Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/e5b14b-9d5b-4346-8e85-63729fe588a2/1/iQCNpBkicovFvtu9cIhwHFKbme0.mft
File: iQCNpBkicovFvtu9cIhwHFKbme0.mft (raw, json)
Hash identifier: 287irfQPZ9YRYSxoigs9gsDmvToqXsPHYKhCYQgN9zE=
Subject key identifier: 44:B5:16:40:4E:74:05:D1:B0:0A:DD:C5:4D:7F:DF:5F:89:81:B8:91
Authority key identifier: 89:00:8D:A4:19:22:72:8B:C5:BE:DB:BD:70:88:70:1C:52:9B:99:ED
Certificate issuer: /CN=89008da41922728bc5bedbbd7088701c529b99ed
Certificate serial: 019D390A22333CC9FD506A89C53F39DCD1EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iQCNpBkicovFvtu9cIhwHFKbme0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/e5b14b-9d5b-4346-8e85-63729fe588a2/1/iQCNpBkicovFvtu9cIhwHFKbme0.mft
Manifest number: 0437
Signing time: Sun 29 Mar 2026 10:00:58 +0000
Manifest this update: Sun 29 Mar 2026 10:00:58 +0000
Manifest next update: Mon 30 Mar 2026 10:00:58 +0000
Files and hashes: 1: CJHjJvBxO_A1o29RU77bYDobb1Y.asa (hash: OiQ96AcIrfdWv9rYq7YRunMZUUkm1k1hxiflexmUSCE=)
2: ZsGtqMxH4nL8S3-yctBXEQDc62g.roa (hash: +ZsU9QUE73+Gn9nFEGhVwL2RW/GlaE2Pf3U5DjyGOtE=)
3: iQCNpBkicovFvtu9cIhwHFKbme0.crl (hash: UbA4BOkLfUC2iVUJEGiU+jrqlDfGRvtu+tqhLJfs4gE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/54/e5b14b-9d5b-4346-8e85-63729fe588a2/1/iQCNpBkicovFvtu9cIhwHFKbme0.crl
rsync://rpki.ripe.net/repository/DEFAULT/54/e5b14b-9d5b-4346-8e85-63729fe588a2/1/iQCNpBkicovFvtu9cIhwHFKbme0.mft
rsync://rpki.ripe.net/repository/DEFAULT/iQCNpBkicovFvtu9cIhwHFKbme0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:0a:22:33:3c:c9:fd:50:6a:89:c5:3f:39:dc:d1:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89008da41922728bc5bedbbd7088701c529b99ed
Validity
Not Before: Mar 29 10:00:58 2026 GMT
Not After : Mar 30 10:00:58 2026 GMT
Subject: CN=44b516404e7405d1b00addc54d7fdf5f8981b891
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:6a:e0:08:c2:bf:ae:a9:45:18:aa:46:80:ff:
c6:3b:c8:7c:9f:fc:1a:30:9b:a9:a1:0f:53:d8:35:
5e:78:8c:78:1e:62:75:16:f8:b5:87:3f:70:ec:73:
10:83:93:fb:c5:20:46:4a:59:c3:cc:89:d3:07:3a:
c2:0a:f8:51:5a:9c:23:9f:00:ef:05:e2:f4:44:10:
6f:dd:f7:15:7a:75:a0:c0:0f:1e:99:a7:23:71:58:
08:32:26:1b:66:93:fa:22:f3:2f:5b:c9:40:36:ab:
2f:fe:a9:69:09:5f:ba:a7:72:23:3e:42:cd:ff:05:
58:67:84:89:18:54:17:d5:1b:11:e1:33:c3:9b:98:
fe:52:79:73:77:08:62:b9:3f:04:14:79:0f:b5:a7:
d5:f9:30:64:59:a4:32:c1:36:4f:87:4f:54:60:4c:
12:78:46:55:c2:ce:55:87:da:45:96:3d:68:d7:50:
33:7d:0a:37:05:0d:85:28:a9:09:3f:6f:87:65:94:
26:2f:3f:34:cf:d3:98:53:ea:88:c7:6c:f6:77:57:
f9:a7:e9:d9:fa:2b:b3:f6:c1:25:9e:b2:fb:a7:bf:
a0:7a:8c:9b:db:85:25:f6:b3:82:39:af:d2:3f:52:
13:43:32:4d:e3:ac:96:7d:a1:90:c2:54:e2:e9:1f:
12:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:B5:16:40:4E:74:05:D1:B0:0A:DD:C5:4D:7F:DF:5F:89:81:B8:91
X509v3 Authority Key Identifier:
