Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/dfeb10-9524-41a5-bbd3-0769aa6271e6/1/IKDFQA4CP5P1GOQwBMM7x50vayE.mft
File: IKDFQA4CP5P1GOQwBMM7x50vayE.mft (raw, json)
Hash identifier: /NHo48xv7wTbmeTrRvNYEr4Pa+VAisldFdcLmJ4a+k0=
Subject key identifier: 26:AE:BF:6B:E4:57:C0:BF:C5:5B:0A:FB:BB:DE:7D:6B:4C:A3:69:F1
Authority key identifier: 20:A0:C5:40:0E:02:3F:93:F5:18:E4:30:04:C3:3B:C7:9D:2F:6B:21
Certificate issuer: /CN=20a0c5400e023f93f518e43004c33bc79d2f6b21
Certificate serial: 019D28BB4EAE6B63D40A0443F66F482E832D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IKDFQA4CP5P1GOQwBMM7x50vayE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/dfeb10-9524-41a5-bbd3-0769aa6271e6/1/IKDFQA4CP5P1GOQwBMM7x50vayE.mft
Manifest number: 1888
Signing time: Thu 26 Mar 2026 06:00:57 +0000
Manifest this update: Thu 26 Mar 2026 06:00:57 +0000
Manifest next update: Fri 27 Mar 2026 06:00:57 +0000
Files and hashes: 1: C79YUpU2iklV_OJjs4h8ac-OjrQ.roa (hash: //CGGQm4W2A3kMycLE3Ro2hRaxk4J3N4m94O7KPhors=)
2: IKDFQA4CP5P1GOQwBMM7x50vayE.crl (hash: nxVqr+dNOkDEwzTRA7UatpJ56fUxq6QzpTTm6K3dCwo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/dfeb10-9524-41a5-bbd3-0769aa6271e6/1/IKDFQA4CP5P1GOQwBMM7x50vayE.crl
rsync://rpki.ripe.net/repository/DEFAULT/d5/dfeb10-9524-41a5-bbd3-0769aa6271e6/1/IKDFQA4CP5P1GOQwBMM7x50vayE.mft
rsync://rpki.ripe.net/repository/DEFAULT/IKDFQA4CP5P1GOQwBMM7x50vayE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:28:bb:4e:ae:6b:63:d4:0a:04:43:f6:6f:48:2e:83:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20a0c5400e023f93f518e43004c33bc79d2f6b21
Validity
Not Before: Mar 26 06:00:57 2026 GMT
Not After : Mar 27 06:00:57 2026 GMT
Subject: CN=26aebf6be457c0bfc55b0afbbbde7d6b4ca369f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:ad:08:93:45:6a:d5:46:7a:bb:e5:3f:37:40:
d6:6c:02:35:51:49:b9:1e:4c:a9:e7:e9:54:fc:03:
ee:6c:02:77:66:fa:a5:77:60:65:40:84:9a:fc:6f:
2a:0a:a2:f9:44:e5:b7:f0:e8:82:70:a2:85:7a:5f:
0a:51:f1:ed:99:60:c2:f4:c4:2a:12:50:41:d0:63:
d0:5f:24:30:a2:c8:cb:8e:61:92:bb:4c:55:78:66:
98:04:74:f8:99:a5:43:ef:e1:cb:bc:a4:ee:64:83:
11:b2:bc:17:61:6e:15:82:e4:3c:5c:12:43:08:3c:
3f:91:d7:7c:b3:d6:ba:53:bd:06:a8:bf:b3:d1:a3:
22:68:1c:ad:84:67:7f:da:e5:b0:c0:fe:0e:30:48:
4c:52:75:b7:22:38:14:54:27:3f:65:fa:c8:a8:4d:
58:ef:fe:ce:63:fa:97:4d:72:e7:2e:09:67:2e:7b:
2e:d8:e2:1d:3d:27:15:9e:cd:a1:28:4e:f1:75:e5:
d3:cf:fb:f5:f4:33:75:d0:ef:c4:36:4c:ae:d6:78:
08:d0:c0:1b:25:66:10:a3:63:a2:7f:40:e6:bd:d9:
9a:1b:65:58:a5:8c:a5:49:81:f9:12:7f:83:e5:c6:
5e:97:d1:4e:00:98:83:f9:6c:94:05:ea:33:41:92:
28:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:AE:BF:6B:E4:57:C0:BF:C5:5B:0A:FB:BB:DE:7D:6B:4C:A3:69:F1
X509v3 Authority Key Identifier:
