Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/79bdb0-bd5c-4800-9768-afd1268fdbfd/1/klA6rxJq980DHKw84eOYwXS4LgI.mft
File: klA6rxJq980DHKw84eOYwXS4LgI.mft (raw, json)
Hash identifier: A6pQb92Ht+qvs7fWUMXQovJOMrYUvnUEYlpoMM3VC4w=
Subject key identifier: 1A:E1:BA:78:5D:05:E5:A8:71:82:DC:E3:14:67:62:20:34:A5:FD:AD
Authority key identifier: 92:50:3A:AF:12:6A:F7:CD:03:1C:AC:3C:E1:E3:98:C1:74:B8:2E:02
Certificate issuer: /CN=92503aaf126af7cd031cac3ce1e398c174b82e02
Certificate serial: 019D39E575667F97BDE85823B33DA8DFAB76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/klA6rxJq980DHKw84eOYwXS4LgI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/79bdb0-bd5c-4800-9768-afd1268fdbfd/1/klA6rxJq980DHKw84eOYwXS4LgI.mft
Manifest number: 0FF4
Signing time: Sun 29 Mar 2026 14:00:32 +0000
Manifest this update: Sun 29 Mar 2026 14:00:32 +0000
Manifest next update: Mon 30 Mar 2026 14:00:32 +0000
Files and hashes: 1: ZEMqj3tb1ybXDKr5XlxXEL_WdLM.roa (hash: rTSw7EgVmlH/cwLSzDAynJz/mTmMnyEjwe5X2k2ZIyU=)
2: klA6rxJq980DHKw84eOYwXS4LgI.crl (hash: FuujIPq+FCipSOIZ+O3bWmJTAVJ5LGWgoEuOmdWryhs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/79bdb0-bd5c-4800-9768-afd1268fdbfd/1/klA6rxJq980DHKw84eOYwXS4LgI.crl
rsync://rpki.ripe.net/repository/DEFAULT/3a/79bdb0-bd5c-4800-9768-afd1268fdbfd/1/klA6rxJq980DHKw84eOYwXS4LgI.mft
rsync://rpki.ripe.net/repository/DEFAULT/klA6rxJq980DHKw84eOYwXS4LgI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 08:48:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:e5:75:66:7f:97:bd:e8:58:23:b3:3d:a8:df:ab:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92503aaf126af7cd031cac3ce1e398c174b82e02
Validity
Not Before: Mar 29 14:00:32 2026 GMT
Not After : Mar 30 14:00:32 2026 GMT
Subject: CN=1ae1ba785d05e5a87182dce31467622034a5fdad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:bd:a8:5a:a7:00:2b:54:6b:65:a4:77:bc:f2:
d1:c6:49:89:66:cc:e2:d7:0e:2c:67:f9:e0:3c:55:
67:9e:b6:9e:6e:a4:9a:8b:e3:1c:37:ca:74:31:70:
5e:54:6d:84:d1:f9:13:9a:34:c7:38:ea:a6:ff:9d:
bd:ed:97:eb:54:12:5d:92:a4:c2:8e:4c:90:c7:d5:
3d:c2:5e:32:df:fe:d7:dd:23:15:39:28:b5:d9:00:
9a:9c:0b:e9:e2:52:63:78:4b:62:37:e2:2b:b7:79:
df:54:c8:a6:44:17:c6:fa:df:67:3f:26:64:6d:07:
3b:1f:f3:de:15:c8:0f:e2:8d:a4:77:60:07:ff:7c:
ab:1a:bb:78:ff:04:a9:20:3c:18:fe:59:35:bd:10:
25:40:af:d4:5c:fe:99:de:f7:ab:bf:ab:91:b0:cb:
ac:2b:5f:13:e8:ba:9e:55:95:77:d3:38:f7:c4:81:
b0:a8:00:d1:54:76:a0:f7:10:e9:b4:21:34:f8:b4:
73:41:66:92:4b:c4:9e:67:31:0e:3b:56:8a:1d:8e:
d8:9a:cb:a2:48:82:f0:e2:88:fe:ae:4e:bc:b5:58:
ab:1a:15:fb:9b:59:1d:bf:d2:bb:d0:c1:cb:1b:fa:
0c:73:4a:9b:27:2c:3f:3d:f6:b0:92:d8:a5:f6:c2:
e3:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:E1:BA:78:5D:05:E5:A8:71:82:DC:E3:14:67:62:20:34:A5:FD:AD
X509v3 Authority Key Identifier:
keyid:92:50:3A:AF:12:6A:F7:CD:03:1C:AC:3C:E1:E3:98:C1:74:B8:2E:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/klA6rxJq980DHKw84eOYwXS4LgI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/79bdb0-bd5c-4800-9768-afd1268fdbfd/1/klA6rxJq980DHKw84eOYwXS4LgI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/79bdb0-bd5c-4800-9768-afd1268fdbfd/1/klA6rxJq980DHKw84eOYwXS4LgI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
24:16:34:d7:72:e6:2e:36:54:45:02:41:35:a7:55:78:31:c0:
74:00:be:20:cf:17:63:40:36:b2:c1:12:94:18:d4:21:3d:46:
87:fd:a4:1f:55:ae:11:f5:b2:24:dd:da:a0:80:7b:ea:ca:f1:
a4:52:f4:b6:1a:05:a2:5a:31:1b:86:59:ac:82:7b:2a:36:f3:
a7:b9:36:ea:ad:3d:15:54:22:cb:f5:e2:dd:01:33:a0:0c:a1:
64:cc:f0:05:b1:3e:1b:3f:84:8a:07:ec:57:6e:5f:dc:f1:0b:
fa:f5:59:58:ec:9a:e6:38:73:bd:7f:fd:3d:83:48:b5:eb:56:
ad:52:b6:38:0e:79:85:60:cf:10:9b:0c:13:76:ca:32:d1:53:
0a:16:49:93:e4:ed:b3:77:52:ea:2a:d1:4d:c5:54:02:ed:02:
a0:ed:0d:0d:13:e0:d6:bc:ce:88:7f:f2:bf:c8:aa:b5:ab:e1:
d7:aa:d8:6d:e2:91:8c:21:d0:6f:a2:91:90:38:49:96:77:88:
ab:27:0e:71:f1:56:1f:64:2e:cf:6e:ab:0f:79:25:c9:d4:c2:
15:66:5c:81:22:78:9e:9b:39:32:44:5c:8e:15:a0:89:da:13:
15:1f:61:68:d8:f3:60:51:d4:c3:17:9a:f9:cb:12:ba:26:65:
b2:e6:dc:8a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ055XVmf5e96Fgjsz2o36t2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyNTAzYWFmMTI2YWY3Y2QwMzFjYWMzY2UxZTM5OGMxNzRi
ODJlMDIwHhcNMjYwMzI5MTQwMDMyWhcNMjYwMzMwMTQwMDMyWjAzMTEwLwYDVQQD
EygxYWUxYmE3ODVkMDVlNWE4NzE4MmRjZTMxNDY3NjIyMDM0YTVmZGFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzL2oWqcAK1RrZaR3vPLRxkmJZszi
1w4sZ/ngPFVnnraebqSai+McN8p0MXBeVG2E0fkTmjTHOOqm/5297ZfrVBJdkqTC
jkyQx9U9wl4y3/7X3SMVOSi12QCanAvp4lJjeEtiN+Irt3nfVMimRBfG+t9nPyZk
bQc7H/PeFcgP4o2kd2AH/3yrGrt4/wSpIDwY/lk1vRAlQK/UXP6Z3verv6uRsMus
K18T6LqeVZV30zj3xIGwqADRVHag9xDptCE0+LRzQWaSS8SeZzEOO1aKHY7Ymsui
SILw4oj+rk68tVirGhX7m1kdv9K70MHLG/oMc0qbJyw/Pfawktil9sLjJQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBrhunhdBeWocYLc4xRnYiA0pf2tMB8GA1UdIwQY
MBaAFJJQOq8SavfNAxysPOHjmMF0uC4CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2xBNnJ4SnE5ODBESEt3ODRlT1l3WFM0TGdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS83OWJkYjAtYmQ1Yy00ODAwLTk3Njgt
YWZkMTI2OGZkYmZkLzEva2xBNnJ4SnE5ODBESEt3ODRlT1l3WFM0TGdJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS83OWJkYjAtYmQ1Yy00ODAwLTk3NjgtYWZkMTI2OGZkYmZk
LzEva2xBNnJ4SnE5ODBESEt3ODRlT1l3WFM0TGdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJBY013Lm
LjZURQJBNadVeDHAdAC+IM8XY0A2ssESlBjUIT1Gh/2kH1WuEfWyJN3aoIB76srx
pFL0thoFoloxG4ZZrIJ7Kjbzp7k26q09FVQiy/Xi3QEzoAyhZMzwBbE+Gz+Eigfs
V25f3PEL+vVZWOya5jhzvX/9PYNItetWrVK2OA55hWDPEJsME3bKMtFTChZJk+Tt
s3dS6irRTcVUAu0CoO0NDRPg1rzOiH/yv8iqtavh16rYbeKRjCHQb6KRkDhJlneI
qycOcfFWH2Quz26rD3klydTCFWZcgSJ4nps5MkRcjhWgidoTFR9haNjzYFHUwxea
+csSuiZlsubcig==
-----END CERTIFICATE-----
Generated at Sun Mar 29 18:35:48 2026 by rpki-client