Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/34e53f-6759-4cf5-9801-5d630e203fd5/1/kaEXOnDkH0WTVHZpraIvDX9o81Q.mft
File: kaEXOnDkH0WTVHZpraIvDX9o81Q.mft (raw, json)
Hash identifier: wOKSRe8t352QRMluo/czZodFZgjB0iqb8g2R/gHMK1o=
Subject key identifier: FF:34:6A:97:5C:27:FF:7B:02:C1:D0:38:2E:3B:F0:FC:E2:D6:AA:4C
Authority key identifier: 91:A1:17:3A:70:E4:1F:45:93:54:76:69:AD:A2:2F:0D:7F:68:F3:54
Certificate issuer: /CN=91a1173a70e41f4593547669ada22f0d7f68f354
Certificate serial: 019D3865C8688F960FF3392A4F8DB8114CCD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kaEXOnDkH0WTVHZpraIvDX9o81Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/34e53f-6759-4cf5-9801-5d630e203fd5/1/kaEXOnDkH0WTVHZpraIvDX9o81Q.mft
Manifest number: 1891
Signing time: Sun 29 Mar 2026 07:01:27 +0000
Manifest this update: Sun 29 Mar 2026 07:01:27 +0000
Manifest next update: Mon 30 Mar 2026 07:01:27 +0000
Files and hashes: 1: EZMelYnsyxsc7u1d-UmuOELSVGA.roa (hash: fiCJAdZiRwTzbxllvOptWzW5kDS3kt1J0JiXeIKn0tM=)
2: kaEXOnDkH0WTVHZpraIvDX9o81Q.crl (hash: WhjqVEVXQrfd5MnJZM94gpnySXDrbftoxiGYA+QAoe0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/34e53f-6759-4cf5-9801-5d630e203fd5/1/kaEXOnDkH0WTVHZpraIvDX9o81Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/34e53f-6759-4cf5-9801-5d630e203fd5/1/kaEXOnDkH0WTVHZpraIvDX9o81Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/kaEXOnDkH0WTVHZpraIvDX9o81Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:65:c8:68:8f:96:0f:f3:39:2a:4f:8d:b8:11:4c:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91a1173a70e41f4593547669ada22f0d7f68f354
Validity
Not Before: Mar 29 07:01:27 2026 GMT
Not After : Mar 30 07:01:27 2026 GMT
Subject: CN=ff346a975c27ff7b02c1d0382e3bf0fce2d6aa4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:53:cf:82:70:d2:56:a0:a9:a2:1e:2a:68:b6:
d8:47:e0:01:43:91:96:5d:ac:19:72:3f:cd:4c:56:
56:a3:97:a8:79:1c:26:bb:e9:a9:d0:f8:e1:8e:23:
ea:e6:13:2a:95:4c:92:d3:4f:be:dc:cc:2c:ae:cd:
20:33:c6:a5:c3:1f:72:b0:51:d0:bc:f9:21:03:70:
a5:ff:12:32:25:fd:70:f1:bb:d6:ee:7e:71:89:84:
de:2e:1d:98:73:ad:b8:cc:1d:93:4b:9f:93:fd:cf:
33:8f:c2:d8:65:72:65:c9:c9:6e:b3:ab:62:0b:7a:
8e:c3:43:28:74:31:4e:6b:ad:33:77:f9:2c:20:a5:
66:a1:2b:59:1c:89:50:94:6e:c6:2c:ec:be:b5:1e:
fa:6a:9c:cf:15:ab:1f:35:ac:b3:ba:a7:30:8c:bc:
0e:bf:b0:ae:b4:ff:12:d6:3b:52:63:cf:40:e8:83:
83:7c:ca:76:33:bc:8d:54:56:7f:0c:1b:ba:fa:44:
f6:94:87:88:11:6b:8a:74:39:62:52:ab:15:a9:14:
4a:36:51:04:3a:03:c1:e8:ed:8b:10:7d:81:95:08:
3d:94:ed:59:f5:ec:b7:08:ce:d1:31:1d:21:06:b2:
54:df:f0:71:e3:ee:52:6a:96:0c:72:df:eb:60:b4:
c6:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:34:6A:97:5C:27:FF:7B:02:C1:D0:38:2E:3B:F0:FC:E2:D6:AA:4C
X509v3 Authority Key Identifier:
