Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/ed0654-724c-4e90-81ff-99f5cb7a3ca5/1/KiGxq-eH4lRkOR-tYdAOPzdrmM8.mft
File: KiGxq-eH4lRkOR-tYdAOPzdrmM8.mft (raw, json)
Hash identifier: PCWX70rPhfmdk6d1Vq64W/zIwcS74SSjB2Txm4Q2P1M=
Subject key identifier: 82:67:30:66:BE:41:FA:B8:BC:08:FC:3D:52:88:B6:59:69:DC:57:1F
Authority key identifier: 2A:21:B1:AB:E7:87:E2:54:64:39:1F:AD:61:D0:0E:3F:37:6B:98:CF
Certificate issuer: /CN=2a21b1abe787e25464391fad61d00e3f376b98cf
Certificate serial: 019D3A8ACFE5EAAC6043508484041DB804A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KiGxq-eH4lRkOR-tYdAOPzdrmM8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/ed0654-724c-4e90-81ff-99f5cb7a3ca5/1/KiGxq-eH4lRkOR-tYdAOPzdrmM8.mft
Manifest number: 0DAC
Signing time: Sun 29 Mar 2026 17:01:08 +0000
Manifest this update: Sun 29 Mar 2026 17:01:08 +0000
Manifest next update: Mon 30 Mar 2026 17:01:08 +0000
Files and hashes: 1: CR089RdV9vYVGf4mZ93SrR3FOhs.roa (hash: 568v/GpPM88p9MXGvKjGe+TkORQEJQjb2NVPN9PNx0U=)
2: KiGxq-eH4lRkOR-tYdAOPzdrmM8.crl (hash: c49H0cgG31YxEOGqc/HyEHX57WZDGT1drjds1DMEnBA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/12/ed0654-724c-4e90-81ff-99f5cb7a3ca5/1/KiGxq-eH4lRkOR-tYdAOPzdrmM8.crl
rsync://rpki.ripe.net/repository/DEFAULT/12/ed0654-724c-4e90-81ff-99f5cb7a3ca5/1/KiGxq-eH4lRkOR-tYdAOPzdrmM8.mft
rsync://rpki.ripe.net/repository/DEFAULT/KiGxq-eH4lRkOR-tYdAOPzdrmM8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 16:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:3a:8a:cf:e5:ea:ac:60:43:50:84:84:04:1d:b8:04:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a21b1abe787e25464391fad61d00e3f376b98cf
Validity
Not Before: Mar 29 17:01:08 2026 GMT
Not After : Mar 30 17:01:08 2026 GMT
Subject: CN=82673066be41fab8bc08fc3d5288b65969dc571f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:da:4a:ff:c1:2c:d0:75:c2:77:16:e2:95:1f:
c6:5e:4d:75:5f:e4:bc:72:71:05:19:e1:16:c1:4f:
4f:ab:cd:74:d1:09:e0:2f:22:9d:7f:29:3a:dd:55:
22:44:8f:ea:e2:c8:c1:ab:3c:eb:81:69:45:58:f0:
4c:f1:c5:e4:75:f0:04:4b:80:a2:10:b7:23:f9:2c:
fb:7e:6f:e0:63:0f:eb:f0:2e:39:1d:84:bd:0a:73:
a8:9c:f1:32:84:58:0c:bd:f1:83:a1:8b:6a:5a:c4:
08:fd:e4:5d:eb:08:6e:5d:d2:37:61:04:65:6a:71:
c1:95:fb:44:4d:cc:49:8e:a3:db:1d:cd:61:9b:fb:
0c:d1:53:95:b4:95:ce:9c:5c:61:78:43:9d:20:fe:
b4:b7:67:3e:f9:35:b2:2d:f1:c2:82:06:e7:95:ed:
b7:b8:5c:91:35:d2:57:53:a2:e3:be:cf:51:4e:36:
0b:17:d1:2d:88:2d:d6:05:f4:4a:77:56:d7:3c:7f:
2f:e3:30:f3:e3:25:37:89:fc:23:f9:12:b7:ed:b2:
7a:7d:be:77:59:95:73:ca:f7:d4:5b:d0:c9:19:30:
ee:b1:88:d1:38:ce:cd:9c:4b:92:a8:2b:d3:c4:5f:
b1:7f:9c:79:27:66:52:27:ec:d7:3b:bf:8b:72:c3:
6c:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:67:30:66:BE:41:FA:B8:BC:08:FC:3D:52:88:B6:59:69:DC:57:1F
X509v3 Authority Key Identifier:
keyid:2A:21:B1:AB:E7:87:E2:54:64:39:1F:AD:61:D0:0E:3F:37:6B:98:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KiGxq-eH4lRkOR-tYdAOPzdrmM8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/ed0654-724c-4e90-81ff-99f5cb7a3ca5/1/KiGxq-eH4lRkOR-tYdAOPzdrmM8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/ed0654-724c-4e90-81ff-99f5cb7a3ca5/1/KiGxq-eH4lRkOR-tYdAOPzdrmM8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
87:ba:46:09:78:a1:2b:61:23:98:bd:54:26:7d:f6:c0:2f:d0:
59:a6:51:0c:e0:22:90:ad:47:87:e7:19:8b:ff:70:94:a1:99:
38:f2:ba:8c:0a:54:3d:6b:25:e8:53:91:53:b1:cc:15:dd:30:
c4:56:83:10:9e:93:98:d2:6c:cc:83:a1:41:fe:ce:01:66:af:
2f:d5:45:f0:8f:34:c3:00:9e:0a:ae:fe:1a:f0:b1:04:5f:d3:
99:37:e8:db:14:58:e6:02:c6:42:9b:dd:f4:97:4e:df:5d:5d:
3c:f2:7b:f3:39:15:82:10:d8:70:42:81:38:0f:5f:95:cf:40:
9a:f8:55:75:8b:65:7e:3b:2e:03:88:29:21:bf:f5:80:fd:72:
52:bf:2e:6d:a0:c4:3b:cc:84:8f:e3:e6:e8:1b:f0:8a:03:25:
c7:96:23:e6:0a:76:61:59:77:61:64:46:e9:ce:ec:36:b3:cc:
5a:a4:1d:cf:e6:8e:1a:20:a6:f8:22:24:bc:00:86:d6:5a:e1:
04:5e:32:7c:a8:1d:01:ca:41:ae:27:21:e5:29:46:71:39:cb:
84:e9:70:96:62:f3:ac:8b:28:35:a1:0a:fe:68:50:36:e8:c2:
d9:a1:b2:ad:30:cc:be:c1:95:39:71:be:55:13:2f:94:06:fa:
03:5e:fb:2c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ06is/l6qxgQ1CEhAQduASoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhMjFiMWFiZTc4N2UyNTQ2NDM5MWZhZDYxZDAwZTNmMzc2
Yjk4Y2YwHhcNMjYwMzI5MTcwMTA4WhcNMjYwMzMwMTcwMTA4WjAzMTEwLwYDVQQD
Eyg4MjY3MzA2NmJlNDFmYWI4YmMwOGZjM2Q1Mjg4YjY1OTY5ZGM1NzFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkNpK/8Es0HXCdxbilR/GXk11X+S8
cnEFGeEWwU9Pq8100QngLyKdfyk63VUiRI/q4sjBqzzrgWlFWPBM8cXkdfAES4Ci
ELcj+Sz7fm/gYw/r8C45HYS9CnOonPEyhFgMvfGDoYtqWsQI/eRd6whuXdI3YQRl
anHBlftETcxJjqPbHc1hm/sM0VOVtJXOnFxheEOdIP60t2c++TWyLfHCggbnle23
uFyRNdJXU6Ljvs9RTjYLF9EtiC3WBfRKd1bXPH8v4zDz4yU3ifwj+RK37bJ6fb53
WZVzyvfUW9DJGTDusYjROM7NnEuSqCvTxF+xf5x5J2ZSJ+zXO7+LcsNsUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIJnMGa+Qfq4vAj8PVKItllp3FcfMB8GA1UdIwQY
MBaAFCohsavnh+JUZDkfrWHQDj83a5jPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2lHeHEtZUg0bFJrT1ItdFlkQU9QemRybU04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9lZDA2NTQtNzI0Yy00ZTkwLTgxZmYt
OTlmNWNiN2EzY2E1LzEvS2lHeHEtZUg0bFJrT1ItdFlkQU9QemRybU04Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9lZDA2NTQtNzI0Yy00ZTkwLTgxZmYtOTlmNWNiN2EzY2E1
LzEvS2lHeHEtZUg0bFJrT1ItdFlkQU9QemRybU04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAh7pGCXih
K2EjmL1UJn32wC/QWaZRDOAikK1Hh+cZi/9wlKGZOPK6jApUPWsl6FORU7HMFd0w
xFaDEJ6TmNJszIOhQf7OAWavL9VF8I80wwCeCq7+GvCxBF/TmTfo2xRY5gLGQpvd
9JdO311dPPJ78zkVghDYcEKBOA9flc9AmvhVdYtlfjsuA4gpIb/1gP1yUr8ubaDE
O8yEj+Pm6BvwigMlx5Yj5gp2YVl3YWRG6c7sNrPMWqQdz+aOGiCm+CIkvACG1lrh
BF4yfKgdAcpBrich5SlGcTnLhOlwlmLzrIsoNaEK/mhQNujC2aGyrTDMvsGVOXG+
VRMvlAb6A177LA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 19:17:21 2026 by rpki-client