Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/dfeb10-9524-41a5-bbd3-0769aa6271e6/1/IKDFQA4CP5P1GOQwBMM7x50vayE.mft
File: IKDFQA4CP5P1GOQwBMM7x50vayE.mft (raw, json)
Hash identifier: u7QiyHSgF7puNElzu3xDujflKOcuPQUCne/ED4wHL4w=
Subject key identifier: FF:F2:06:11:71:B8:A3:37:F9:E8:CC:C1:62:82:DA:4B:6B:61:D7:BF
Authority key identifier: 20:A0:C5:40:0E:02:3F:93:F5:18:E4:30:04:C3:3B:C7:9D:2F:6B:21
Certificate issuer: /CN=20a0c5400e023f93f518e43004c33bc79d2f6b21
Certificate serial: 019CAB33DD2CFE3B8FA87A28595F47F09D58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IKDFQA4CP5P1GOQwBMM7x50vayE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/dfeb10-9524-41a5-bbd3-0769aa6271e6/1/IKDFQA4CP5P1GOQwBMM7x50vayE.mft
Manifest number: 1847
Signing time: Sun 01 Mar 2026 21:00:28 +0000
Manifest this update: Sun 01 Mar 2026 21:00:28 +0000
Manifest next update: Mon 02 Mar 2026 21:00:28 +0000
Files and hashes: 1: C79YUpU2iklV_OJjs4h8ac-OjrQ.roa (hash: //CGGQm4W2A3kMycLE3Ro2hRaxk4J3N4m94O7KPhors=)
2: IKDFQA4CP5P1GOQwBMM7x50vayE.crl (hash: STEWrM5rlGg6cd1GCToPMHpJ+iH1R2CLb02mO8x7GDw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/dfeb10-9524-41a5-bbd3-0769aa6271e6/1/IKDFQA4CP5P1GOQwBMM7x50vayE.crl
rsync://rpki.ripe.net/repository/DEFAULT/d5/dfeb10-9524-41a5-bbd3-0769aa6271e6/1/IKDFQA4CP5P1GOQwBMM7x50vayE.mft
rsync://rpki.ripe.net/repository/DEFAULT/IKDFQA4CP5P1GOQwBMM7x50vayE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ab:33:dd:2c:fe:3b:8f:a8:7a:28:59:5f:47:f0:9d:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20a0c5400e023f93f518e43004c33bc79d2f6b21
Validity
Not Before: Mar 1 21:00:28 2026 GMT
Not After : Mar 2 21:00:28 2026 GMT
Subject: CN=fff2061171b8a337f9e8ccc16282da4b6b61d7bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:23:d8:d5:a4:f6:12:c2:90:85:81:c5:39:b2:
4e:a8:fa:0d:e6:19:97:9f:0c:20:70:90:57:08:7c:
23:30:06:73:d5:45:00:16:44:56:a0:4c:ce:bd:5a:
40:5f:a7:5c:18:f4:49:7a:6d:34:7c:a3:b2:3e:56:
c6:35:56:7a:b3:55:4e:60:ef:16:04:5e:12:3a:fd:
56:e1:19:d0:f9:38:cf:5f:b6:c6:7a:60:b6:f5:e6:
88:1b:aa:92:ff:9b:ac:f6:9e:1b:ee:d3:f9:13:48:
4c:2f:6c:0f:3c:52:63:8b:83:05:4c:ed:94:7f:74:
94:72:18:89:79:e0:48:1e:a3:c0:ec:20:93:00:4c:
ad:63:e2:5f:2b:6d:1c:ea:28:68:96:47:a3:08:43:
5f:a2:3e:c8:15:67:c9:12:b2:80:e7:f3:14:f4:2d:
38:fc:55:9e:8c:68:7e:91:aa:d7:8c:81:8b:0b:60:
eb:64:31:4b:0d:39:81:ac:01:f9:ae:ab:19:31:b7:
2c:f1:1c:56:f7:ff:d3:5b:06:a8:a5:fb:c7:3f:cc:
9e:4a:67:34:c8:64:2a:ea:ec:c0:7c:aa:f0:9a:d9:
ac:61:90:5f:49:b9:95:0b:3c:98:76:c1:77:92:f7:
ab:e9:4c:78:eb:25:ab:b0:a0:01:0c:62:53:82:6a:
5f:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:F2:06:11:71:B8:A3:37:F9:E8:CC:C1:62:82:DA:4B:6B:61:D7:BF
X509v3 Authority Key Identifier:
keyid:20:A0:C5:40:0E:02:3F:93:F5:18:E4:30:04:C3:3B:C7:9D:2F:6B:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IKDFQA4CP5P1GOQwBMM7x50vayE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/dfeb10-9524-41a5-bbd3-0769aa6271e6/1/IKDFQA4CP5P1GOQwBMM7x50vayE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/dfeb10-9524-41a5-bbd3-0769aa6271e6/1/IKDFQA4CP5P1GOQwBMM7x50vayE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
87:d1:e6:69:14:20:69:20:80:6b:a8:e9:76:53:ce:8c:9c:24:
4e:c5:85:4f:e1:96:6c:47:d8:24:c3:de:49:1e:d4:ee:1a:3a:
91:76:7e:00:59:34:0b:4e:55:50:ce:20:8a:2e:fb:f9:e5:f8:
6a:6b:4c:5d:e7:40:df:c7:7f:8f:80:5d:3b:c7:41:1a:c5:50:
1b:97:3b:77:f3:c2:92:d1:b7:76:ac:ce:51:05:60:13:63:b2:
16:dd:5b:74:54:52:10:d2:6b:8d:e9:b7:3c:83:55:4c:0d:ed:
ac:77:29:ed:c9:0b:1b:bc:5a:8c:98:19:23:89:26:e3:be:00:
36:b1:66:1a:c3:2d:23:e7:4c:3e:ca:a1:b8:d5:bb:98:a2:59:
2d:6c:5c:c1:70:0a:1e:2a:a7:5a:2d:8d:21:eb:d4:55:60:58:
a0:b8:50:4c:51:3d:25:05:be:0c:4c:52:30:7a:6d:e5:e2:22:
9b:a4:7a:87:ad:34:8c:7b:90:f6:27:c6:85:12:50:80:67:91:
89:ac:7c:bd:41:f3:d0:4e:30:fe:09:ce:5a:a7:ba:d3:57:b4:
b2:8d:67:e2:99:e8:e4:df:5a:ce:53:6f:86:0a:0a:01:44:0a:
23:e3:1c:a5:eb:cc:90:dc:36:74:16:b0:ad:1e:89:fc:02:4d:
71:d3:61:2c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyrM90s/juPqHooWV9H8J1YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwYTBjNTQwMGUwMjNmOTNmNTE4ZTQzMDA0YzMzYmM3OWQy
ZjZiMjEwHhcNMjYwMzAxMjEwMDI4WhcNMjYwMzAyMjEwMDI4WjAzMTEwLwYDVQQD
EyhmZmYyMDYxMTcxYjhhMzM3ZjllOGNjYzE2MjgyZGE0YjZiNjFkN2JmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqyPY1aT2EsKQhYHFObJOqPoN5hmX
nwwgcJBXCHwjMAZz1UUAFkRWoEzOvVpAX6dcGPRJem00fKOyPlbGNVZ6s1VOYO8W
BF4SOv1W4RnQ+TjPX7bGemC29eaIG6qS/5us9p4b7tP5E0hML2wPPFJji4MFTO2U
f3SUchiJeeBIHqPA7CCTAEytY+JfK20c6iholkejCENfoj7IFWfJErKA5/MU9C04
/FWejGh+karXjIGLC2DrZDFLDTmBrAH5rqsZMbcs8RxW9//TWwaopfvHP8yeSmc0
yGQq6uzAfKrwmtmsYZBfSbmVCzyYdsF3kver6Ux46yWrsKABDGJTgmpfQwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP/yBhFxuKM3+ejMwWKC2ktrYde/MB8GA1UdIwQY
MBaAFCCgxUAOAj+T9RjkMATDO8edL2shMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUtERlFBNENQNVAxR09Rd0JNTTd4NTB2YXlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9kZmViMTAtOTUyNC00MWE1LWJiZDMt
MDc2OWFhNjI3MWU2LzEvSUtERlFBNENQNVAxR09Rd0JNTTd4NTB2YXlFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9kZmViMTAtOTUyNC00MWE1LWJiZDMtMDc2OWFhNjI3MWU2
LzEvSUtERlFBNENQNVAxR09Rd0JNTTd4NTB2YXlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAh9HmaRQg
aSCAa6jpdlPOjJwkTsWFT+GWbEfYJMPeSR7U7ho6kXZ+AFk0C05VUM4gii77+eX4
amtMXedA38d/j4BdO8dBGsVQG5c7d/PCktG3dqzOUQVgE2OyFt1bdFRSENJrjem3
PINVTA3trHcp7ckLG7xajJgZI4km474ANrFmGsMtI+dMPsqhuNW7mKJZLWxcwXAK
HiqnWi2NIevUVWBYoLhQTFE9JQW+DExSMHpt5eIim6R6h600jHuQ9ifGhRJQgGeR
iax8vUHz0E4w/gnOWqe601e0so1n4pno5N9azlNvhgoKAUQKI+McpevMkNw2dBaw
rR6J/AJNcdNhLA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 02:03:42 2026 by rpki-client