Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/c84cd3-672b-44b2-8ce0-40289479ac05/1/iA2KtqoscvB5dV92zwEgql3dx98.mft
File: iA2KtqoscvB5dV92zwEgql3dx98.mft (raw, json)
Hash identifier: Dt2ojgfrZdVwchTj85Ow4IcSUgEK6XtJy7AA8fcPX1U=
Subject key identifier: 12:B4:5E:61:7D:12:BF:49:B2:BD:13:76:1F:7F:6E:7C:AE:5C:AC:9D
Authority key identifier: 88:0D:8A:B6:AA:2C:72:F0:79:75:5F:76:CF:01:20:AA:5D:DD:C7:DF
Certificate issuer: /CN=880d8ab6aa2c72f079755f76cf0120aa5dddc7df
Certificate serial: 019D9A3DF7A5A97B9B8099F76F747A2242F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iA2KtqoscvB5dV92zwEgql3dx98.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/c84cd3-672b-44b2-8ce0-40289479ac05/1/iA2KtqoscvB5dV92zwEgql3dx98.mft
Manifest number: 10A4
Signing time: Fri 17 Apr 2026 07:00:45 +0000
Manifest this update: Fri 17 Apr 2026 07:00:45 +0000
Manifest next update: Sat 18 Apr 2026 07:00:45 +0000
Files and hashes: 1: iA2KtqoscvB5dV92zwEgql3dx98.crl (hash: ffg5RaXViLYAPeIkSmENOcPsKw2ieDPOklr4GUqxTXA=)
2: tl9JmYqZuc8rnWm5B3tF-CPUxEg.roa (hash: ti/VYS4hognsUWtb/PVfBo1Uhz2rYc5vy7DleprVf/Y=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/c84cd3-672b-44b2-8ce0-40289479ac05/1/iA2KtqoscvB5dV92zwEgql3dx98.crl
rsync://rpki.ripe.net/repository/DEFAULT/f4/c84cd3-672b-44b2-8ce0-40289479ac05/1/iA2KtqoscvB5dV92zwEgql3dx98.mft
rsync://rpki.ripe.net/repository/DEFAULT/iA2KtqoscvB5dV92zwEgql3dx98.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9a:3d:f7:a5:a9:7b:9b:80:99:f7:6f:74:7a:22:42:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=880d8ab6aa2c72f079755f76cf0120aa5dddc7df
Validity
Not Before: Apr 17 07:00:45 2026 GMT
Not After : Apr 18 07:00:45 2026 GMT
Subject: CN=12b45e617d12bf49b2bd13761f7f6e7cae5cac9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:51:1f:7e:f4:e4:71:c4:3e:d7:f6:f8:ad:1e:
0d:fa:fb:ca:47:96:48:bf:ec:c4:1b:fb:eb:b7:0c:
73:99:d4:bf:73:db:e0:d0:64:7f:38:82:09:c9:89:
01:e9:ce:e2:cc:5f:ce:2f:b5:9f:e8:0f:5d:cb:79:
20:54:1a:56:a3:85:c8:6b:80:50:f0:f2:f0:a6:ad:
6e:8b:16:1a:c0:40:1f:8c:15:40:dd:39:37:50:63:
03:4e:ff:ea:68:eb:8a:e4:2b:37:e9:4c:31:b7:f4:
c2:46:46:e8:32:9e:ea:21:3f:b7:6f:11:70:00:ea:
42:09:45:47:03:90:8c:33:e7:35:53:93:cb:86:2b:
bb:80:36:ff:77:20:8c:e6:8f:16:ca:de:d0:a7:da:
e8:a6:1f:c3:96:00:8d:4d:cd:da:06:0a:53:c4:71:
44:c8:bc:5a:2e:ec:3e:41:9a:d8:32:b9:4e:ae:9c:
0a:4f:c1:0c:43:a5:44:1f:48:83:66:21:66:a4:f6:
53:0b:72:d8:d4:fb:17:77:06:9d:0e:a0:f8:76:c5:
7e:d0:d4:12:2a:2f:0a:34:9c:b8:d5:32:0e:9b:d0:
87:b7:6c:97:e9:fc:b5:ad:9f:85:d2:6b:77:3b:ee:
d7:6e:d7:89:93:ba:de:94:22:c8:f2:a3:b4:27:1b:
2f:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:B4:5E:61:7D:12:BF:49:B2:BD:13:76:1F:7F:6E:7C:AE:5C:AC:9D
X509v3 Authority Key Identifier:
keyid:88:0D:8A:B6:AA:2C:72:F0:79:75:5F:76:CF:01:20:AA:5D:DD:C7:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iA2KtqoscvB5dV92zwEgql3dx98.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/c84cd3-672b-44b2-8ce0-40289479ac05/1/iA2KtqoscvB5dV92zwEgql3dx98.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/c84cd3-672b-44b2-8ce0-40289479ac05/1/iA2KtqoscvB5dV92zwEgql3dx98.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1a:d7:79:eb:a5:06:2b:c5:80:1f:62:6f:85:e8:42:75:5e:36:
e8:9d:dd:52:68:a3:94:29:fa:1a:02:ab:95:b1:60:3f:cf:c9:
89:33:0a:ba:cd:79:c9:15:1b:61:52:8e:86:f4:54:f8:3d:08:
ed:24:e9:80:58:bf:56:c5:13:1c:eb:50:ea:bb:11:da:28:d0:
c5:a2:bd:ec:5b:4c:e8:03:49:e4:45:9f:28:2b:57:fe:3d:e6:
cc:62:20:fb:4b:cf:65:82:55:eb:dd:41:60:b8:08:49:97:05:
e3:ba:31:6e:c5:6a:27:fc:48:ab:30:5f:e8:17:62:17:d9:e0:
fa:70:fc:0b:a6:1b:9b:b4:dc:cf:eb:e5:04:ce:8e:a1:cc:c1:
95:d5:c4:8c:cc:41:27:bb:a1:5c:ab:a6:d0:5e:49:91:03:23:
ad:22:ac:d1:c4:ee:8f:5e:c5:ba:fa:bd:44:70:c9:22:bf:88:
08:34:5d:4e:0d:8e:08:b1:fe:12:ed:cb:43:49:54:3c:1d:a4:
85:95:28:cb:ea:43:e9:7a:7b:33:72:08:91:d3:db:d6:8a:3d:
16:28:39:0e:84:0f:99:54:18:4e:d4:d3:52:c3:0b:3b:6c:51:
34:aa:86:26:c8:40:dd:5d:a7:ef:93:1a:e9:9e:50:32:0f:27:
03:01:07:76
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2aPfelqXubgJn3b3R6IkLyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4MGQ4YWI2YWEyYzcyZjA3OTc1NWY3NmNmMDEyMGFhNWRk
ZGM3ZGYwHhcNMjYwNDE3MDcwMDQ1WhcNMjYwNDE4MDcwMDQ1WjAzMTEwLwYDVQQD
EygxMmI0NWU2MTdkMTJiZjQ5YjJiZDEzNzYxZjdmNmU3Y2FlNWNhYzlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA01EffvTkccQ+1/b4rR4N+vvKR5ZI
v+zEG/vrtwxzmdS/c9vg0GR/OIIJyYkB6c7izF/OL7Wf6A9dy3kgVBpWo4XIa4BQ
8PLwpq1uixYawEAfjBVA3Tk3UGMDTv/qaOuK5Cs36Uwxt/TCRkboMp7qIT+3bxFw
AOpCCUVHA5CMM+c1U5PLhiu7gDb/dyCM5o8Wyt7Qp9roph/DlgCNTc3aBgpTxHFE
yLxaLuw+QZrYMrlOrpwKT8EMQ6VEH0iDZiFmpPZTC3LY1PsXdwadDqD4dsV+0NQS
Ki8KNJy41TIOm9CHt2yX6fy1rZ+F0mt3O+7XbteJk7relCLI8qO0Jxsv8QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBK0XmF9Er9Jsr0Tdh9/bnyuXKydMB8GA1UdIwQY
MBaAFIgNiraqLHLweXVfds8BIKpd3cffMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUEyS3Rxb3NjdkI1ZFY5Mnp3RWdxbDNkeDk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC9jODRjZDMtNjcyYi00NGIyLThjZTAt
NDAyODk0NzlhYzA1LzEvaUEyS3Rxb3NjdkI1ZFY5Mnp3RWdxbDNkeDk4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC9jODRjZDMtNjcyYi00NGIyLThjZTAtNDAyODk0NzlhYzA1
LzEvaUEyS3Rxb3NjdkI1ZFY5Mnp3RWdxbDNkeDk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGtd566UG
K8WAH2JvhehCdV426J3dUmijlCn6GgKrlbFgP8/JiTMKus15yRUbYVKOhvRU+D0I
7STpgFi/VsUTHOtQ6rsR2ijQxaK97FtM6ANJ5EWfKCtX/j3mzGIg+0vPZYJV691B
YLgISZcF47oxbsVqJ/xIqzBf6BdiF9ng+nD8C6Ybm7Tcz+vlBM6OoczBldXEjMxB
J7uhXKum0F5JkQMjrSKs0cTuj17Fuvq9RHDJIr+ICDRdTg2OCLH+Eu3LQ0lUPB2k
hZUoy+pD6Xp7M3IIkdPb1oo9Fig5DoQPmVQYTtTTUsMLO2xRNKqGJshA3V2n75Ma
6Z5QMg8nAwEHdg==
-----END CERTIFICATE-----
Generated at Fri Apr 17 14:00:39 2026 by rpki-client