
Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/c2095a-3b3d-4ac4-9c32-4df8912188f7/1/IQG2OI1kNfVJkJBTgrQdyWdf1JA.mft
File: IQG2OI1kNfVJkJBTgrQdyWdf1JA.mft (raw, json)
Hash identifier: /LJTKMFoSGguKJiMlCjDhj4VozADW0lMDXLmI5tLhj4=
Subject key identifier: 32:91:C3:6E:10:9B:27:04:79:91:B1:2D:F1:EE:DD:4C:18:6B:26:94
Authority key identifier: 21:01:B6:38:8D:64:35:F5:49:90:90:53:82:B4:1D:C9:67:5F:D4:90
Certificate issuer: /CN=2101b6388d6435f54990905382b41dc9675fd490
Certificate serial: 019D29CE6548DD95D01C29247E10B66F8442
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IQG2OI1kNfVJkJBTgrQdyWdf1JA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/c2095a-3b3d-4ac4-9c32-4df8912188f7/1/IQG2OI1kNfVJkJBTgrQdyWdf1JA.mft
Manifest number: 0718
Signing time: Thu 26 Mar 2026 11:01:25 +0000
Manifest this update: Thu 26 Mar 2026 11:01:25 +0000
Manifest next update: Fri 27 Mar 2026 11:01:25 +0000
Files and hashes: 1: Bb0AlX7LVs8xu9FbBxHR7jZ41sc.roa (hash: 1RAeUNL+1NswFK++fmlLXs7tYc2gvuypR/zGLkI4pFk=)
2: IQG2OI1kNfVJkJBTgrQdyWdf1JA.crl (hash: VxoSUbl0A8UmZFb80Lt04VpazkYBW3KQgDHLBiO7HPI=)
3: wuwvCCyqsgM8AhmBamIU1CDvuC4.roa (hash: 7kzHmkdddwIql7JhhvogOzHNgfL2sl/BzbMljE2+YF0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/c2095a-3b3d-4ac4-9c32-4df8912188f7/1/IQG2OI1kNfVJkJBTgrQdyWdf1JA.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/c2095a-3b3d-4ac4-9c32-4df8912188f7/1/IQG2OI1kNfVJkJBTgrQdyWdf1JA.mft
rsync://rpki.ripe.net/repository/DEFAULT/IQG2OI1kNfVJkJBTgrQdyWdf1JA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:29:ce:65:48:dd:95:d0:1c:29:24:7e:10:b6:6f:84:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2101b6388d6435f54990905382b41dc9675fd490
Validity
Not Before: Mar 26 11:01:25 2026 GMT
Not After : Mar 27 11:01:25 2026 GMT
Subject: CN=3291c36e109b27047991b12df1eedd4c186b2694
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:be:f5:25:cc:ea:15:04:f4:d3:3c:56:ed:db:
ae:5a:d1:bd:2e:46:32:52:19:65:dc:c9:6b:60:53:
75:57:71:88:47:78:4d:fa:24:8e:3d:fb:4e:6d:7f:
dd:f0:ed:a4:18:48:e8:d4:57:7d:ec:8e:8d:d0:28:
e4:ae:37:d1:23:ad:da:3f:41:fb:0c:c3:e1:e0:cc:
a1:50:59:d9:3e:5a:5a:ba:6e:01:4d:16:f2:1e:a2:
aa:be:c0:6f:c2:e7:54:b7:00:2c:a9:fa:22:6c:97:
3e:8b:47:73:55:c2:2d:1b:60:50:90:b8:77:9a:1e:
c1:6d:f8:08:e8:8c:28:5e:21:c7:19:9d:8f:5c:fc:
97:d6:9a:73:1d:23:04:40:73:9c:eb:be:98:a1:de:
c0:60:67:29:40:76:10:76:f9:89:af:0d:e1:c1:80:
b3:c7:e8:18:d2:05:f9:1b:a9:9b:dc:d3:84:c6:b7:
bb:d3:a8:d2:4c:d4:9f:dc:7a:bd:d5:d8:41:43:70:
2c:ea:81:5b:c6:99:3b:24:91:2a:63:b1:8d:db:58:
f7:6e:4c:c0:24:13:06:16:68:07:13:94:bc:a7:e4:
9d:68:2d:2b:36:12:8f:e9:b5:67:25:0c:26:e1:5a:
d4:4d:e8:40:0f:14:2e:ca:46:3a:06:6c:fc:d9:db:
47:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:91:C3:6E:10:9B:27:04:79:91:B1:2D:F1:EE:DD:4C:18:6B:26:94
X509v3 Authority Key Identifier:
keyid:21:01:B6:38:8D:64:35:F5:49:90:90:53:82:B4:1D:C9:67:5F:D4:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IQG2OI1kNfVJkJBTgrQdyWdf1JA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/c2095a-3b3d-4ac4-9c32-4df8912188f7/1/IQG2OI1kNfVJkJBTgrQdyWdf1JA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/c2095a-3b3d-4ac4-9c32-4df8912188f7/1/IQG2OI1kNfVJkJBTgrQdyWdf1JA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
52:de:92:f6:3e:43:e3:13:99:5c:74:b1:6d:4f:2b:98:7b:65:
d5:2a:f4:a6:42:b2:6a:8b:dd:85:e2:d1:40:40:d2:cc:a3:12:
ce:4a:21:b1:df:3b:56:c5:9e:8d:eb:e9:f6:c2:e3:5d:f9:da:
d6:54:a8:c3:ea:b7:ba:c5:90:d6:cb:9a:2c:de:6c:80:bf:66:
6d:3e:8b:ea:55:40:05:e1:c3:1c:68:da:f3:8b:77:e8:c8:d5:
2f:ae:19:4f:36:57:7b:16:b2:25:ec:31:23:5e:f1:3b:03:cf:
a5:cc:2c:c5:dd:43:fd:65:9d:de:88:e4:16:97:d6:e0:f1:b7:
b1:c1:84:26:65:14:7d:de:0b:14:1b:8e:60:d8:f3:36:26:d7:
29:74:26:6a:f9:c3:79:65:32:c9:d9:21:1c:48:6f:47:cd:de:
3a:3e:50:4a:96:8b:d1:1f:c6:6a:af:c7:08:5b:de:ef:23:e2:
cc:d2:37:9b:55:5b:62:52:34:d4:94:01:52:ef:d0:64:bb:2e:
2b:b4:d5:9d:62:d4:21:e2:f7:01:b9:10:d2:a4:36:ad:bf:7a:
96:8c:41:b8:a4:52:9a:34:77:38:bb:eb:55:ff:63:4b:fe:d6:
bf:61:15:a5:fc:49:9c:7c:52:41:cb:03:62:01:b8:55:f2:80:
ab:b7:11:68
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pzmVI3ZXQHCkkfhC2b4RCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMDFiNjM4OGQ2NDM1ZjU0OTkwOTA1MzgyYjQxZGM5Njc1
ZmQ0OTAwHhcNMjYwMzI2MTEwMTI1WhcNMjYwMzI3MTEwMTI1WjAzMTEwLwYDVQQD
EygzMjkxYzM2ZTEwOWIyNzA0Nzk5MWIxMmRmMWVlZGQ0YzE4NmIyNjk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp771JczqFQT00zxW7duuWtG9LkYy
Uhll3MlrYFN1V3GIR3hN+iSOPftObX/d8O2kGEjo1Fd97I6N0CjkrjfRI63aP0H7
DMPh4MyhUFnZPlpaum4BTRbyHqKqvsBvwudUtwAsqfoibJc+i0dzVcItG2BQkLh3
mh7BbfgI6IwoXiHHGZ2PXPyX1ppzHSMEQHOc676Yod7AYGcpQHYQdvmJrw3hwYCz
x+gY0gX5G6mb3NOExre706jSTNSf3Hq91dhBQ3As6oFbxpk7JJEqY7GN21j3bkzA
JBMGFmgHE5S8p+SdaC0rNhKP6bVnJQwm4VrUTehADxQuykY6Bmz82dtHZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDKRw24QmycEeZGxLfHu3UwYayaUMB8GA1UdIwQY
MBaAFCEBtjiNZDX1SZCQU4K0HclnX9SQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVFHMk9JMWtOZlZKa0pCVGdyUWR5V2RmMUpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9jMjA5NWEtM2IzZC00YWM0LTljMzIt
NGRmODkxMjE4OGY3LzEvSVFHMk9JMWtOZlZKa0pCVGdyUWR5V2RmMUpBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9jMjA5NWEtM2IzZC00YWM0LTljMzItNGRmODkxMjE4OGY3
LzEvSVFHMk9JMWtOZlZKa0pCVGdyUWR5V2RmMUpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUt6S9j5D
4xOZXHSxbU8rmHtl1Sr0pkKyaovdheLRQEDSzKMSzkohsd87VsWejevp9sLjXfna
1lSow+q3usWQ1suaLN5sgL9mbT6L6lVABeHDHGja84t36MjVL64ZTzZXexayJewx
I17xOwPPpcwsxd1D/WWd3ojkFpfW4PG3scGEJmUUfd4LFBuOYNjzNibXKXQmavnD
eWUyydkhHEhvR83eOj5QSpaL0R/Gaq/HCFve7yPizNI3m1VbYlI01JQBUu/QZLsu
K7TVnWLUIeL3AbkQ0qQ2rb96loxBuKRSmjR3OLvrVf9jS/7Wv2EVpfxJnHxSQcsD
YgG4VfKAq7cRaA==
-----END CERTIFICATE-----
Generated at Thu Mar 26 17:20:42 2026 by rpki-client