Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/24ec8e-1cc6-45e3-9063-99149867dbf7/1/kERLB53wCKfHy-KPy6Xb4GIOjhc.mft
File: kERLB53wCKfHy-KPy6Xb4GIOjhc.mft (raw, json)
Hash identifier: 3nfyPuEMwiMnS/ecJKPoGZrlYChckzvAl+jD/WiyaFw=
Subject key identifier: F1:2A:C1:58:0F:5D:1C:E2:63:C9:96:B3:F6:0B:72:2F:E3:D4:1F:73
Authority key identifier: 90:44:4B:07:9D:F0:08:A7:C7:CB:E2:8F:CB:A5:DB:E0:62:0E:8E:17
Certificate issuer: /CN=90444b079df008a7c7cbe28fcba5dbe0620e8e17
Certificate serial: 019D39413D676ECB8AEB7A71A862C7B8BCBE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kERLB53wCKfHy-KPy6Xb4GIOjhc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/24ec8e-1cc6-45e3-9063-99149867dbf7/1/kERLB53wCKfHy-KPy6Xb4GIOjhc.mft
Manifest number: 1703
Signing time: Sun 29 Mar 2026 11:01:09 +0000
Manifest this update: Sun 29 Mar 2026 11:01:09 +0000
Manifest next update: Mon 30 Mar 2026 11:01:09 +0000
Files and hashes: 1: kERLB53wCKfHy-KPy6Xb4GIOjhc.crl (hash: T/ButlJN6+P/sc7JtCWPnXIuefRUp3g0JUlA3gfu4cE=)
2: qh7XZDst8WsBCGjKLPzTSR00_9w.roa (hash: 91hvylgfnm1S7Q889lgwTcLMuKxZDx/xX3dO/XE0rko=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/24ec8e-1cc6-45e3-9063-99149867dbf7/1/kERLB53wCKfHy-KPy6Xb4GIOjhc.crl
rsync://rpki.ripe.net/repository/DEFAULT/0e/24ec8e-1cc6-45e3-9063-99149867dbf7/1/kERLB53wCKfHy-KPy6Xb4GIOjhc.mft
rsync://rpki.ripe.net/repository/DEFAULT/kERLB53wCKfHy-KPy6Xb4GIOjhc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:41:3d:67:6e:cb:8a:eb:7a:71:a8:62:c7:b8:bc:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90444b079df008a7c7cbe28fcba5dbe0620e8e17
Validity
Not Before: Mar 29 11:01:09 2026 GMT
Not After : Mar 30 11:01:09 2026 GMT
Subject: CN=f12ac1580f5d1ce263c996b3f60b722fe3d41f73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:0c:1f:85:75:ec:6e:bb:46:6c:28:dc:7f:b2:
7e:25:8b:88:b5:39:10:6f:8c:26:a2:7b:88:56:4f:
65:7e:97:19:19:4a:b8:00:bb:6e:da:49:92:1f:27:
66:27:f9:68:b5:5e:86:00:a0:9b:cf:05:92:f2:05:
87:56:1d:d8:ec:2b:8a:38:2a:08:16:90:d8:e6:31:
cd:60:21:e1:08:42:3c:8c:78:37:7a:a5:51:3b:9e:
ca:0a:5a:ca:94:36:cd:a6:71:b4:1c:db:2d:58:34:
8c:d9:c1:5e:ba:2b:46:6c:a5:a1:42:c8:b3:24:5a:
ea:e7:df:0e:32:50:c3:ed:40:82:d3:bc:a4:8a:d0:
10:f8:9a:c7:95:0b:02:2a:ec:d0:2e:44:b0:ea:97:
5e:56:41:3d:d3:37:8e:61:e1:d2:6a:e8:5c:4a:b0:
ed:d0:e3:fe:4a:40:e9:4a:14:c3:a7:85:13:92:8e:
64:49:2a:a5:2d:bf:b6:9d:b5:18:29:2e:10:db:0b:
f5:77:12:51:66:ac:79:b2:96:96:21:32:f9:f6:87:
86:ba:20:e9:9b:93:75:cc:88:78:b2:bb:de:ad:48:
55:2f:62:a5:72:ba:7d:72:7e:ae:77:71:bf:6b:6f:
de:b3:ba:7c:99:50:87:8a:cd:15:d6:72:a1:f3:ac:
e2:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:2A:C1:58:0F:5D:1C:E2:63:C9:96:B3:F6:0B:72:2F:E3:D4:1F:73
X509v3 Authority Key Identifier:
