Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/e5b14b-9d5b-4346-8e85-63729fe588a2/1/iQCNpBkicovFvtu9cIhwHFKbme0.mft
File: iQCNpBkicovFvtu9cIhwHFKbme0.mft (raw, json)
Hash identifier: taQOFicRHPsZ0tPQYhPNJIYORGqyMt0QZfHux3yWD1I=
Subject key identifier: 60:D1:19:80:69:48:7E:2A:EC:D6:C9:31:56:DA:52:B5:40:22:0D:99
Authority key identifier: 89:00:8D:A4:19:22:72:8B:C5:BE:DB:BD:70:88:70:1C:52:9B:99:ED
Certificate issuer: /CN=89008da41922728bc5bedbbd7088701c529b99ed
Certificate serial: 019E2693C73678E715B80A0267669886849D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iQCNpBkicovFvtu9cIhwHFKbme0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/e5b14b-9d5b-4346-8e85-63729fe588a2/1/iQCNpBkicovFvtu9cIhwHFKbme0.mft
Manifest number: 04B2
Signing time: Thu 14 May 2026 13:01:19 +0000
Manifest this update: Thu 14 May 2026 13:01:19 +0000
Manifest next update: Fri 15 May 2026 13:01:19 +0000
Files and hashes: 1: CJHjJvBxO_A1o29RU77bYDobb1Y.asa (hash: OiQ96AcIrfdWv9rYq7YRunMZUUkm1k1hxiflexmUSCE=)
2: ZsGtqMxH4nL8S3-yctBXEQDc62g.roa (hash: +ZsU9QUE73+Gn9nFEGhVwL2RW/GlaE2Pf3U5DjyGOtE=)
3: iQCNpBkicovFvtu9cIhwHFKbme0.crl (hash: 46g0mdxskmNuI9IzwaB+60gkfPtbA8Vyfjc5xAk6efY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/54/e5b14b-9d5b-4346-8e85-63729fe588a2/1/iQCNpBkicovFvtu9cIhwHFKbme0.crl
rsync://rpki.ripe.net/repository/DEFAULT/54/e5b14b-9d5b-4346-8e85-63729fe588a2/1/iQCNpBkicovFvtu9cIhwHFKbme0.mft
rsync://rpki.ripe.net/repository/DEFAULT/iQCNpBkicovFvtu9cIhwHFKbme0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 15 May 2026 08:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:26:93:c7:36:78:e7:15:b8:0a:02:67:66:98:86:84:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89008da41922728bc5bedbbd7088701c529b99ed
Validity
Not Before: May 14 13:01:19 2026 GMT
Not After : May 15 13:01:19 2026 GMT
Subject: CN=60d1198069487e2aecd6c93156da52b540220d99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:9c:dd:e2:39:65:67:67:2d:0e:85:ac:9c:07:
23:d4:fa:18:17:76:c5:97:59:92:0d:66:51:20:77:
3f:7b:6d:15:94:cd:6b:c4:d7:0f:76:5b:e4:78:bb:
95:09:18:03:95:1d:a1:66:4f:a9:54:13:a7:2b:48:
e2:69:c4:af:19:f1:08:85:be:22:ae:a2:f8:91:31:
27:54:33:5f:5a:7b:bc:15:a8:65:69:ce:55:1b:65:
be:b7:1a:54:cd:10:74:68:95:6d:10:f8:8d:d9:92:
a0:f3:c7:21:8e:18:54:3c:a1:74:19:08:b4:cb:f4:
75:df:b3:de:61:5e:8f:f9:04:c0:31:93:7d:bb:ca:
b1:1f:7c:e3:96:66:b3:65:3b:2e:89:34:bf:90:b0:
6d:5a:b3:9b:17:01:9b:38:1d:2a:c4:32:9d:5c:f4:
6a:83:e3:6e:d7:3d:bf:a0:7a:1b:f8:e7:1e:f2:0b:
c4:d9:21:b2:db:ed:1f:fe:d3:54:6e:28:69:51:1a:
f4:48:5a:b5:20:d9:7a:9e:0e:87:a1:36:c1:2f:19:
7b:60:7e:52:a9:49:b3:b3:0d:54:be:85:2a:4f:69:
4d:98:17:83:36:e3:3a:3d:d6:c9:5e:ce:04:d0:1f:
ae:1b:9e:b7:bd:fd:61:10:94:ff:d7:81:b3:a6:57:
86:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:D1:19:80:69:48:7E:2A:EC:D6:C9:31:56:DA:52:B5:40:22:0D:99
X509v3 Authority Key Identifier:
