Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/f16b51-5a22-4db4-b890-43125bf096b1/1/kBZCwNRvjU5MI0wzr771pIOcaiI.mft
File: kBZCwNRvjU5MI0wzr771pIOcaiI.mft (raw, json)
Hash identifier: hllUbhJzRzhTu20ebQ4qg50oaryfMiWL3tTwEifHnfQ=
Subject key identifier: 70:A9:09:2B:C7:75:60:24:48:A5:BC:FF:3D:42:5F:F2:BE:AD:5F:7C
Authority key identifier: 90:16:42:C0:D4:6F:8D:4E:4C:23:4C:33:AF:BE:F5:A4:83:9C:6A:22
Certificate issuer: /CN=901642c0d46f8d4e4c234c33afbef5a4839c6a22
Certificate serial: 019D37C0B44D5A672E04F57C091FC230D53B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kBZCwNRvjU5MI0wzr771pIOcaiI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/f16b51-5a22-4db4-b890-43125bf096b1/1/kBZCwNRvjU5MI0wzr771pIOcaiI.mft
Manifest number: CA
Signing time: Sun 29 Mar 2026 04:01:09 +0000
Manifest this update: Sun 29 Mar 2026 04:01:09 +0000
Manifest next update: Mon 30 Mar 2026 04:01:09 +0000
Files and hashes: 1: A9-wOdp_rVCM0ESzhr89kQtrxAk.roa (hash: EEXrwqrXm4OhbrVH1e+ftGoZf1df8IiOvwtrHVI9K44=)
2: kBZCwNRvjU5MI0wzr771pIOcaiI.crl (hash: 7Cj/QAEX4CEsVOJgt29EI0oegXDLEeM96ySt5iN3DQs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6c/f16b51-5a22-4db4-b890-43125bf096b1/1/kBZCwNRvjU5MI0wzr771pIOcaiI.crl
rsync://rpki.ripe.net/repository/DEFAULT/6c/f16b51-5a22-4db4-b890-43125bf096b1/1/kBZCwNRvjU5MI0wzr771pIOcaiI.mft
rsync://rpki.ripe.net/repository/DEFAULT/kBZCwNRvjU5MI0wzr771pIOcaiI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 04:01:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:c0:b4:4d:5a:67:2e:04:f5:7c:09:1f:c2:30:d5:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=901642c0d46f8d4e4c234c33afbef5a4839c6a22
Validity
Not Before: Mar 29 04:01:09 2026 GMT
Not After : Mar 30 04:01:09 2026 GMT
Subject: CN=70a9092bc775602448a5bcff3d425ff2bead5f7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:1d:32:0e:f3:99:99:00:71:a0:0b:dd:65:ab:
e7:c6:d3:34:fa:b7:90:10:f9:8f:65:6c:6a:98:d3:
8a:cf:93:08:9b:42:d9:36:6a:b4:10:84:16:5e:23:
50:13:d8:de:15:6b:e3:a2:57:55:9b:1c:89:00:71:
5c:49:5a:80:ae:41:97:97:00:1c:63:1a:2d:9a:97:
3c:61:18:93:2a:ca:b6:a8:76:1c:d9:33:1d:89:b9:
09:81:e9:7c:1c:b1:4a:c8:b4:64:a9:39:1e:ed:bc:
99:e5:59:e9:3f:89:e3:76:61:cf:b5:9b:66:63:14:
2e:44:6e:4e:1b:69:a6:57:b8:81:16:d5:fd:e1:13:
a3:47:37:eb:f8:cd:99:71:37:16:15:37:94:bb:e3:
57:dc:f9:7b:d9:d6:21:6b:79:71:83:80:ca:6a:36:
98:ed:28:6d:da:56:65:ac:83:f3:4a:7c:87:16:b5:
4a:78:ba:9e:8e:fd:a2:07:e8:03:aa:0f:b5:53:bf:
82:ae:d0:95:71:dd:ba:f7:2d:f3:6d:98:d9:25:ee:
e4:44:b2:f0:97:e9:19:9f:6e:a1:3c:ca:e0:7b:d1:
7e:4b:a1:13:f4:6d:6b:2c:50:03:3d:4d:a6:47:9a:
f9:99:88:63:77:5f:86:b2:22:1d:9f:8f:04:e0:4f:
c3:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:A9:09:2B:C7:75:60:24:48:A5:BC:FF:3D:42:5F:F2:BE:AD:5F:7C
X509v3 Authority Key Identifier:
keyid:90:16:42:C0:D4:6F:8D:4E:4C:23:4C:33:AF:BE:F5:A4:83:9C:6A:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kBZCwNRvjU5MI0wzr771pIOcaiI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/f16b51-5a22-4db4-b890-43125bf096b1/1/kBZCwNRvjU5MI0wzr771pIOcaiI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/f16b51-5a22-4db4-b890-43125bf096b1/1/kBZCwNRvjU5MI0wzr771pIOcaiI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
79:78:48:d1:4e:02:67:16:3f:25:1a:86:c5:29:5c:a2:ff:b9:
f6:ff:e8:d9:ca:cf:9f:f7:71:bb:f3:f8:29:e1:74:a1:a6:72:
fa:ce:8b:cd:d3:9b:e3:4c:a2:27:99:c8:65:b2:3c:5b:da:51:
73:35:ea:99:62:8e:5c:c2:42:29:c2:58:d8:e7:8c:9f:dd:0e:
c1:ee:19:19:cd:82:2c:94:5c:60:54:5c:ce:95:40:4a:a4:7b:
13:d5:ef:10:38:19:7c:72:e3:8b:ec:26:6d:fa:6b:e5:9a:40:
ef:4c:7d:33:87:7a:db:7d:08:38:ef:6b:5e:cd:72:b5:45:b1:
d1:9f:d9:69:ed:07:8c:3c:27:58:2f:4f:6f:a8:94:15:ae:16:
9c:25:f9:5a:f3:4b:27:88:a7:8b:d6:66:93:d5:0d:f5:b3:d3:
26:90:37:24:41:17:70:c7:95:e9:1a:30:6a:b8:ed:5e:49:10:
17:d6:fd:56:00:61:11:08:c0:c8:b6:d4:a7:d1:a1:fa:5a:17:
60:92:8d:70:7f:e2:cf:1e:9a:4d:ba:91:d3:c1:60:c2:af:50:
f4:6a:1f:f6:e0:6f:ae:bd:1a:3d:d7:49:37:65:43:38:d9:12:
ec:54:e7:a9:97:f4:1a:f1:b0:dc:98:3b:b1:1b:26:6b:5c:43:
3a:a5:df:b7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03wLRNWmcuBPV8CR/CMNU7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwMTY0MmMwZDQ2ZjhkNGU0YzIzNGMzM2FmYmVmNWE0ODM5
YzZhMjIwHhcNMjYwMzI5MDQwMTA5WhcNMjYwMzMwMDQwMTA5WjAzMTEwLwYDVQQD
Eyg3MGE5MDkyYmM3NzU2MDI0NDhhNWJjZmYzZDQyNWZmMmJlYWQ1ZjdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwR0yDvOZmQBxoAvdZavnxtM0+reQ
EPmPZWxqmNOKz5MIm0LZNmq0EIQWXiNQE9jeFWvjoldVmxyJAHFcSVqArkGXlwAc
Yxotmpc8YRiTKsq2qHYc2TMdibkJgel8HLFKyLRkqTke7byZ5VnpP4njdmHPtZtm
YxQuRG5OG2mmV7iBFtX94ROjRzfr+M2ZcTcWFTeUu+NX3Pl72dYha3lxg4DKajaY
7Sht2lZlrIPzSnyHFrVKeLqejv2iB+gDqg+1U7+CrtCVcd269y3zbZjZJe7kRLLw
l+kZn26hPMrge9F+S6ET9G1rLFADPU2mR5r5mYhjd1+GsiIdn48E4E/D9wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHCpCSvHdWAkSKW8/z1CX/K+rV98MB8GA1UdIwQY
MBaAFJAWQsDUb41OTCNMM6++9aSDnGoiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0JaQ3dOUnZqVTVNSTB3enI3NzFwSU9jYWlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy9mMTZiNTEtNWEyMi00ZGI0LWI4OTAt
NDMxMjViZjA5NmIxLzEva0JaQ3dOUnZqVTVNSTB3enI3NzFwSU9jYWlJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy9mMTZiNTEtNWEyMi00ZGI0LWI4OTAtNDMxMjViZjA5NmIx
LzEva0JaQ3dOUnZqVTVNSTB3enI3NzFwSU9jYWlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeXhI0U4C
ZxY/JRqGxSlcov+59v/o2crPn/dxu/P4KeF0oaZy+s6LzdOb40yiJ5nIZbI8W9pR
czXqmWKOXMJCKcJY2OeMn90Owe4ZGc2CLJRcYFRczpVASqR7E9XvEDgZfHLji+wm
bfpr5ZpA70x9M4d6230IOO9rXs1ytUWx0Z/Zae0HjDwnWC9Pb6iUFa4WnCX5WvNL
J4ini9Zmk9UN9bPTJpA3JEEXcMeV6RowarjtXkkQF9b9VgBhEQjAyLbUp9Gh+loX
YJKNcH/izx6aTbqR08Fgwq9Q9Gof9uBvrr0aPddJN2VDONkS7FTnqZf0GvGw3Jg7
sRsma1xDOqXftw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:51:38 2026 by rpki-client