Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/c2095a-3b3d-4ac4-9c32-4df8912188f7/1/IQG2OI1kNfVJkJBTgrQdyWdf1JA.mft
File: IQG2OI1kNfVJkJBTgrQdyWdf1JA.mft (raw, json)
Hash identifier: oMcRrdzRBumEVsLiMEd4LNNvgzfIanDZK6kmqwiSVm8=
Subject key identifier: CA:6D:D0:04:A9:B7:1E:62:26:DA:BC:46:22:89:9D:39:E4:52:11:DC
Authority key identifier: 21:01:B6:38:8D:64:35:F5:49:90:90:53:82:B4:1D:C9:67:5F:D4:90
Certificate issuer: /CN=2101b6388d6435f54990905382b41dc9675fd490
Certificate serial: 019D27DFF9BE178B98DD08F3431BCE57051D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IQG2OI1kNfVJkJBTgrQdyWdf1JA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/c2095a-3b3d-4ac4-9c32-4df8912188f7/1/IQG2OI1kNfVJkJBTgrQdyWdf1JA.mft
Manifest number: 0717
Signing time: Thu 26 Mar 2026 02:01:22 +0000
Manifest this update: Thu 26 Mar 2026 02:01:22 +0000
Manifest next update: Fri 27 Mar 2026 02:01:22 +0000
Files and hashes: 1: Bb0AlX7LVs8xu9FbBxHR7jZ41sc.roa (hash: 1RAeUNL+1NswFK++fmlLXs7tYc2gvuypR/zGLkI4pFk=)
2: IQG2OI1kNfVJkJBTgrQdyWdf1JA.crl (hash: mLuAb8dsATpdforDU9Sx4ZmHRQWb9h2t1m5Mh7HwFkw=)
3: wuwvCCyqsgM8AhmBamIU1CDvuC4.roa (hash: 7kzHmkdddwIql7JhhvogOzHNgfL2sl/BzbMljE2+YF0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/c2095a-3b3d-4ac4-9c32-4df8912188f7/1/IQG2OI1kNfVJkJBTgrQdyWdf1JA.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/c2095a-3b3d-4ac4-9c32-4df8912188f7/1/IQG2OI1kNfVJkJBTgrQdyWdf1JA.mft
rsync://rpki.ripe.net/repository/DEFAULT/IQG2OI1kNfVJkJBTgrQdyWdf1JA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 02:01:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:27:df:f9:be:17:8b:98:dd:08:f3:43:1b:ce:57:05:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2101b6388d6435f54990905382b41dc9675fd490
Validity
Not Before: Mar 26 02:01:22 2026 GMT
Not After : Mar 27 02:01:22 2026 GMT
Subject: CN=ca6dd004a9b71e6226dabc4622899d39e45211dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:71:79:68:86:38:b1:45:25:6a:12:d1:17:f4:
c4:d7:06:51:6a:ab:77:ce:56:30:67:bb:bb:b0:c8:
c2:2d:bc:29:5c:d4:69:36:e5:15:4c:dc:31:f7:69:
91:aa:01:17:78:a9:3c:99:e1:71:25:cd:8e:64:ab:
20:9c:84:ee:9b:53:e7:b8:5c:4c:86:dd:b5:f4:39:
2b:b0:49:60:92:78:f8:a2:49:82:7e:02:ce:ef:67:
cb:4c:cc:01:a2:8f:fd:ea:75:5a:55:f1:00:ff:a1:
8b:67:bb:12:89:82:ac:04:86:e4:53:54:08:e4:11:
5f:5a:34:ec:48:a4:65:0b:60:3e:7f:a8:32:23:da:
52:35:c7:db:67:19:ae:da:61:59:78:18:8c:71:0f:
59:e5:65:bd:c2:5e:61:7c:f7:f7:90:31:09:ce:9f:
98:4f:f2:96:ab:ac:4b:fe:00:f1:4b:e8:02:87:25:
b7:51:50:c3:15:dc:86:44:fb:56:9b:38:34:34:a8:
05:a8:99:b9:0a:5e:57:ae:1a:92:89:16:90:54:38:
fd:3e:eb:37:00:53:30:0a:f7:8c:f0:b8:df:69:a6:
31:85:24:a3:c6:fb:50:57:df:87:b6:4b:a3:4a:08:
39:e5:18:3f:e8:57:10:94:d8:79:ba:7d:39:df:9b:
65:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:6D:D0:04:A9:B7:1E:62:26:DA:BC:46:22:89:9D:39:E4:52:11:DC
X509v3 Authority Key Identifier:
keyid:21:01:B6:38:8D:64:35:F5:49:90:90:53:82:B4:1D:C9:67:5F:D4:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IQG2OI1kNfVJkJBTgrQdyWdf1JA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/c2095a-3b3d-4ac4-9c32-4df8912188f7/1/IQG2OI1kNfVJkJBTgrQdyWdf1JA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/c2095a-3b3d-4ac4-9c32-4df8912188f7/1/IQG2OI1kNfVJkJBTgrQdyWdf1JA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9f:16:6f:97:f4:38:3b:19:2f:b3:ad:27:d6:80:8f:fa:42:32:
c6:95:67:bf:94:a2:84:89:14:14:d0:62:45:46:e0:7b:5a:26:
43:e6:9a:4d:c2:a6:6b:84:3a:d0:55:2c:08:50:d6:3c:40:0d:
bc:1a:19:8e:36:b3:1b:84:b7:52:71:00:d3:ec:98:b3:fe:13:
7b:c7:5c:d4:63:d8:9d:83:34:6d:e7:58:9b:07:ce:58:2a:b8:
ea:b0:50:9e:c2:9e:46:2e:a8:48:ea:31:21:61:2e:ef:f0:c7:
f3:bd:cc:77:61:2b:4b:bf:c6:d0:72:3a:80:bf:7d:68:38:26:
9f:9e:45:eb:69:de:26:10:0f:ff:f1:e5:c3:e9:0b:19:ae:6b:
e0:28:20:84:9f:89:05:22:72:e4:eb:60:63:3f:7b:a9:52:0d:
39:87:98:6a:3b:ca:fd:d9:f8:3b:84:90:0e:4e:6c:9d:90:b3:
74:e9:0a:66:33:e8:cc:f2:9f:f2:55:a5:cf:82:1d:51:4f:68:
33:69:64:be:6d:c3:1c:77:38:ca:aa:5b:b9:47:70:60:c0:c3:
9a:4b:f3:5b:b7:52:4a:04:18:ef:c5:75:da:9b:56:70:ce:65:
0c:e2:ae:18:81:ee:80:2a:56:f4:db:a4:a4:59:b4:40:8a:61:
de:43:8c:cc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0n3/m+F4uY3QjzQxvOVwUdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMDFiNjM4OGQ2NDM1ZjU0OTkwOTA1MzgyYjQxZGM5Njc1
ZmQ0OTAwHhcNMjYwMzI2MDIwMTIyWhcNMjYwMzI3MDIwMTIyWjAzMTEwLwYDVQQD
EyhjYTZkZDAwNGE5YjcxZTYyMjZkYWJjNDYyMjg5OWQzOWU0NTIxMWRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlHF5aIY4sUUlahLRF/TE1wZRaqt3
zlYwZ7u7sMjCLbwpXNRpNuUVTNwx92mRqgEXeKk8meFxJc2OZKsgnITum1PnuFxM
ht219DkrsElgknj4okmCfgLO72fLTMwBoo/96nVaVfEA/6GLZ7sSiYKsBIbkU1QI
5BFfWjTsSKRlC2A+f6gyI9pSNcfbZxmu2mFZeBiMcQ9Z5WW9wl5hfPf3kDEJzp+Y
T/KWq6xL/gDxS+gChyW3UVDDFdyGRPtWmzg0NKgFqJm5Cl5XrhqSiRaQVDj9Pus3
AFMwCveM8LjfaaYxhSSjxvtQV9+HtkujSgg55Rg/6FcQlNh5un0535tlTwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMpt0ASptx5iJtq8RiKJnTnkUhHcMB8GA1UdIwQY
MBaAFCEBtjiNZDX1SZCQU4K0HclnX9SQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVFHMk9JMWtOZlZKa0pCVGdyUWR5V2RmMUpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9jMjA5NWEtM2IzZC00YWM0LTljMzIt
NGRmODkxMjE4OGY3LzEvSVFHMk9JMWtOZlZKa0pCVGdyUWR5V2RmMUpBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9jMjA5NWEtM2IzZC00YWM0LTljMzItNGRmODkxMjE4OGY3
LzEvSVFHMk9JMWtOZlZKa0pCVGdyUWR5V2RmMUpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnxZvl/Q4
Oxkvs60n1oCP+kIyxpVnv5SihIkUFNBiRUbge1omQ+aaTcKma4Q60FUsCFDWPEAN
vBoZjjazG4S3UnEA0+yYs/4Te8dc1GPYnYM0bedYmwfOWCq46rBQnsKeRi6oSOox
IWEu7/DH873Md2ErS7/G0HI6gL99aDgmn55F62neJhAP//Hlw+kLGa5r4CgghJ+J
BSJy5OtgYz97qVINOYeYajvK/dn4O4SQDk5snZCzdOkKZjPozPKf8lWlz4IdUU9o
M2lkvm3DHHc4yqpbuUdwYMDDmkvzW7dSSgQY78V12ptWcM5lDOKuGIHugCpW9Nuk
pFm0QIph3kOMzA==
-----END CERTIFICATE-----
Generated at Thu Mar 26 14:18:01 2026 by rpki-client