keyid:89:00:8D:A4:19:22:72:8B:C5:BE:DB:BD:70:88:70:1C:52:9B:99:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iQCNpBkicovFvtu9cIhwHFKbme0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/e5b14b-9d5b-4346-8e85-63729fe588a2/1/iQCNpBkicovFvtu9cIhwHFKbme0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/e5b14b-9d5b-4346-8e85-63729fe588a2/1/iQCNpBkicovFvtu9cIhwHFKbme0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
89:0c:ea:b4:e2:15:d5:ee:24:a2:69:c9:2b:6b:46:e5:f4:78:
71:4c:5e:35:cc:cb:b2:00:10:18:0c:b2:86:e9:bc:1b:1f:17:
f2:c7:9c:e7:d4:d1:69:7b:dd:cd:38:61:91:82:1f:63:24:fb:
9d:16:ad:36:bc:dc:ba:d5:8e:77:d6:12:85:ad:a1:1f:f2:d3:
59:b2:48:f9:88:4e:b5:48:c8:a9:5c:18:41:2d:59:aa:ff:7f:
8c:e0:1f:de:1c:1f:ae:50:e7:d9:db:42:8c:07:46:ae:02:a1:
d1:07:78:45:4d:09:d5:29:bc:6e:8b:3d:8b:df:2f:86:a1:c1:
ce:26:e7:f6:af:18:be:d9:a3:15:83:cf:02:3d:76:b0:34:ff:
23:a8:89:a1:34:6c:07:a0:b3:2f:a5:81:60:04:dd:63:a6:f5:
15:c6:6e:1d:46:0d:2c:48:98:2a:f5:33:52:71:00:2e:53:c4:
9b:03:a5:1e:ef:b6:6c:47:ee:38:fb:a5:34:b9:a5:5f:b0:8d:
cf:5c:6e:e1:aa:77:66:b1:d0:5f:8f:26:df:bc:91:dd:04:86:
bf:35:1c:8c:33:22:63:35:4a:e8:63:b6:36:ac:26:18:d3:94:
c7:a4:fc:67:09:2a:e3:d7:4e:48:48:10:31:02:5f:3c:cc:6f:
63:e6:48:dc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4mk8c2eOcVuAoCZ2aYhoSdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5MDA4ZGE0MTkyMjcyOGJjNWJlZGJiZDcwODg3MDFjNTI5
Yjk5ZWQwHhcNMjYwNTE0MTMwMTE5WhcNMjYwNTE1MTMwMTE5WjAzMTEwLwYDVQQD
Eyg2MGQxMTk4MDY5NDg3ZTJhZWNkNmM5MzE1NmRhNTJiNTQwMjIwZDk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr5zd4jllZ2ctDoWsnAcj1PoYF3bF
l1mSDWZRIHc/e20VlM1rxNcPdlvkeLuVCRgDlR2hZk+pVBOnK0jiacSvGfEIhb4i
rqL4kTEnVDNfWnu8Fahlac5VG2W+txpUzRB0aJVtEPiN2ZKg88chjhhUPKF0GQi0
y/R137PeYV6P+QTAMZN9u8qxH3zjlmazZTsuiTS/kLBtWrObFwGbOB0qxDKdXPRq
g+Nu1z2/oHob+Oce8gvE2SGy2+0f/tNUbihpURr0SFq1INl6ng6HoTbBLxl7YH5S
qUmzsw1UvoUqT2lNmBeDNuM6PdbJXs4E0B+uG563vf1hEJT/14GzpleG0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGDRGYBpSH4q7NbJMVbaUrVAIg2ZMB8GA1UdIwQY
MBaAFIkAjaQZInKLxb7bvXCIcBxSm5ntMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVFDTnBCa2ljb3ZGdnR1OWNJaHdIRktibWUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC9lNWIxNGItOWQ1Yi00MzQ2LThlODUt
NjM3MjlmZTU4OGEyLzEvaVFDTnBCa2ljb3ZGdnR1OWNJaHdIRktibWUwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC9lNWIxNGItOWQ1Yi00MzQ2LThlODUtNjM3MjlmZTU4OGEy
LzEvaVFDTnBCa2ljb3ZGdnR1OWNJaHdIRktibWUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiQzqtOIV
1e4komnJK2tG5fR4cUxeNczLsgAQGAyyhum8Gx8X8sec59TRaXvdzThhkYIfYyT7
nRatNrzcutWOd9YSha2hH/LTWbJI+YhOtUjIqVwYQS1Zqv9/jOAf3hwfrlDn2dtC
jAdGrgKh0Qd4RU0J1Sm8bos9i98vhqHBzibn9q8YvtmjFYPPAj12sDT/I6iJoTRs
B6CzL6WBYATdY6b1FcZuHUYNLEiYKvUzUnEALlPEmwOlHu+2bEfuOPulNLmlX7CN
z1xu4ap3ZrHQX48m37yR3QSGvzUcjDMiYzVK6GO2NqwmGNOUx6T8Zwkq49dOSEgQ
MQJfPMxvY+ZI3A==
-----END CERTIFICATE-----
Generated at Thu May 14 15:19:34 2026 by rpki-client