Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/10346e-1504-43dd-ab28-66858bc8eb77/1/KqJOWBL8wxBrnrCusA5ie6I10FY.mft
File: KqJOWBL8wxBrnrCusA5ie6I10FY.mft (raw, json)
Hash identifier: LKV4stBNA2cGw5O8H6wqxX9vV+f1cAaIz6Bn7ICD2lM=
Subject key identifier: 84:23:E2:E9:9D:4F:BE:0E:70:31:9B:3D:10:45:E0:94:49:23:66:E9
Authority key identifier: 2A:A2:4E:58:12:FC:C3:10:6B:9E:B0:AE:B0:0E:62:7B:A2:35:D0:56
Certificate issuer: /CN=2aa24e5812fcc3106b9eb0aeb00e627ba235d056
Certificate serial: 019D37F76A92C86AAFAF780CC8D60103EB2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KqJOWBL8wxBrnrCusA5ie6I10FY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/10346e-1504-43dd-ab28-66858bc8eb77/1/KqJOWBL8wxBrnrCusA5ie6I10FY.mft
Manifest number: 0B23
Signing time: Sun 29 Mar 2026 05:00:54 +0000
Manifest this update: Sun 29 Mar 2026 05:00:54 +0000
Manifest next update: Mon 30 Mar 2026 05:00:54 +0000
Files and hashes: 1: KqJOWBL8wxBrnrCusA5ie6I10FY.crl (hash: eu13EccvZU7JWz1XuTtVTHUQMYZ/6519lWNERmtCSC8=)
2: yXEtTJb7Q9QNq9QwBOpKF1Og1mg.roa (hash: DbsY9yqJmKOSdLO9tL/m8Sp1oKJbQqdJXvqChVz5qJw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/10346e-1504-43dd-ab28-66858bc8eb77/1/KqJOWBL8wxBrnrCusA5ie6I10FY.crl
rsync://rpki.ripe.net/repository/DEFAULT/86/10346e-1504-43dd-ab28-66858bc8eb77/1/KqJOWBL8wxBrnrCusA5ie6I10FY.mft
rsync://rpki.ripe.net/repository/DEFAULT/KqJOWBL8wxBrnrCusA5ie6I10FY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 05:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:f7:6a:92:c8:6a:af:af:78:0c:c8:d6:01:03:eb:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2aa24e5812fcc3106b9eb0aeb00e627ba235d056
Validity
Not Before: Mar 29 05:00:54 2026 GMT
Not After : Mar 30 05:00:54 2026 GMT
Subject: CN=8423e2e99d4fbe0e70319b3d1045e094492366e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:c9:34:1e:65:fe:b2:31:12:55:d0:9e:9a:f6:
db:7c:d0:72:68:9f:03:e6:9d:6a:f3:85:1e:fb:6c:
a9:21:8e:60:5d:25:69:0c:2c:19:a2:a2:d6:5f:04:
5b:9e:9f:c1:b6:47:bb:86:26:bb:54:1d:18:fd:56:
a6:1c:b6:33:f5:bb:03:a2:89:1b:2a:b6:1a:e0:6c:
a0:31:8d:b3:de:53:e8:23:cf:0d:76:79:b9:94:6a:
82:d9:ef:db:a2:e6:bf:16:8e:89:fa:fb:91:f1:be:
b1:fb:51:2c:b5:64:cf:82:a8:80:a4:2f:05:86:2c:
05:80:a9:f1:3c:45:69:82:09:90:94:5d:ba:3a:dd:
7b:a1:0d:5e:4e:4f:89:a1:dd:8e:f7:87:5b:ea:c1:
5c:2c:32:c4:8b:d0:f3:c9:5e:e3:39:18:57:b0:c6:
fb:27:4f:29:ba:87:5b:74:29:4b:b6:42:30:26:d4:
98:66:4f:23:55:ca:97:99:98:72:34:33:d3:4c:ae:
06:e0:97:29:20:2f:79:6e:b7:84:a0:5a:4b:4d:81:
05:dc:08:f8:d2:ec:92:d9:c1:57:11:c7:c7:8a:72:
a0:66:37:9a:1e:82:9d:09:ad:26:83:98:7a:8c:1e:
7d:f6:b8:88:ad:ce:7a:81:1b:a8:90:9f:78:39:ca:
cc:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:23:E2:E9:9D:4F:BE:0E:70:31:9B:3D:10:45:E0:94:49:23:66:E9
X509v3 Authority Key Identifier:
keyid:2A:A2:4E:58:12:FC:C3:10:6B:9E:B0:AE:B0:0E:62:7B:A2:35:D0:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KqJOWBL8wxBrnrCusA5ie6I10FY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/10346e-1504-43dd-ab28-66858bc8eb77/1/KqJOWBL8wxBrnrCusA5ie6I10FY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/10346e-1504-43dd-ab28-66858bc8eb77/1/KqJOWBL8wxBrnrCusA5ie6I10FY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a4:5e:cb:27:5c:69:ab:3b:df:80:5d:a0:da:87:66:02:4f:17:
34:30:78:d4:b0:8b:cd:7a:97:14:42:cb:bd:a8:b3:9f:a9:a4:
33:0d:4f:05:32:0e:22:c2:64:ee:c6:51:60:b4:60:89:b7:9c:
85:ea:e9:21:58:95:fa:3c:30:a9:4f:99:ba:79:73:0c:57:46:
1a:6a:f9:01:2a:e4:af:ab:af:a4:bf:2f:8c:40:14:c9:d9:63:
0f:c6:1c:2c:ad:ba:3a:4b:69:ff:14:bd:96:77:30:d3:f9:b4:
c5:89:2d:c2:78:b0:b0:e3:24:9d:12:20:a0:67:9d:0a:49:c9:
fb:e4:0b:1b:44:ef:5b:0a:49:04:01:db:ff:c7:a2:11:7d:b9:
34:28:59:e6:26:fa:be:f9:a0:6a:81:6a:1e:58:30:51:17:56:
66:7e:5d:5f:f2:42:f8:ec:54:8f:2f:68:63:74:08:3d:08:34:
80:72:6f:aa:bc:c8:b1:ca:c0:11:0b:5e:22:56:0a:c4:f6:af:
33:9e:2a:b2:f7:7b:a1:b9:d5:d7:7e:94:f8:0d:1d:23:f1:a2:
42:59:2f:13:5f:11:c1:1a:7b:86:8c:26:10:bd:21:2c:5a:2c:
29:7b:b8:7c:ea:73:be:08:8b:e8:7a:5c:17:14:4f:f7:3c:e5:
e8:43:62:99
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0392qSyGqvr3gMyNYBA+suMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYTI0ZTU4MTJmY2MzMTA2YjllYjBhZWIwMGU2MjdiYTIz
NWQwNTYwHhcNMjYwMzI5MDUwMDU0WhcNMjYwMzMwMDUwMDU0WjAzMTEwLwYDVQQD
Eyg4NDIzZTJlOTlkNGZiZTBlNzAzMTliM2QxMDQ1ZTA5NDQ5MjM2NmU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn8k0HmX+sjESVdCemvbbfNByaJ8D
5p1q84Ue+2ypIY5gXSVpDCwZoqLWXwRbnp/Btke7hia7VB0Y/VamHLYz9bsDookb
KrYa4GygMY2z3lPoI88Ndnm5lGqC2e/boua/Fo6J+vuR8b6x+1EstWTPgqiApC8F
hiwFgKnxPEVpggmQlF26Ot17oQ1eTk+Jod2O94db6sFcLDLEi9DzyV7jORhXsMb7
J08puodbdClLtkIwJtSYZk8jVcqXmZhyNDPTTK4G4JcpIC95breEoFpLTYEF3Aj4
0uyS2cFXEcfHinKgZjeaHoKdCa0mg5h6jB599riIrc56gRuokJ94OcrMWwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIQj4umdT74OcDGbPRBF4JRJI2bpMB8GA1UdIwQY
MBaAFCqiTlgS/MMQa56wrrAOYnuiNdBWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3FKT1dCTDh3eEJybnJDdXNBNWllNkkxMEZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni8xMDM0NmUtMTUwNC00M2RkLWFiMjgt
NjY4NThiYzhlYjc3LzEvS3FKT1dCTDh3eEJybnJDdXNBNWllNkkxMEZZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni8xMDM0NmUtMTUwNC00M2RkLWFiMjgtNjY4NThiYzhlYjc3
LzEvS3FKT1dCTDh3eEJybnJDdXNBNWllNkkxMEZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApF7LJ1xp
qzvfgF2g2odmAk8XNDB41LCLzXqXFELLvaizn6mkMw1PBTIOIsJk7sZRYLRgibec
herpIViV+jwwqU+ZunlzDFdGGmr5ASrkr6uvpL8vjEAUydljD8YcLK26Oktp/xS9
lncw0/m0xYktwniwsOMknRIgoGedCknJ++QLG0TvWwpJBAHb/8eiEX25NChZ5ib6
vvmgaoFqHlgwURdWZn5dX/JC+OxUjy9oY3QIPQg0gHJvqrzIscrAEQteIlYKxPav
M54qsvd7obnV136U+A0dI/GiQlkvE18RwRp7howmEL0hLFosKXu4fOpzvgiL6Hpc
FxRP9zzl6ENimQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:28:12 2026 by rpki-client