Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/c8aa09-bdfb-43ca-8522-fa75cbe9bead/1/iBKgqAncPNH72JUaj4D2mSXhGQg.mft
File: iBKgqAncPNH72JUaj4D2mSXhGQg.mft (raw, json)
Hash identifier: C2f7VX26unIrIigvTMZF06GLcR2mlPLqSBDZ+IUuJi4=
Subject key identifier: AA:25:C5:9B:08:C6:45:8D:2C:E9:53:4C:21:89:38:09:69:88:51:F6
Authority key identifier: 88:12:A0:A8:09:DC:3C:D1:FB:D8:95:1A:8F:80:F6:99:25:E1:19:08
Certificate issuer: /CN=8812a0a809dc3cd1fbd8951a8f80f69925e11908
Certificate serial: 019DCDF4EA052CF3AB6A4CCB5C24A3DE653B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iBKgqAncPNH72JUaj4D2mSXhGQg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/c8aa09-bdfb-43ca-8522-fa75cbe9bead/1/iBKgqAncPNH72JUaj4D2mSXhGQg.mft
Manifest number: 13C1
Signing time: Mon 27 Apr 2026 08:01:13 +0000
Manifest this update: Mon 27 Apr 2026 08:01:13 +0000
Manifest next update: Tue 28 Apr 2026 08:01:13 +0000
Files and hashes: 1: V4V1l39T5s1HWbLvpZ_dNNrQqrE.roa (hash: 2VhJQ/68VuS0vWM3hQGdKSnDSrR+nJHlsrGkam4iQlg=)
2: iBKgqAncPNH72JUaj4D2mSXhGQg.crl (hash: oehbp+h6+8OzZXUn0EQrJ21ml0YxEZeCtnlDOeqCcos=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/c8aa09-bdfb-43ca-8522-fa75cbe9bead/1/iBKgqAncPNH72JUaj4D2mSXhGQg.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/c8aa09-bdfb-43ca-8522-fa75cbe9bead/1/iBKgqAncPNH72JUaj4D2mSXhGQg.mft
rsync://rpki.ripe.net/repository/DEFAULT/iBKgqAncPNH72JUaj4D2mSXhGQg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Apr 2026 08:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:cd:f4:ea:05:2c:f3:ab:6a:4c:cb:5c:24:a3:de:65:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8812a0a809dc3cd1fbd8951a8f80f69925e11908
Validity
Not Before: Apr 27 08:01:13 2026 GMT
Not After : Apr 28 08:01:13 2026 GMT
Subject: CN=aa25c59b08c6458d2ce9534c21893809698851f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:ab:20:6a:70:0b:da:b8:59:3a:18:27:35:83:
e4:e7:8f:bd:15:83:90:ff:a2:15:b7:ed:e8:f8:c3:
9c:a2:01:1f:6d:a9:cb:94:63:c9:ea:f4:25:02:42:
02:44:d0:dd:fb:ca:11:04:c2:26:0b:ed:d7:12:95:
e7:57:4f:79:9c:07:79:5c:2c:6e:c9:3c:d7:e2:e9:
90:df:4e:56:24:1b:a8:9b:53:4a:56:34:17:49:f4:
f7:73:89:94:04:1f:a6:b8:bc:e5:74:89:50:5a:e7:
9c:d3:ca:55:6a:07:34:e3:1f:e4:c2:88:83:4e:3c:
cd:ae:e8:71:39:b3:36:47:7a:d8:1f:a7:9b:fc:38:
9a:28:97:4f:03:71:73:ce:8f:e4:ef:9c:c3:fe:5e:
d0:ba:8c:ad:62:0d:49:b6:6e:33:b6:d4:2b:d1:71:
b3:6f:b5:60:18:0f:32:29:8d:b3:c1:96:26:05:41:
a9:b5:d0:86:bd:73:40:60:02:fe:09:ec:01:f1:70:
f5:5f:ae:f0:0c:cf:e0:30:e1:94:9f:06:3b:c5:da:
e6:fc:19:a4:a9:4b:65:d5:2c:c6:83:a3:22:4c:71:
78:09:ba:8a:ee:83:7a:97:4f:62:3d:9a:5e:55:f8:
79:d9:05:b4:63:06:55:9c:9f:57:6d:8e:25:30:d3:
2b:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:25:C5:9B:08:C6:45:8D:2C:E9:53:4C:21:89:38:09:69:88:51:F6
X509v3 Authority Key Identifier:
