Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/c80896-c36e-4627-8353-341c3fa45b43/1/Kq8k6REaiJ202uCH5ICeEIbjP4I.mft
File: Kq8k6REaiJ202uCH5ICeEIbjP4I.mft (raw, json)
Hash identifier: 7nRXnKOovdngXJ/oEsL1Vk0l3xghdORaK8S6NrE+UO0=
Subject key identifier: A0:0C:B0:EF:62:27:58:48:10:54:BA:54:94:DD:6C:9E:78:9A:56:AD
Authority key identifier: 2A:AF:24:E9:11:1A:88:9D:B4:DA:E0:87:E4:80:9E:10:86:E3:3F:82
Certificate issuer: /CN=2aaf24e9111a889db4dae087e4809e1086e33f82
Certificate serial: 019D37C0AACD3DF70F4E6DD4C88E25E1881B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Kq8k6REaiJ202uCH5ICeEIbjP4I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/c80896-c36e-4627-8353-341c3fa45b43/1/Kq8k6REaiJ202uCH5ICeEIbjP4I.mft
Manifest number: 17EB
Signing time: Sun 29 Mar 2026 04:01:06 +0000
Manifest this update: Sun 29 Mar 2026 04:01:06 +0000
Manifest next update: Mon 30 Mar 2026 04:01:06 +0000
Files and hashes: 1: Kq8k6REaiJ202uCH5ICeEIbjP4I.crl (hash: oqreIWeqUfnJmXkYDg38mtm1JYJvZdJdUghMM0UfAKI=)
2: oyKh1GZmmmicse4bqcfsPq9PxSg.roa (hash: YSuCQpmgXDGJyq+euD80LcmH0pwmzSboam85gWy8j5E=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/c80896-c36e-4627-8353-341c3fa45b43/1/Kq8k6REaiJ202uCH5ICeEIbjP4I.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/c80896-c36e-4627-8353-341c3fa45b43/1/Kq8k6REaiJ202uCH5ICeEIbjP4I.mft
rsync://rpki.ripe.net/repository/DEFAULT/Kq8k6REaiJ202uCH5ICeEIbjP4I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 04:01:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:c0:aa:cd:3d:f7:0f:4e:6d:d4:c8:8e:25:e1:88:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2aaf24e9111a889db4dae087e4809e1086e33f82
Validity
Not Before: Mar 29 04:01:06 2026 GMT
Not After : Mar 30 04:01:06 2026 GMT
Subject: CN=a00cb0ef622758481054ba5494dd6c9e789a56ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:fe:07:a3:61:22:f6:1e:c5:74:ac:13:6f:0c:
f0:56:87:3b:ea:3e:b0:cb:3c:7f:93:87:3d:6c:b9:
17:31:64:c5:17:ec:76:2c:8a:d4:f4:83:b9:fe:3a:
0d:25:ef:47:99:02:27:96:ac:16:31:51:3e:e5:b9:
e1:b6:6e:13:53:36:3e:b6:93:56:02:72:fd:cf:c4:
54:28:97:33:4d:da:94:c4:c2:88:df:bd:90:89:41:
85:9b:28:96:ad:ee:c1:e0:39:79:99:1d:48:0c:1a:
ae:fd:3a:8f:93:44:00:24:39:1f:e6:64:2a:3a:5b:
cf:99:c1:56:30:c7:eb:49:ab:97:40:bf:6f:b9:5b:
9c:88:9c:0b:f3:4c:c7:e3:74:7a:d7:65:ce:55:e7:
17:97:0c:e5:e9:5d:59:1e:19:76:b8:d4:d0:34:b0:
60:63:be:fd:99:23:82:fb:da:cf:ea:54:15:67:1b:
27:dc:ea:f6:f8:ec:91:c7:1c:70:ee:50:df:7f:b7:
9f:f2:3b:2b:0e:3a:21:81:76:f9:c4:66:fe:38:d4:
77:54:d9:58:4b:8b:a1:4a:a1:30:bd:25:cf:10:cd:
f2:88:d7:be:17:fd:2a:cd:82:8e:4c:98:2d:48:80:
cc:55:37:35:09:2b:d0:42:40:40:4b:ed:d0:37:55:
29:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:0C:B0:EF:62:27:58:48:10:54:BA:54:94:DD:6C:9E:78:9A:56:AD
X509v3 Authority Key Identifier:
keyid:2A:AF:24:E9:11:1A:88:9D:B4:DA:E0:87:E4:80:9E:10:86:E3:3F:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Kq8k6REaiJ202uCH5ICeEIbjP4I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/c80896-c36e-4627-8353-341c3fa45b43/1/Kq8k6REaiJ202uCH5ICeEIbjP4I.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/c80896-c36e-4627-8353-341c3fa45b43/1/Kq8k6REaiJ202uCH5ICeEIbjP4I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
78:65:db:83:c7:61:97:39:1c:4c:24:9b:1d:6a:96:a8:96:6f:
eb:16:77:2e:a4:6e:d3:b8:d1:5c:24:1d:95:ed:28:43:6b:c4:
a2:b9:16:f7:78:a5:fa:6a:6c:2b:4b:fd:74:0d:6b:44:bf:43:
07:23:b2:ea:a6:67:80:35:c0:c2:01:2c:df:1f:cf:96:38:92:
78:f1:4f:6e:15:63:94:fc:bc:56:51:27:b0:01:f4:3d:7c:79:
fa:25:15:7e:c6:99:ee:bc:de:7d:9b:a1:c0:bb:49:a6:31:e3:
ff:b2:40:9b:53:06:4c:52:0f:0d:1b:b6:4f:e1:f4:d8:26:9b:
70:a7:9d:57:1f:a9:38:6f:48:95:3c:e4:dc:5c:b6:f7:2a:3b:
ed:04:31:f8:ca:4c:22:e6:50:c0:ed:2a:35:c0:ea:52:a2:49:
e0:1e:68:f6:ab:e9:e9:3e:0b:ea:0a:4e:48:40:de:76:89:39:
4b:ae:40:e1:a7:0f:96:3b:9e:de:23:59:e4:cb:fb:11:de:b5:
c9:0f:4f:ff:f1:42:af:b4:04:3a:4b:86:2e:99:ca:0e:49:d6:
5d:de:7e:52:67:7b:88:60:ae:88:d6:4d:71:0b:25:e6:df:44:
01:46:ab:6f:30:7d:c8:5a:69:13:e1:d0:0e:4f:11:1d:f8:12:
67:53:6e:46
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03wKrNPfcPTm3UyI4l4YgbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYWYyNGU5MTExYTg4OWRiNGRhZTA4N2U0ODA5ZTEwODZl
MzNmODIwHhcNMjYwMzI5MDQwMTA2WhcNMjYwMzMwMDQwMTA2WjAzMTEwLwYDVQQD
EyhhMDBjYjBlZjYyMjc1ODQ4MTA1NGJhNTQ5NGRkNmM5ZTc4OWE1NmFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo/4Ho2Ei9h7FdKwTbwzwVoc76j6w
yzx/k4c9bLkXMWTFF+x2LIrU9IO5/joNJe9HmQInlqwWMVE+5bnhtm4TUzY+tpNW
AnL9z8RUKJczTdqUxMKI372QiUGFmyiWre7B4Dl5mR1IDBqu/TqPk0QAJDkf5mQq
OlvPmcFWMMfrSauXQL9vuVuciJwL80zH43R612XOVecXlwzl6V1ZHhl2uNTQNLBg
Y779mSOC+9rP6lQVZxsn3Or2+OyRxxxw7lDff7ef8jsrDjohgXb5xGb+ONR3VNlY
S4uhSqEwvSXPEM3yiNe+F/0qzYKOTJgtSIDMVTc1CSvQQkBAS+3QN1UpowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKAMsO9iJ1hIEFS6VJTdbJ54mlatMB8GA1UdIwQY
MBaAFCqvJOkRGoidtNrgh+SAnhCG4z+CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3E4azZSRWFpSjIwMnVDSDVJQ2VFSWJqUDRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9jODA4OTYtYzM2ZS00NjI3LTgzNTMt
MzQxYzNmYTQ1YjQzLzEvS3E4azZSRWFpSjIwMnVDSDVJQ2VFSWJqUDRJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9jODA4OTYtYzM2ZS00NjI3LTgzNTMtMzQxYzNmYTQ1YjQz
LzEvS3E4azZSRWFpSjIwMnVDSDVJQ2VFSWJqUDRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeGXbg8dh
lzkcTCSbHWqWqJZv6xZ3LqRu07jRXCQdle0oQ2vEorkW93il+mpsK0v9dA1rRL9D
ByOy6qZngDXAwgEs3x/PljiSePFPbhVjlPy8VlEnsAH0PXx5+iUVfsaZ7rzefZuh
wLtJpjHj/7JAm1MGTFIPDRu2T+H02CabcKedVx+pOG9IlTzk3Fy29yo77QQx+MpM
IuZQwO0qNcDqUqJJ4B5o9qvp6T4L6gpOSEDedok5S65A4acPljue3iNZ5Mv7Ed61
yQ9P//FCr7QEOkuGLpnKDknWXd5+Umd7iGCuiNZNcQsl5t9EAUarbzB9yFppE+HQ
Dk8RHfgSZ1NuRg==
-----END CERTIFICATE-----
Generated at Sun Mar 29 14:08:40 2026 by rpki-client