Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/94d441-d987-4062-89c1-94c5ad17a7a0/1/kGQm9IPDaqzahzIySriK1YAMmi0.mft
File: kGQm9IPDaqzahzIySriK1YAMmi0.mft (raw, json)
Hash identifier: ZD5Tq30WKORsD7FW/jlW1c+99dyiVyeYKg6XIG7cBxM=
Subject key identifier: FC:AA:FA:8F:DE:7E:6B:F9:19:54:CE:B9:2F:3A:91:2A:83:BF:A9:B0
Authority key identifier: 90:64:26:F4:83:C3:6A:AC:DA:87:32:32:4A:B8:8A:D5:80:0C:9A:2D
Certificate issuer: /CN=906426f483c36aacda8732324ab88ad5800c9a2d
Certificate serial: 019D39410CABFBDABE5B6B52D1C7B29FFD81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kGQm9IPDaqzahzIySriK1YAMmi0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/94d441-d987-4062-89c1-94c5ad17a7a0/1/kGQm9IPDaqzahzIySriK1YAMmi0.mft
Manifest number: 0DB3
Signing time: Sun 29 Mar 2026 11:00:57 +0000
Manifest this update: Sun 29 Mar 2026 11:00:57 +0000
Manifest next update: Mon 30 Mar 2026 11:00:57 +0000
Files and hashes: 1: kGQm9IPDaqzahzIySriK1YAMmi0.crl (hash: boWPCl0UyvNAcdkr6Oz1yHOuc5jiwFd9zStOPuZLA3c=)
2: pEXsp_wHHGLaZhZhYFoeKyAe4xU.roa (hash: xI/2+qldJxPTklb7r+PHTCSnZEv4TfvhGV7Tifv5aSk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/94d441-d987-4062-89c1-94c5ad17a7a0/1/kGQm9IPDaqzahzIySriK1YAMmi0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/94d441-d987-4062-89c1-94c5ad17a7a0/1/kGQm9IPDaqzahzIySriK1YAMmi0.mft
rsync://rpki.ripe.net/repository/DEFAULT/kGQm9IPDaqzahzIySriK1YAMmi0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:41:0c:ab:fb:da:be:5b:6b:52:d1:c7:b2:9f:fd:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=906426f483c36aacda8732324ab88ad5800c9a2d
Validity
Not Before: Mar 29 11:00:57 2026 GMT
Not After : Mar 30 11:00:57 2026 GMT
Subject: CN=fcaafa8fde7e6bf91954ceb92f3a912a83bfa9b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fb:d7:1b:2c:be:c8:5f:42:3f:eb:16:7a:74:e9:
e0:44:80:65:db:0f:7d:3d:0e:7e:87:ed:fc:da:2e:
42:af:84:f6:e2:fc:84:de:a7:bb:d6:a3:20:d8:08:
fd:56:3b:b5:a5:95:fd:f2:51:84:52:48:33:78:4c:
cd:d8:b8:28:02:ec:1d:d9:95:73:63:ab:29:96:07:
27:2b:48:0d:02:f7:23:ea:05:0e:cd:a2:40:df:98:
25:51:e5:62:09:b2:1c:28:53:2c:45:9b:33:85:d9:
f0:98:11:a1:d6:a0:1c:ce:fa:5c:4e:a7:be:0c:f8:
91:66:78:0a:52:62:5a:d8:fd:a5:68:54:19:ed:65:
c0:c2:87:cd:c3:7c:1a:40:3e:55:38:1f:c3:74:18:
f8:19:f9:a5:a5:68:75:c5:dd:c5:b4:76:4f:76:9f:
dc:d8:93:6d:40:37:bf:a4:70:07:49:30:7d:42:8f:
e7:79:e9:61:c8:c0:fd:a7:5e:2c:fb:ea:f3:2c:cb:
aa:60:7d:05:21:66:c8:f0:76:78:50:5a:fe:02:c0:
32:88:73:6d:a9:e7:1d:97:2a:0b:e5:ed:87:ce:8a:
38:9c:af:79:31:7c:e6:fb:6b:b3:47:be:24:86:b7:
9c:0b:1d:a3:ee:04:9f:0c:a2:bd:c9:c7:f5:43:7e:
08:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:AA:FA:8F:DE:7E:6B:F9:19:54:CE:B9:2F:3A:91:2A:83:BF:A9:B0
X509v3 Authority Key Identifier:
keyid:90:64:26:F4:83:C3:6A:AC:DA:87:32:32:4A:B8:8A:D5:80:0C:9A:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kGQm9IPDaqzahzIySriK1YAMmi0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/94d441-d987-4062-89c1-94c5ad17a7a0/1/kGQm9IPDaqzahzIySriK1YAMmi0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/94d441-d987-4062-89c1-94c5ad17a7a0/1/kGQm9IPDaqzahzIySriK1YAMmi0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
68:40:5f:34:fe:ec:93:df:ce:31:bf:bc:d3:fb:1b:37:22:85:
7b:ea:54:ea:e7:4e:f2:ba:aa:86:27:d6:a5:8b:04:a3:8d:e3:
38:fd:ce:f2:33:47:29:1c:63:b2:3d:62:bd:ea:bc:e7:06:e1:
3d:00:11:33:f0:e5:62:88:00:17:79:12:38:21:aa:d3:d0:f9:
a9:ef:6b:77:d0:b4:1d:cf:ce:21:e1:40:41:52:dc:05:e2:31:
f4:c9:f0:ba:a4:81:5b:7a:1e:af:51:88:45:df:20:f9:07:86:
cb:13:6d:28:5f:70:7d:8a:61:1d:f1:f4:3b:1a:ce:77:3c:4b:
be:e3:a3:a4:86:aa:c2:6f:54:52:51:4b:dc:25:be:db:33:fc:
24:fc:4d:78:a7:4e:bc:55:9c:12:33:00:ca:26:15:06:f3:27:
20:87:18:f2:e3:1e:bb:f9:62:63:13:9b:91:8b:11:8d:8b:fc:
0c:8a:ce:22:ff:db:ab:96:99:49:24:43:e1:d4:2f:48:b0:43:
94:67:75:40:73:e1:75:2e:da:84:c2:24:20:c3:82:a0:65:85:
58:d3:b1:af:99:99:74:c1:ea:c2:03:58:54:32:73:e8:fa:cf:
fb:9c:28:91:8c:89:24:75:51:e4:ba:58:7e:4f:d8:37:ef:07:
2e:f8:0e:d5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05QQyr+9q+W2tS0ceyn/2BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwNjQyNmY0ODNjMzZhYWNkYTg3MzIzMjRhYjg4YWQ1ODAw
YzlhMmQwHhcNMjYwMzI5MTEwMDU3WhcNMjYwMzMwMTEwMDU3WjAzMTEwLwYDVQQD
EyhmY2FhZmE4ZmRlN2U2YmY5MTk1NGNlYjkyZjNhOTEyYTgzYmZhOWIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+9cbLL7IX0I/6xZ6dOngRIBl2w99
PQ5+h+382i5Cr4T24vyE3qe71qMg2Aj9Vju1pZX98lGEUkgzeEzN2LgoAuwd2ZVz
Y6splgcnK0gNAvcj6gUOzaJA35glUeViCbIcKFMsRZszhdnwmBGh1qAczvpcTqe+
DPiRZngKUmJa2P2laFQZ7WXAwofNw3waQD5VOB/DdBj4GfmlpWh1xd3FtHZPdp/c
2JNtQDe/pHAHSTB9Qo/neelhyMD9p14s++rzLMuqYH0FIWbI8HZ4UFr+AsAyiHNt
qecdlyoL5e2Hzoo4nK95MXzm+2uzR74khrecCx2j7gSfDKK9ycf1Q34IlwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPyq+o/efmv5GVTOuS86kSqDv6mwMB8GA1UdIwQY
MBaAFJBkJvSDw2qs2ocyMkq4itWADJotMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0dRbTlJUERhcXphaHpJeVNyaUsxWUFNbWkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85NGQ0NDEtZDk4Ny00MDYyLTg5YzEt
OTRjNWFkMTdhN2EwLzEva0dRbTlJUERhcXphaHpJeVNyaUsxWUFNbWkwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85NGQ0NDEtZDk4Ny00MDYyLTg5YzEtOTRjNWFkMTdhN2Ew
LzEva0dRbTlJUERhcXphaHpJeVNyaUsxWUFNbWkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaEBfNP7s
k9/OMb+80/sbNyKFe+pU6udO8rqqhifWpYsEo43jOP3O8jNHKRxjsj1iveq85wbh
PQARM/DlYogAF3kSOCGq09D5qe9rd9C0Hc/OIeFAQVLcBeIx9MnwuqSBW3oer1GI
Rd8g+QeGyxNtKF9wfYphHfH0OxrOdzxLvuOjpIaqwm9UUlFL3CW+2zP8JPxNeKdO
vFWcEjMAyiYVBvMnIIcY8uMeu/liYxObkYsRjYv8DIrOIv/bq5aZSSRD4dQvSLBD
lGd1QHPhdS7ahMIkIMOCoGWFWNOxr5mZdMHqwgNYVDJz6PrP+5wokYyJJHVR5LpY
fk/YN+8HLvgO1Q==
-----END CERTIFICATE-----
Generated at Sun Mar 29 14:09:31 2026 by rpki-client