Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/e5b14b-9d5b-4346-8e85-63729fe588a2/1/iQCNpBkicovFvtu9cIhwHFKbme0.mft
File: iQCNpBkicovFvtu9cIhwHFKbme0.mft (raw, json)
Hash identifier: s4hnUN8qSnHrW9kr9hbGGVO4EGL2jTmKybXrTskP3xA=
Subject key identifier: D7:43:53:17:17:3E:21:26:9A:18:A4:77:10:06:71:E4:83:2B:6A:F0
Authority key identifier: 89:00:8D:A4:19:22:72:8B:C5:BE:DB:BD:70:88:70:1C:52:9B:99:ED
Certificate issuer: /CN=89008da41922728bc5bedbbd7088701c529b99ed
Certificate serial: 019D9F6496C256E8E5CB049935E8FC00C542
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iQCNpBkicovFvtu9cIhwHFKbme0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/e5b14b-9d5b-4346-8e85-63729fe588a2/1/iQCNpBkicovFvtu9cIhwHFKbme0.mft
Manifest number: 046C
Signing time: Sat 18 Apr 2026 07:01:02 +0000
Manifest this update: Sat 18 Apr 2026 07:01:02 +0000
Manifest next update: Sun 19 Apr 2026 07:01:02 +0000
Files and hashes: 1: CJHjJvBxO_A1o29RU77bYDobb1Y.asa (hash: OiQ96AcIrfdWv9rYq7YRunMZUUkm1k1hxiflexmUSCE=)
2: ZsGtqMxH4nL8S3-yctBXEQDc62g.roa (hash: +ZsU9QUE73+Gn9nFEGhVwL2RW/GlaE2Pf3U5DjyGOtE=)
3: iQCNpBkicovFvtu9cIhwHFKbme0.crl (hash: XKRdGaSxLyoUTctqDG9WX3PAdE7oXuS6ZW2j4OBd2Wo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/54/e5b14b-9d5b-4346-8e85-63729fe588a2/1/iQCNpBkicovFvtu9cIhwHFKbme0.crl
rsync://rpki.ripe.net/repository/DEFAULT/54/e5b14b-9d5b-4346-8e85-63729fe588a2/1/iQCNpBkicovFvtu9cIhwHFKbme0.mft
rsync://rpki.ripe.net/repository/DEFAULT/iQCNpBkicovFvtu9cIhwHFKbme0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 Apr 2026 07:01:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9f:64:96:c2:56:e8:e5:cb:04:99:35:e8:fc:00:c5:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89008da41922728bc5bedbbd7088701c529b99ed
Validity
Not Before: Apr 18 07:01:02 2026 GMT
Not After : Apr 19 07:01:02 2026 GMT
Subject: CN=d7435317173e21269a18a477100671e4832b6af0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:2b:57:bc:15:a3:ea:f5:3e:cc:81:33:a0:68:
8f:aa:52:b0:24:8d:c6:3c:c6:13:86:51:1e:60:22:
13:c1:97:1f:0d:3d:1b:38:14:42:f1:37:45:17:dc:
bc:4b:df:0b:72:49:21:b2:a7:81:ed:b3:dd:ba:10:
b4:7c:bf:9c:73:96:b9:ab:35:88:7a:c3:e8:04:71:
8e:94:f0:3f:7e:ac:b0:c5:3d:33:73:e1:a2:c8:51:
0f:fe:b3:d0:6d:be:44:9d:bc:9d:5a:7f:9b:b5:57:
7c:9e:ad:97:11:6d:8a:71:ae:1a:7f:77:a4:3a:9e:
f1:ec:9e:52:ab:44:76:d8:c9:f8:18:f9:d7:24:74:
a6:2f:5a:ea:8a:9e:40:7a:85:c9:9e:6c:22:98:24:
ba:31:31:ab:b3:93:cd:97:89:05:78:f1:87:83:61:
5b:46:75:08:0a:29:4b:60:90:0d:05:b4:05:bd:c5:
45:cb:58:28:2d:5f:03:7a:5a:d4:23:e5:f1:f2:23:
e6:55:f8:6f:bb:c6:79:9b:21:7e:cf:68:9f:0d:33:
3e:91:a7:40:2d:53:84:9b:7d:03:f7:9d:ab:82:b4:
07:e0:0d:cc:8c:f3:2e:1f:4d:8b:1f:f6:45:63:c1:
b3:ff:9f:b6:38:c2:10:45:67:f1:05:17:fe:d0:ef:
31:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:43:53:17:17:3E:21:26:9A:18:A4:77:10:06:71:E4:83:2B:6A:F0
X509v3 Authority Key Identifier:
keyid:89:00:8D:A4:19:22:72:8B:C5:BE:DB:BD:70:88:70:1C:52:9B:99:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iQCNpBkicovFvtu9cIhwHFKbme0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/e5b14b-9d5b-4346-8e85-63729fe588a2/1/iQCNpBkicovFvtu9cIhwHFKbme0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/e5b14b-9d5b-4346-8e85-63729fe588a2/1/iQCNpBkicovFvtu9cIhwHFKbme0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
04:0e:91:66:70:03:06:5d:ca:9b:61:b7:71:a4:47:65:9c:66:
b5:a8:67:ea:0b:49:d4:2d:ac:42:a2:5e:4d:37:0a:5f:c3:d6:
d9:4d:ba:ce:96:dc:06:dc:16:74:3a:90:f4:21:38:80:d4:ff:
d5:48:ce:e1:78:5e:f2:4b:e6:15:5c:80:0a:b7:89:be:1e:03:
78:f5:36:0e:1f:32:b7:da:cc:76:45:08:65:ac:cb:65:16:7c:
45:43:bb:d3:62:24:f0:ff:4d:71:27:d7:64:e6:54:83:86:33:
43:10:9c:28:e4:9a:0a:f7:59:36:e4:9c:5d:f3:1b:06:a4:2b:
4a:6f:1c:e2:7b:b3:b3:ce:51:fd:1f:2f:02:07:8b:0d:2b:63:
1b:24:6a:94:41:1e:91:58:60:fd:e9:ab:d8:94:bb:ba:0a:82:
c4:e9:ca:8d:a6:b5:86:0b:92:f9:79:d8:fe:eb:95:4b:ac:1e:
8f:b5:c4:9f:f0:4b:00:c6:0d:25:22:44:f6:d1:e1:c0:0a:71:
5a:25:a4:88:e2:08:47:bf:d4:f9:41:53:2e:ca:3b:9d:20:44:
53:40:d7:24:90:ca:e1:b9:cf:02:2a:55:12:ab:91:ef:d1:ac:
ee:8b:4a:47:2e:a7:6d:13:38:05:b3:31:1c:2e:47:bc:2f:83:
7f:32:b9:f1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2fZJbCVujlywSZNej8AMVCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5MDA4ZGE0MTkyMjcyOGJjNWJlZGJiZDcwODg3MDFjNTI5
Yjk5ZWQwHhcNMjYwNDE4MDcwMTAyWhcNMjYwNDE5MDcwMTAyWjAzMTEwLwYDVQQD
EyhkNzQzNTMxNzE3M2UyMTI2OWExOGE0NzcxMDA2NzFlNDgzMmI2YWYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArStXvBWj6vU+zIEzoGiPqlKwJI3G
PMYThlEeYCITwZcfDT0bOBRC8TdFF9y8S98LckkhsqeB7bPduhC0fL+cc5a5qzWI
esPoBHGOlPA/fqywxT0zc+GiyFEP/rPQbb5EnbydWn+btVd8nq2XEW2Kca4af3ek
Op7x7J5Sq0R22Mn4GPnXJHSmL1rqip5AeoXJnmwimCS6MTGrs5PNl4kFePGHg2Fb
RnUICilLYJANBbQFvcVFy1goLV8DelrUI+Xx8iPmVfhvu8Z5myF+z2ifDTM+kadA
LVOEm30D952rgrQH4A3MjPMuH02LH/ZFY8Gz/5+2OMIQRWfxBRf+0O8xiwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNdDUxcXPiEmmhikdxAGceSDK2rwMB8GA1UdIwQY
MBaAFIkAjaQZInKLxb7bvXCIcBxSm5ntMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVFDTnBCa2ljb3ZGdnR1OWNJaHdIRktibWUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC9lNWIxNGItOWQ1Yi00MzQ2LThlODUt
NjM3MjlmZTU4OGEyLzEvaVFDTnBCa2ljb3ZGdnR1OWNJaHdIRktibWUwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC9lNWIxNGItOWQ1Yi00MzQ2LThlODUtNjM3MjlmZTU4OGEy
LzEvaVFDTnBCa2ljb3ZGdnR1OWNJaHdIRktibWUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABA6RZnAD
Bl3Km2G3caRHZZxmtahn6gtJ1C2sQqJeTTcKX8PW2U26zpbcBtwWdDqQ9CE4gNT/
1UjO4Xhe8kvmFVyACreJvh4DePU2Dh8yt9rMdkUIZazLZRZ8RUO702Ik8P9NcSfX
ZOZUg4YzQxCcKOSaCvdZNuScXfMbBqQrSm8c4nuzs85R/R8vAgeLDStjGyRqlEEe
kVhg/emr2JS7ugqCxOnKjaa1hguS+XnY/uuVS6wej7XEn/BLAMYNJSJE9tHhwApx
WiWkiOIIR7/U+UFTLso7nSBEU0DXJJDK4bnPAipVEquR79Gs7otKRy6nbRM4BbMx
HC5HvC+DfzK58Q==
-----END CERTIFICATE-----
Generated at Sat Apr 18 12:59:11 2026 by rpki-client