Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/8694b9-01d7-48b8-a882-94e700bd55f5/1/kTOA6LhQRU2zgd3euawsyKL2JTE.mft
File: kTOA6LhQRU2zgd3euawsyKL2JTE.mft (raw, json)
Hash identifier: 8Az6/1G6dpviTAtP4o876lfQtCyvHwQm+hFVbeKmvzA=
Subject key identifier: 66:21:15:07:F3:1A:8A:EE:03:70:6B:FF:75:C6:FD:74:66:39:15:1E
Authority key identifier: 91:33:80:E8:B8:50:45:4D:B3:81:DD:DE:B9:AC:2C:C8:A2:F6:25:31
Certificate issuer: /CN=913380e8b850454db381dddeb9ac2cc8a2f62531
Certificate serial: 019D37C0FB35FADC60F6F36BE14A434E6C09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kTOA6LhQRU2zgd3euawsyKL2JTE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/8694b9-01d7-48b8-a882-94e700bd55f5/1/kTOA6LhQRU2zgd3euawsyKL2JTE.mft
Manifest number: 078A
Signing time: Sun 29 Mar 2026 04:01:27 +0000
Manifest this update: Sun 29 Mar 2026 04:01:27 +0000
Manifest next update: Mon 30 Mar 2026 04:01:27 +0000
Files and hashes: 1: kTOA6LhQRU2zgd3euawsyKL2JTE.crl (hash: u7J4t9whinX5HoNvqP3LYTKUpAeZ8fHUQuv61FcBawY=)
2: oWAA3712bfUBzXFDQ4qEFnRk4-8.roa (hash: IL/tQvQ5PPq+dUr5LLZdpWR+gfGz/0GU5klPWCUecLo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c2/8694b9-01d7-48b8-a882-94e700bd55f5/1/kTOA6LhQRU2zgd3euawsyKL2JTE.crl
rsync://rpki.ripe.net/repository/DEFAULT/c2/8694b9-01d7-48b8-a882-94e700bd55f5/1/kTOA6LhQRU2zgd3euawsyKL2JTE.mft
rsync://rpki.ripe.net/repository/DEFAULT/kTOA6LhQRU2zgd3euawsyKL2JTE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 04:01:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:c0:fb:35:fa:dc:60:f6:f3:6b:e1:4a:43:4e:6c:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=913380e8b850454db381dddeb9ac2cc8a2f62531
Validity
Not Before: Mar 29 04:01:27 2026 GMT
Not After : Mar 30 04:01:27 2026 GMT
Subject: CN=66211507f31a8aee03706bff75c6fd746639151e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:79:54:d8:67:58:54:51:ab:9e:fe:7a:8d:48:
02:d7:b6:bd:d2:08:fa:ad:19:8d:9b:7f:b6:ee:a0:
d1:b1:38:64:94:81:d5:26:33:f4:ed:26:6e:f1:05:
36:20:b7:df:21:1d:0f:b5:51:b8:bb:02:33:97:2b:
c5:c9:64:eb:07:0d:9a:cf:cb:2e:4d:aa:49:a7:df:
c4:21:f4:48:24:3d:ca:5f:ec:72:e3:8c:0f:14:4c:
1e:39:28:b4:1b:92:6e:19:2e:ee:4a:9d:0f:92:95:
07:6e:7e:87:17:d9:61:cb:f5:5c:d3:3d:8f:8d:76:
72:ef:6c:21:be:fa:43:cd:3d:32:80:f3:3c:27:68:
34:bd:cf:37:b6:99:05:e4:6f:c0:a5:79:4f:b5:d0:
39:e4:e2:b2:57:ed:b6:9e:0c:ae:2a:a7:a8:b3:4f:
31:4d:d7:24:1c:15:66:f6:93:8c:a8:b9:41:de:9d:
2b:a0:b0:4f:2c:71:61:b9:e5:a3:c1:53:24:34:1a:
41:57:67:c4:db:9f:80:70:ae:fa:5d:75:1d:73:5f:
57:e7:5e:57:b7:58:ea:8d:00:83:12:4d:c0:ec:95:
dd:3d:eb:60:c3:da:92:3c:4f:b2:07:1d:94:b3:11:
73:d1:70:ed:d1:b4:d6:1c:a0:1e:b8:e4:c8:a5:88:
3b:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:21:15:07:F3:1A:8A:EE:03:70:6B:FF:75:C6:FD:74:66:39:15:1E
X509v3 Authority Key Identifier:
keyid:91:33:80:E8:B8:50:45:4D:B3:81:DD:DE:B9:AC:2C:C8:A2:F6:25:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kTOA6LhQRU2zgd3euawsyKL2JTE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/8694b9-01d7-48b8-a882-94e700bd55f5/1/kTOA6LhQRU2zgd3euawsyKL2JTE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/8694b9-01d7-48b8-a882-94e700bd55f5/1/kTOA6LhQRU2zgd3euawsyKL2JTE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
76:bf:55:8e:ff:97:e5:a7:74:c3:f5:5c:e9:a4:58:2b:4c:f5:
eb:14:a3:16:db:24:61:f7:af:e4:2c:77:3c:33:7b:26:76:c3:
ab:fd:02:43:f1:2c:8d:af:e2:a7:ee:35:b4:cb:3d:47:e4:d2:
e2:74:28:c2:a7:fd:fd:f5:97:50:be:98:44:be:90:17:4a:5f:
ad:7b:17:1e:db:b5:3c:f4:e6:a7:6f:d0:c0:f2:ac:69:44:9f:
bf:5e:e1:7f:e3:ef:8f:02:be:5b:bf:f8:fc:a9:f0:d0:e3:e5:
95:d3:a1:b7:b5:b3:70:4c:0d:63:8d:45:92:82:d4:65:6b:bb:
6d:fe:70:4c:9e:06:13:51:e3:bb:c8:f0:cc:9c:07:e3:01:2c:
93:fb:b6:31:fc:0e:ab:01:8c:61:e1:e0:eb:bb:6a:e7:af:c2:
53:1e:b1:0e:b9:c7:46:25:a6:7a:f1:34:8d:21:50:91:de:b5:
ef:18:50:19:4c:de:fe:f1:d6:89:01:4c:80:76:a4:d2:81:a6:
d0:71:77:ca:ac:8a:16:98:e6:83:1d:df:64:ed:52:a7:60:02:
58:5e:05:78:7a:d4:da:5c:3c:e7:b6:71:67:16:9a:13:e0:32:
42:23:ed:2f:d3:60:a8:7c:d1:73:7a:6b:9d:ba:a6:ea:60:8c:
de:3c:75:17
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03wPs1+txg9vNr4UpDTmwJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxMzM4MGU4Yjg1MDQ1NGRiMzgxZGRkZWI5YWMyY2M4YTJm
NjI1MzEwHhcNMjYwMzI5MDQwMTI3WhcNMjYwMzMwMDQwMTI3WjAzMTEwLwYDVQQD
Eyg2NjIxMTUwN2YzMWE4YWVlMDM3MDZiZmY3NWM2ZmQ3NDY2MzkxNTFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsXlU2GdYVFGrnv56jUgC17a90gj6
rRmNm3+27qDRsThklIHVJjP07SZu8QU2ILffIR0PtVG4uwIzlyvFyWTrBw2az8su
TapJp9/EIfRIJD3KX+xy44wPFEweOSi0G5JuGS7uSp0PkpUHbn6HF9lhy/Vc0z2P
jXZy72whvvpDzT0ygPM8J2g0vc83tpkF5G/ApXlPtdA55OKyV+22ngyuKqeos08x
TdckHBVm9pOMqLlB3p0roLBPLHFhueWjwVMkNBpBV2fE25+AcK76XXUdc19X515X
t1jqjQCDEk3A7JXdPetgw9qSPE+yBx2UsxFz0XDt0bTWHKAeuOTIpYg7IQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGYhFQfzGoruA3Br/3XG/XRmORUeMB8GA1UdIwQY
MBaAFJEzgOi4UEVNs4Hd3rmsLMii9iUxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1RPQTZMaFFSVTJ6Z2QzZXVhd3N5S0wySlRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi84Njk0YjktMDFkNy00OGI4LWE4ODIt
OTRlNzAwYmQ1NWY1LzEva1RPQTZMaFFSVTJ6Z2QzZXVhd3N5S0wySlRFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi84Njk0YjktMDFkNy00OGI4LWE4ODItOTRlNzAwYmQ1NWY1
LzEva1RPQTZMaFFSVTJ6Z2QzZXVhd3N5S0wySlRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdr9Vjv+X
5ad0w/Vc6aRYK0z16xSjFtskYfev5Cx3PDN7JnbDq/0CQ/Esja/ip+41tMs9R+TS
4nQowqf9/fWXUL6YRL6QF0pfrXsXHtu1PPTmp2/QwPKsaUSfv17hf+PvjwK+W7/4
/Knw0OPlldOht7WzcEwNY41FkoLUZWu7bf5wTJ4GE1Hju8jwzJwH4wEsk/u2MfwO
qwGMYeHg67tq56/CUx6xDrnHRiWmevE0jSFQkd617xhQGUze/vHWiQFMgHak0oGm
0HF3yqyKFpjmgx3fZO1Sp2ACWF4FeHrU2lw857ZxZxaaE+AyQiPtL9NgqHzRc3pr
nbqm6mCM3jx1Fw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:27:33 2026 by rpki-client