Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/dfeb10-9524-41a5-bbd3-0769aa6271e6/1/IKDFQA4CP5P1GOQwBMM7x50vayE.mft
File: IKDFQA4CP5P1GOQwBMM7x50vayE.mft (raw, json)
Hash identifier: VHfJRk7A6bgvBhMECQsjFow2P28a8siiFjcMEyP4slU=
Subject key identifier: E8:AF:0D:07:5C:A0:68:69:93:A1:71:11:A8:5F:99:5C:C0:39:55:61
Authority key identifier: 20:A0:C5:40:0E:02:3F:93:F5:18:E4:30:04:C3:3B:C7:9D:2F:6B:21
Certificate issuer: /CN=20a0c5400e023f93f518e43004c33bc79d2f6b21
Certificate serial: 019D9AAC32A792543A06C2A05DEFBAAC8CE4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IKDFQA4CP5P1GOQwBMM7x50vayE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/dfeb10-9524-41a5-bbd3-0769aa6271e6/1/IKDFQA4CP5P1GOQwBMM7x50vayE.mft
Manifest number: 18C3
Signing time: Fri 17 Apr 2026 09:01:09 +0000
Manifest this update: Fri 17 Apr 2026 09:01:09 +0000
Manifest next update: Sat 18 Apr 2026 09:01:09 +0000
Files and hashes: 1: C79YUpU2iklV_OJjs4h8ac-OjrQ.roa (hash: //CGGQm4W2A3kMycLE3Ro2hRaxk4J3N4m94O7KPhors=)
2: IKDFQA4CP5P1GOQwBMM7x50vayE.crl (hash: 7PEdv4GHYn4gvBcoj0WMezUJqkX2XNq68C8OjIbVMlU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/dfeb10-9524-41a5-bbd3-0769aa6271e6/1/IKDFQA4CP5P1GOQwBMM7x50vayE.crl
rsync://rpki.ripe.net/repository/DEFAULT/d5/dfeb10-9524-41a5-bbd3-0769aa6271e6/1/IKDFQA4CP5P1GOQwBMM7x50vayE.mft
rsync://rpki.ripe.net/repository/DEFAULT/IKDFQA4CP5P1GOQwBMM7x50vayE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9a:ac:32:a7:92:54:3a:06:c2:a0:5d:ef:ba:ac:8c:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20a0c5400e023f93f518e43004c33bc79d2f6b21
Validity
Not Before: Apr 17 09:01:09 2026 GMT
Not After : Apr 18 09:01:09 2026 GMT
Subject: CN=e8af0d075ca0686993a17111a85f995cc0395561
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:0f:a8:dc:ca:11:3f:67:a7:4a:1a:f8:29:6b:
58:71:e9:f0:03:af:df:26:01:e0:28:39:3a:72:d6:
85:b5:f2:8d:5f:46:8a:5f:85:c7:79:5a:67:37:fe:
5b:40:10:0b:6d:26:f9:3a:f3:ad:b7:cb:a1:04:39:
ad:08:92:40:fb:06:8a:99:4e:17:a6:21:96:10:41:
63:6b:04:dd:da:99:77:1a:bb:2e:9f:6a:43:d2:85:
ec:77:83:e5:ce:5d:b4:d7:09:b6:ea:94:7d:40:cc:
da:f1:33:c0:f8:ec:46:31:f0:14:45:99:12:b2:84:
55:f2:21:38:f0:1f:f1:ff:50:60:ce:1a:fd:2c:7e:
3c:59:30:a4:3e:52:c0:8d:1e:d9:60:5a:18:34:56:
ff:a7:16:91:8e:6b:35:44:57:0a:92:ac:27:b2:20:
86:24:12:66:2d:59:ca:6b:8c:03:68:94:dd:82:67:
c9:99:09:e9:a7:72:ff:0d:d2:7c:84:2f:f2:6f:82:
5b:02:e6:dd:a4:fe:93:77:4f:53:f4:c7:28:5d:94:
ec:d1:e9:25:cd:fd:29:d8:da:58:18:2b:78:34:9e:
9e:32:13:c9:82:9e:89:2c:bb:e2:0b:4a:41:53:87:
5f:85:47:ef:c5:3d:c8:2d:bc:f7:19:f9:ca:54:02:
c8:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:AF:0D:07:5C:A0:68:69:93:A1:71:11:A8:5F:99:5C:C0:39:55:61
X509v3 Authority Key Identifier:
keyid:20:A0:C5:40:0E:02:3F:93:F5:18:E4:30:04:C3:3B:C7:9D:2F:6B:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IKDFQA4CP5P1GOQwBMM7x50vayE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/dfeb10-9524-41a5-bbd3-0769aa6271e6/1/IKDFQA4CP5P1GOQwBMM7x50vayE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/dfeb10-9524-41a5-bbd3-0769aa6271e6/1/IKDFQA4CP5P1GOQwBMM7x50vayE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
d3:37:55:72:e3:ff:17:13:63:73:d9:d1:0d:66:ef:49:9c:2d:
2a:5c:03:71:c8:00:bb:05:85:2a:c9:5c:29:ca:84:d0:d5:b5:
53:86:d8:9d:b7:f3:90:0d:8c:5c:79:55:1d:58:b9:39:58:1c:
1a:28:39:2a:a8:7a:eb:8f:c8:33:83:3a:ff:f3:7f:41:37:48:
1c:97:79:f9:de:b4:98:53:c6:5a:8f:eb:20:ff:33:68:2b:49:
36:27:8a:8c:e3:81:b1:6f:e3:ed:f8:22:12:f7:8c:d0:0c:d8:
97:32:d6:6f:f7:82:a5:8e:e7:18:c7:04:09:1e:21:ab:b4:f2:
33:d6:1d:b6:fe:af:fb:be:dd:99:14:ee:60:77:c1:e2:e8:74:
f7:e2:8b:4d:e3:13:6c:3b:24:fe:87:f8:13:88:10:4a:89:2c:
3a:f8:17:90:86:b6:f5:48:88:dd:8e:9f:2a:b0:ee:00:68:e8:
c1:03:38:ce:3a:d9:bf:2b:ad:2d:8f:24:9a:5a:34:49:67:78:
2e:76:6f:34:4c:e4:4b:16:b5:fd:64:1d:bc:bf:d8:88:4d:c2:
47:48:ce:f0:ff:5e:02:1b:d9:d0:05:6f:e7:c4:2b:71:85:9d:
2b:d8:d3:b6:04:12:e8:ca:06:63:50:79:81:78:ba:ef:63:b9:
9f:72:01:50
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2arDKnklQ6BsKgXe+6rIzkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwYTBjNTQwMGUwMjNmOTNmNTE4ZTQzMDA0YzMzYmM3OWQy
ZjZiMjEwHhcNMjYwNDE3MDkwMTA5WhcNMjYwNDE4MDkwMTA5WjAzMTEwLwYDVQQD
EyhlOGFmMGQwNzVjYTA2ODY5OTNhMTcxMTFhODVmOTk1Y2MwMzk1NTYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxw+o3MoRP2enShr4KWtYcenwA6/f
JgHgKDk6ctaFtfKNX0aKX4XHeVpnN/5bQBALbSb5OvOtt8uhBDmtCJJA+waKmU4X
piGWEEFjawTd2pl3Grsun2pD0oXsd4Plzl201wm26pR9QMza8TPA+OxGMfAURZkS
soRV8iE48B/x/1Bgzhr9LH48WTCkPlLAjR7ZYFoYNFb/pxaRjms1RFcKkqwnsiCG
JBJmLVnKa4wDaJTdgmfJmQnpp3L/DdJ8hC/yb4JbAubdpP6Td09T9McoXZTs0ekl
zf0p2NpYGCt4NJ6eMhPJgp6JLLviC0pBU4dfhUfvxT3ILbz3GfnKVALIVwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOivDQdcoGhpk6FxEahfmVzAOVVhMB8GA1UdIwQY
MBaAFCCgxUAOAj+T9RjkMATDO8edL2shMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUtERlFBNENQNVAxR09Rd0JNTTd4NTB2YXlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9kZmViMTAtOTUyNC00MWE1LWJiZDMt
MDc2OWFhNjI3MWU2LzEvSUtERlFBNENQNVAxR09Rd0JNTTd4NTB2YXlFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9kZmViMTAtOTUyNC00MWE1LWJiZDMtMDc2OWFhNjI3MWU2
LzEvSUtERlFBNENQNVAxR09Rd0JNTTd4NTB2YXlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA0zdVcuP/
FxNjc9nRDWbvSZwtKlwDccgAuwWFKslcKcqE0NW1U4bYnbfzkA2MXHlVHVi5OVgc
Gig5Kqh664/IM4M6//N/QTdIHJd5+d60mFPGWo/rIP8zaCtJNieKjOOBsW/j7fgi
EveM0AzYlzLWb/eCpY7nGMcECR4hq7TyM9Ydtv6v+77dmRTuYHfB4uh09+KLTeMT
bDsk/of4E4gQSoksOvgXkIa29UiI3Y6fKrDuAGjowQM4zjrZvyutLY8kmlo0SWd4
LnZvNEzkSxa1/WQdvL/YiE3CR0jO8P9eAhvZ0AVv58QrcYWdK9jTtgQS6MoGY1B5
gXi672O5n3IBUA==
-----END CERTIFICATE-----
Generated at Fri Apr 17 13:49:47 2026 by rpki-client