Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/2c7ac3-eedf-455b-9e94-472f02450ec3/1/kR2gx6mUBcRrqthMudk-g0WZyOE.mft
File: kR2gx6mUBcRrqthMudk-g0WZyOE.mft (raw, json)
Hash identifier: TPsorNvprQlGxk8YU62jbM+/Yy0/NOjYdKUH9ZSnlMs=
Subject key identifier: CE:B5:5E:78:37:B8:BF:6D:84:77:DF:98:96:CC:0E:ED:E7:0B:08:89
Authority key identifier: 91:1D:A0:C7:A9:94:05:C4:6B:AA:D8:4C:B9:D9:3E:83:45:99:C8:E1
Certificate issuer: /CN=911da0c7a99405c46baad84cb9d93e834599c8e1
Certificate serial: 019D390A659441CAFF9C615CE2650BED5A93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kR2gx6mUBcRrqthMudk-g0WZyOE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/2c7ac3-eedf-455b-9e94-472f02450ec3/1/kR2gx6mUBcRrqthMudk-g0WZyOE.mft
Manifest number: 1891
Signing time: Sun 29 Mar 2026 10:01:15 +0000
Manifest this update: Sun 29 Mar 2026 10:01:15 +0000
Manifest next update: Mon 30 Mar 2026 10:01:15 +0000
Files and hashes: 1: 0kE9whcbqDZPFxCT664hh63BKUs.roa (hash: 5C4ga/+QHi4o11rdDpXGfOfWtVfwE8VOC9vvm4vn/b4=)
2: kR2gx6mUBcRrqthMudk-g0WZyOE.crl (hash: sdway3qZiBvDcugDXiFKGa83u83tNZux2FXPSqg5UmU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4b/2c7ac3-eedf-455b-9e94-472f02450ec3/1/kR2gx6mUBcRrqthMudk-g0WZyOE.crl
rsync://rpki.ripe.net/repository/DEFAULT/4b/2c7ac3-eedf-455b-9e94-472f02450ec3/1/kR2gx6mUBcRrqthMudk-g0WZyOE.mft
rsync://rpki.ripe.net/repository/DEFAULT/kR2gx6mUBcRrqthMudk-g0WZyOE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 10:01:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:0a:65:94:41:ca:ff:9c:61:5c:e2:65:0b:ed:5a:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=911da0c7a99405c46baad84cb9d93e834599c8e1
Validity
Not Before: Mar 29 10:01:15 2026 GMT
Not After : Mar 30 10:01:15 2026 GMT
Subject: CN=ceb55e7837b8bf6d8477df9896cc0eede70b0889
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:94:a1:fc:70:02:92:fb:55:09:aa:93:ea:88:
28:d5:5b:cc:67:9b:3c:38:78:bf:2f:09:f7:2d:e1:
5f:e0:7c:66:6c:82:fa:6e:17:45:a5:19:e1:d6:bc:
dd:03:05:79:3e:00:68:21:59:7a:70:4e:fe:a9:73:
6d:b4:2b:ad:db:8a:02:b4:ba:1c:01:83:16:38:8b:
89:b5:ad:98:09:b0:9d:6b:06:1c:ff:17:8c:7a:22:
02:f1:fe:80:4a:49:b9:49:a0:a3:93:47:0c:f9:ec:
d2:bd:1f:01:a1:60:a5:5f:e1:e6:ca:c1:ba:1e:86:
2a:21:23:f2:39:04:cb:b8:db:4b:1b:5d:7f:f3:fb:
31:45:3b:79:77:1c:4d:5c:57:90:60:c3:9a:8e:b6:
ce:98:32:d9:92:f7:0e:75:3a:7b:6b:48:ae:68:14:
7f:8c:6b:57:53:b9:ac:d4:0e:6d:8a:21:9a:a7:aa:
7d:90:9f:78:be:38:d8:37:7d:58:3c:40:4d:3f:e2:
41:42:a7:9a:47:33:1a:d4:76:e1:5b:33:af:ae:45:
5c:2a:55:42:b7:2f:5c:a5:0f:5b:53:ea:2a:42:78:
e1:de:4b:f2:fb:f3:e3:c2:2a:5a:5d:67:b7:94:9b:
2a:f7:0f:f5:e6:97:4f:19:42:6d:dd:65:a3:76:08:
71:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:B5:5E:78:37:B8:BF:6D:84:77:DF:98:96:CC:0E:ED:E7:0B:08:89
X509v3 Authority Key Identifier:
