Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/c84cd3-672b-44b2-8ce0-40289479ac05/1/iA2KtqoscvB5dV92zwEgql3dx98.mft
File: iA2KtqoscvB5dV92zwEgql3dx98.mft (raw, json)
Hash identifier: 8L/MwY9/dBGmjvm/esGrVkg2s7zr9NfWEcwvQWJdOQo=
Subject key identifier: 5C:F3:09:59:23:C9:E6:4F:6C:DE:7B:DF:6A:0E:D2:C2:97:A8:5C:A9
Authority key identifier: 88:0D:8A:B6:AA:2C:72:F0:79:75:5F:76:CF:01:20:AA:5D:DD:C7:DF
Certificate issuer: /CN=880d8ab6aa2c72f079755f76cf0120aa5dddc7df
Certificate serial: 019CAAC6586FA422011E262D3D9A0DD8D186
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iA2KtqoscvB5dV92zwEgql3dx98.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/c84cd3-672b-44b2-8ce0-40289479ac05/1/iA2KtqoscvB5dV92zwEgql3dx98.mft
Manifest number: 1028
Signing time: Sun 01 Mar 2026 19:00:51 +0000
Manifest this update: Sun 01 Mar 2026 19:00:51 +0000
Manifest next update: Mon 02 Mar 2026 19:00:51 +0000
Files and hashes: 1: iA2KtqoscvB5dV92zwEgql3dx98.crl (hash: FftyCEdtjQU5bS3uUwABFFCgh6lsHR6R69AXf6DKZEA=)
2: tl9JmYqZuc8rnWm5B3tF-CPUxEg.roa (hash: ti/VYS4hognsUWtb/PVfBo1Uhz2rYc5vy7DleprVf/Y=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/c84cd3-672b-44b2-8ce0-40289479ac05/1/iA2KtqoscvB5dV92zwEgql3dx98.crl
rsync://rpki.ripe.net/repository/DEFAULT/f4/c84cd3-672b-44b2-8ce0-40289479ac05/1/iA2KtqoscvB5dV92zwEgql3dx98.mft
rsync://rpki.ripe.net/repository/DEFAULT/iA2KtqoscvB5dV92zwEgql3dx98.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 19:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:aa:c6:58:6f:a4:22:01:1e:26:2d:3d:9a:0d:d8:d1:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=880d8ab6aa2c72f079755f76cf0120aa5dddc7df
Validity
Not Before: Mar 1 19:00:51 2026 GMT
Not After : Mar 2 19:00:51 2026 GMT
Subject: CN=5cf3095923c9e64f6cde7bdf6a0ed2c297a85ca9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:38:73:d3:74:53:d0:72:34:a6:86:77:3e:1f:
47:15:ec:59:b3:7c:3f:1d:39:ac:1a:6e:4b:5b:9a:
c6:ba:a1:3e:0a:e5:40:40:fc:e6:11:82:38:48:dd:
5c:78:a5:06:94:a3:63:fb:5a:82:6e:5b:38:7c:74:
fb:91:9b:86:82:1e:9e:41:40:50:f0:04:eb:1a:1e:
c3:a4:1f:77:5e:46:51:fe:b5:2c:b0:c0:74:00:2d:
c0:c0:9a:16:94:69:89:c9:5c:4d:c0:3e:05:57:3e:
00:a5:7b:17:78:cc:06:16:87:2e:f3:9a:ce:9e:89:
10:84:6a:5c:4a:d4:38:b4:bb:90:a0:ec:d4:71:7a:
cf:b0:c7:99:13:7f:02:24:6e:d0:06:b7:63:69:60:
30:3f:cc:a1:a0:11:5b:39:0f:17:15:bd:47:7b:2a:
8e:14:ad:68:58:31:76:93:46:b5:66:4a:91:d9:90:
d2:ec:60:af:72:f6:a0:20:99:7c:f5:4f:47:00:78:
7e:c9:bf:95:c9:f8:6e:b1:ce:f1:a7:be:b2:f3:93:
05:da:d6:19:3e:a6:90:29:cb:47:e6:3e:c3:c9:1e:
fd:b9:17:8b:e2:25:11:9a:b8:18:ce:72:c0:62:26:
90:31:2e:f5:a3:06:ee:49:b0:71:38:a1:6d:99:c6:
9a:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:F3:09:59:23:C9:E6:4F:6C:DE:7B:DF:6A:0E:D2:C2:97:A8:5C:A9
X509v3 Authority Key Identifier:
