Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/dfeb10-9524-41a5-bbd3-0769aa6271e6/1/IKDFQA4CP5P1GOQwBMM7x50vayE.mft
File: IKDFQA4CP5P1GOQwBMM7x50vayE.mft (raw, json)
Hash identifier: 2FvohJ1U4BgyRkRspSz1kwWtF4d9IsKK17Q9yTRuZ+c=
Subject key identifier: B1:D3:B1:EC:36:02:5B:8F:73:01:54:CA:DD:15:5F:A8:41:64:91:34
Authority key identifier: 20:A0:C5:40:0E:02:3F:93:F5:18:E4:30:04:C3:3B:C7:9D:2F:6B:21
Certificate issuer: /CN=20a0c5400e023f93f518e43004c33bc79d2f6b21
Certificate serial: 019E2881D3E251A1843F9D1F3F18D1AA54CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IKDFQA4CP5P1GOQwBMM7x50vayE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/dfeb10-9524-41a5-bbd3-0769aa6271e6/1/IKDFQA4CP5P1GOQwBMM7x50vayE.mft
Manifest number: 1910
Signing time: Thu 14 May 2026 22:00:57 +0000
Manifest this update: Thu 14 May 2026 22:00:57 +0000
Manifest next update: Fri 15 May 2026 22:00:57 +0000
Files and hashes: 1: 9Czc8pDz2K4dQ7wCr5MrteuEqPw.asa (hash: cP6vlJtBeLHClXQjIgZNKEs/XJ829Hz7hO1z+cclK6I=)
2: C79YUpU2iklV_OJjs4h8ac-OjrQ.roa (hash: //CGGQm4W2A3kMycLE3Ro2hRaxk4J3N4m94O7KPhors=)
3: IKDFQA4CP5P1GOQwBMM7x50vayE.crl (hash: UrVGLe6O+Jlwd1uceH935nBqTMEOBxiG9B01xUYXI3w=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/dfeb10-9524-41a5-bbd3-0769aa6271e6/1/IKDFQA4CP5P1GOQwBMM7x50vayE.crl
rsync://rpki.ripe.net/repository/DEFAULT/d5/dfeb10-9524-41a5-bbd3-0769aa6271e6/1/IKDFQA4CP5P1GOQwBMM7x50vayE.mft
rsync://rpki.ripe.net/repository/DEFAULT/IKDFQA4CP5P1GOQwBMM7x50vayE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 15 May 2026 22:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:28:81:d3:e2:51:a1:84:3f:9d:1f:3f:18:d1:aa:54:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20a0c5400e023f93f518e43004c33bc79d2f6b21
Validity
Not Before: May 14 22:00:57 2026 GMT
Not After : May 15 22:00:57 2026 GMT
Subject: CN=b1d3b1ec36025b8f730154cadd155fa841649134
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:64:4d:55:e8:ea:0f:f3:3a:4b:79:25:3f:dd:
7a:13:28:8a:f8:d5:24:3d:ae:cf:20:e9:76:e8:ee:
5c:d9:84:40:a2:43:ca:29:fe:07:51:51:27:cf:75:
47:d9:04:1f:3b:14:f6:94:c5:88:fc:23:04:17:10:
9e:a8:d6:9f:bd:8c:8f:88:b0:9f:0f:62:70:8a:ed:
f8:5e:8b:02:c1:95:ce:08:e7:b6:9f:66:42:62:a3:
d1:04:f5:c4:36:cc:dd:4a:fd:f4:12:1a:95:2c:b5:
9f:98:6c:f3:dc:27:6f:80:70:78:9c:d3:fd:c6:ee:
2f:54:c2:ce:cb:0e:00:36:ba:71:f1:80:a9:14:86:
d3:1d:16:d4:e2:00:a0:8b:99:6c:6d:be:5b:d5:c0:
d9:ad:df:1f:60:93:95:3c:b6:7b:85:84:26:ed:77:
a5:2d:aa:b9:8a:f4:ac:b3:47:55:5f:61:cc:32:8a:
9f:61:4d:06:f2:96:90:5e:77:9f:19:40:5c:ce:f5:
c2:7d:6f:21:22:86:aa:d0:21:27:34:71:31:ea:5a:
b6:59:53:32:5b:67:e3:c0:92:f1:54:a2:46:c4:b9:
20:68:9f:e8:d1:f3:44:38:d9:5d:1e:70:1a:92:60:
65:13:46:38:ff:dd:4d:58:84:81:26:b1:a5:84:90:
62:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:D3:B1:EC:36:02:5B:8F:73:01:54:CA:DD:15:5F:A8:41:64:91:34
X509v3 Authority Key Identifier:
