Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/f2c803-43c8-44bb-9dd0-651229830170/1/KqOA4jDLM0NhtIYeL2lBJDh_hSk.mft
File: KqOA4jDLM0NhtIYeL2lBJDh_hSk.mft (raw, json)
Hash identifier: qaV2CJe1o8XTIVGPdXu4xv90KWq4yBHbQSvxBPRrlzA=
Subject key identifier: 89:D4:A2:CB:48:62:71:A1:A6:7D:E2:EB:F9:5D:20:4A:90:99:6D:BE
Authority key identifier: 2A:A3:80:E2:30:CB:33:43:61:B4:86:1E:2F:69:41:24:38:7F:85:29
Certificate issuer: /CN=2aa380e230cb334361b4861e2f694124387f8529
Certificate serial: 019D38D2AE00FCECF7E3B96A302FA9998596
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KqOA4jDLM0NhtIYeL2lBJDh_hSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/f2c803-43c8-44bb-9dd0-651229830170/1/KqOA4jDLM0NhtIYeL2lBJDh_hSk.mft
Manifest number: 188D
Signing time: Sun 29 Mar 2026 09:00:24 +0000
Manifest this update: Sun 29 Mar 2026 09:00:24 +0000
Manifest next update: Mon 30 Mar 2026 09:00:24 +0000
Files and hashes: 1: Be1pwyGp5FXy6-3Vf2cbj3OaaLE.roa (hash: 720qMBSCWVcC0hnisEl9DaePON43Av8/XJC6cladPqM=)
2: KqOA4jDLM0NhtIYeL2lBJDh_hSk.crl (hash: jVsQO0/Yi5ftlAWJrBcfnQJs3gA0YiY8ZBUofeVyc5E=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6f/f2c803-43c8-44bb-9dd0-651229830170/1/KqOA4jDLM0NhtIYeL2lBJDh_hSk.crl
rsync://rpki.ripe.net/repository/DEFAULT/6f/f2c803-43c8-44bb-9dd0-651229830170/1/KqOA4jDLM0NhtIYeL2lBJDh_hSk.mft
rsync://rpki.ripe.net/repository/DEFAULT/KqOA4jDLM0NhtIYeL2lBJDh_hSk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:d2:ae:00:fc:ec:f7:e3:b9:6a:30:2f:a9:99:85:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2aa380e230cb334361b4861e2f694124387f8529
Validity
Not Before: Mar 29 09:00:24 2026 GMT
Not After : Mar 30 09:00:24 2026 GMT
Subject: CN=89d4a2cb486271a1a67de2ebf95d204a90996dbe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:f1:7d:73:aa:95:b7:c0:41:f7:41:e8:b1:fd:
9d:6c:7f:8c:b3:fc:52:08:a8:ea:25:d0:88:0b:8b:
98:ae:06:b1:f5:54:15:da:a1:fc:db:7c:f7:f6:9a:
bf:9a:ec:2d:77:5d:7c:19:bf:78:1c:dc:de:3d:93:
e3:3b:fe:74:7c:65:02:97:d0:39:cb:5e:fd:e3:fc:
ce:c8:0a:ab:54:96:a8:00:5e:37:17:55:f2:db:02:
5d:1f:07:ce:3a:5f:0b:e4:d3:c1:b5:9d:52:3e:51:
7d:99:83:1c:07:3b:cc:dd:91:1c:84:8a:97:93:35:
26:69:08:17:9d:d2:f3:4f:39:4f:e8:b9:3f:f6:c1:
1c:36:19:ec:18:e2:41:77:25:eb:9c:30:3f:b8:25:
18:26:96:22:0e:67:7b:cb:58:8b:02:4f:87:6e:09:
78:96:9b:4a:fe:5c:3d:df:d8:66:a2:cb:44:f8:9f:
e3:58:69:77:ea:6e:10:49:1a:e8:2b:76:47:be:8b:
02:25:e5:3d:d0:bb:61:97:a9:5d:d2:11:97:ed:77:
06:87:9e:31:0d:4f:07:58:26:ab:2a:e7:46:f2:18:
ce:c8:58:48:69:33:70:6b:43:92:46:cb:5a:a3:c6:
11:eb:87:b2:27:4a:56:3a:6a:5a:85:86:fe:40:ae:
be:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:D4:A2:CB:48:62:71:A1:A6:7D:E2:EB:F9:5D:20:4A:90:99:6D:BE
X509v3 Authority Key Identifier:
keyid:2A:A3:80:E2:30:CB:33:43:61:B4:86:1E:2F:69:41:24:38:7F:85:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KqOA4jDLM0NhtIYeL2lBJDh_hSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/f2c803-43c8-44bb-9dd0-651229830170/1/KqOA4jDLM0NhtIYeL2lBJDh_hSk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/f2c803-43c8-44bb-9dd0-651229830170/1/KqOA4jDLM0NhtIYeL2lBJDh_hSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5e:17:8e:4c:d7:ff:da:19:07:b6:f2:bb:85:f5:c4:f1:c8:45:
30:ec:68:75:43:fb:53:22:a6:f5:29:dc:ec:c9:32:4a:98:79:
d1:7f:49:81:1c:3b:06:1a:b8:60:ef:a1:93:c6:c6:dd:80:04:
7a:2a:ab:3a:cb:6c:ea:46:7a:a7:13:16:5c:78:90:2e:65:6e:
ba:1b:8c:a3:b8:5e:0f:c7:f1:77:97:04:c9:99:56:b9:2e:69:
67:d4:4c:ef:96:60:9d:c6:dd:22:d1:14:9d:3c:0e:bd:c2:1e:
a3:01:79:ae:79:7c:4c:0c:94:13:ff:2b:c2:63:18:0d:d4:cb:
d9:99:4f:bb:0a:90:99:63:a2:a2:7e:85:c9:75:01:26:37:05:
6e:3a:a4:9b:92:99:1c:bc:4f:45:05:fb:db:70:cf:eb:3f:d8:
aa:b0:d4:4f:c2:c8:95:eb:05:e7:82:7f:34:68:45:94:a2:b7:
dd:cf:96:22:e0:20:8c:a5:40:61:91:7c:20:99:26:ee:3e:79:
38:09:35:dd:65:25:e0:e9:2d:59:00:0c:58:17:49:29:c9:33:
67:ca:37:f9:d8:4a:2a:71:62:2c:88:b1:7a:7c:0c:b2:ff:b2:
8b:03:49:00:41:f5:79:0d:91:02:4b:6b:0b:9e:21:96:59:fd:
12:f5:f3:90
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ040q4A/Oz347lqMC+pmYWWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYTM4MGUyMzBjYjMzNDM2MWI0ODYxZTJmNjk0MTI0Mzg3
Zjg1MjkwHhcNMjYwMzI5MDkwMDI0WhcNMjYwMzMwMDkwMDI0WjAzMTEwLwYDVQQD
Eyg4OWQ0YTJjYjQ4NjI3MWExYTY3ZGUyZWJmOTVkMjA0YTkwOTk2ZGJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0/F9c6qVt8BB90Hosf2dbH+Ms/xS
CKjqJdCIC4uYrgax9VQV2qH823z39pq/muwtd118Gb94HNzePZPjO/50fGUCl9A5
y1794/zOyAqrVJaoAF43F1Xy2wJdHwfOOl8L5NPBtZ1SPlF9mYMcBzvM3ZEchIqX
kzUmaQgXndLzTzlP6Lk/9sEcNhnsGOJBdyXrnDA/uCUYJpYiDmd7y1iLAk+Hbgl4
lptK/lw939hmostE+J/jWGl36m4QSRroK3ZHvosCJeU90Lthl6ld0hGX7XcGh54x
DU8HWCarKudG8hjOyFhIaTNwa0OSRstao8YR64eyJ0pWOmpahYb+QK6+0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFInUostIYnGhpn3i6/ldIEqQmW2+MB8GA1UdIwQY
MBaAFCqjgOIwyzNDYbSGHi9pQSQ4f4UpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3FPQTRqRExNME5odElZZUwybEJKRGhfaFNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi9mMmM4MDMtNDNjOC00NGJiLTlkZDAt
NjUxMjI5ODMwMTcwLzEvS3FPQTRqRExNME5odElZZUwybEJKRGhfaFNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi9mMmM4MDMtNDNjOC00NGJiLTlkZDAtNjUxMjI5ODMwMTcw
LzEvS3FPQTRqRExNME5odElZZUwybEJKRGhfaFNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXheOTNf/
2hkHtvK7hfXE8chFMOxodUP7UyKm9Snc7MkySph50X9JgRw7Bhq4YO+hk8bG3YAE
eiqrOsts6kZ6pxMWXHiQLmVuuhuMo7heD8fxd5cEyZlWuS5pZ9RM75ZgncbdItEU
nTwOvcIeowF5rnl8TAyUE/8rwmMYDdTL2ZlPuwqQmWOion6FyXUBJjcFbjqkm5KZ
HLxPRQX723DP6z/YqrDUT8LIlesF54J/NGhFlKK33c+WIuAgjKVAYZF8IJkm7j55
OAk13WUl4OktWQAMWBdJKckzZ8o3+dhKKnFiLIixenwMsv+yiwNJAEH1eQ2RAktr
C54hlln9EvXzkA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 14:06:44 2026 by rpki-client