Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/c2095a-3b3d-4ac4-9c32-4df8912188f7/1/IQG2OI1kNfVJkJBTgrQdyWdf1JA.mft
File: IQG2OI1kNfVJkJBTgrQdyWdf1JA.mft (raw, json)
Hash identifier: 0LpGWjYJvPErfZkgGiBtCgE/3dZwkpXlarBsGNUTxG8=
Subject key identifier: 45:F0:9D:9C:28:3B:56:EF:68:EA:FD:C6:CF:CF:5C:98:23:8F:A7:A7
Authority key identifier: 21:01:B6:38:8D:64:35:F5:49:90:90:53:82:B4:1D:C9:67:5F:D4:90
Certificate issuer: /CN=2101b6388d6435f54990905382b41dc9675fd490
Certificate serial: 019DA943437FB08AE3B60024E831D939EEE1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IQG2OI1kNfVJkJBTgrQdyWdf1JA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/c2095a-3b3d-4ac4-9c32-4df8912188f7/1/IQG2OI1kNfVJkJBTgrQdyWdf1JA.mft
Manifest number: 075A
Signing time: Mon 20 Apr 2026 05:00:50 +0000
Manifest this update: Mon 20 Apr 2026 05:00:50 +0000
Manifest next update: Tue 21 Apr 2026 05:00:50 +0000
Files and hashes: 1: Bb0AlX7LVs8xu9FbBxHR7jZ41sc.roa (hash: 1RAeUNL+1NswFK++fmlLXs7tYc2gvuypR/zGLkI4pFk=)
2: IQG2OI1kNfVJkJBTgrQdyWdf1JA.crl (hash: eBOCZlXcBVHS7EfkOcdv371dkC7ff16E7GZE549vNTc=)
3: wuwvCCyqsgM8AhmBamIU1CDvuC4.roa (hash: 7kzHmkdddwIql7JhhvogOzHNgfL2sl/BzbMljE2+YF0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/c2095a-3b3d-4ac4-9c32-4df8912188f7/1/IQG2OI1kNfVJkJBTgrQdyWdf1JA.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/c2095a-3b3d-4ac4-9c32-4df8912188f7/1/IQG2OI1kNfVJkJBTgrQdyWdf1JA.mft
rsync://rpki.ripe.net/repository/DEFAULT/IQG2OI1kNfVJkJBTgrQdyWdf1JA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Apr 2026 05:00:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:a9:43:43:7f:b0:8a:e3:b6:00:24:e8:31:d9:39:ee:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2101b6388d6435f54990905382b41dc9675fd490
Validity
Not Before: Apr 20 05:00:50 2026 GMT
Not After : Apr 21 05:00:50 2026 GMT
Subject: CN=45f09d9c283b56ef68eafdc6cfcf5c98238fa7a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:cc:a6:6b:e3:70:47:3c:5d:71:cb:09:62:55:
0c:fa:e2:74:56:47:f4:32:04:95:27:a0:86:b4:83:
05:5b:bf:b7:59:a7:85:cf:9e:5e:17:3c:31:e5:59:
ed:af:f5:5d:6b:81:e3:b0:d2:c0:9f:71:43:18:e3:
34:84:8d:93:d3:14:e2:21:8d:79:c9:a7:58:5c:f2:
aa:86:7c:c6:92:45:a3:55:89:fe:9a:54:09:20:e7:
ef:75:20:11:5a:a0:6f:dd:45:aa:23:47:36:d7:02:
f0:47:06:12:83:3f:3d:98:df:bf:98:5a:ea:8d:70:
16:e5:41:82:b0:d1:dd:ff:d4:0f:6f:6d:e3:58:48:
23:48:a7:67:db:b2:4e:06:5c:a8:6c:f1:ce:9b:8b:
6c:e4:f4:46:2c:4e:fb:2a:93:a9:d2:28:66:11:fc:
be:9b:c9:36:27:78:8c:fc:f1:66:ca:05:30:22:6f:
53:67:0f:ab:59:87:28:fa:3a:56:f9:43:d1:0f:c9:
01:45:66:de:b1:1f:d7:c1:86:cd:e4:d1:80:8d:cf:
1b:45:7e:65:a8:4c:62:c9:fc:65:f2:06:39:08:e1:
30:4a:25:aa:a4:94:04:5d:7a:7c:3d:7c:a3:ed:6c:
b4:c7:57:4c:9b:44:86:59:0d:bc:ec:5d:40:77:66:
0c:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:F0:9D:9C:28:3B:56:EF:68:EA:FD:C6:CF:CF:5C:98:23:8F:A7:A7
X509v3 Authority Key Identifier:
keyid:21:01:B6:38:8D:64:35:F5:49:90:90:53:82:B4:1D:C9:67:5F:D4:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IQG2OI1kNfVJkJBTgrQdyWdf1JA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/c2095a-3b3d-4ac4-9c32-4df8912188f7/1/IQG2OI1kNfVJkJBTgrQdyWdf1JA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/c2095a-3b3d-4ac4-9c32-4df8912188f7/1/IQG2OI1kNfVJkJBTgrQdyWdf1JA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
48:8b:d3:d2:ca:44:b5:6d:8e:58:e5:0d:ff:1d:6a:80:9e:98:
b0:b0:9b:0d:a1:c3:8d:b0:68:de:b1:fc:70:86:a4:cc:5d:bb:
57:04:0e:8a:71:45:38:ec:fe:69:a9:bd:84:a5:08:c5:67:cc:
30:dd:3f:bc:24:bd:cf:30:68:61:ac:8c:eb:65:dc:1f:c6:20:
0b:4d:a9:d2:1d:a4:58:c5:74:43:68:0e:d7:08:9c:5b:42:df:
3c:0f:b5:0b:7f:7e:a6:07:6d:df:ed:26:9c:12:a6:f8:96:5c:
45:b8:55:b3:2b:00:ba:9c:46:0e:8c:b8:1d:9e:fe:c4:2e:f2:
e0:98:64:1c:36:5a:11:4c:19:6d:7c:8f:23:86:d2:60:c8:84:
28:7e:1d:19:e2:88:f0:d8:1f:68:35:dc:c2:f8:0d:2c:ae:dd:
0e:83:fb:63:d9:ab:0b:8c:74:7f:47:2c:dd:a7:74:16:b0:43:
e5:66:16:80:54:c7:e5:5e:f7:fd:47:5b:eb:b1:2c:17:a7:6e:
e0:e3:02:db:74:05:38:be:15:26:c8:74:d3:ea:74:c1:6f:64:
cb:e4:79:5f:01:ee:d0:d7:74:86:60:26:ea:c7:56:51:72:6a:
81:df:c3:92:3d:dc:6c:35:65:01:a8:33:dc:0b:60:f0:30:77:
a2:0e:5c:d8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2pQ0N/sIrjtgAk6DHZOe7hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMDFiNjM4OGQ2NDM1ZjU0OTkwOTA1MzgyYjQxZGM5Njc1
ZmQ0OTAwHhcNMjYwNDIwMDUwMDUwWhcNMjYwNDIxMDUwMDUwWjAzMTEwLwYDVQQD
Eyg0NWYwOWQ5YzI4M2I1NmVmNjhlYWZkYzZjZmNmNWM5ODIzOGZhN2E3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt8yma+NwRzxdccsJYlUM+uJ0Vkf0
MgSVJ6CGtIMFW7+3WaeFz55eFzwx5Vntr/Vda4HjsNLAn3FDGOM0hI2T0xTiIY15
yadYXPKqhnzGkkWjVYn+mlQJIOfvdSARWqBv3UWqI0c21wLwRwYSgz89mN+/mFrq
jXAW5UGCsNHd/9QPb23jWEgjSKdn27JOBlyobPHOm4ts5PRGLE77KpOp0ihmEfy+
m8k2J3iM/PFmygUwIm9TZw+rWYco+jpW+UPRD8kBRWbesR/XwYbN5NGAjc8bRX5l
qExiyfxl8gY5COEwSiWqpJQEXXp8PXyj7Wy0x1dMm0SGWQ287F1Ad2YMLwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEXwnZwoO1bvaOr9xs/PXJgjj6enMB8GA1UdIwQY
MBaAFCEBtjiNZDX1SZCQU4K0HclnX9SQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVFHMk9JMWtOZlZKa0pCVGdyUWR5V2RmMUpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9jMjA5NWEtM2IzZC00YWM0LTljMzIt
NGRmODkxMjE4OGY3LzEvSVFHMk9JMWtOZlZKa0pCVGdyUWR5V2RmMUpBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9jMjA5NWEtM2IzZC00YWM0LTljMzItNGRmODkxMjE4OGY3
LzEvSVFHMk9JMWtOZlZKa0pCVGdyUWR5V2RmMUpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASIvT0spE
tW2OWOUN/x1qgJ6YsLCbDaHDjbBo3rH8cIakzF27VwQOinFFOOz+aam9hKUIxWfM
MN0/vCS9zzBoYayM62XcH8YgC02p0h2kWMV0Q2gO1wicW0LfPA+1C39+pgdt3+0m
nBKm+JZcRbhVsysAupxGDoy4HZ7+xC7y4JhkHDZaEUwZbXyPI4bSYMiEKH4dGeKI
8NgfaDXcwvgNLK7dDoP7Y9mrC4x0f0cs3ad0FrBD5WYWgFTH5V73/Udb67EsF6du
4OMC23QFOL4VJsh00+p0wW9ky+R5XwHu0Nd0hmAm6sdWUXJqgd/Dkj3cbDVlAagz
3Atg8DB3og5c2A==
-----END CERTIFICATE-----
Generated at Mon Apr 20 09:39:44 2026 by rpki-client