Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/1b512b-2159-4f9c-a0bf-9d28bf5ef3c1/1/k7Hqu-XuDASWgOKryVU0OexkPAs.mft
File: k7Hqu-XuDASWgOKryVU0OexkPAs.mft (raw, json)
Hash identifier: WzP20Cp82bQ0vIIhgBQUdv/pRhGZ1v6d+kk5AYW6rQ4=
Subject key identifier: FE:50:5B:2B:3E:A1:42:96:B3:F0:20:D6:01:56:E1:1E:22:96:5D:9D
Authority key identifier: 93:B1:EA:BB:E5:EE:0C:04:96:80:E2:AB:C9:55:34:39:EC:64:3C:0B
Certificate issuer: /CN=93b1eabbe5ee0c049680e2abc9553439ec643c0b
Certificate serial: 019D39AE6B8A05CCA55C6D8DACDD83744238
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k7Hqu-XuDASWgOKryVU0OexkPAs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/1b512b-2159-4f9c-a0bf-9d28bf5ef3c1/1/k7Hqu-XuDASWgOKryVU0OexkPAs.mft
Manifest number: 1243
Signing time: Sun 29 Mar 2026 13:00:25 +0000
Manifest this update: Sun 29 Mar 2026 13:00:25 +0000
Manifest next update: Mon 30 Mar 2026 13:00:25 +0000
Files and hashes: 1: bk8tPJ9EOMV75C2mivaFUdSxCIg.roa (hash: nYMoXp5QMpQVkLvKRSTUqVzpxbW4FhsK/wY7jqg9tKs=)
2: k7Hqu-XuDASWgOKryVU0OexkPAs.crl (hash: 19HIVU7sPZHwgLKUGAtELvWyFEnCmnVpSgMRQpMh4ZY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/1b512b-2159-4f9c-a0bf-9d28bf5ef3c1/1/k7Hqu-XuDASWgOKryVU0OexkPAs.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/1b512b-2159-4f9c-a0bf-9d28bf5ef3c1/1/k7Hqu-XuDASWgOKryVU0OexkPAs.mft
rsync://rpki.ripe.net/repository/DEFAULT/k7Hqu-XuDASWgOKryVU0OexkPAs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:ae:6b:8a:05:cc:a5:5c:6d:8d:ac:dd:83:74:42:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93b1eabbe5ee0c049680e2abc9553439ec643c0b
Validity
Not Before: Mar 29 13:00:25 2026 GMT
Not After : Mar 30 13:00:25 2026 GMT
Subject: CN=fe505b2b3ea14296b3f020d60156e11e22965d9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:f8:a3:58:3f:28:ff:17:2e:3c:80:56:fd:cc:
73:da:7c:64:1d:d6:ea:47:d3:16:3d:01:85:66:18:
84:fc:04:b2:53:67:62:17:96:55:03:ef:98:5e:d3:
d2:94:52:47:16:89:b6:d0:2c:5b:8b:ce:05:bc:30:
19:8b:ca:7d:6e:8b:4d:f6:30:97:64:02:b8:46:79:
a6:8c:30:ac:89:a1:10:e7:aa:58:1a:a0:d3:6f:07:
b3:7a:d9:3b:b1:55:79:dd:40:af:5a:3f:93:00:3c:
cb:92:2a:f2:4e:ae:a4:0e:52:37:27:81:9b:cc:c9:
5e:cb:8d:10:97:17:dd:93:46:0a:88:3a:e1:0e:f4:
3d:8f:42:c7:5f:b0:bf:ce:a7:c0:cc:45:60:bb:68:
90:20:f8:6f:25:0a:c2:87:fe:6d:5c:9a:c3:c4:a3:
11:9d:f6:e0:4f:64:24:d0:a0:05:c2:5e:23:d2:c4:
ad:eb:62:4e:3e:96:62:bf:b1:27:b6:bc:28:03:ac:
b8:ad:98:fa:91:75:ec:21:84:8e:bd:d4:4d:45:f0:
7a:ee:c0:0a:e6:fd:7d:4e:36:36:d8:3b:cf:15:a2:
1b:8d:57:a8:e3:c5:5d:7d:4f:b6:21:82:3a:16:2d:
5e:86:d9:e3:33:aa:94:58:59:ab:84:9a:96:6e:28:
22:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:50:5B:2B:3E:A1:42:96:B3:F0:20:D6:01:56:E1:1E:22:96:5D:9D
X509v3 Authority Key Identifier:
keyid:93:B1:EA:BB:E5:EE:0C:04:96:80:E2:AB:C9:55:34:39:EC:64:3C:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k7Hqu-XuDASWgOKryVU0OexkPAs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/1b512b-2159-4f9c-a0bf-9d28bf5ef3c1/1/k7Hqu-XuDASWgOKryVU0OexkPAs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/1b512b-2159-4f9c-a0bf-9d28bf5ef3c1/1/k7Hqu-XuDASWgOKryVU0OexkPAs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
18:9e:76:fe:10:96:1a:88:8d:6f:a8:0b:1d:c3:ac:df:36:bb:
c5:24:17:9b:5a:7a:72:e8:8e:ec:82:13:10:0a:e8:d7:2c:7e:
ad:71:8f:db:18:05:b4:57:fc:be:05:34:b1:6b:6d:5b:d5:58:
9e:3c:5c:39:b7:1f:ab:00:b2:99:3f:7c:11:d4:77:92:86:71:
69:42:28:d9:b4:0a:e8:de:09:e3:5a:49:ed:a2:b3:3f:f5:f9:
74:d3:6d:84:14:e6:f5:16:bc:4d:0f:1d:94:b6:5f:b6:80:6a:
6e:42:71:f0:bd:db:7d:54:1f:11:2e:22:fd:e9:20:46:49:35:
65:72:d4:ba:1b:a3:6e:fe:72:78:d3:f9:f3:5a:ad:e0:30:ea:
90:26:6a:c0:47:4f:a5:3d:63:78:c9:9d:5d:9b:6e:16:24:76:
7a:03:4d:97:43:f4:2e:b3:0a:d4:8e:9a:e5:49:f5:18:0d:c9:
49:20:68:ea:45:38:66:fa:2c:3e:73:e2:4b:81:05:1a:57:3d:
48:65:25:77:fe:8e:31:6f:d1:20:75:62:a8:34:ae:fa:d2:fc:
91:3d:d3:90:6a:cd:2a:59:3e:75:3d:5d:2e:51:26:dd:79:47:
a2:44:b9:22:7d:b8:c9:7c:f2:9e:4d:5e:8e:dc:01:2f:a9:f5:
2f:a4:39:f6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05rmuKBcylXG2NrN2DdEI4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzYjFlYWJiZTVlZTBjMDQ5NjgwZTJhYmM5NTUzNDM5ZWM2
NDNjMGIwHhcNMjYwMzI5MTMwMDI1WhcNMjYwMzMwMTMwMDI1WjAzMTEwLwYDVQQD
EyhmZTUwNWIyYjNlYTE0Mjk2YjNmMDIwZDYwMTU2ZTExZTIyOTY1ZDlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn/ijWD8o/xcuPIBW/cxz2nxkHdbq
R9MWPQGFZhiE/ASyU2diF5ZVA++YXtPSlFJHFom20Cxbi84FvDAZi8p9botN9jCX
ZAK4RnmmjDCsiaEQ56pYGqDTbwezetk7sVV53UCvWj+TADzLkiryTq6kDlI3J4Gb
zMley40Qlxfdk0YKiDrhDvQ9j0LHX7C/zqfAzEVgu2iQIPhvJQrCh/5tXJrDxKMR
nfbgT2Qk0KAFwl4j0sSt62JOPpZiv7EntrwoA6y4rZj6kXXsIYSOvdRNRfB67sAK
5v19TjY22DvPFaIbjVeo48VdfU+2IYI6Fi1ehtnjM6qUWFmrhJqWbigiIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP5QWys+oUKWs/Ag1gFW4R4ill2dMB8GA1UdIwQY
MBaAFJOx6rvl7gwEloDiq8lVNDnsZDwLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazdIcXUtWHVEQVNXZ09LcnlWVTBPZXhrUEFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi8xYjUxMmItMjE1OS00ZjljLWEwYmYt
OWQyOGJmNWVmM2MxLzEvazdIcXUtWHVEQVNXZ09LcnlWVTBPZXhrUEFzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi8xYjUxMmItMjE1OS00ZjljLWEwYmYtOWQyOGJmNWVmM2Mx
LzEvazdIcXUtWHVEQVNXZ09LcnlWVTBPZXhrUEFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGJ52/hCW
GoiNb6gLHcOs3za7xSQXm1p6cuiO7IITEAro1yx+rXGP2xgFtFf8vgU0sWttW9VY
njxcObcfqwCymT98EdR3koZxaUIo2bQK6N4J41pJ7aKzP/X5dNNthBTm9Ra8TQ8d
lLZftoBqbkJx8L3bfVQfES4i/ekgRkk1ZXLUuhujbv5yeNP581qt4DDqkCZqwEdP
pT1jeMmdXZtuFiR2egNNl0P0LrMK1I6a5Un1GA3JSSBo6kU4ZvosPnPiS4EFGlc9
SGUld/6OMW/RIHViqDSu+tL8kT3TkGrNKlk+dT1dLlEm3XlHokS5In24yXzynk1e
jtwBL6n1L6Q59g==
-----END CERTIFICATE-----
Generated at Sun Mar 29 15:23:56 2026 by rpki-client