Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/f2dad3-a6e6-4b77-8342-624f4c141f2c/1/IVMOnQni_4w4QTYVWJpfIG5_Pqk.mft
File: IVMOnQni_4w4QTYVWJpfIG5_Pqk.mft (raw, json)
Hash identifier: mwp/1RdLDlVlEfTsDbcFOsjz+COQrU79uTQD8uvMwqU=
Subject key identifier: B7:21:0E:BC:FC:28:68:0B:0E:07:92:04:10:65:03:AD:82:51:3D:BD
Authority key identifier: 21:53:0E:9D:09:E2:FF:8C:38:41:36:15:58:9A:5F:20:6E:7F:3E:A9
Certificate issuer: /CN=21530e9d09e2ff8c38413615589a5f206e7f3ea9
Certificate serial: 019CAA217EADBE2607AA4B796020C1F0F190
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IVMOnQni_4w4QTYVWJpfIG5_Pqk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/f2dad3-a6e6-4b77-8342-624f4c141f2c/1/IVMOnQni_4w4QTYVWJpfIG5_Pqk.mft
Manifest number: 0B40
Signing time: Sun 01 Mar 2026 16:00:47 +0000
Manifest this update: Sun 01 Mar 2026 16:00:47 +0000
Manifest next update: Mon 02 Mar 2026 16:00:47 +0000
Files and hashes: 1: 0zoyQvyQtAcxybJRfWh9GMhsuXU.roa (hash: Nl+JhoxK6phZV0HP8vdC24526xfGx+8fsR9nnmIrPEk=)
2: IVMOnQni_4w4QTYVWJpfIG5_Pqk.crl (hash: gmEzR09o90MBKd1TyhR9CdR0BgNWuUHfJKFSWihVfVI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cf/f2dad3-a6e6-4b77-8342-624f4c141f2c/1/IVMOnQni_4w4QTYVWJpfIG5_Pqk.crl
rsync://rpki.ripe.net/repository/DEFAULT/cf/f2dad3-a6e6-4b77-8342-624f4c141f2c/1/IVMOnQni_4w4QTYVWJpfIG5_Pqk.mft
rsync://rpki.ripe.net/repository/DEFAULT/IVMOnQni_4w4QTYVWJpfIG5_Pqk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 16:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:aa:21:7e:ad:be:26:07:aa:4b:79:60:20:c1:f0:f1:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21530e9d09e2ff8c38413615589a5f206e7f3ea9
Validity
Not Before: Mar 1 16:00:47 2026 GMT
Not After : Mar 2 16:00:47 2026 GMT
Subject: CN=b7210ebcfc28680b0e079204106503ad82513dbd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:36:c5:00:95:9f:ed:ec:9e:f6:8b:27:fd:b8:
83:4b:bb:b8:f9:91:63:a2:ed:67:4e:a4:a8:74:91:
62:fd:da:7d:93:b7:a1:4d:17:ff:a0:fb:ea:ae:47:
75:9d:8f:62:ff:25:67:b5:e5:f3:8e:aa:67:51:59:
20:12:2b:eb:69:3a:a5:22:5f:3f:5c:5a:30:e8:f1:
da:89:f6:b3:e8:89:39:50:a6:b8:59:06:a3:c1:54:
df:0e:25:33:77:2b:6c:05:f2:af:33:50:53:07:2a:
2f:00:37:2c:50:26:3c:7d:a4:ab:36:11:1c:65:80:
1f:53:1c:ea:ae:d2:b5:89:f8:76:67:08:0a:1e:7f:
08:95:01:d9:1d:e3:b0:35:41:03:a4:58:05:4d:39:
17:61:b4:53:5d:d3:8f:ad:ad:5e:2f:63:78:2f:1f:
13:be:2a:e7:b3:59:81:67:44:90:33:f0:a8:ef:71:
39:fb:51:c1:61:2c:4c:d3:87:d3:0e:1c:34:2e:4b:
91:78:e8:c4:36:3c:47:fa:bd:af:d5:5d:e0:06:bd:
16:a8:c0:f1:3d:b3:75:81:d2:86:68:ca:d4:0e:22:
3a:f8:ef:c8:2b:33:d9:66:c9:30:7a:f1:41:69:03:
26:8e:65:fe:1d:36:de:aa:dc:ed:84:c0:4d:55:e7:
84:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:21:0E:BC:FC:28:68:0B:0E:07:92:04:10:65:03:AD:82:51:3D:BD
X509v3 Authority Key Identifier:
keyid:21:53:0E:9D:09:E2:FF:8C:38:41:36:15:58:9A:5F:20:6E:7F:3E:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IVMOnQni_4w4QTYVWJpfIG5_Pqk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/f2dad3-a6e6-4b77-8342-624f4c141f2c/1/IVMOnQni_4w4QTYVWJpfIG5_Pqk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/f2dad3-a6e6-4b77-8342-624f4c141f2c/1/IVMOnQni_4w4QTYVWJpfIG5_Pqk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5c:4f:f7:a3:b7:d2:06:7f:0c:db:fb:61:03:e2:9e:1c:7b:ec:
94:c5:fd:0c:ad:7a:87:97:d8:46:43:01:b1:2d:4a:6d:70:2d:
a9:de:cd:e1:38:06:84:9c:00:5d:10:99:1d:f9:fd:09:8f:02:
d8:66:9f:43:9c:4a:28:da:8c:1b:4d:92:16:5c:5b:e2:0c:38:
95:60:93:1a:ef:92:4a:9a:9c:c1:c3:02:49:4f:8e:22:da:0d:
30:39:95:eb:1c:b5:2e:66:12:c4:c5:2b:a5:dc:6a:51:75:d9:
9e:86:88:d9:1f:42:18:e8:0e:f4:9c:a0:19:3e:82:74:be:23:
65:c8:ef:f4:d5:95:39:eb:5d:e3:4e:ed:40:a4:97:e4:35:52:
a3:0d:92:21:21:3f:d5:f3:da:be:40:bd:a0:01:e6:08:c7:f3:
75:1a:b4:f1:90:dc:df:3e:3a:6a:1e:11:3d:c8:16:1c:10:80:
93:d9:e1:ae:b7:d8:0f:26:84:b1:95:4e:bb:81:71:ac:1d:63:
85:c2:20:28:43:a5:41:c3:61:5e:41:1b:7c:7a:f3:37:e8:b3:
1f:7c:08:79:8e:ce:69:87:ee:2a:bc:ce:5f:66:4d:94:48:bd:
3b:03:e2:b0:08:6d:f4:d1:57:45:06:95:62:ac:7d:4c:46:b5:
72:2b:53:42
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqIX6tviYHqkt5YCDB8PGQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxNTMwZTlkMDllMmZmOGMzODQxMzYxNTU4OWE1ZjIwNmU3
ZjNlYTkwHhcNMjYwMzAxMTYwMDQ3WhcNMjYwMzAyMTYwMDQ3WjAzMTEwLwYDVQQD
EyhiNzIxMGViY2ZjMjg2ODBiMGUwNzkyMDQxMDY1MDNhZDgyNTEzZGJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkTbFAJWf7eye9osn/biDS7u4+ZFj
ou1nTqSodJFi/dp9k7ehTRf/oPvqrkd1nY9i/yVnteXzjqpnUVkgEivraTqlIl8/
XFow6PHaifaz6Ik5UKa4WQajwVTfDiUzdytsBfKvM1BTByovADcsUCY8faSrNhEc
ZYAfUxzqrtK1ifh2ZwgKHn8IlQHZHeOwNUEDpFgFTTkXYbRTXdOPra1eL2N4Lx8T
virns1mBZ0SQM/Co73E5+1HBYSxM04fTDhw0LkuReOjENjxH+r2v1V3gBr0WqMDx
PbN1gdKGaMrUDiI6+O/IKzPZZskwevFBaQMmjmX+HTbeqtzthMBNVeeEQQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLchDrz8KGgLDgeSBBBlA62CUT29MB8GA1UdIwQY
MBaAFCFTDp0J4v+MOEE2FViaXyBufz6pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVZNT25RbmlfNHc0UVRZVldKcGZJRzVfUHFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9mMmRhZDMtYTZlNi00Yjc3LTgzNDIt
NjI0ZjRjMTQxZjJjLzEvSVZNT25RbmlfNHc0UVRZVldKcGZJRzVfUHFrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi9mMmRhZDMtYTZlNi00Yjc3LTgzNDItNjI0ZjRjMTQxZjJj
LzEvSVZNT25RbmlfNHc0UVRZVldKcGZJRzVfUHFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXE/3o7fS
Bn8M2/thA+KeHHvslMX9DK16h5fYRkMBsS1KbXAtqd7N4TgGhJwAXRCZHfn9CY8C
2GafQ5xKKNqMG02SFlxb4gw4lWCTGu+SSpqcwcMCSU+OItoNMDmV6xy1LmYSxMUr
pdxqUXXZnoaI2R9CGOgO9JygGT6CdL4jZcjv9NWVOetd407tQKSX5DVSow2SISE/
1fPavkC9oAHmCMfzdRq08ZDc3z46ah4RPcgWHBCAk9nhrrfYDyaEsZVOu4FxrB1j
hcIgKEOlQcNhXkEbfHrzN+izH3wIeY7OaYfuKrzOX2ZNlEi9OwPisAht9NFXRQaV
Yqx9TEa1citTQg==
-----END CERTIFICATE-----
Generated at Mon Mar 2 02:21:40 2026 by rpki-client