keyid:91:A1:17:3A:70:E4:1F:45:93:54:76:69:AD:A2:2F:0D:7F:68:F3:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kaEXOnDkH0WTVHZpraIvDX9o81Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/34e53f-6759-4cf5-9801-5d630e203fd5/1/kaEXOnDkH0WTVHZpraIvDX9o81Q.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/34e53f-6759-4cf5-9801-5d630e203fd5/1/kaEXOnDkH0WTVHZpraIvDX9o81Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1c:01:a3:92:9d:46:a8:4f:db:e2:1c:8d:47:05:ef:e3:4a:4a:
1d:19:7e:c3:5f:cc:bd:45:4b:ee:e4:68:8e:e2:86:98:53:f4:
95:72:a1:58:33:c3:9c:f5:04:71:08:fe:05:02:4a:e5:bc:0f:
f7:c5:25:06:4d:c3:77:6b:91:e7:57:19:2d:3b:76:82:c8:3e:
b9:23:92:05:d6:dc:cc:48:9b:b1:01:27:11:9b:7d:78:76:1b:
7e:e4:08:4b:0b:bd:94:d5:1b:fb:50:aa:b1:bf:cc:2c:25:d2:
78:1b:fc:f5:a0:2c:b4:15:6a:e7:d2:db:ea:df:9c:b3:e6:e4:
a6:45:af:61:c4:31:14:1c:a2:cc:7e:14:b9:83:c3:a4:70:68:
e6:4c:5f:41:98:39:5b:9e:40:72:09:b4:44:6d:ed:fb:41:1c:
08:7d:69:3b:19:33:25:95:15:80:cf:bf:60:f0:e3:c4:49:96:
8a:4d:93:ee:5e:96:3b:4c:f7:fa:8d:38:a5:1c:f2:21:9b:08:
9a:c4:f2:ba:15:e9:51:42:54:4c:95:73:be:e8:14:58:12:1e:
e9:b8:e4:01:22:b4:24:c8:5e:35:13:6f:35:80:27:b3:d7:4d:
53:df:e1:dd:3a:cc:c5:b3:72:90:f9:0d:fb:e5:58:5c:38:97:
c6:c3:8f:af
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04Zchoj5YP8zkqT424EUzNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxYTExNzNhNzBlNDFmNDU5MzU0NzY2OWFkYTIyZjBkN2Y2
OGYzNTQwHhcNMjYwMzI5MDcwMTI3WhcNMjYwMzMwMDcwMTI3WjAzMTEwLwYDVQQD
EyhmZjM0NmE5NzVjMjdmZjdiMDJjMWQwMzgyZTNiZjBmY2UyZDZhYTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxFPPgnDSVqCpoh4qaLbYR+ABQ5GW
XawZcj/NTFZWo5eoeRwmu+mp0PjhjiPq5hMqlUyS00++3Mwsrs0gM8alwx9ysFHQ
vPkhA3Cl/xIyJf1w8bvW7n5xiYTeLh2Yc624zB2TS5+T/c8zj8LYZXJlyclus6ti
C3qOw0ModDFOa60zd/ksIKVmoStZHIlQlG7GLOy+tR76apzPFasfNayzuqcwjLwO
v7CutP8S1jtSY89A6IODfMp2M7yNVFZ/DBu6+kT2lIeIEWuKdDliUqsVqRRKNlEE
OgPB6O2LEH2BlQg9lO1Z9ey3CM7RMR0hBrJU3/Bx4+5SapYMct/rYLTGrQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP80apdcJ/97AsHQOC478Pzi1qpMMB8GA1UdIwQY
MBaAFJGhFzpw5B9Fk1R2aa2iLw1/aPNUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2FFWE9uRGtIMFdUVkhacHJhSXZEWDlvODFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi8zNGU1M2YtNjc1OS00Y2Y1LTk4MDEt
NWQ2MzBlMjAzZmQ1LzEva2FFWE9uRGtIMFdUVkhacHJhSXZEWDlvODFRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi8zNGU1M2YtNjc1OS00Y2Y1LTk4MDEtNWQ2MzBlMjAzZmQ1
LzEva2FFWE9uRGtIMFdUVkhacHJhSXZEWDlvODFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHAGjkp1G
qE/b4hyNRwXv40pKHRl+w1/MvUVL7uRojuKGmFP0lXKhWDPDnPUEcQj+BQJK5bwP
98UlBk3Dd2uR51cZLTt2gsg+uSOSBdbczEibsQEnEZt9eHYbfuQISwu9lNUb+1Cq
sb/MLCXSeBv89aAstBVq59Lb6t+cs+bkpkWvYcQxFByizH4UuYPDpHBo5kxfQZg5
W55Acgm0RG3t+0EcCH1pOxkzJZUVgM+/YPDjxEmWik2T7l6WO0z3+o04pRzyIZsI
msTyuhXpUUJUTJVzvugUWBIe6bjkASK0JMheNRNvNYAns9dNU9/h3TrMxbNykPkN
++VYXDiXxsOPrw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 17:01:03 2026 by rpki-client