keyid:88:0D:8A:B6:AA:2C:72:F0:79:75:5F:76:CF:01:20:AA:5D:DD:C7:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iA2KtqoscvB5dV92zwEgql3dx98.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/c84cd3-672b-44b2-8ce0-40289479ac05/1/iA2KtqoscvB5dV92zwEgql3dx98.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/c84cd3-672b-44b2-8ce0-40289479ac05/1/iA2KtqoscvB5dV92zwEgql3dx98.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8e:59:72:d0:e7:6a:dd:79:01:15:6b:16:fa:ca:ab:c3:46:c6:
ec:60:9a:21:1d:53:ec:9c:21:dd:47:93:4c:b2:03:44:99:e5:
f9:7d:7a:a3:07:8a:47:18:21:15:e3:e8:62:1a:4c:01:0c:44:
42:10:cf:b7:44:97:6a:00:8e:1f:b4:f7:dd:6d:cc:96:d7:a3:
da:a4:9b:2a:92:3b:be:95:30:4e:9e:7a:d7:89:d9:1d:53:20:
8f:72:04:af:7f:d0:2a:ba:a5:0a:d5:bc:6a:bc:93:af:6f:8c:
78:45:60:dd:8b:01:8b:ca:91:a5:39:1a:7f:49:45:d3:da:15:
4f:b5:60:66:e3:80:b1:b8:9a:d2:9d:ab:93:f8:8c:cf:78:88:
90:ab:39:f4:15:df:d6:c5:c7:ae:ff:36:8a:d5:a5:ed:28:14:
f5:2e:8e:01:43:62:b7:0c:a0:5d:ca:08:4d:cb:59:ec:eb:4f:
0d:3b:fd:38:f3:42:2a:3a:0e:60:97:95:5b:37:30:22:e4:3e:
cb:bc:64:b8:92:59:4d:cb:54:9b:17:ab:e9:f5:fe:49:6c:34:
43:9e:5c:54:41:6b:21:b1:44:e2:a7:14:93:9c:2e:63:da:91:
fb:a0:b3:52:ca:97:d0:72:8a:df:1e:c9:25:e3:06:1b:6c:6d:
8c:76:c3:f2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqxlhvpCIBHiYtPZoN2NGGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4MGQ4YWI2YWEyYzcyZjA3OTc1NWY3NmNmMDEyMGFhNWRk
ZGM3ZGYwHhcNMjYwMzAxMTkwMDUxWhcNMjYwMzAyMTkwMDUxWjAzMTEwLwYDVQQD
Eyg1Y2YzMDk1OTIzYzllNjRmNmNkZTdiZGY2YTBlZDJjMjk3YTg1Y2E5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2zhz03RT0HI0poZ3Ph9HFexZs3w/
HTmsGm5LW5rGuqE+CuVAQPzmEYI4SN1ceKUGlKNj+1qCbls4fHT7kZuGgh6eQUBQ
8ATrGh7DpB93XkZR/rUssMB0AC3AwJoWlGmJyVxNwD4FVz4ApXsXeMwGFocu85rO
nokQhGpcStQ4tLuQoOzUcXrPsMeZE38CJG7QBrdjaWAwP8yhoBFbOQ8XFb1HeyqO
FK1oWDF2k0a1ZkqR2ZDS7GCvcvagIJl89U9HAHh+yb+Vyfhusc7xp76y85MF2tYZ
PqaQKctH5j7DyR79uReL4iURmrgYznLAYiaQMS71owbuSbBxOKFtmcaa9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFzzCVkjyeZPbN5732oO0sKXqFypMB8GA1UdIwQY
MBaAFIgNiraqLHLweXVfds8BIKpd3cffMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUEyS3Rxb3NjdkI1ZFY5Mnp3RWdxbDNkeDk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC9jODRjZDMtNjcyYi00NGIyLThjZTAt
NDAyODk0NzlhYzA1LzEvaUEyS3Rxb3NjdkI1ZFY5Mnp3RWdxbDNkeDk4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC9jODRjZDMtNjcyYi00NGIyLThjZTAtNDAyODk0NzlhYzA1
LzEvaUEyS3Rxb3NjdkI1ZFY5Mnp3RWdxbDNkeDk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjlly0Odq
3XkBFWsW+sqrw0bG7GCaIR1T7Jwh3UeTTLIDRJnl+X16oweKRxghFePoYhpMAQxE
QhDPt0SXagCOH7T33W3Mltej2qSbKpI7vpUwTp5614nZHVMgj3IEr3/QKrqlCtW8
aryTr2+MeEVg3YsBi8qRpTkaf0lF09oVT7VgZuOAsbia0p2rk/iMz3iIkKs59BXf
1sXHrv82itWl7SgU9S6OAUNitwygXcoITctZ7OtPDTv9OPNCKjoOYJeVWzcwIuQ+
y7xkuJJZTctUmxer6fX+SWw0Q55cVEFrIbFE4qcUk5wuY9qR+6CzUsqX0HKK3x7J
JeMGG2xtjHbD8g==
-----END CERTIFICATE-----
Generated at Mon Mar 2 06:04:15 2026 by rpki-client