Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/30cdbe-11e1-44ca-b654-029e63f0889a/1/iwPcp2MZkDFS8kbgXAaf0aHbXFk.mft
File: iwPcp2MZkDFS8kbgXAaf0aHbXFk.mft (raw, json)
Hash identifier: ZwFIzBKVZy2nnpVh2EU7p0s4+pIVOI/A4RIseXraVek=
Subject key identifier: C3:95:32:D1:06:D0:78:EE:91:E2:29:C6:FE:F2:14:56:F8:5A:9D:46
Authority key identifier: 8B:03:DC:A7:63:19:90:31:52:F2:46:E0:5C:06:9F:D1:A1:DB:5C:59
Certificate issuer: /CN=8b03dca76319903152f246e05c069fd1a1db5c59
Certificate serial: 019D984F95CBEFB1C7A5F474D21BB0B2835B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iwPcp2MZkDFS8kbgXAaf0aHbXFk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/30cdbe-11e1-44ca-b654-029e63f0889a/1/iwPcp2MZkDFS8kbgXAaf0aHbXFk.mft
Manifest number: 09CC
Signing time: Thu 16 Apr 2026 22:00:45 +0000
Manifest this update: Thu 16 Apr 2026 22:00:45 +0000
Manifest next update: Fri 17 Apr 2026 22:00:45 +0000
Files and hashes: 1: iwPcp2MZkDFS8kbgXAaf0aHbXFk.crl (hash: ujLygoDrmWuVQjaZdRh3ijaS5TWsMRXBMsiuqpwxknw=)
2: rTrNf2BtsL1vlw_R__r7UKcCZJk.roa (hash: lQAxfhbBIAhm99xgTizcCxmFSvD0y0yK3pththJkeEg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d7/30cdbe-11e1-44ca-b654-029e63f0889a/1/iwPcp2MZkDFS8kbgXAaf0aHbXFk.crl
rsync://rpki.ripe.net/repository/DEFAULT/d7/30cdbe-11e1-44ca-b654-029e63f0889a/1/iwPcp2MZkDFS8kbgXAaf0aHbXFk.mft
rsync://rpki.ripe.net/repository/DEFAULT/iwPcp2MZkDFS8kbgXAaf0aHbXFk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:98:4f:95:cb:ef:b1:c7:a5:f4:74:d2:1b:b0:b2:83:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b03dca76319903152f246e05c069fd1a1db5c59
Validity
Not Before: Apr 16 22:00:45 2026 GMT
Not After : Apr 17 22:00:45 2026 GMT
Subject: CN=c39532d106d078ee91e229c6fef21456f85a9d46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:83:8b:a5:25:39:bf:02:57:f2:50:36:c1:98:
02:00:6c:96:b4:51:52:d5:99:6a:36:36:80:34:82:
d2:ee:a3:05:4c:c2:42:5f:d9:6d:41:d5:84:d7:f1:
77:c8:81:8a:b6:2f:5e:f1:56:1c:b5:70:e4:67:84:
95:f8:60:f5:f7:f3:d8:c1:33:9a:62:94:b6:3f:0d:
4e:8d:47:dd:73:b6:ae:57:b7:f9:1a:2d:91:3f:bc:
b5:0a:bd:9f:e6:17:cb:9f:24:0f:71:1b:2a:0f:40:
24:40:dd:e4:92:71:23:41:d2:ee:3a:17:96:ae:5a:
8a:13:0e:73:6a:7d:f8:24:1f:75:85:af:b4:90:0f:
96:6f:80:6a:19:3a:cb:60:82:31:43:c3:84:e8:c8:
c6:7e:d3:35:45:9f:c3:78:fb:80:0a:b8:a6:53:30:
84:bf:78:27:1b:52:1c:ea:d2:46:ab:5e:5f:85:8e:
92:ba:cb:d2:2a:88:3a:44:75:1d:fc:b2:0b:29:9b:
76:0c:a0:3e:01:0a:52:e7:16:41:d0:ed:58:01:c1:
f9:c9:d0:99:8b:b0:19:bd:e1:4e:0c:87:4c:52:3d:
1b:00:af:d1:c0:7e:b0:3b:77:d0:eb:4a:12:f8:11:
65:fa:1a:fd:e6:5b:0d:46:34:2d:8c:bc:13:ba:f4:
7d:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:95:32:D1:06:D0:78:EE:91:E2:29:C6:FE:F2:14:56:F8:5A:9D:46
X509v3 Authority Key Identifier:
keyid:8B:03:DC:A7:63:19:90:31:52:F2:46:E0:5C:06:9F:D1:A1:DB:5C:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iwPcp2MZkDFS8kbgXAaf0aHbXFk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/30cdbe-11e1-44ca-b654-029e63f0889a/1/iwPcp2MZkDFS8kbgXAaf0aHbXFk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/30cdbe-11e1-44ca-b654-029e63f0889a/1/iwPcp2MZkDFS8kbgXAaf0aHbXFk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
19:8e:9e:88:53:d1:af:94:54:1f:5f:7c:da:6d:63:12:cc:bc:
c7:e7:b8:04:35:95:ae:eb:3d:25:c9:43:88:fd:21:ae:22:35:
22:f0:e4:85:2a:c6:b6:3e:99:bb:ae:55:5b:8e:30:67:62:cc:
87:d7:63:37:b9:23:62:c6:02:e0:77:41:5f:e8:20:52:dc:2a:
33:5c:da:f4:da:45:eb:52:b3:9e:cb:fb:c7:ae:3c:8c:9e:64:
a2:31:af:5e:6f:f2:95:ec:12:d4:12:33:3e:f1:c5:5d:e9:bf:
04:d7:9a:c9:6d:d3:4a:2b:88:ce:fb:50:4b:c0:36:d5:fe:60:
45:7c:5b:ea:b6:61:3a:59:e5:cd:e3:f5:59:15:cb:c4:1a:11:
c6:97:52:14:70:aa:f3:ab:bb:05:e4:66:d2:b0:9a:b4:a5:82:
4a:ca:eb:a2:5a:fd:f2:8f:9a:f7:fc:f8:31:30:6f:71:28:f6:
3a:fc:8e:10:8f:c8:d1:bb:d6:e3:7b:26:35:bb:8b:73:a9:ca:
1a:d3:9e:5e:79:a4:17:39:e8:a2:4c:6b:ec:89:ad:72:98:48:
4d:0e:7a:81:af:33:b1:72:08:6a:28:38:1b:d1:3d:4d:f2:47:
14:99:d4:43:df:a0:c8:17:d6:53:59:4f:2d:3e:17:70:ee:fd:
55:e8:6f:e5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2YT5XL77HHpfR00huwsoNbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiMDNkY2E3NjMxOTkwMzE1MmYyNDZlMDVjMDY5ZmQxYTFk
YjVjNTkwHhcNMjYwNDE2MjIwMDQ1WhcNMjYwNDE3MjIwMDQ1WjAzMTEwLwYDVQQD
EyhjMzk1MzJkMTA2ZDA3OGVlOTFlMjI5YzZmZWYyMTQ1NmY4NWE5ZDQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3oOLpSU5vwJX8lA2wZgCAGyWtFFS
1ZlqNjaANILS7qMFTMJCX9ltQdWE1/F3yIGKti9e8VYctXDkZ4SV+GD19/PYwTOa
YpS2Pw1OjUfdc7auV7f5Gi2RP7y1Cr2f5hfLnyQPcRsqD0AkQN3kknEjQdLuOheW
rlqKEw5zan34JB91ha+0kA+Wb4BqGTrLYIIxQ8OE6MjGftM1RZ/DePuACrimUzCE
v3gnG1Ic6tJGq15fhY6SusvSKog6RHUd/LILKZt2DKA+AQpS5xZB0O1YAcH5ydCZ
i7AZveFODIdMUj0bAK/RwH6wO3fQ60oS+BFl+hr95lsNRjQtjLwTuvR9ZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMOVMtEG0HjukeIpxv7yFFb4Wp1GMB8GA1UdIwQY
MBaAFIsD3KdjGZAxUvJG4FwGn9Gh21xZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXdQY3AyTVprREZTOGtiZ1hBYWYwYUhiWEZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy8zMGNkYmUtMTFlMS00NGNhLWI2NTQt
MDI5ZTYzZjA4ODlhLzEvaXdQY3AyTVprREZTOGtiZ1hBYWYwYUhiWEZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy8zMGNkYmUtMTFlMS00NGNhLWI2NTQtMDI5ZTYzZjA4ODlh
LzEvaXdQY3AyTVprREZTOGtiZ1hBYWYwYUhiWEZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGY6eiFPR
r5RUH1982m1jEsy8x+e4BDWVrus9JclDiP0hriI1IvDkhSrGtj6Zu65VW44wZ2LM
h9djN7kjYsYC4HdBX+ggUtwqM1za9NpF61Kznsv7x648jJ5kojGvXm/ylewS1BIz
PvHFXem/BNeayW3TSiuIzvtQS8A21f5gRXxb6rZhOlnlzeP1WRXLxBoRxpdSFHCq
86u7BeRm0rCatKWCSsrrolr98o+a9/z4MTBvcSj2OvyOEI/I0bvW43smNbuLc6nK
GtOeXnmkFznookxr7ImtcphITQ56ga8zsXIIaig4G9E9TfJHFJnUQ9+gyBfWU1lP
LT4XcO79Vehv5Q==
-----END CERTIFICATE-----
Generated at Fri Apr 17 07:57:33 2026 by rpki-client