Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/e5b14b-9d5b-4346-8e85-63729fe588a2/1/iQCNpBkicovFvtu9cIhwHFKbme0.mft
File: iQCNpBkicovFvtu9cIhwHFKbme0.mft (raw, json)
Hash identifier: NnLzI9kgINDVygCm9BFIp3eNiE6BDMmGeWx4hKZdCRA=
Subject key identifier: C9:82:A4:E7:50:D3:A2:6F:35:93:08:CD:08:24:5A:6F:3B:3A:8E:95
Authority key identifier: 89:00:8D:A4:19:22:72:8B:C5:BE:DB:BD:70:88:70:1C:52:9B:99:ED
Certificate issuer: /CN=89008da41922728bc5bedbbd7088701c529b99ed
Certificate serial: 019CA8336B70880A6787D6692EA8D003A789
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iQCNpBkicovFvtu9cIhwHFKbme0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/e5b14b-9d5b-4346-8e85-63729fe588a2/1/iQCNpBkicovFvtu9cIhwHFKbme0.mft
Manifest number: 03EC
Signing time: Sun 01 Mar 2026 07:01:07 +0000
Manifest this update: Sun 01 Mar 2026 07:01:07 +0000
Manifest next update: Mon 02 Mar 2026 07:01:07 +0000
Files and hashes: 1: CJHjJvBxO_A1o29RU77bYDobb1Y.asa (hash: OiQ96AcIrfdWv9rYq7YRunMZUUkm1k1hxiflexmUSCE=)
2: ZsGtqMxH4nL8S3-yctBXEQDc62g.roa (hash: +ZsU9QUE73+Gn9nFEGhVwL2RW/GlaE2Pf3U5DjyGOtE=)
3: iQCNpBkicovFvtu9cIhwHFKbme0.crl (hash: VpA98cgGZKcypV3homR6OzAbQF5oXn2NlThZq8kgh5M=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/54/e5b14b-9d5b-4346-8e85-63729fe588a2/1/iQCNpBkicovFvtu9cIhwHFKbme0.crl
rsync://rpki.ripe.net/repository/DEFAULT/54/e5b14b-9d5b-4346-8e85-63729fe588a2/1/iQCNpBkicovFvtu9cIhwHFKbme0.mft
rsync://rpki.ripe.net/repository/DEFAULT/iQCNpBkicovFvtu9cIhwHFKbme0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 06:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:a8:33:6b:70:88:0a:67:87:d6:69:2e:a8:d0:03:a7:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89008da41922728bc5bedbbd7088701c529b99ed
Validity
Not Before: Mar 1 07:01:07 2026 GMT
Not After : Mar 2 07:01:07 2026 GMT
Subject: CN=c982a4e750d3a26f359308cd08245a6f3b3a8e95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:62:14:83:00:1c:f5:e4:7d:b7:62:0b:f2:57:
75:0c:db:4e:bf:6d:64:5e:21:70:63:c1:9f:99:c7:
2c:d4:ba:fd:31:02:1c:96:6a:7d:45:1c:82:5c:58:
5c:64:99:35:77:0c:33:d0:87:7a:c8:3e:c5:d2:b1:
65:c9:50:16:63:c7:85:5a:62:1c:7f:ed:22:fc:94:
99:7b:c1:8f:88:d8:b5:df:9a:b7:99:c5:bc:e8:ea:
a1:c6:9b:35:e5:a4:56:eb:a8:39:2e:6b:62:14:cf:
69:23:7f:27:0f:de:e6:10:bd:20:97:24:be:d5:e3:
15:d8:98:e2:34:66:96:ea:c3:d6:d5:41:8a:1d:37:
5f:65:81:d9:d3:48:14:9a:b0:56:fa:c1:73:db:4a:
c1:66:ab:f8:73:4a:16:6f:8c:ef:ef:ad:48:4a:25:
73:d6:c4:dd:16:07:fa:c8:44:7e:5a:32:25:5c:c6:
ef:20:de:67:9b:ba:16:01:bb:60:a1:f3:91:19:eb:
c4:59:38:0b:6c:01:e8:d2:bb:af:ef:0a:db:91:80:
0b:1d:41:af:21:b3:bf:0c:f2:42:60:47:41:3b:5f:
b1:2d:7c:2a:ab:76:ac:e3:5e:a9:89:0d:89:7c:25:
1b:89:d7:15:69:42:17:09:44:4f:a5:54:a2:f1:4f:
74:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:82:A4:E7:50:D3:A2:6F:35:93:08:CD:08:24:5A:6F:3B:3A:8E:95
X509v3 Authority Key Identifier:
keyid:89:00:8D:A4:19:22:72:8B:C5:BE:DB:BD:70:88:70:1C:52:9B:99:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iQCNpBkicovFvtu9cIhwHFKbme0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/e5b14b-9d5b-4346-8e85-63729fe588a2/1/iQCNpBkicovFvtu9cIhwHFKbme0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/e5b14b-9d5b-4346-8e85-63729fe588a2/1/iQCNpBkicovFvtu9cIhwHFKbme0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
53:63:19:56:a9:d3:c5:02:34:6b:a1:a7:cd:2e:9f:6b:49:f7:
ee:26:fe:55:99:56:bd:25:76:8b:20:70:43:eb:73:0f:bb:72:
4e:ce:7d:2c:e6:c0:0a:57:82:d1:8f:5f:65:bf:ed:dc:c3:57:
0f:83:1d:22:8b:45:f0:c8:48:38:ca:82:d5:a5:c5:de:d5:4d:
d3:cc:fe:80:e1:5a:3d:b1:b9:07:28:79:c7:0e:d7:0a:bc:64:
6f:bb:8b:8d:58:d9:e9:59:f0:f9:34:50:24:d0:c1:d2:fe:cd:
01:43:94:e3:73:20:9d:ee:51:eb:a5:71:92:de:c3:4b:78:17:
c8:0a:6b:b9:1c:21:a0:b7:2b:e9:92:63:5f:91:55:a1:a9:90:
80:6f:e4:14:7e:3a:98:81:b0:1f:03:ce:1f:3a:e2:ae:36:61:
1d:79:6c:c6:ca:a2:5b:b8:bc:ef:c9:67:41:cd:5b:f7:ce:aa:
34:47:b5:e0:58:ad:dd:69:f3:91:f9:9d:fc:5f:d7:4c:b5:d1:
35:64:c1:dd:9e:3d:9f:58:c6:b1:0b:40:c5:07:36:c8:54:ff:
ee:16:0c:25:f9:c9:6b:36:fb:0c:18:f4:98:81:f4:5a:31:31:
34:2d:ad:79:fd:8e:54:e2:f1:98:5a:ba:20:b0:6b:35:fd:16:
5e:87:dc:60
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyoM2twiApnh9ZpLqjQA6eJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5MDA4ZGE0MTkyMjcyOGJjNWJlZGJiZDcwODg3MDFjNTI5
Yjk5ZWQwHhcNMjYwMzAxMDcwMTA3WhcNMjYwMzAyMDcwMTA3WjAzMTEwLwYDVQQD
EyhjOTgyYTRlNzUwZDNhMjZmMzU5MzA4Y2QwODI0NWE2ZjNiM2E4ZTk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArGIUgwAc9eR9t2IL8ld1DNtOv21k
XiFwY8Gfmccs1Lr9MQIclmp9RRyCXFhcZJk1dwwz0Id6yD7F0rFlyVAWY8eFWmIc
f+0i/JSZe8GPiNi135q3mcW86Oqhxps15aRW66g5LmtiFM9pI38nD97mEL0glyS+
1eMV2JjiNGaW6sPW1UGKHTdfZYHZ00gUmrBW+sFz20rBZqv4c0oWb4zv761ISiVz
1sTdFgf6yER+WjIlXMbvIN5nm7oWAbtgofORGevEWTgLbAHo0ruv7wrbkYALHUGv
IbO/DPJCYEdBO1+xLXwqq3as416piQ2JfCUbidcVaUIXCURPpVSi8U902QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMmCpOdQ06JvNZMIzQgkWm87Oo6VMB8GA1UdIwQY
MBaAFIkAjaQZInKLxb7bvXCIcBxSm5ntMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVFDTnBCa2ljb3ZGdnR1OWNJaHdIRktibWUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC9lNWIxNGItOWQ1Yi00MzQ2LThlODUt
NjM3MjlmZTU4OGEyLzEvaVFDTnBCa2ljb3ZGdnR1OWNJaHdIRktibWUwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC9lNWIxNGItOWQ1Yi00MzQ2LThlODUtNjM3MjlmZTU4OGEy
LzEvaVFDTnBCa2ljb3ZGdnR1OWNJaHdIRktibWUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAU2MZVqnT
xQI0a6GnzS6fa0n37ib+VZlWvSV2iyBwQ+tzD7tyTs59LObACleC0Y9fZb/t3MNX
D4MdIotF8MhIOMqC1aXF3tVN08z+gOFaPbG5Byh5xw7XCrxkb7uLjVjZ6Vnw+TRQ
JNDB0v7NAUOU43Mgne5R66Vxkt7DS3gXyApruRwhoLcr6ZJjX5FVoamQgG/kFH46
mIGwHwPOHzrirjZhHXlsxsqiW7i878lnQc1b986qNEe14Fit3Wnzkfmd/F/XTLXR
NWTB3Z49n1jGsQtAxQc2yFT/7hYMJfnJazb7DBj0mIH0WjExNC2tef2OVOLxmFq6
ILBrNf0WXofcYA==
-----END CERTIFICATE-----
Generated at Sun Mar 1 16:29:35 2026 by rpki-client