keyid:88:12:A0:A8:09:DC:3C:D1:FB:D8:95:1A:8F:80:F6:99:25:E1:19:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iBKgqAncPNH72JUaj4D2mSXhGQg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/c8aa09-bdfb-43ca-8522-fa75cbe9bead/1/iBKgqAncPNH72JUaj4D2mSXhGQg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/c8aa09-bdfb-43ca-8522-fa75cbe9bead/1/iBKgqAncPNH72JUaj4D2mSXhGQg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0f:6f:ef:85:ca:ea:32:e2:0b:97:d7:20:98:4f:ca:f2:2d:9d:
51:0b:69:8a:23:77:00:25:c3:c5:6c:b5:ce:36:03:fe:f3:2c:
1f:21:5c:53:4c:de:55:52:26:62:fe:fb:f3:09:62:5a:13:fe:
70:b1:fc:1b:c7:c5:41:e1:7a:24:00:e2:81:0a:5c:9a:c4:bc:
15:ed:b9:c9:cf:85:ac:51:e7:f9:5d:b4:08:46:b8:95:2c:3e:
62:26:c5:8d:ee:82:cc:3b:7c:db:d7:5d:14:3a:da:d1:cf:0d:
57:64:44:cc:51:17:6c:1b:08:c4:d8:43:62:4f:5e:4e:d5:5c:
33:ca:02:1c:f0:c5:b0:29:ee:f0:5d:05:be:65:fd:17:06:d5:
3b:5e:61:f9:b6:37:9f:9d:aa:99:a3:3b:32:d7:cc:05:86:74:
70:c3:31:62:c0:82:b5:13:cd:ac:b4:0f:a3:0c:b3:6a:e3:d0:
ba:fb:e6:f6:81:e8:92:9c:36:6e:96:05:35:c0:37:14:35:c2:
1a:56:6e:85:ee:70:ba:43:9e:4b:98:7f:5e:0c:f1:74:b0:eb:
67:8f:7e:2f:f1:e3:be:94:63:2f:e0:f5:61:96:08:8b:68:61:
e8:7c:ac:a4:05:ae:bf:5d:48:08:ef:10:cb:d0:5b:6a:7d:ba:
eb:3f:ca:0a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ3N9OoFLPOrakzLXCSj3mU7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4MTJhMGE4MDlkYzNjZDFmYmQ4OTUxYThmODBmNjk5MjVl
MTE5MDgwHhcNMjYwNDI3MDgwMTEzWhcNMjYwNDI4MDgwMTEzWjAzMTEwLwYDVQQD
EyhhYTI1YzU5YjA4YzY0NThkMmNlOTUzNGMyMTg5MzgwOTY5ODg1MWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvKsganAL2rhZOhgnNYPk54+9FYOQ
/6IVt+3o+MOcogEfbanLlGPJ6vQlAkICRNDd+8oRBMImC+3XEpXnV095nAd5XCxu
yTzX4umQ305WJBuom1NKVjQXSfT3c4mUBB+muLzldIlQWuec08pVagc04x/kwoiD
TjzNruhxObM2R3rYH6eb/DiaKJdPA3Fzzo/k75zD/l7QuoytYg1Jtm4zttQr0XGz
b7VgGA8yKY2zwZYmBUGptdCGvXNAYAL+CewB8XD1X67wDM/gMOGUnwY7xdrm/Bmk
qUtl1SzGg6MiTHF4CbqK7oN6l09iPZpeVfh52QW0YwZVnJ9XbY4lMNMrswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKolxZsIxkWNLOlTTCGJOAlpiFH2MB8GA1UdIwQY
MBaAFIgSoKgJ3DzR+9iVGo+A9pkl4RkIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUJLZ3FBbmNQTkg3MkpVYWo0RDJtU1hoR1FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9jOGFhMDktYmRmYi00M2NhLTg1MjIt
ZmE3NWNiZTliZWFkLzEvaUJLZ3FBbmNQTkg3MkpVYWo0RDJtU1hoR1FnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9jOGFhMDktYmRmYi00M2NhLTg1MjItZmE3NWNiZTliZWFk
LzEvaUJLZ3FBbmNQTkg3MkpVYWo0RDJtU1hoR1FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAD2/vhcrq
MuILl9cgmE/K8i2dUQtpiiN3ACXDxWy1zjYD/vMsHyFcU0zeVVImYv778wliWhP+
cLH8G8fFQeF6JADigQpcmsS8Fe25yc+FrFHn+V20CEa4lSw+YibFje6CzDt829dd
FDra0c8NV2REzFEXbBsIxNhDYk9eTtVcM8oCHPDFsCnu8F0FvmX9FwbVO15h+bY3
n52qmaM7MtfMBYZ0cMMxYsCCtRPNrLQPowyzauPQuvvm9oHokpw2bpYFNcA3FDXC
GlZuhe5wukOeS5h/XgzxdLDrZ49+L/HjvpRjL+D1YZYIi2hh6HyspAWuv11ICO8Q
y9Bban266z/KCg==
-----END CERTIFICATE-----
Generated at Mon Apr 27 16:53:36 2026 by rpki-client