keyid:90:44:4B:07:9D:F0:08:A7:C7:CB:E2:8F:CB:A5:DB:E0:62:0E:8E:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kERLB53wCKfHy-KPy6Xb4GIOjhc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/24ec8e-1cc6-45e3-9063-99149867dbf7/1/kERLB53wCKfHy-KPy6Xb4GIOjhc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/24ec8e-1cc6-45e3-9063-99149867dbf7/1/kERLB53wCKfHy-KPy6Xb4GIOjhc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9b:53:70:10:d4:ea:bb:a3:65:5b:68:24:69:35:c3:ee:aa:83:
14:54:d4:af:26:dd:1b:5c:ca:8f:1b:ed:37:f4:f9:f6:02:b0:
9e:a5:96:6e:13:8f:dd:98:b5:dc:00:0b:51:7c:b6:56:40:a2:
cb:8e:d8:7e:6a:2b:74:1d:7c:cb:85:7c:26:7d:d3:6a:15:b2:
87:20:6f:c5:d8:52:78:86:e0:a8:7c:b6:69:dd:66:ff:8f:dc:
78:17:6f:9d:be:22:78:51:5e:53:a5:37:3d:a9:d5:e9:e5:42:
af:6e:e9:63:81:0d:82:d0:e6:62:69:c3:a7:c8:b6:26:15:83:
4c:6b:50:12:f4:b6:03:59:62:9a:9e:ae:cc:97:73:bb:d9:b8:
6e:de:15:df:dc:9f:2e:3b:fc:92:7e:3d:71:82:2c:b6:45:36:
07:5f:ab:bb:d5:c6:4b:aa:fa:dd:b4:c2:42:31:89:aa:57:66:
16:2d:7b:5c:0c:ef:f4:71:a0:93:0a:c6:ed:7f:86:0e:85:32:
63:6f:f4:9a:a7:21:a0:ef:4c:d8:45:2a:2e:fe:75:23:06:bc:
1a:99:f9:98:b3:ef:39:88:56:67:a6:8e:9a:7d:cb:39:89:26:
3c:78:51:31:08:b1:04:41:5f:b4:29:4d:e1:88:b1:90:28:e3:
47:83:d7:85
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05QT1nbsuK63pxqGLHuLy+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwNDQ0YjA3OWRmMDA4YTdjN2NiZTI4ZmNiYTVkYmUwNjIw
ZThlMTcwHhcNMjYwMzI5MTEwMTA5WhcNMjYwMzMwMTEwMTA5WjAzMTEwLwYDVQQD
EyhmMTJhYzE1ODBmNWQxY2UyNjNjOTk2YjNmNjBiNzIyZmUzZDQxZjczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvAwfhXXsbrtGbCjcf7J+JYuItTkQ
b4wmonuIVk9lfpcZGUq4ALtu2kmSHydmJ/lotV6GAKCbzwWS8gWHVh3Y7CuKOCoI
FpDY5jHNYCHhCEI8jHg3eqVRO57KClrKlDbNpnG0HNstWDSM2cFeuitGbKWhQsiz
JFrq598OMlDD7UCC07ykitAQ+JrHlQsCKuzQLkSw6pdeVkE90zeOYeHSauhcSrDt
0OP+SkDpShTDp4UTko5kSSqlLb+2nbUYKS4Q2wv1dxJRZqx5spaWITL59oeGuiDp
m5N1zIh4srverUhVL2Klcrp9cn6ud3G/a2/es7p8mVCHis0V1nKh86zigQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPEqwVgPXRziY8mWs/YLci/j1B9zMB8GA1UdIwQY
MBaAFJBESwed8Ainx8vij8ul2+BiDo4XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0VSTEI1M3dDS2ZIeS1LUHk2WGI0R0lPamhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8yNGVjOGUtMWNjNi00NWUzLTkwNjMt
OTkxNDk4NjdkYmY3LzEva0VSTEI1M3dDS2ZIeS1LUHk2WGI0R0lPamhjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8yNGVjOGUtMWNjNi00NWUzLTkwNjMtOTkxNDk4NjdkYmY3
LzEva0VSTEI1M3dDS2ZIeS1LUHk2WGI0R0lPamhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAm1NwENTq
u6NlW2gkaTXD7qqDFFTUrybdG1zKjxvtN/T59gKwnqWWbhOP3Zi13AALUXy2VkCi
y47YfmordB18y4V8Jn3TahWyhyBvxdhSeIbgqHy2ad1m/4/ceBdvnb4ieFFeU6U3
PanV6eVCr27pY4ENgtDmYmnDp8i2JhWDTGtQEvS2A1limp6uzJdzu9m4bt4V39yf
Ljv8kn49cYIstkU2B1+ru9XGS6r63bTCQjGJqldmFi17XAzv9HGgkwrG7X+GDoUy
Y2/0mqchoO9M2EUqLv51Iwa8Gpn5mLPvOYhWZ6aOmn3LOYkmPHhRMQixBEFftClN
4YixkCjjR4PXhQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 14:54:57 2026 by rpki-client