keyid:20:A0:C5:40:0E:02:3F:93:F5:18:E4:30:04:C3:3B:C7:9D:2F:6B:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IKDFQA4CP5P1GOQwBMM7x50vayE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/dfeb10-9524-41a5-bbd3-0769aa6271e6/1/IKDFQA4CP5P1GOQwBMM7x50vayE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/dfeb10-9524-41a5-bbd3-0769aa6271e6/1/IKDFQA4CP5P1GOQwBMM7x50vayE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
63:93:ee:5d:8e:62:b7:22:cb:72:b2:d6:f2:c8:8f:30:75:be:
a3:37:b6:16:92:5c:6a:3e:9d:13:99:17:37:fe:e4:11:5f:ae:
1f:be:97:02:5d:15:21:a4:03:7b:1e:f2:e5:ee:29:9c:73:f6:
ba:4a:84:3b:42:9c:19:ef:c3:38:73:d3:09:c9:a3:53:bf:0c:
b4:ee:6a:84:1b:56:7a:ea:4a:a6:db:b2:43:c7:b2:53:e8:c2:
b2:4f:63:e9:3e:b6:e8:50:26:37:96:eb:9a:db:d8:7f:c9:71:
0c:5c:d4:f1:4c:b7:77:30:3a:59:13:0f:31:0b:c0:aa:8f:51:
4c:5f:91:ab:a5:e7:29:2a:c2:32:f1:64:98:da:6c:a0:e1:a5:
28:d5:b1:92:3d:c0:5a:03:32:32:0b:f6:9d:b9:5f:85:23:2a:
2a:87:38:87:ac:1b:97:ff:74:8b:17:09:c8:9b:2a:f5:d4:cd:
67:07:d4:9f:94:41:fb:0a:80:9d:40:4f:e4:9c:94:4e:31:59:
dc:3b:01:52:fc:91:3b:fc:aa:6e:c2:b6:18:9f:92:e9:90:f7:
f4:4e:f2:af:9a:5d:a1:31:dd:8f:e5:7a:a8:67:58:29:c1:5e:
25:54:3c:23:4b:73:32:37:8c:a2:0a:fc:ac:64:ce:51:b6:55:
fd:07:81:b4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ou06ua2PUCgRD9m9ILoMtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwYTBjNTQwMGUwMjNmOTNmNTE4ZTQzMDA0YzMzYmM3OWQy
ZjZiMjEwHhcNMjYwMzI2MDYwMDU3WhcNMjYwMzI3MDYwMDU3WjAzMTEwLwYDVQQD
EygyNmFlYmY2YmU0NTdjMGJmYzU1YjBhZmJiYmRlN2Q2YjRjYTM2OWYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnK0Ik0Vq1UZ6u+U/N0DWbAI1UUm5
Hkyp5+lU/APubAJ3Zvqld2BlQISa/G8qCqL5ROW38OiCcKKFel8KUfHtmWDC9MQq
ElBB0GPQXyQwosjLjmGSu0xVeGaYBHT4maVD7+HLvKTuZIMRsrwXYW4VguQ8XBJD
CDw/kdd8s9a6U70GqL+z0aMiaBythGd/2uWwwP4OMEhMUnW3IjgUVCc/ZfrIqE1Y
7/7OY/qXTXLnLglnLnsu2OIdPScVns2hKE7xdeXTz/v19DN10O/ENkyu1ngI0MAb
JWYQo2Oif0DmvdmaG2VYpYylSYH5En+D5cZel9FOAJiD+WyUBeozQZIoWQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCauv2vkV8C/xVsK+7vefWtMo2nxMB8GA1UdIwQY
MBaAFCCgxUAOAj+T9RjkMATDO8edL2shMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUtERlFBNENQNVAxR09Rd0JNTTd4NTB2YXlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9kZmViMTAtOTUyNC00MWE1LWJiZDMt
MDc2OWFhNjI3MWU2LzEvSUtERlFBNENQNVAxR09Rd0JNTTd4NTB2YXlFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9kZmViMTAtOTUyNC00MWE1LWJiZDMtMDc2OWFhNjI3MWU2
LzEvSUtERlFBNENQNVAxR09Rd0JNTTd4NTB2YXlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAY5PuXY5i
tyLLcrLW8siPMHW+oze2FpJcaj6dE5kXN/7kEV+uH76XAl0VIaQDex7y5e4pnHP2
ukqEO0KcGe/DOHPTCcmjU78MtO5qhBtWeupKptuyQ8eyU+jCsk9j6T626FAmN5br
mtvYf8lxDFzU8Uy3dzA6WRMPMQvAqo9RTF+Rq6XnKSrCMvFkmNpsoOGlKNWxkj3A
WgMyMgv2nblfhSMqKoc4h6wbl/90ixcJyJsq9dTNZwfUn5RB+wqAnUBP5JyUTjFZ
3DsBUvyRO/yqbsK2GJ+S6ZD39E7yr5pdoTHdj+V6qGdYKcFeJVQ8I0tzMjeMogr8
rGTOUbZV/QeBtA==
-----END CERTIFICATE-----
Generated at Thu Mar 26 11:11:11 2026 by rpki-client