Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/dfeb10-9524-41a5-bbd3-0769aa6271e6/1/IKDFQA4CP5P1GOQwBMM7x50vayE.mft
File: IKDFQA4CP5P1GOQwBMM7x50vayE.mft (raw, json)
Hash identifier: 3927Svb/rYEbAoD1wqneC3yNr86MfmCAPnUEWXqMUIE=
Subject key identifier: 12:E8:1F:54:BA:FB:8A:AF:B0:EC:67:94:E4:23:AA:72:1F:9A:7C:59
Authority key identifier: 20:A0:C5:40:0E:02:3F:93:F5:18:E4:30:04:C3:3B:C7:9D:2F:6B:21
Certificate issuer: /CN=20a0c5400e023f93f518e43004c33bc79d2f6b21
Certificate serial: 019D382DED5E512E4706934A7F44CA2FCB36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IKDFQA4CP5P1GOQwBMM7x50vayE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/dfeb10-9524-41a5-bbd3-0769aa6271e6/1/IKDFQA4CP5P1GOQwBMM7x50vayE.mft
Manifest number: 1890
Signing time: Sun 29 Mar 2026 06:00:27 +0000
Manifest this update: Sun 29 Mar 2026 06:00:27 +0000
Manifest next update: Mon 30 Mar 2026 06:00:27 +0000
Files and hashes: 1: C79YUpU2iklV_OJjs4h8ac-OjrQ.roa (hash: //CGGQm4W2A3kMycLE3Ro2hRaxk4J3N4m94O7KPhors=)
2: IKDFQA4CP5P1GOQwBMM7x50vayE.crl (hash: bZMYw6R16lPIAJRplXkanVEWc85gPfrtZ7rRMmeWeeU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/dfeb10-9524-41a5-bbd3-0769aa6271e6/1/IKDFQA4CP5P1GOQwBMM7x50vayE.crl
rsync://rpki.ripe.net/repository/DEFAULT/d5/dfeb10-9524-41a5-bbd3-0769aa6271e6/1/IKDFQA4CP5P1GOQwBMM7x50vayE.mft
rsync://rpki.ripe.net/repository/DEFAULT/IKDFQA4CP5P1GOQwBMM7x50vayE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 06:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:2d:ed:5e:51:2e:47:06:93:4a:7f:44:ca:2f:cb:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20a0c5400e023f93f518e43004c33bc79d2f6b21
Validity
Not Before: Mar 29 06:00:27 2026 GMT
Not After : Mar 30 06:00:27 2026 GMT
Subject: CN=12e81f54bafb8aafb0ec6794e423aa721f9a7c59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:49:c2:b0:fa:13:c3:af:d7:5b:89:39:e2:75:
29:2e:a9:8a:13:09:88:58:c1:9c:02:10:bf:16:6f:
1c:b1:ec:98:cc:ce:21:ec:83:e9:c6:f8:a4:28:80:
76:d8:42:a3:db:13:80:a2:0b:dd:6c:bb:87:4e:7f:
63:c5:f8:9c:94:40:f8:81:9b:a2:e5:d1:a2:6d:2d:
a1:67:f6:e1:b7:32:f4:59:b6:9c:bd:69:66:28:5a:
ed:fd:64:5a:e6:07:26:80:f0:7a:40:53:89:d4:e0:
5e:45:24:b3:fc:f7:b8:f6:a8:99:25:4d:14:7c:fa:
59:ba:ef:8c:1b:ad:e1:6f:a2:e4:4b:cc:00:89:29:
55:41:d2:d2:d8:3a:d9:0b:3d:b7:2a:b2:15:03:db:
6a:88:cf:d4:09:e2:3e:0a:60:80:e5:b7:b6:62:fd:
22:21:54:2a:56:cd:77:8a:8a:87:83:84:d7:ff:cb:
ab:47:1e:4d:e5:05:4f:40:84:3c:d1:be:0f:87:8e:
29:7c:9a:56:03:1a:17:15:6d:42:a0:51:13:70:ed:
9e:7a:6d:a9:7c:a2:82:a8:10:81:e3:a7:63:0b:b1:
83:a2:21:a1:30:9a:a9:1e:98:41:20:00:3e:bb:bc:
2a:5f:8a:20:7e:25:f3:b3:d6:50:b3:04:db:a1:07:
e7:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:E8:1F:54:BA:FB:8A:AF:B0:EC:67:94:E4:23:AA:72:1F:9A:7C:59
X509v3 Authority Key Identifier:
keyid:20:A0:C5:40:0E:02:3F:93:F5:18:E4:30:04:C3:3B:C7:9D:2F:6B:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IKDFQA4CP5P1GOQwBMM7x50vayE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/dfeb10-9524-41a5-bbd3-0769aa6271e6/1/IKDFQA4CP5P1GOQwBMM7x50vayE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/dfeb10-9524-41a5-bbd3-0769aa6271e6/1/IKDFQA4CP5P1GOQwBMM7x50vayE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5b:06:d9:61:d3:22:dc:79:96:4e:23:97:38:24:9b:31:74:bd:
fb:c8:99:19:4b:3f:b5:e1:99:f9:52:dd:6d:89:7c:af:7d:46:
b7:66:35:94:0a:63:2d:d0:66:fe:53:37:9a:a8:74:38:9a:f1:
f1:78:be:ed:40:39:3d:d2:6f:e0:b3:0f:79:5a:ba:c5:43:30:
b5:07:8b:91:cb:a0:ac:51:7f:7a:92:a0:f9:c7:4c:15:5a:ab:
70:4e:03:46:60:4c:db:6a:ee:d5:8b:ec:a0:82:f6:75:e4:03:
e5:5c:18:90:43:a4:78:c7:50:39:bb:71:11:32:aa:61:f7:d4:
71:2c:31:e1:ea:05:9f:25:1a:64:e2:78:d5:7d:7d:59:73:84:
53:ed:7c:a6:ee:79:a7:ce:5e:f9:10:1e:61:8a:ca:c7:53:70:
a9:18:7c:00:75:4d:98:fb:88:b3:c8:31:3b:0d:b6:93:29:97:
7a:07:8b:cc:a6:a1:e7:92:84:80:a7:aa:62:c4:8a:46:ff:a4:
8e:8b:53:7c:0b:37:2c:e8:5e:9d:74:3e:48:59:c9:ba:9e:71:
9a:2d:1b:e0:fb:c6:b8:87:38:94:2d:39:61:c3:79:32:ff:b3:
38:f1:19:19:6c:67:ed:95:33:69:37:2f:01:a3:4f:d0:da:33:
7c:4d:ba:a2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04Le1eUS5HBpNKf0TKL8s2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwYTBjNTQwMGUwMjNmOTNmNTE4ZTQzMDA0YzMzYmM3OWQy
ZjZiMjEwHhcNMjYwMzI5MDYwMDI3WhcNMjYwMzMwMDYwMDI3WjAzMTEwLwYDVQQD
EygxMmU4MWY1NGJhZmI4YWFmYjBlYzY3OTRlNDIzYWE3MjFmOWE3YzU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvEnCsPoTw6/XW4k54nUpLqmKEwmI
WMGcAhC/Fm8cseyYzM4h7IPpxvikKIB22EKj2xOAogvdbLuHTn9jxficlED4gZui
5dGibS2hZ/bhtzL0WbacvWlmKFrt/WRa5gcmgPB6QFOJ1OBeRSSz/Pe49qiZJU0U
fPpZuu+MG63hb6LkS8wAiSlVQdLS2DrZCz23KrIVA9tqiM/UCeI+CmCA5be2Yv0i
IVQqVs13ioqHg4TX/8urRx5N5QVPQIQ80b4Ph44pfJpWAxoXFW1CoFETcO2eem2p
fKKCqBCB46djC7GDoiGhMJqpHphBIAA+u7wqX4ogfiXzs9ZQswTboQfnLQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBLoH1S6+4qvsOxnlOQjqnIfmnxZMB8GA1UdIwQY
MBaAFCCgxUAOAj+T9RjkMATDO8edL2shMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUtERlFBNENQNVAxR09Rd0JNTTd4NTB2YXlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9kZmViMTAtOTUyNC00MWE1LWJiZDMt
MDc2OWFhNjI3MWU2LzEvSUtERlFBNENQNVAxR09Rd0JNTTd4NTB2YXlFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9kZmViMTAtOTUyNC00MWE1LWJiZDMtMDc2OWFhNjI3MWU2
LzEvSUtERlFBNENQNVAxR09Rd0JNTTd4NTB2YXlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWwbZYdMi
3HmWTiOXOCSbMXS9+8iZGUs/teGZ+VLdbYl8r31Gt2Y1lApjLdBm/lM3mqh0OJrx
8Xi+7UA5PdJv4LMPeVq6xUMwtQeLkcugrFF/epKg+cdMFVqrcE4DRmBM22ru1Yvs
oIL2deQD5VwYkEOkeMdQObtxETKqYffUcSwx4eoFnyUaZOJ41X19WXOEU+18pu55
p85e+RAeYYrKx1NwqRh8AHVNmPuIs8gxOw22kymXegeLzKah55KEgKeqYsSKRv+k
jotTfAs3LOhenXQ+SFnJup5xmi0b4PvGuIc4lC05YcN5Mv+zOPEZGWxn7ZUzaTcv
AaNP0NozfE26og==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:17:45 2026 by rpki-client