keyid:91:1D:A0:C7:A9:94:05:C4:6B:AA:D8:4C:B9:D9:3E:83:45:99:C8:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kR2gx6mUBcRrqthMudk-g0WZyOE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/2c7ac3-eedf-455b-9e94-472f02450ec3/1/kR2gx6mUBcRrqthMudk-g0WZyOE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/2c7ac3-eedf-455b-9e94-472f02450ec3/1/kR2gx6mUBcRrqthMudk-g0WZyOE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4e:36:4f:48:5b:5a:a3:41:1a:52:08:0b:d6:86:a5:3a:c1:c4:
f2:b0:5c:75:bc:4f:d9:55:3d:70:c5:ea:66:c4:f9:d0:a6:b3:
32:79:e4:14:83:ba:2b:56:4f:9f:49:79:32:1d:93:f5:fb:71:
fa:4b:4d:12:5e:ba:2e:39:3b:d8:7e:cd:91:56:41:8f:a0:af:
49:cb:2b:39:16:fe:d8:a2:10:3c:49:97:2d:48:89:f1:cf:1a:
d9:f6:e8:7f:fd:c1:de:02:5c:93:22:c2:71:94:91:d3:79:b1:
66:d0:70:30:7f:e5:63:5b:8c:69:68:98:32:27:b4:72:60:c5:
c6:d1:b4:92:1f:ab:56:7a:0e:b2:d6:65:e1:bc:56:ea:cb:b7:
9d:16:1d:34:6b:d4:4d:2e:78:ff:3e:ca:ee:a9:b6:26:3f:a5:
29:ca:d9:74:a4:3f:b2:5a:3e:4d:9a:0f:66:c0:a3:ea:b8:c0:
a4:51:18:79:e9:93:64:fe:87:46:fb:b5:41:e0:a9:9b:08:bf:
08:ce:51:7a:9e:3c:ba:3c:6a:25:1e:5f:34:a0:2c:58:bf:80:
73:dd:51:aa:d5:50:b1:ed:b1:62:71:09:e6:c2:8d:ef:35:19:
3d:ca:d9:81:ce:e7:83:77:50:81:32:5e:ac:53:f5:ae:6a:91:
45:0b:b0:02
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05CmWUQcr/nGFc4mUL7VqTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxMWRhMGM3YTk5NDA1YzQ2YmFhZDg0Y2I5ZDkzZTgzNDU5
OWM4ZTEwHhcNMjYwMzI5MTAwMTE1WhcNMjYwMzMwMTAwMTE1WjAzMTEwLwYDVQQD
EyhjZWI1NWU3ODM3YjhiZjZkODQ3N2RmOTg5NmNjMGVlZGU3MGIwODg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhZSh/HACkvtVCaqT6ogo1VvMZ5s8
OHi/Lwn3LeFf4HxmbIL6bhdFpRnh1rzdAwV5PgBoIVl6cE7+qXNttCut24oCtLoc
AYMWOIuJta2YCbCdawYc/xeMeiIC8f6ASkm5SaCjk0cM+ezSvR8BoWClX+HmysG6
HoYqISPyOQTLuNtLG11/8/sxRTt5dxxNXFeQYMOajrbOmDLZkvcOdTp7a0iuaBR/
jGtXU7ms1A5tiiGap6p9kJ94vjjYN31YPEBNP+JBQqeaRzMa1HbhWzOvrkVcKlVC
ty9cpQ9bU+oqQnjh3kvy+/PjwipaXWe3lJsq9w/15pdPGUJt3WWjdghx3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM61Xng3uL9thHffmJbMDu3nCwiJMB8GA1UdIwQY
MBaAFJEdoMeplAXEa6rYTLnZPoNFmcjhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1IyZ3g2bVVCY1JycXRoTXVkay1nMFdaeU9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi8yYzdhYzMtZWVkZi00NTViLTllOTQt
NDcyZjAyNDUwZWMzLzEva1IyZ3g2bVVCY1JycXRoTXVkay1nMFdaeU9FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi8yYzdhYzMtZWVkZi00NTViLTllOTQtNDcyZjAyNDUwZWMz
LzEva1IyZ3g2bVVCY1JycXRoTXVkay1nMFdaeU9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATjZPSFta
o0EaUggL1oalOsHE8rBcdbxP2VU9cMXqZsT50KazMnnkFIO6K1ZPn0l5Mh2T9ftx
+ktNEl66Ljk72H7NkVZBj6CvScsrORb+2KIQPEmXLUiJ8c8a2fbof/3B3gJckyLC
cZSR03mxZtBwMH/lY1uMaWiYMie0cmDFxtG0kh+rVnoOstZl4bxW6su3nRYdNGvU
TS54/z7K7qm2Jj+lKcrZdKQ/slo+TZoPZsCj6rjApFEYeemTZP6HRvu1QeCpmwi/
CM5Rep48ujxqJR5fNKAsWL+Ac91RqtVQse2xYnEJ5sKN7zUZPcrZgc7ng3dQgTJe
rFP1rmqRRQuwAg==
-----END CERTIFICATE-----
Generated at Sun Mar 29 20:04:44 2026 by rpki-client