Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/562e1d-952a-4fea-9e4a-67a98e256cc7/1/_KrlFMX5lAORQ1YU15QEvuEgmzs.mft
File: _KrlFMX5lAORQ1YU15QEvuEgmzs.mft (raw, json)
Hash identifier: XSONAH+0f380i56swrU2Xu9wPL+OwgKd1S6O5JNdesA=
Subject key identifier: 60:ED:84:1A:5D:9B:7F:FF:2E:1A:1E:E5:68:96:12:F8:F6:20:CE:1E
Authority key identifier: FC:AA:E5:14:C5:F9:94:03:91:43:56:14:D7:94:04:BE:E1:20:9B:3B
Certificate issuer: /CN=fcaae514c5f9940391435614d79404bee1209b3b
Certificate serial: 019CCABED3DB33C4BE3DA01E60967BF95BDC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_KrlFMX5lAORQ1YU15QEvuEgmzs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/562e1d-952a-4fea-9e4a-67a98e256cc7/1/_KrlFMX5lAORQ1YU15QEvuEgmzs.mft
Manifest number: 09FE
Signing time: Sun 08 Mar 2026 00:00:29 +0000
Manifest this update: Sun 08 Mar 2026 00:00:29 +0000
Manifest next update: Mon 09 Mar 2026 00:00:29 +0000
Files and hashes: 1: PvUHe-pn4nnaOYWtjIpbbOjrGvo.roa (hash: 24ateHwuMk5CGZJvNYulALkvFpYFOYXvbKO8p0Z7NPQ=)
2: _KrlFMX5lAORQ1YU15QEvuEgmzs.crl (hash: QNL+QWqA3F7e147JIfitdPMdsygCdkMm70jyQLc1DdM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/562e1d-952a-4fea-9e4a-67a98e256cc7/1/_KrlFMX5lAORQ1YU15QEvuEgmzs.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/562e1d-952a-4fea-9e4a-67a98e256cc7/1/_KrlFMX5lAORQ1YU15QEvuEgmzs.mft
rsync://rpki.ripe.net/repository/DEFAULT/_KrlFMX5lAORQ1YU15QEvuEgmzs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Mar 2026 20:09:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ca:be:d3:db:33:c4:be:3d:a0:1e:60:96:7b:f9:5b:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fcaae514c5f9940391435614d79404bee1209b3b
Validity
Not Before: Mar 8 00:00:29 2026 GMT
Not After : Mar 9 00:00:29 2026 GMT
Subject: CN=60ed841a5d9b7fff2e1a1ee5689612f8f620ce1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:21:79:77:45:17:7a:31:19:83:c4:cc:13:b9:
cc:9a:4d:db:b4:ae:7f:40:cd:3d:14:f2:68:33:e3:
e4:36:85:8a:43:ae:44:7b:3d:3a:3a:0a:77:50:af:
96:d4:3c:76:a2:b3:4e:08:0f:51:df:ee:26:c9:30:
eb:74:74:8d:83:cc:a5:bc:f5:b4:ec:a5:ca:12:87:
d0:7c:5d:ce:cd:de:6e:5f:07:5a:fe:9b:34:66:1f:
b3:4d:fc:69:76:d5:cd:2e:db:62:9e:74:9b:c4:79:
2d:8a:79:12:e8:8a:c3:1e:d0:6a:a0:dc:22:69:e5:
0c:b0:43:70:ab:20:88:76:8b:5e:86:bf:18:8c:1a:
57:e8:35:79:f8:d4:25:4a:45:57:8f:2f:c3:3b:16:
67:14:0c:56:f8:2a:48:20:e9:48:3d:c0:b5:2e:76:
17:5d:05:2c:c4:93:bb:0d:5c:c8:b0:23:5b:a4:02:
84:15:e9:59:95:1d:5c:97:59:be:f9:c3:2d:96:94:
2b:b7:0a:07:e6:f1:7c:32:09:51:15:9f:bd:b1:a2:
b5:82:e3:12:ce:59:ab:01:9b:f0:1d:f0:4d:3b:ab:
92:e4:d3:7a:84:54:2d:11:bc:87:e4:db:68:f8:1a:
38:71:27:1d:66:f7:0f:5c:33:5f:42:22:e1:c3:b8:
c0:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:ED:84:1A:5D:9B:7F:FF:2E:1A:1E:E5:68:96:12:F8:F6:20:CE:1E
X509v3 Authority Key Identifier:
keyid:FC:AA:E5:14:C5:F9:94:03:91:43:56:14:D7:94:04:BE:E1:20:9B:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_KrlFMX5lAORQ1YU15QEvuEgmzs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/562e1d-952a-4fea-9e4a-67a98e256cc7/1/_KrlFMX5lAORQ1YU15QEvuEgmzs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/562e1d-952a-4fea-9e4a-67a98e256cc7/1/_KrlFMX5lAORQ1YU15QEvuEgmzs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9b:63:e7:b5:5c:be:f9:fb:10:05:38:96:23:68:48:25:65:ff:
a5:fe:be:5d:91:87:2d:05:b8:34:02:e3:e3:d2:22:3e:d3:3e:
97:5f:69:df:24:78:dd:40:c9:70:02:bb:80:df:4f:04:64:e2:
04:28:8b:bf:61:30:3e:09:d1:b1:bc:89:9a:9e:2d:91:05:75:
c9:9c:27:2e:74:c4:84:4c:03:77:ba:5e:50:bf:4d:39:ea:85:
3b:33:60:48:79:7f:e0:79:f9:2a:cd:f2:13:a0:38:04:11:92:
1d:6e:33:2d:d7:f7:32:75:5c:46:0b:c1:e9:36:b9:f0:2f:6a:
7a:f4:98:46:39:b9:cc:dc:fe:38:8a:bc:7d:b7:73:15:f7:a8:
f6:00:cf:f8:f5:63:3e:58:44:f7:b1:2c:02:06:d2:2d:a7:aa:
8b:06:2c:b0:e5:65:b1:fd:d2:56:b9:6b:d9:9f:44:db:5e:1c:
39:61:6d:b8:82:73:8f:ff:86:09:18:20:a4:74:ef:48:71:56:
18:91:cf:0a:c9:d7:9d:4b:00:0d:f4:84:3e:e4:59:2a:38:3b:
a8:53:77:79:37:e6:2c:10:eb:c7:0c:7a:41:4b:38:7f:10:41:
00:af:22:c5:c5:cb:cd:0b:e4:fd:7f:19:43:6d:b3:93:f8:6c:
1d:37:47:98
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZzKvtPbM8S+PaAeYJZ7+VvcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjYWFlNTE0YzVmOTk0MDM5MTQzNTYxNGQ3OTQwNGJlZTEy
MDliM2IwHhcNMjYwMzA4MDAwMDI5WhcNMjYwMzA5MDAwMDI5WjAzMTEwLwYDVQQD
Eyg2MGVkODQxYTVkOWI3ZmZmMmUxYTFlZTU2ODk2MTJmOGY2MjBjZTFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnSF5d0UXejEZg8TME7nMmk3btK5/
QM09FPJoM+PkNoWKQ65Eez06Ogp3UK+W1Dx2orNOCA9R3+4myTDrdHSNg8ylvPW0
7KXKEofQfF3Ozd5uXwda/ps0Zh+zTfxpdtXNLttinnSbxHktinkS6IrDHtBqoNwi
aeUMsENwqyCIdotehr8YjBpX6DV5+NQlSkVXjy/DOxZnFAxW+CpIIOlIPcC1LnYX
XQUsxJO7DVzIsCNbpAKEFelZlR1cl1m++cMtlpQrtwoH5vF8MglRFZ+9saK1guMS
zlmrAZvwHfBNO6uS5NN6hFQtEbyH5Nto+Bo4cScdZvcPXDNfQiLhw7jApwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGDthBpdm3//Lhoe5WiWEvj2IM4eMB8GA1UdIwQY
MBaAFPyq5RTF+ZQDkUNWFNeUBL7hIJs7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0tybEZNWDVsQU9SUTFZVTE1UUV2dUVnbXpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy81NjJlMWQtOTUyYS00ZmVhLTllNGEt
NjdhOThlMjU2Y2M3LzEvX0tybEZNWDVsQU9SUTFZVTE1UUV2dUVnbXpzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy81NjJlMWQtOTUyYS00ZmVhLTllNGEtNjdhOThlMjU2Y2M3
LzEvX0tybEZNWDVsQU9SUTFZVTE1UUV2dUVnbXpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAm2PntVy+
+fsQBTiWI2hIJWX/pf6+XZGHLQW4NALj49IiPtM+l19p3yR43UDJcAK7gN9PBGTi
BCiLv2EwPgnRsbyJmp4tkQV1yZwnLnTEhEwDd7peUL9NOeqFOzNgSHl/4Hn5Ks3y
E6A4BBGSHW4zLdf3MnVcRgvB6Ta58C9qevSYRjm5zNz+OIq8fbdzFfeo9gDP+PVj
PlhE97EsAgbSLaeqiwYssOVlsf3SVrlr2Z9E214cOWFtuIJzj/+GCRggpHTvSHFW
GJHPCsnXnUsADfSEPuRZKjg7qFN3eTfmLBDrxwx6QUs4fxBBAK8ixcXLzQvk/X8Z
Q22zk/hsHTdHmA==
-----END CERTIFICATE-----
Generated at Sun Mar 8 03:49:01 2026 by rpki-client