Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/a7e9b9-6bac-4538-a9e6-fa8806a024c4/1/mkM22h63IW4g7ASn8DHrShtjG7M.mft
File: mkM22h63IW4g7ASn8DHrShtjG7M.mft (raw, json)
Hash identifier: NNiNsYDrhKhwiTs1cqKjexj+D/se1sml04s8zUj49Ds=
Subject key identifier: DC:24:43:81:FF:8F:21:40:97:82:63:D0:16:43:15:23:68:49:4F:1E
Authority key identifier: 9A:43:36:DA:1E:B7:21:6E:20:EC:04:A7:F0:31:EB:4A:1B:63:1B:B3
Certificate issuer: /CN=9a4336da1eb7216e20ec04a7f031eb4a1b631bb3
Certificate serial: 019D39AF4550A6AE95D7A5CDA37DDA43A301
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mkM22h63IW4g7ASn8DHrShtjG7M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/a7e9b9-6bac-4538-a9e6-fa8806a024c4/1/mkM22h63IW4g7ASn8DHrShtjG7M.mft
Manifest number: 1890
Signing time: Sun 29 Mar 2026 13:01:20 +0000
Manifest this update: Sun 29 Mar 2026 13:01:20 +0000
Manifest next update: Mon 30 Mar 2026 13:01:20 +0000
Files and hashes: 1: KGRZtAAx-sknvQQcwhztrA8NJos.roa (hash: uYCNY8bnQOpiSbQHGpcKZAraJm0QfOSnQkHdbbBpb7U=)
2: mkM22h63IW4g7ASn8DHrShtjG7M.crl (hash: zXHtwvnagMVFQ5KfseIyK/SDTuF9iHrvdxYxiZJix2w=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b7/a7e9b9-6bac-4538-a9e6-fa8806a024c4/1/mkM22h63IW4g7ASn8DHrShtjG7M.crl
rsync://rpki.ripe.net/repository/DEFAULT/b7/a7e9b9-6bac-4538-a9e6-fa8806a024c4/1/mkM22h63IW4g7ASn8DHrShtjG7M.mft
rsync://rpki.ripe.net/repository/DEFAULT/mkM22h63IW4g7ASn8DHrShtjG7M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:af:45:50:a6:ae:95:d7:a5:cd:a3:7d:da:43:a3:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a4336da1eb7216e20ec04a7f031eb4a1b631bb3
Validity
Not Before: Mar 29 13:01:20 2026 GMT
Not After : Mar 30 13:01:20 2026 GMT
Subject: CN=dc244381ff8f2140978263d01643152368494f1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:bf:2f:d7:1e:22:bd:90:2e:ee:7b:38:1c:bc:
ef:72:67:cb:93:52:2a:c5:6f:4d:0f:49:75:3d:75:
07:bb:e9:02:53:f3:11:f8:e1:01:1a:39:10:9a:f3:
5f:35:be:df:66:d4:7a:ac:e5:02:dd:dd:04:5a:73:
87:41:9c:a8:6c:b8:ae:9b:81:4d:f4:1f:1a:68:11:
d3:a9:45:37:ca:71:fc:96:0b:08:86:5c:bd:e8:f7:
59:03:0d:24:4f:77:91:55:2b:7b:b1:0e:78:0b:84:
f7:dc:84:88:11:af:ed:5e:e7:28:ee:3a:7f:67:58:
ca:6d:fd:0a:c2:07:fa:99:5b:db:65:8d:50:ce:73:
47:63:a6:e0:c6:85:36:ff:4f:91:7e:e6:1f:e5:96:
70:d8:88:68:6a:f8:fe:aa:b4:ee:8c:6b:97:5e:97:
14:7c:65:b7:30:1c:fa:21:22:2c:be:a0:9d:cf:2f:
1f:95:ab:2b:4e:fd:53:ab:68:1b:6d:58:3d:e3:07:
d9:53:13:27:af:5b:81:50:45:87:b2:b8:82:e7:f6:
14:17:9e:59:91:83:7b:6d:d6:21:d0:99:ce:6c:07:
c5:d1:5f:26:cf:f3:f2:7a:1a:b6:06:0a:f1:bf:de:
bb:86:72:de:1d:36:d4:af:f3:34:e3:54:49:af:d8:
1d:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:24:43:81:FF:8F:21:40:97:82:63:D0:16:43:15:23:68:49:4F:1E
X509v3 Authority Key Identifier:
keyid:9A:43:36:DA:1E:B7:21:6E:20:EC:04:A7:F0:31:EB:4A:1B:63:1B:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mkM22h63IW4g7ASn8DHrShtjG7M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/a7e9b9-6bac-4538-a9e6-fa8806a024c4/1/mkM22h63IW4g7ASn8DHrShtjG7M.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/a7e9b9-6bac-4538-a9e6-fa8806a024c4/1/mkM22h63IW4g7ASn8DHrShtjG7M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
25:fb:c8:23:ca:24:d3:5a:29:a0:26:3a:f9:9e:8a:1b:ab:84:
bd:27:9b:09:2d:0b:a3:77:c6:b1:8e:10:52:68:72:7c:61:03:
58:4b:ee:01:9c:0c:72:e5:5c:b0:24:5f:48:67:a6:d1:98:63:
61:8a:24:35:53:66:29:5c:e3:4f:28:98:80:d4:80:89:36:dc:
25:69:69:cc:09:b8:da:b6:07:64:c4:12:14:61:2d:78:7f:d5:
6f:1b:3b:60:a3:8d:18:7d:e8:83:51:24:78:9b:1d:d3:f1:02:
01:f1:bf:e1:33:b4:7d:be:05:44:e3:fb:e2:ab:9c:e7:59:c4:
70:88:6b:a8:24:ef:98:61:91:66:77:cc:aa:fa:c7:c0:77:99:
33:bc:bb:bc:22:23:81:d3:1d:bc:92:77:2d:75:31:5b:4c:0a:
1e:76:02:cb:0f:98:d8:33:2f:c3:99:25:a3:99:e5:c5:20:ae:
8e:94:5a:07:ed:52:87:ee:1c:a2:dd:ca:8a:88:78:74:23:51:
ec:aa:7b:b1:ac:87:f4:14:71:e3:18:1a:18:1a:c4:d5:ad:0a:
d3:06:bc:2c:64:e7:f4:ff:c0:24:4f:44:f5:49:8a:cb:ba:40:
06:7c:a4:68:5f:b4:f8:e8:74:39:8c:3b:1b:28:0b:fb:d1:4d:
1a:df:fc:21
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05r0VQpq6V16XNo33aQ6MBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhNDMzNmRhMWViNzIxNmUyMGVjMDRhN2YwMzFlYjRhMWI2
MzFiYjMwHhcNMjYwMzI5MTMwMTIwWhcNMjYwMzMwMTMwMTIwWjAzMTEwLwYDVQQD
EyhkYzI0NDM4MWZmOGYyMTQwOTc4MjYzZDAxNjQzMTUyMzY4NDk0ZjFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn78v1x4ivZAu7ns4HLzvcmfLk1Iq
xW9ND0l1PXUHu+kCU/MR+OEBGjkQmvNfNb7fZtR6rOUC3d0EWnOHQZyobLium4FN
9B8aaBHTqUU3ynH8lgsIhly96PdZAw0kT3eRVSt7sQ54C4T33ISIEa/tXuco7jp/
Z1jKbf0Kwgf6mVvbZY1QznNHY6bgxoU2/0+RfuYf5ZZw2Ihoavj+qrTujGuXXpcU
fGW3MBz6ISIsvqCdzy8flasrTv1Tq2gbbVg94wfZUxMnr1uBUEWHsriC5/YUF55Z
kYN7bdYh0JnObAfF0V8mz/Pyehq2Bgrxv967hnLeHTbUr/M041RJr9gdmQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNwkQ4H/jyFAl4Jj0BZDFSNoSU8eMB8GA1UdIwQY
MBaAFJpDNtoetyFuIOwEp/Ax60obYxuzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWtNMjJoNjNJVzRnN0FTbjhESHJTaHRqRzdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9hN2U5YjktNmJhYy00NTM4LWE5ZTYt
ZmE4ODA2YTAyNGM0LzEvbWtNMjJoNjNJVzRnN0FTbjhESHJTaHRqRzdNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9hN2U5YjktNmJhYy00NTM4LWE5ZTYtZmE4ODA2YTAyNGM0
LzEvbWtNMjJoNjNJVzRnN0FTbjhESHJTaHRqRzdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJfvII8ok
01opoCY6+Z6KG6uEvSebCS0Lo3fGsY4QUmhyfGEDWEvuAZwMcuVcsCRfSGem0Zhj
YYokNVNmKVzjTyiYgNSAiTbcJWlpzAm42rYHZMQSFGEteH/Vbxs7YKONGH3og1Ek
eJsd0/ECAfG/4TO0fb4FROP74quc51nEcIhrqCTvmGGRZnfMqvrHwHeZM7y7vCIj
gdMdvJJ3LXUxW0wKHnYCyw+Y2DMvw5klo5nlxSCujpRaB+1Sh+4cot3Kioh4dCNR
7Kp7sayH9BRx4xgaGBrE1a0K0wa8LGTn9P/AJE9E9UmKy7pABnykaF+0+Oh0OYw7
GygL+9FNGt/8IQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 14:55:27 2026 by rpki-client