Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/c2095a-3b3d-4ac4-9c32-4df8912188f7/1/IQG2OI1kNfVJkJBTgrQdyWdf1JA.mft
File: IQG2OI1kNfVJkJBTgrQdyWdf1JA.mft (raw, json)
Hash identifier: gn7sZnGOs8XvC5RIuwELvMRwDegMWzX7VNpgKmRVD0A=
Subject key identifier: EA:33:F3:EE:AF:CE:28:CB:88:18:EB:F5:CF:83:70:DA:78:96:A8:9F
Authority key identifier: 21:01:B6:38:8D:64:35:F5:49:90:90:53:82:B4:1D:C9:67:5F:D4:90
Certificate issuer: /CN=2101b6388d6435f54990905382b41dc9675fd490
Certificate serial: 019E91015F9CD31F4A4438CA253240D5659A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IQG2OI1kNfVJkJBTgrQdyWdf1JA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/c2095a-3b3d-4ac4-9c32-4df8912188f7/1/IQG2OI1kNfVJkJBTgrQdyWdf1JA.mft
Manifest number: 07D2
Signing time: Thu 04 Jun 2026 05:00:46 +0000
Manifest this update: Thu 04 Jun 2026 05:00:46 +0000
Manifest next update: Fri 05 Jun 2026 05:00:46 +0000
Files and hashes: 1: Bb0AlX7LVs8xu9FbBxHR7jZ41sc.roa (hash: 1RAeUNL+1NswFK++fmlLXs7tYc2gvuypR/zGLkI4pFk=)
2: IQG2OI1kNfVJkJBTgrQdyWdf1JA.crl (hash: cfQ0jmiwaBA0oYTlh9GFi6WwnsiYgBvtBMUQ0g8h274=)
3: wuwvCCyqsgM8AhmBamIU1CDvuC4.roa (hash: 7kzHmkdddwIql7JhhvogOzHNgfL2sl/BzbMljE2+YF0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/c2095a-3b3d-4ac4-9c32-4df8912188f7/1/IQG2OI1kNfVJkJBTgrQdyWdf1JA.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/c2095a-3b3d-4ac4-9c32-4df8912188f7/1/IQG2OI1kNfVJkJBTgrQdyWdf1JA.mft
rsync://rpki.ripe.net/repository/DEFAULT/IQG2OI1kNfVJkJBTgrQdyWdf1JA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 05 Jun 2026 05:00:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:91:01:5f:9c:d3:1f:4a:44:38:ca:25:32:40:d5:65:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2101b6388d6435f54990905382b41dc9675fd490
Validity
Not Before: Jun 4 05:00:46 2026 GMT
Not After : Jun 5 05:00:46 2026 GMT
Subject: CN=ea33f3eeafce28cb8818ebf5cf8370da7896a89f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:b7:ff:f0:04:c4:f2:f2:0c:93:49:0d:23:d2:
d0:87:d2:03:60:10:9b:43:79:a1:07:49:bb:8e:56:
91:e4:a3:82:b4:4c:dc:06:bd:37:0b:a4:6f:a3:53:
25:d4:dc:6f:55:41:3a:a8:81:f5:d3:50:e6:b9:3e:
9c:21:33:53:5b:71:93:28:24:9b:24:8d:43:3d:cc:
1a:18:e6:fb:77:c9:b0:86:f8:9f:19:ae:a2:24:ba:
c9:ce:6e:f7:08:a2:7e:d7:79:7f:19:ec:35:58:72:
8a:11:17:97:86:7b:3d:2e:41:17:f3:1e:f1:d6:12:
03:dd:c4:39:f2:c1:82:d2:45:4e:62:2e:64:42:2d:
9d:b6:e1:86:bb:3a:a8:e2:a2:d2:0c:fb:bf:88:9f:
4e:01:02:48:0f:1f:7e:01:2f:ab:c1:63:39:ae:c3:
92:d3:e3:36:68:38:eb:48:bd:ee:9b:b3:0e:06:68:
9c:81:58:a2:5b:25:0e:20:ee:ed:6c:f2:57:f0:16:
cb:2e:82:8c:12:16:24:c2:37:b4:52:6d:a8:cc:92:
0e:85:d3:70:40:3c:f4:11:c0:42:4d:dc:2b:15:1a:
4c:9e:1e:e6:3b:14:b9:a4:f8:ac:28:8e:67:82:bb:
9f:49:f5:76:20:23:b0:f9:9a:50:80:36:76:c1:d1:
6f:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:33:F3:EE:AF:CE:28:CB:88:18:EB:F5:CF:83:70:DA:78:96:A8:9F
X509v3 Authority Key Identifier:
keyid:21:01:B6:38:8D:64:35:F5:49:90:90:53:82:B4:1D:C9:67:5F:D4:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IQG2OI1kNfVJkJBTgrQdyWdf1JA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/c2095a-3b3d-4ac4-9c32-4df8912188f7/1/IQG2OI1kNfVJkJBTgrQdyWdf1JA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/c2095a-3b3d-4ac4-9c32-4df8912188f7/1/IQG2OI1kNfVJkJBTgrQdyWdf1JA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8c:1f:8b:d1:45:17:3f:ff:69:ff:6c:da:0f:ec:86:6f:a7:79:
b8:45:56:44:33:8c:b6:ff:91:2c:09:df:46:c4:df:65:77:6b:
94:d9:79:0c:86:f3:2b:10:28:71:bf:92:77:14:bd:11:ca:c8:
0f:16:7c:38:f9:11:ea:bc:54:03:65:e8:f8:c2:d5:ca:9c:0a:
2b:f3:4e:a7:f1:a6:2c:04:26:4b:80:8b:4b:94:f8:cd:80:dc:
b8:86:55:8b:98:f4:08:12:79:0e:6f:72:1b:7d:c9:a1:9d:49:
b4:f9:d1:f5:b8:c1:91:0f:a5:a6:c9:95:39:63:bd:f2:dd:62:
e8:7b:b1:c1:3a:75:83:76:bf:2c:20:76:f0:87:83:c5:95:ab:
11:3e:ae:28:9b:03:df:da:02:89:16:88:89:a1:de:c2:10:ce:
6e:bd:0c:a5:b4:34:3b:a4:f8:f8:c2:97:e4:5c:08:af:34:70:
9e:57:43:05:ee:6f:33:be:ff:66:09:10:5e:5d:ce:ec:9c:64:
4d:47:c6:27:0d:42:bf:03:3a:69:25:24:df:6a:40:fb:2a:84:
d1:dd:cf:0b:44:5c:4e:f5:6d:b2:15:4f:d6:88:df:9c:e3:f2:
35:55:5f:3b:6a:be:96:51:14:ac:3a:9d:e6:d7:76:de:f5:15:
c6:41:1a:71
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ6RAV+c0x9KRDjKJTJA1WWaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMDFiNjM4OGQ2NDM1ZjU0OTkwOTA1MzgyYjQxZGM5Njc1
ZmQ0OTAwHhcNMjYwNjA0MDUwMDQ2WhcNMjYwNjA1MDUwMDQ2WjAzMTEwLwYDVQQD
EyhlYTMzZjNlZWFmY2UyOGNiODgxOGViZjVjZjgzNzBkYTc4OTZhODlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApLf/8ATE8vIMk0kNI9LQh9IDYBCb
Q3mhB0m7jlaR5KOCtEzcBr03C6Rvo1Ml1NxvVUE6qIH101DmuT6cITNTW3GTKCSb
JI1DPcwaGOb7d8mwhvifGa6iJLrJzm73CKJ+13l/Gew1WHKKEReXhns9LkEX8x7x
1hID3cQ58sGC0kVOYi5kQi2dtuGGuzqo4qLSDPu/iJ9OAQJIDx9+AS+rwWM5rsOS
0+M2aDjrSL3um7MOBmicgViiWyUOIO7tbPJX8BbLLoKMEhYkwje0Um2ozJIOhdNw
QDz0EcBCTdwrFRpMnh7mOxS5pPisKI5ngrufSfV2ICOw+ZpQgDZ2wdFvlQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOoz8+6vzijLiBjr9c+DcNp4lqifMB8GA1UdIwQY
MBaAFCEBtjiNZDX1SZCQU4K0HclnX9SQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVFHMk9JMWtOZlZKa0pCVGdyUWR5V2RmMUpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9jMjA5NWEtM2IzZC00YWM0LTljMzIt
NGRmODkxMjE4OGY3LzEvSVFHMk9JMWtOZlZKa0pCVGdyUWR5V2RmMUpBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9jMjA5NWEtM2IzZC00YWM0LTljMzItNGRmODkxMjE4OGY3
LzEvSVFHMk9JMWtOZlZKa0pCVGdyUWR5V2RmMUpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjB+L0UUX
P/9p/2zaD+yGb6d5uEVWRDOMtv+RLAnfRsTfZXdrlNl5DIbzKxAocb+SdxS9EcrI
DxZ8OPkR6rxUA2Xo+MLVypwKK/NOp/GmLAQmS4CLS5T4zYDcuIZVi5j0CBJ5Dm9y
G33JoZ1JtPnR9bjBkQ+lpsmVOWO98t1i6HuxwTp1g3a/LCB28IeDxZWrET6uKJsD
39oCiRaIiaHewhDObr0MpbQ0O6T4+MKX5FwIrzRwnldDBe5vM77/ZgkQXl3O7Jxk
TUfGJw1CvwM6aSUk32pA+yqE0d3PC0RcTvVtshVP1ojfnOPyNVVfO2q+llEUrDqd
5td23vUVxkEacQ==
-----END CERTIFICATE-----
Generated at Thu Jun 4 16:08:15 2026 by rpki-client