Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/3eea5e-3713-4310-962b-8f2f01f7a9ba/1/iW9K-SA2_lCiD0oVEunCyOztzss.mft
File: iW9K-SA2_lCiD0oVEunCyOztzss.mft (raw, json)
Hash identifier: wgsUSPalJi916RlSVNetGazxj2lIKwILNYPLQPr9LJ4=
Subject key identifier: 60:BB:93:D0:0C:9B:88:48:F5:7A:30:1B:50:BF:9F:0A:B8:2B:8E:8A
Authority key identifier: 89:6F:4A:F9:20:36:FE:50:A2:0F:4A:15:12:E9:C2:C8:EC:ED:CE:CB
Certificate issuer: /CN=896f4af92036fe50a20f4a1512e9c2c8ecedcecb
Certificate serial: 019E1BD91A8ED07D3CF2315CE6A2A0632629
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iW9K-SA2_lCiD0oVEunCyOztzss.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/3eea5e-3713-4310-962b-8f2f01f7a9ba/1/iW9K-SA2_lCiD0oVEunCyOztzss.mft
Manifest number: 2D
Signing time: Tue 12 May 2026 11:01:13 +0000
Manifest this update: Tue 12 May 2026 11:01:13 +0000
Manifest next update: Wed 13 May 2026 11:01:13 +0000
Files and hashes: 1: T3jfzi53S8xZPceztrFRoHBB2Gs.asa (hash: iIwUoh+fafGMzrESQvIZ8Y8e7wQVqF2lRs7FIizOvSw=)
2: iW9K-SA2_lCiD0oVEunCyOztzss.crl (hash: 5AzXlM7pFHAoT5gSvL5bD/7sXt40jjzkYPn3ZliqiZE=)
3: kdaDaZmYqGMzqUUnLPSsLH8GrPc.roa (hash: B9RQvP9FD3l+CItncVjMhVfvLB+HWK7qmh+l2cN8QSk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/3eea5e-3713-4310-962b-8f2f01f7a9ba/1/iW9K-SA2_lCiD0oVEunCyOztzss.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/3eea5e-3713-4310-962b-8f2f01f7a9ba/1/iW9K-SA2_lCiD0oVEunCyOztzss.mft
rsync://rpki.ripe.net/repository/DEFAULT/iW9K-SA2_lCiD0oVEunCyOztzss.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 11:01:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:1b:d9:1a:8e:d0:7d:3c:f2:31:5c:e6:a2:a0:63:26:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=896f4af92036fe50a20f4a1512e9c2c8ecedcecb
Validity
Not Before: May 12 11:01:13 2026 GMT
Not After : May 13 11:01:13 2026 GMT
Subject: CN=60bb93d00c9b8848f57a301b50bf9f0ab82b8e8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:bb:79:47:c1:89:6d:a0:de:06:f2:db:c2:91:
ff:33:4d:d8:44:3c:ac:20:3e:a6:5b:51:9f:02:e8:
2f:eb:9a:fc:29:4c:fa:10:47:d5:3c:62:f1:e7:a0:
73:46:be:2b:ff:fe:38:4b:e0:96:cf:9e:74:bb:54:
87:74:0f:9a:ff:67:b6:de:d7:78:4a:7c:2b:7e:55:
c3:ba:3c:10:50:c8:95:ab:dd:d6:05:b1:57:43:70:
57:ff:11:08:92:48:ae:81:95:a7:8d:9d:5d:9a:81:
0a:c7:19:6c:81:1b:72:31:f3:f7:a3:0b:17:d0:27:
b3:4c:af:ab:d7:62:32:7a:75:0a:b5:4d:46:a5:2c:
15:8c:60:be:9c:e2:c6:5f:69:f7:39:9f:5a:34:a8:
04:23:c9:e1:d2:f8:88:81:cd:7c:81:34:2d:4b:52:
6e:38:bd:32:fb:fd:db:33:bd:92:c1:f7:8d:9c:d7:
37:e1:3f:26:ec:05:3c:65:81:1a:aa:f6:39:5b:45:
d7:e0:17:1c:87:b1:f4:5a:55:cc:fb:38:e2:47:aa:
ec:54:18:fe:db:a6:ed:16:da:6a:bf:da:5f:5f:4e:
27:bd:53:2d:9d:27:63:46:49:c2:80:ed:35:43:ef:
30:5b:7e:7f:94:b3:b5:83:3f:bc:61:c8:db:87:7c:
e3:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:BB:93:D0:0C:9B:88:48:F5:7A:30:1B:50:BF:9F:0A:B8:2B:8E:8A
X509v3 Authority Key Identifier:
keyid:89:6F:4A:F9:20:36:FE:50:A2:0F:4A:15:12:E9:C2:C8:EC:ED:CE:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iW9K-SA2_lCiD0oVEunCyOztzss.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/3eea5e-3713-4310-962b-8f2f01f7a9ba/1/iW9K-SA2_lCiD0oVEunCyOztzss.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/3eea5e-3713-4310-962b-8f2f01f7a9ba/1/iW9K-SA2_lCiD0oVEunCyOztzss.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
57:25:20:d5:9b:0c:a7:f0:54:b6:60:59:21:9a:de:95:e0:2c:
58:1b:87:12:7e:36:5a:73:41:df:a9:79:b6:5f:45:0d:f4:62:
4d:68:39:c4:ac:59:fe:7e:19:91:59:32:4f:f5:7e:0b:3d:9d:
48:16:15:9c:b6:31:67:3c:ed:2a:d9:fc:3f:c7:b1:8b:ad:bc:
09:da:2e:16:6f:c7:9d:81:bc:62:c3:6b:51:07:db:45:87:fd:
a9:12:06:d5:c0:2d:57:ea:d5:27:87:3f:46:8d:16:38:f3:5e:
fc:a3:b7:6d:a8:14:b4:16:bd:89:6d:35:18:38:89:9b:23:fb:
ee:fa:15:54:05:6b:a6:49:30:dc:06:9a:99:28:22:17:56:b3:
75:78:7d:59:a9:1a:4f:9b:94:34:5b:f2:62:ba:86:ad:14:02:
94:db:20:14:25:14:f6:02:60:88:da:bf:35:be:73:ad:27:5f:
55:cb:9b:65:ff:7c:fa:b7:47:bb:98:fd:0e:0e:8f:16:f6:64:
e6:83:3b:33:0a:3a:5c:65:f8:f0:35:c1:f2:3a:68:5c:63:03:
28:49:bc:cc:5f:21:c0:90:23:89:02:a3:09:ee:38:23:cb:e2:
98:60:8c:9d:c1:87:c0:f0:2c:2b:87:ba:14:6b:41:6d:ed:48:
3d:24:27:47
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4b2RqO0H088jFc5qKgYyYpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5NmY0YWY5MjAzNmZlNTBhMjBmNGExNTEyZTljMmM4ZWNl
ZGNlY2IwHhcNMjYwNTEyMTEwMTEzWhcNMjYwNTEzMTEwMTEzWjAzMTEwLwYDVQQD
Eyg2MGJiOTNkMDBjOWI4ODQ4ZjU3YTMwMWI1MGJmOWYwYWI4MmI4ZThhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAprt5R8GJbaDeBvLbwpH/M03YRDys
ID6mW1GfAugv65r8KUz6EEfVPGLx56BzRr4r//44S+CWz550u1SHdA+a/2e23td4
SnwrflXDujwQUMiVq93WBbFXQ3BX/xEIkkiugZWnjZ1dmoEKxxlsgRtyMfP3owsX
0CezTK+r12IyenUKtU1GpSwVjGC+nOLGX2n3OZ9aNKgEI8nh0viIgc18gTQtS1Ju
OL0y+/3bM72SwfeNnNc34T8m7AU8ZYEaqvY5W0XX4Bcch7H0WlXM+zjiR6rsVBj+
26btFtpqv9pfX04nvVMtnSdjRknCgO01Q+8wW35/lLO1gz+8Ycjbh3zjtQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGC7k9AMm4hI9XowG1C/nwq4K46KMB8GA1UdIwQY
MBaAFIlvSvkgNv5Qog9KFRLpwsjs7c7LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVc5Sy1TQTJfbENpRDBvVkV1bkN5T3p0enNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy8zZWVhNWUtMzcxMy00MzEwLTk2MmIt
OGYyZjAxZjdhOWJhLzEvaVc5Sy1TQTJfbENpRDBvVkV1bkN5T3p0enNzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy8zZWVhNWUtMzcxMy00MzEwLTk2MmItOGYyZjAxZjdhOWJh
LzEvaVc5Sy1TQTJfbENpRDBvVkV1bkN5T3p0enNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVyUg1ZsM
p/BUtmBZIZreleAsWBuHEn42WnNB36l5tl9FDfRiTWg5xKxZ/n4ZkVkyT/V+Cz2d
SBYVnLYxZzztKtn8P8exi628CdouFm/HnYG8YsNrUQfbRYf9qRIG1cAtV+rVJ4c/
Ro0WOPNe/KO3bagUtBa9iW01GDiJmyP77voVVAVrpkkw3AaamSgiF1azdXh9Waka
T5uUNFvyYrqGrRQClNsgFCUU9gJgiNq/Nb5zrSdfVcubZf98+rdHu5j9Dg6PFvZk
5oM7Mwo6XGX48DXB8jpoXGMDKEm8zF8hwJAjiQKjCe44I8vimGCMncGHwPAsK4e6
FGtBbe1IPSQnRw==
-----END CERTIFICATE-----
Generated at Tue May 12 21:24:40 2026 by rpki-client