Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/dfeb10-9524-41a5-bbd3-0769aa6271e6/1/IKDFQA4CP5P1GOQwBMM7x50vayE.mft
File: IKDFQA4CP5P1GOQwBMM7x50vayE.mft (raw, json)
Hash identifier: MgGPsntwShdbn7vFbNR+1pi9OUVoIphvYS2mIg+eTE8=
Subject key identifier: 46:D0:74:2D:73:CA:64:6E:48:6D:48:37:E7:90:C4:54:81:AB:6D:36
Authority key identifier: 20:A0:C5:40:0E:02:3F:93:F5:18:E4:30:04:C3:3B:C7:9D:2F:6B:21
Certificate issuer: /CN=20a0c5400e023f93f518e43004c33bc79d2f6b21
Certificate serial: 019F122EC6BD0C0C2184694BE1D56E85F9A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IKDFQA4CP5P1GOQwBMM7x50vayE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/dfeb10-9524-41a5-bbd3-0769aa6271e6/1/IKDFQA4CP5P1GOQwBMM7x50vayE.mft
Manifest number: 1989
Signing time: Mon 29 Jun 2026 07:01:23 +0000
Manifest this update: Mon 29 Jun 2026 07:01:23 +0000
Manifest next update: Tue 30 Jun 2026 07:01:23 +0000
Files and hashes: 1: 9Czc8pDz2K4dQ7wCr5MrteuEqPw.asa (hash: cP6vlJtBeLHClXQjIgZNKEs/XJ829Hz7hO1z+cclK6I=)
2: C79YUpU2iklV_OJjs4h8ac-OjrQ.roa (hash: //CGGQm4W2A3kMycLE3Ro2hRaxk4J3N4m94O7KPhors=)
3: IKDFQA4CP5P1GOQwBMM7x50vayE.crl (hash: E4XbqV00eXnHggfiUdMYAflxNTeqQaHJnB618yyNR/4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/dfeb10-9524-41a5-bbd3-0769aa6271e6/1/IKDFQA4CP5P1GOQwBMM7x50vayE.crl
rsync://rpki.ripe.net/repository/DEFAULT/d5/dfeb10-9524-41a5-bbd3-0769aa6271e6/1/IKDFQA4CP5P1GOQwBMM7x50vayE.mft
rsync://rpki.ripe.net/repository/DEFAULT/IKDFQA4CP5P1GOQwBMM7x50vayE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 30 Jun 2026 02:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9f:12:2e:c6:bd:0c:0c:21:84:69:4b:e1:d5:6e:85:f9:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20a0c5400e023f93f518e43004c33bc79d2f6b21
Validity
Not Before: Jun 29 07:01:23 2026 GMT
Not After : Jun 30 07:01:23 2026 GMT
Subject: CN=46d0742d73ca646e486d4837e790c45481ab6d36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:3c:bb:94:19:83:69:f7:a3:45:48:bf:a8:73:
67:5b:15:93:22:ce:32:dc:e9:d8:b7:a6:7d:55:ed:
95:db:e7:fc:1c:41:33:ac:a0:eb:a5:25:ed:4b:c5:
b1:a5:55:21:ce:9d:36:66:1d:2f:64:4e:84:2e:59:
e2:5e:c1:3e:1f:f5:ad:7f:8c:c1:65:57:b6:43:5c:
c8:86:80:df:10:aa:73:fc:66:2b:94:3b:16:65:10:
15:24:af:22:17:bb:1e:bb:38:2a:06:e3:89:da:b5:
37:7f:d3:55:62:ef:1d:42:ef:d5:48:b4:5b:7d:60:
6f:85:c4:1c:de:64:ba:f7:93:35:83:02:96:86:d0:
ab:81:79:e7:cb:7f:66:ab:8e:fc:6f:50:dd:92:aa:
e4:ac:ed:9b:e7:be:90:ee:39:fa:1e:97:b5:92:0f:
02:51:72:64:ff:a2:91:28:bf:e8:64:6d:81:3b:64:
89:bf:b2:1f:26:94:83:96:27:9d:82:23:b9:73:0e:
84:da:1c:34:39:ff:46:b7:b5:b2:9f:46:57:ee:11:
20:ac:2b:82:6a:ad:da:eb:1a:28:f9:4d:7e:5c:52:
2b:25:11:18:09:ba:60:e2:d1:c1:8c:ac:e7:49:8f:
dc:21:4d:cc:0f:c9:45:85:13:75:aa:24:77:49:d7:
86:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:D0:74:2D:73:CA:64:6E:48:6D:48:37:E7:90:C4:54:81:AB:6D:36
X509v3 Authority Key Identifier:
keyid:20:A0:C5:40:0E:02:3F:93:F5:18:E4:30:04:C3:3B:C7:9D:2F:6B:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IKDFQA4CP5P1GOQwBMM7x50vayE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/dfeb10-9524-41a5-bbd3-0769aa6271e6/1/IKDFQA4CP5P1GOQwBMM7x50vayE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/dfeb10-9524-41a5-bbd3-0769aa6271e6/1/IKDFQA4CP5P1GOQwBMM7x50vayE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8b:26:b2:23:14:5d:c4:2e:a3:2b:5b:40:d7:d4:e1:7d:fc:d5:
68:62:db:0c:f6:3d:59:3c:ca:5a:c8:8c:e9:b2:db:1d:7a:4c:
e7:df:40:b2:33:72:49:28:2e:a7:6e:9e:8c:c5:47:0e:e4:2a:
23:00:b3:6a:0c:14:c2:ab:1e:39:22:c1:de:30:20:d8:f7:2f:
be:47:5c:ec:6d:d2:38:fd:07:17:0c:7d:5a:06:83:8b:cf:b1:
24:40:4a:bb:11:c5:ea:35:0b:d3:b8:43:11:20:e6:68:05:ec:
e1:c0:61:2d:31:29:38:79:01:88:bd:af:f1:8f:9f:36:d2:62:
fe:06:2c:42:6a:9d:b6:a8:de:b8:92:8b:14:23:73:da:3b:2a:
44:96:db:c9:e4:4e:b9:22:e9:9f:fa:df:ca:c5:3b:f7:49:be:
f4:f4:d2:43:77:0d:00:78:67:32:8b:04:77:aa:50:31:91:74:
6f:b7:93:11:0c:19:2e:06:ba:27:f3:3c:39:db:68:64:21:7f:
bb:90:db:ea:e3:98:89:7a:0d:53:97:b7:b0:c9:a4:60:49:8d:
13:d0:a2:f3:38:79:59:74:f5:9b:5f:ec:73:fa:71:6b:35:f0:
6b:d6:c4:ac:fa:67:3e:82:8a:e6:aa:ef:e0:1b:de:f5:70:16:
0d:b7:fe:f1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ8SLsa9DAwhhGlL4dVuhfmnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwYTBjNTQwMGUwMjNmOTNmNTE4ZTQzMDA0YzMzYmM3OWQy
ZjZiMjEwHhcNMjYwNjI5MDcwMTIzWhcNMjYwNjMwMDcwMTIzWjAzMTEwLwYDVQQD
Eyg0NmQwNzQyZDczY2E2NDZlNDg2ZDQ4MzdlNzkwYzQ1NDgxYWI2ZDM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvjy7lBmDafejRUi/qHNnWxWTIs4y
3OnYt6Z9Ve2V2+f8HEEzrKDrpSXtS8WxpVUhzp02Zh0vZE6ELlniXsE+H/Wtf4zB
ZVe2Q1zIhoDfEKpz/GYrlDsWZRAVJK8iF7seuzgqBuOJ2rU3f9NVYu8dQu/VSLRb
fWBvhcQc3mS695M1gwKWhtCrgXnny39mq478b1DdkqrkrO2b576Q7jn6Hpe1kg8C
UXJk/6KRKL/oZG2BO2SJv7IfJpSDliedgiO5cw6E2hw0Of9Gt7Wyn0ZX7hEgrCuC
aq3a6xoo+U1+XFIrJREYCbpg4tHBjKznSY/cIU3MD8lFhRN1qiR3SdeGHwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEbQdC1zymRuSG1IN+eQxFSBq202MB8GA1UdIwQY
MBaAFCCgxUAOAj+T9RjkMATDO8edL2shMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUtERlFBNENQNVAxR09Rd0JNTTd4NTB2YXlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9kZmViMTAtOTUyNC00MWE1LWJiZDMt
MDc2OWFhNjI3MWU2LzEvSUtERlFBNENQNVAxR09Rd0JNTTd4NTB2YXlFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9kZmViMTAtOTUyNC00MWE1LWJiZDMtMDc2OWFhNjI3MWU2
LzEvSUtERlFBNENQNVAxR09Rd0JNTTd4NTB2YXlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiyayIxRd
xC6jK1tA19ThffzVaGLbDPY9WTzKWsiM6bLbHXpM599AsjNySSgup26ejMVHDuQq
IwCzagwUwqseOSLB3jAg2Pcvvkdc7G3SOP0HFwx9WgaDi8+xJEBKuxHF6jUL07hD
ESDmaAXs4cBhLTEpOHkBiL2v8Y+fNtJi/gYsQmqdtqjeuJKLFCNz2jsqRJbbyeRO
uSLpn/rfysU790m+9PTSQ3cNAHhnMosEd6pQMZF0b7eTEQwZLga6J/M8OdtoZCF/
u5Db6uOYiXoNU5e3sMmkYEmNE9Ci8zh5WXT1m1/sc/pxazXwa9bErPpnPoKK5qrv
4Bve9XAWDbf+8Q==
-----END CERTIFICATE-----
Generated at Mon Jun 29 11:36:05 2026 by rpki-client