keyid:20:A0:C5:40:0E:02:3F:93:F5:18:E4:30:04:C3:3B:C7:9D:2F:6B:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IKDFQA4CP5P1GOQwBMM7x50vayE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/dfeb10-9524-41a5-bbd3-0769aa6271e6/1/IKDFQA4CP5P1GOQwBMM7x50vayE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/dfeb10-9524-41a5-bbd3-0769aa6271e6/1/IKDFQA4CP5P1GOQwBMM7x50vayE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a4:9f:4a:3b:58:7c:9d:c7:48:73:43:26:ae:e0:78:07:24:1d:
78:bc:48:1e:1c:33:66:f8:ea:7a:d0:0b:20:67:07:4f:08:ba:
0e:d6:83:cf:f6:87:63:ea:0a:3f:d1:06:a9:c1:95:75:f9:95:
34:1b:d7:88:ad:e8:9f:74:6e:65:dc:56:ed:08:79:ad:df:90:
9a:4d:ce:c9:b1:e7:af:c9:65:12:88:99:4e:e1:22:65:20:20:
c5:cb:5b:8b:71:6c:29:51:e0:13:8d:52:b7:c3:a1:05:f5:4d:
0a:a3:d7:f0:b4:9f:41:9d:e7:38:b6:1e:58:af:47:f8:bf:ab:
20:19:65:07:f5:94:15:64:89:95:ad:f0:99:de:35:b2:c1:fb:
5e:53:ac:19:b3:2c:e3:57:81:01:0c:f6:7d:2c:d3:bd:54:ce:
83:3f:6e:dc:77:57:b7:48:6c:17:f5:57:c7:f3:29:06:44:7a:
ce:8e:02:e5:c2:55:d9:fc:1b:b4:09:13:14:25:77:3d:79:b5:
f7:f7:03:fc:95:1d:29:b4:3c:4f:1c:0c:d2:2c:08:63:7e:c1:
aa:a1:db:25:46:4a:03:e0:2a:f3:53:1a:9a:77:5e:d6:58:a2:
e9:6c:4a:e4:d5:86:f0:e3:dd:35:8a:f3:11:a0:87:05:c0:ca:
66:ec:38:db
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4ogdPiUaGEP50fPxjRqlTPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwYTBjNTQwMGUwMjNmOTNmNTE4ZTQzMDA0YzMzYmM3OWQy
ZjZiMjEwHhcNMjYwNTE0MjIwMDU3WhcNMjYwNTE1MjIwMDU3WjAzMTEwLwYDVQQD
EyhiMWQzYjFlYzM2MDI1YjhmNzMwMTU0Y2FkZDE1NWZhODQxNjQ5MTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoWRNVejqD/M6S3klP916EyiK+NUk
Pa7PIOl26O5c2YRAokPKKf4HUVEnz3VH2QQfOxT2lMWI/CMEFxCeqNafvYyPiLCf
D2Jwiu34XosCwZXOCOe2n2ZCYqPRBPXENszdSv30EhqVLLWfmGzz3CdvgHB4nNP9
xu4vVMLOyw4ANrpx8YCpFIbTHRbU4gCgi5lsbb5b1cDZrd8fYJOVPLZ7hYQm7Xel
Laq5ivSss0dVX2HMMoqfYU0G8paQXnefGUBczvXCfW8hIoaq0CEnNHEx6lq2WVMy
W2fjwJLxVKJGxLkgaJ/o0fNEONldHnAakmBlE0Y4/91NWISBJrGlhJBiVQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLHTsew2AluPcwFUyt0VX6hBZJE0MB8GA1UdIwQY
MBaAFCCgxUAOAj+T9RjkMATDO8edL2shMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUtERlFBNENQNVAxR09Rd0JNTTd4NTB2YXlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9kZmViMTAtOTUyNC00MWE1LWJiZDMt
MDc2OWFhNjI3MWU2LzEvSUtERlFBNENQNVAxR09Rd0JNTTd4NTB2YXlFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9kZmViMTAtOTUyNC00MWE1LWJiZDMtMDc2OWFhNjI3MWU2
LzEvSUtERlFBNENQNVAxR09Rd0JNTTd4NTB2YXlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApJ9KO1h8
ncdIc0MmruB4ByQdeLxIHhwzZvjqetALIGcHTwi6DtaDz/aHY+oKP9EGqcGVdfmV
NBvXiK3on3RuZdxW7Qh5rd+Qmk3OybHnr8llEoiZTuEiZSAgxctbi3FsKVHgE41S
t8OhBfVNCqPX8LSfQZ3nOLYeWK9H+L+rIBllB/WUFWSJla3wmd41ssH7XlOsGbMs
41eBAQz2fSzTvVTOgz9u3HdXt0hsF/VXx/MpBkR6zo4C5cJV2fwbtAkTFCV3PXm1
9/cD/JUdKbQ8TxwM0iwIY37BqqHbJUZKA+Aq81Mamnde1lii6WxK5NWG8OPdNYrz
EaCHBcDKZuw42w==
-----END CERTIFICATE-----
Generated at Fri May 15 07:37:25 2026 by rpki-client