keyid:89:00:8D:A4:19:22:72:8B:C5:BE:DB:BD:70:88:70:1C:52:9B:99:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iQCNpBkicovFvtu9cIhwHFKbme0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/e5b14b-9d5b-4346-8e85-63729fe588a2/1/iQCNpBkicovFvtu9cIhwHFKbme0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/e5b14b-9d5b-4346-8e85-63729fe588a2/1/iQCNpBkicovFvtu9cIhwHFKbme0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
57:62:54:6c:2a:26:2a:cc:39:bd:79:ed:1b:96:b6:b9:45:34:
f8:a6:72:c7:bb:11:97:65:1c:54:df:83:70:d5:30:a7:e7:dc:
5c:f4:76:2c:f2:a8:2d:f9:41:f4:41:a7:18:af:6e:b5:c5:ea:
44:e3:84:52:0b:ae:7e:ae:1a:3e:22:44:b8:34:4f:fa:4a:a5:
71:86:4e:03:7e:74:36:23:31:54:7e:a3:d7:40:f5:bc:be:61:
45:42:ad:89:08:02:90:02:1a:80:66:5a:2a:f9:7b:ad:20:6f:
eb:7d:06:86:3e:dd:6a:cb:d1:91:6b:ee:81:6d:74:d8:9d:e6:
db:19:be:d5:49:71:88:00:1a:54:e5:a2:7c:8c:01:87:2f:15:
0e:28:3a:04:44:00:08:a6:1e:b7:4f:8d:ed:19:fe:75:a4:6c:
a5:e7:89:15:7a:d0:e4:51:1c:a2:36:e3:8c:66:25:de:18:32:
f1:d3:dd:74:e5:c9:21:85:c8:af:ba:1a:be:c0:36:8b:0b:3e:
c2:39:73:fa:d2:fa:82:2a:23:48:e7:b8:58:24:7c:72:fa:7b:
7b:f8:02:ae:0d:e7:5e:c6:ed:2e:ae:3a:87:22:60:80:4b:69:
d5:ed:a9:a8:7c:ca:9e:e0:13:09:63:c1:b4:a8:1b:90:8a:92:
f9:5a:6e:22
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05CiIzPMn9UGqJxT853NHrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5MDA4ZGE0MTkyMjcyOGJjNWJlZGJiZDcwODg3MDFjNTI5
Yjk5ZWQwHhcNMjYwMzI5MTAwMDU4WhcNMjYwMzMwMTAwMDU4WjAzMTEwLwYDVQQD
Eyg0NGI1MTY0MDRlNzQwNWQxYjAwYWRkYzU0ZDdmZGY1Zjg5ODFiODkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwWrgCMK/rqlFGKpGgP/GO8h8n/wa
MJupoQ9T2DVeeIx4HmJ1Fvi1hz9w7HMQg5P7xSBGSlnDzInTBzrCCvhRWpwjnwDv
BeL0RBBv3fcVenWgwA8emacjcVgIMiYbZpP6IvMvW8lANqsv/qlpCV+6p3IjPkLN
/wVYZ4SJGFQX1RsR4TPDm5j+UnlzdwhiuT8EFHkPtafV+TBkWaQywTZPh09UYEwS
eEZVws5Vh9pFlj1o11AzfQo3BQ2FKKkJP2+HZZQmLz80z9OYU+qIx2z2d1f5p+nZ
+iuz9sElnrL7p7+geoyb24Ul9rOCOa/SP1ITQzJN46yWfaGQwlTi6R8SvQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFES1FkBOdAXRsArdxU1/31+JgbiRMB8GA1UdIwQY
MBaAFIkAjaQZInKLxb7bvXCIcBxSm5ntMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVFDTnBCa2ljb3ZGdnR1OWNJaHdIRktibWUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC9lNWIxNGItOWQ1Yi00MzQ2LThlODUt
NjM3MjlmZTU4OGEyLzEvaVFDTnBCa2ljb3ZGdnR1OWNJaHdIRktibWUwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC9lNWIxNGItOWQ1Yi00MzQ2LThlODUtNjM3MjlmZTU4OGEy
LzEvaVFDTnBCa2ljb3ZGdnR1OWNJaHdIRktibWUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAV2JUbCom
Ksw5vXntG5a2uUU0+KZyx7sRl2UcVN+DcNUwp+fcXPR2LPKoLflB9EGnGK9utcXq
ROOEUguufq4aPiJEuDRP+kqlcYZOA350NiMxVH6j10D1vL5hRUKtiQgCkAIagGZa
Kvl7rSBv630Ghj7dasvRkWvugW102J3m2xm+1UlxiAAaVOWifIwBhy8VDig6BEQA
CKYet0+N7Rn+daRspeeJFXrQ5FEcojbjjGYl3hgy8dPddOXJIYXIr7oavsA2iws+
wjlz+tL6giojSOe4WCR8cvp7e/gCrg3nXsbtLq46hyJggEtp1e2pqHzKnuATCWPB
tKgbkIqS+VpuIg==
-----END CERTIFICATE-----
Generated at Sun Mar 29 13:44:44 2026 by rpki-client