmowA0NMwxmqF9GinF87gExmbqnYSaqJnBiV1zQ5tV6HoHq/Q
kP54Ao6K8z9JGw==
-----END CERTIFICATE-----
Generated at Mon Apr 27 18:25:13 2026 by rpki-client