Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/c84cd3-672b-44b2-8ce0-40289479ac05/1/iA2KtqoscvB5dV92zwEgql3dx98.mft
File: iA2KtqoscvB5dV92zwEgql3dx98.mft (raw, json)
Hash identifier: TfTXopRL4VpkzzOePBaQHEI02A3TQ9BSmeX+nCGtt5g=
Subject key identifier: D9:1C:EE:23:18:BF:FC:A4:96:69:38:00:33:F3:AE:2C:37:6E:58:3C
Authority key identifier: 88:0D:8A:B6:AA:2C:72:F0:79:75:5F:76:CF:01:20:AA:5D:DD:C7:DF
Certificate issuer: /CN=880d8ab6aa2c72f079755f76cf0120aa5dddc7df
Certificate serial: 019CE4B5F0CFE008B0EAA99B3E071266DC13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iA2KtqoscvB5dV92zwEgql3dx98.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/c84cd3-672b-44b2-8ce0-40289479ac05/1/iA2KtqoscvB5dV92zwEgql3dx98.mft
Manifest number: 1046
Signing time: Fri 13 Mar 2026 01:00:54 +0000
Manifest this update: Fri 13 Mar 2026 01:00:54 +0000
Manifest next update: Sat 14 Mar 2026 01:00:54 +0000
Files and hashes: 1: iA2KtqoscvB5dV92zwEgql3dx98.crl (hash: TfC84XjlTvsH+y/fCIiNAUNtHN8T//bx3Xdoi3fIO5U=)
2: tl9JmYqZuc8rnWm5B3tF-CPUxEg.roa (hash: ti/VYS4hognsUWtb/PVfBo1Uhz2rYc5vy7DleprVf/Y=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/c84cd3-672b-44b2-8ce0-40289479ac05/1/iA2KtqoscvB5dV92zwEgql3dx98.crl
rsync://rpki.ripe.net/repository/DEFAULT/f4/c84cd3-672b-44b2-8ce0-40289479ac05/1/iA2KtqoscvB5dV92zwEgql3dx98.mft
rsync://rpki.ripe.net/repository/DEFAULT/iA2KtqoscvB5dV92zwEgql3dx98.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 14 Mar 2026 00:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:e4:b5:f0:cf:e0:08:b0:ea:a9:9b:3e:07:12:66:dc:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=880d8ab6aa2c72f079755f76cf0120aa5dddc7df
Validity
Not Before: Mar 13 01:00:54 2026 GMT
Not After : Mar 14 01:00:54 2026 GMT
Subject: CN=d91cee2318bffca49669380033f3ae2c376e583c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:90:40:28:52:2e:fe:0d:d4:11:f1:a5:a1:10:
37:e6:37:c1:f2:61:17:05:83:0c:fe:4d:fd:71:8d:
3c:c3:38:02:a4:58:5b:fa:c6:37:e4:22:84:d6:0b:
60:4d:d1:a9:77:7c:30:3e:0d:68:6a:29:68:f4:b4:
21:fb:f7:80:16:0d:52:fa:c1:63:80:55:65:46:c2:
f8:4c:85:20:a5:ee:2a:33:bb:7d:21:04:62:66:c3:
87:72:ec:a9:ce:7f:fc:1e:62:11:93:22:33:83:4d:
60:f8:3e:bb:7f:46:bf:94:bd:6d:96:56:d0:6d:2a:
93:55:1a:3f:b1:e8:57:d6:bf:21:35:2c:55:58:7e:
18:47:0b:bb:e4:79:d8:0c:b5:44:94:ba:4f:1c:86:
2d:13:81:8f:e5:3e:41:59:ac:a9:41:7d:a6:c9:8c:
47:ea:de:70:cf:ad:f7:dd:57:5b:a8:2e:32:54:20:
bc:d0:6f:ac:b9:73:50:24:7a:27:1e:e5:83:c8:e6:
49:d0:1b:77:38:e4:0f:25:da:b5:c2:e5:ca:fd:1d:
03:b7:36:6a:e9:d6:df:99:eb:ce:db:94:00:15:43:
76:98:24:b2:99:a9:e2:0a:21:06:ac:ce:10:86:96:
54:34:73:56:61:e9:de:f0:20:06:92:05:f1:8b:bb:
68:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:1C:EE:23:18:BF:FC:A4:96:69:38:00:33:F3:AE:2C:37:6E:58:3C
X509v3 Authority Key Identifier:
keyid:88:0D:8A:B6:AA:2C:72:F0:79:75:5F:76:CF:01:20:AA:5D:DD:C7:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iA2KtqoscvB5dV92zwEgql3dx98.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/c84cd3-672b-44b2-8ce0-40289479ac05/1/iA2KtqoscvB5dV92zwEgql3dx98.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/c84cd3-672b-44b2-8ce0-40289479ac05/1/iA2KtqoscvB5dV92zwEgql3dx98.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
61:21:7d:30:53:42:cb:df:3f:f5:d4:3b:ae:e4:9b:8e:99:ad:
f7:0e:22:da:39:7f:bd:df:d8:5a:60:3a:0b:3c:e8:62:be:62:
9b:16:b5:1c:22:80:95:b0:bf:ec:26:d8:62:2e:85:84:ae:0b:
f4:4b:d3:e9:d3:d8:2d:e3:4c:8f:94:a2:91:8c:d4:74:f5:2d:
59:d0:e4:54:d8:07:6f:b5:c1:c9:e7:e3:cc:5a:a9:96:9c:90:
e2:42:7e:21:41:4f:76:8c:7e:01:63:17:23:d9:94:d9:b3:6f:
9e:21:55:85:07:eb:23:56:b9:e2:e4:5f:18:1d:d2:01:e1:98:
46:88:52:53:3a:76:b1:ad:b1:d8:ca:96:c6:42:d8:5b:72:17:
68:5c:db:a9:88:04:fb:a6:74:2c:dd:b9:e9:4a:97:cf:1c:6e:
d5:7c:be:34:47:5f:5f:cf:fb:f6:7c:2a:1a:a5:b5:b9:5a:44:
12:d8:43:36:3b:e1:1e:be:cf:e1:c8:07:bc:23:e8:e6:71:57:
40:3d:cb:83:48:5e:a2:49:cd:0e:8c:97:f9:f5:60:31:b4:5b:
a9:80:05:6b:5b:a3:5e:df:c3:42:36:d0:07:01:56:23:f1:20:
6e:52:b4:5f:45:87:f9:44:f6:d1:07:8b:b4:2a:ef:7e:4e:12:
ad:00:33:e3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZzktfDP4Aiw6qmbPgcSZtwTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4MGQ4YWI2YWEyYzcyZjA3OTc1NWY3NmNmMDEyMGFhNWRk
ZGM3ZGYwHhcNMjYwMzEzMDEwMDU0WhcNMjYwMzE0MDEwMDU0WjAzMTEwLwYDVQQD
EyhkOTFjZWUyMzE4YmZmY2E0OTY2OTM4MDAzM2YzYWUyYzM3NmU1ODNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7ZBAKFIu/g3UEfGloRA35jfB8mEX
BYMM/k39cY08wzgCpFhb+sY35CKE1gtgTdGpd3wwPg1oailo9LQh+/eAFg1S+sFj
gFVlRsL4TIUgpe4qM7t9IQRiZsOHcuypzn/8HmIRkyIzg01g+D67f0a/lL1tllbQ
bSqTVRo/sehX1r8hNSxVWH4YRwu75HnYDLVElLpPHIYtE4GP5T5BWaypQX2myYxH
6t5wz6333VdbqC4yVCC80G+suXNQJHonHuWDyOZJ0Bt3OOQPJdq1wuXK/R0DtzZq
6dbfmevO25QAFUN2mCSymaniCiEGrM4QhpZUNHNWYene8CAGkgXxi7toawIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNkc7iMYv/yklmk4ADPzriw3blg8MB8GA1UdIwQY
MBaAFIgNiraqLHLweXVfds8BIKpd3cffMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUEyS3Rxb3NjdkI1ZFY5Mnp3RWdxbDNkeDk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC9jODRjZDMtNjcyYi00NGIyLThjZTAt
NDAyODk0NzlhYzA1LzEvaUEyS3Rxb3NjdkI1ZFY5Mnp3RWdxbDNkeDk4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC9jODRjZDMtNjcyYi00NGIyLThjZTAtNDAyODk0NzlhYzA1
LzEvaUEyS3Rxb3NjdkI1ZFY5Mnp3RWdxbDNkeDk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYSF9MFNC
y98/9dQ7ruSbjpmt9w4i2jl/vd/YWmA6CzzoYr5imxa1HCKAlbC/7CbYYi6FhK4L
9EvT6dPYLeNMj5SikYzUdPUtWdDkVNgHb7XByefjzFqplpyQ4kJ+IUFPdox+AWMX
I9mU2bNvniFVhQfrI1a54uRfGB3SAeGYRohSUzp2sa2x2MqWxkLYW3IXaFzbqYgE
+6Z0LN256UqXzxxu1Xy+NEdfX8/79nwqGqW1uVpEEthDNjvhHr7P4cgHvCPo5nFX
QD3Lg0heoknNDoyX+fVgMbRbqYAFa1ujXt/DQjbQBwFWI/EgblK0X0WH+UT20QeL
tCrvfk4SrQAz4w==
-----END CERTIFICATE-----
Generated at Fri Mar 13 07:25:51 2026 by rpki-client