Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/c84cd3-672b-44b2-8ce0-40289479ac05/1/iA2KtqoscvB5dV92zwEgql3dx98.mft
File: iA2KtqoscvB5dV92zwEgql3dx98.mft (raw, json)
Hash identifier: yZxDA9g+iMIWEVInxB9GY6PuLYi0zQ+PopzMReMsC4A=
Subject key identifier: 2A:94:F6:D2:42:3E:69:2D:F0:4B:F8:BC:CA:82:44:E7:1B:06:D5:DE
Authority key identifier: 88:0D:8A:B6:AA:2C:72:F0:79:75:5F:76:CF:01:20:AA:5D:DD:C7:DF
Certificate issuer: /CN=880d8ab6aa2c72f079755f76cf0120aa5dddc7df
Certificate serial: 019DCC7403C56DAAE2E7C5193A355E30FC2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iA2KtqoscvB5dV92zwEgql3dx98.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/c84cd3-672b-44b2-8ce0-40289479ac05/1/iA2KtqoscvB5dV92zwEgql3dx98.mft
Manifest number: 10BE
Signing time: Mon 27 Apr 2026 01:00:48 +0000
Manifest this update: Mon 27 Apr 2026 01:00:48 +0000
Manifest next update: Tue 28 Apr 2026 01:00:48 +0000
Files and hashes: 1: iA2KtqoscvB5dV92zwEgql3dx98.crl (hash: A3U75k4Bq3FA720o+efDB74UmmNXL/o6VQrAH1YnXck=)
2: tl9JmYqZuc8rnWm5B3tF-CPUxEg.roa (hash: ti/VYS4hognsUWtb/PVfBo1Uhz2rYc5vy7DleprVf/Y=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/c84cd3-672b-44b2-8ce0-40289479ac05/1/iA2KtqoscvB5dV92zwEgql3dx98.crl
rsync://rpki.ripe.net/repository/DEFAULT/f4/c84cd3-672b-44b2-8ce0-40289479ac05/1/iA2KtqoscvB5dV92zwEgql3dx98.mft
rsync://rpki.ripe.net/repository/DEFAULT/iA2KtqoscvB5dV92zwEgql3dx98.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Apr 2026 01:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:cc:74:03:c5:6d:aa:e2:e7:c5:19:3a:35:5e:30:fc:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=880d8ab6aa2c72f079755f76cf0120aa5dddc7df
Validity
Not Before: Apr 27 01:00:48 2026 GMT
Not After : Apr 28 01:00:48 2026 GMT
Subject: CN=2a94f6d2423e692df04bf8bcca8244e71b06d5de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:2d:b7:f4:5b:88:da:29:24:ed:45:d8:ed:db:
9e:cb:f0:06:22:a3:2a:f0:b6:7f:4e:5e:b1:f1:76:
a8:a8:5c:bb:cd:f7:49:da:1d:19:15:e7:dd:35:bf:
74:fd:3c:3e:59:32:51:07:23:68:df:51:9e:1b:ca:
50:01:6c:4d:ce:9b:e9:7b:18:52:f6:cb:4c:b7:fa:
a0:e4:f6:cf:0a:07:47:9b:90:1e:66:78:85:c7:c9:
46:8b:c9:49:81:51:ea:7e:e2:08:1f:bb:aa:e9:5b:
b0:b9:96:34:8b:bf:85:5b:31:1e:a5:36:81:5f:ae:
22:57:c7:c7:d3:d8:6f:02:0c:40:2a:69:49:2d:94:
be:43:e2:48:26:fb:ea:a4:33:cc:6b:f4:ff:f2:00:
fd:14:f8:ad:e8:e3:98:12:b3:6a:46:8d:1e:b0:3c:
21:83:03:7a:4b:86:1a:fc:03:12:f4:43:2d:dd:a9:
f9:25:6a:da:60:f0:a1:0e:7e:3c:a7:ec:ad:c4:60:
d2:78:af:20:e1:de:87:e3:10:ac:04:94:9b:15:78:
11:85:f5:e9:4d:3a:35:bf:41:22:ae:ae:86:ce:14:
74:27:b8:2a:5a:71:c8:51:39:bf:16:6e:49:b2:60:
fd:97:44:c9:0e:43:75:04:a6:b0:e4:58:20:28:b0:
e4:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:94:F6:D2:42:3E:69:2D:F0:4B:F8:BC:CA:82:44:E7:1B:06:D5:DE
X509v3 Authority Key Identifier:
keyid:88:0D:8A:B6:AA:2C:72:F0:79:75:5F:76:CF:01:20:AA:5D:DD:C7:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iA2KtqoscvB5dV92zwEgql3dx98.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/c84cd3-672b-44b2-8ce0-40289479ac05/1/iA2KtqoscvB5dV92zwEgql3dx98.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/c84cd3-672b-44b2-8ce0-40289479ac05/1/iA2KtqoscvB5dV92zwEgql3dx98.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
19:9a:f7:5d:ae:2f:44:78:64:ae:d5:34:7a:92:86:af:11:14:
c0:06:67:8c:16:05:05:da:10:09:82:a4:4a:71:f3:51:3b:f3:
3d:31:89:c9:12:6f:d3:52:a2:95:22:15:05:c1:2e:a0:a6:c7:
c6:e9:a2:8c:35:8e:7c:7f:85:34:d2:1d:f4:ed:6f:26:dd:eb:
0c:34:b9:5e:dd:c9:24:53:23:3f:06:3e:3d:95:0d:7d:cf:07:
37:b2:22:40:8d:7c:41:78:d1:f0:5c:7b:99:56:8a:8f:31:8f:
c1:c4:e1:82:72:4c:97:8a:33:94:92:17:63:d5:bf:91:3a:2b:
48:96:32:87:0e:c5:d0:b9:06:8f:e8:f4:e5:9b:fd:98:75:ec:
e1:dd:59:88:a7:d8:55:3c:69:59:ff:e3:7d:e5:aa:ff:69:87:
1a:7a:92:61:8f:f8:b6:f8:75:3f:7f:65:d4:bf:8e:b4:ca:56:
a1:f1:1a:8d:a0:17:f0:fb:37:d1:e2:47:93:60:3f:d4:e9:41:
69:fd:11:e6:d6:78:47:9f:c6:7c:6c:e2:50:87:e6:ed:81:78:
40:02:9b:de:60:a8:cd:7c:62:e3:bd:48:2f:56:31:1e:d1:e0:
74:7d:59:02:79:10:58:bf:a2:3b:b4:ea:b2:0a:88:a8:e7:69:
4c:5e:43:81
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ3MdAPFbari58UZOjVeMPwrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4MGQ4YWI2YWEyYzcyZjA3OTc1NWY3NmNmMDEyMGFhNWRk
ZGM3ZGYwHhcNMjYwNDI3MDEwMDQ4WhcNMjYwNDI4MDEwMDQ4WjAzMTEwLwYDVQQD
EygyYTk0ZjZkMjQyM2U2OTJkZjA0YmY4YmNjYTgyNDRlNzFiMDZkNWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1y239FuI2ikk7UXY7duey/AGIqMq
8LZ/Tl6x8XaoqFy7zfdJ2h0ZFefdNb90/Tw+WTJRByNo31GeG8pQAWxNzpvpexhS
9stMt/qg5PbPCgdHm5AeZniFx8lGi8lJgVHqfuIIH7uq6VuwuZY0i7+FWzEepTaB
X64iV8fH09hvAgxAKmlJLZS+Q+JIJvvqpDPMa/T/8gD9FPit6OOYErNqRo0esDwh
gwN6S4Ya/AMS9EMt3an5JWraYPChDn48p+ytxGDSeK8g4d6H4xCsBJSbFXgRhfXp
TTo1v0Eirq6GzhR0J7gqWnHIUTm/Fm5JsmD9l0TJDkN1BKaw5FggKLDkbwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCqU9tJCPmkt8Ev4vMqCROcbBtXeMB8GA1UdIwQY
MBaAFIgNiraqLHLweXVfds8BIKpd3cffMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUEyS3Rxb3NjdkI1ZFY5Mnp3RWdxbDNkeDk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC9jODRjZDMtNjcyYi00NGIyLThjZTAt
NDAyODk0NzlhYzA1LzEvaUEyS3Rxb3NjdkI1ZFY5Mnp3RWdxbDNkeDk4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC9jODRjZDMtNjcyYi00NGIyLThjZTAtNDAyODk0NzlhYzA1
LzEvaUEyS3Rxb3NjdkI1ZFY5Mnp3RWdxbDNkeDk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGZr3Xa4v
RHhkrtU0epKGrxEUwAZnjBYFBdoQCYKkSnHzUTvzPTGJyRJv01KilSIVBcEuoKbH
xumijDWOfH+FNNId9O1vJt3rDDS5Xt3JJFMjPwY+PZUNfc8HN7IiQI18QXjR8Fx7
mVaKjzGPwcThgnJMl4ozlJIXY9W/kTorSJYyhw7F0LkGj+j05Zv9mHXs4d1ZiKfY
VTxpWf/jfeWq/2mHGnqSYY/4tvh1P39l1L+OtMpWofEajaAX8Ps30eJHk2A/1OlB
af0R5tZ4R5/GfGziUIfm7YF4QAKb3mCozXxi471IL1YxHtHgdH1ZAnkQWL+iO7Tq
sgqIqOdpTF5DgQ==
-----END CERTIFICATE-----
Generated at Mon Apr 27 11:19:44 2026 by rpki-client