Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/971e73-fa83-4579-8532-58f0f325c2b8/1/_KmLHQ7MzE9v8afn24S0uy9VsI0.mft
File: _KmLHQ7MzE9v8afn24S0uy9VsI0.mft (raw, json)
Hash identifier: p85sugMHErAHRVApF/RwBHiM8EiVEf47AzafvwFOLvA=
Subject key identifier: 5D:43:1C:FB:81:12:9F:47:A8:6A:1E:BA:C0:32:9C:F9:96:57:CA:2F
Authority key identifier: FC:A9:8B:1D:0E:CC:CC:4F:6F:F1:A7:E7:DB:84:B4:BB:2F:55:B0:8D
Certificate issuer: /CN=fca98b1d0ecccc4f6ff1a7e7db84b4bb2f55b08d
Certificate serial: 019D3A1D019DFCA37753F9FB732CC1D96910
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_KmLHQ7MzE9v8afn24S0uy9VsI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/971e73-fa83-4579-8532-58f0f325c2b8/1/_KmLHQ7MzE9v8afn24S0uy9VsI0.mft
Manifest number: 1858
Signing time: Sun 29 Mar 2026 15:01:12 +0000
Manifest this update: Sun 29 Mar 2026 15:01:12 +0000
Manifest next update: Mon 30 Mar 2026 15:01:12 +0000
Files and hashes: 1: AhIhHW2MibgaDu_QaZSY4Wn14lA.roa (hash: xbB2zeoDRQ7gNZ/Ox/bptd6ot/c5+mbp2c7ngkO2m1M=)
2: _KmLHQ7MzE9v8afn24S0uy9VsI0.crl (hash: LRPj/JYCs8kapqZWcUY+vNCWWQ80tE7zbZH2+P+eJcU=)
3: cunetuj50zVdetbLOO7PDcDuLxQ.roa (hash: CwPj/a3y+H12p6L10ZWScjrKIYWmCx+U7Hr8zx98Vhg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/971e73-fa83-4579-8532-58f0f325c2b8/1/_KmLHQ7MzE9v8afn24S0uy9VsI0.crl
rsync://rpki.ripe.net/repository/DEFAULT/ca/971e73-fa83-4579-8532-58f0f325c2b8/1/_KmLHQ7MzE9v8afn24S0uy9VsI0.mft
rsync://rpki.ripe.net/repository/DEFAULT/_KmLHQ7MzE9v8afn24S0uy9VsI0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:3a:1d:01:9d:fc:a3:77:53:f9:fb:73:2c:c1:d9:69:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fca98b1d0ecccc4f6ff1a7e7db84b4bb2f55b08d
Validity
Not Before: Mar 29 15:01:12 2026 GMT
Not After : Mar 30 15:01:12 2026 GMT
Subject: CN=5d431cfb81129f47a86a1ebac0329cf99657ca2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:3a:57:dd:4b:8d:6c:a2:50:39:5a:31:16:d1:
6f:94:2a:f1:4f:ff:93:4b:06:cd:ae:e4:00:10:e8:
c1:47:79:81:00:59:65:f4:e5:81:10:f1:e7:e8:2b:
c8:d7:51:8d:a8:d4:87:81:65:00:f5:87:05:10:59:
ae:e9:01:66:4f:a2:35:97:78:2a:ad:49:d9:b4:44:
34:67:c1:bd:a2:ac:f2:c7:ee:36:63:15:45:49:4f:
b9:04:1b:ff:01:4c:f7:34:6d:e2:9e:55:da:72:1e:
ee:69:26:e7:06:fa:59:41:1f:48:30:c7:b1:5b:ca:
a6:80:7a:81:25:a0:73:7e:5e:07:cf:35:6c:54:d3:
d3:64:55:d2:92:5d:13:eb:e2:20:20:83:b7:b7:f1:
12:9f:e3:92:1b:ee:dd:b0:2e:cd:69:e2:b0:5d:72:
f0:2e:97:eb:8a:33:fd:e0:09:99:4d:be:bf:77:86:
01:31:e8:26:a2:d6:33:71:30:e9:c2:d0:d3:5b:89:
9b:1f:57:de:55:7c:7f:26:6b:2b:06:a7:f3:41:33:
37:c4:47:04:de:34:dc:6b:68:9d:75:c3:d3:3e:e3:
50:ae:f5:7c:94:1a:41:d7:f8:3e:27:d6:a1:aa:c2:
8d:0c:06:a5:c0:66:9a:05:79:d5:d6:e6:25:00:d2:
6d:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:43:1C:FB:81:12:9F:47:A8:6A:1E:BA:C0:32:9C:F9:96:57:CA:2F
X509v3 Authority Key Identifier:
keyid:FC:A9:8B:1D:0E:CC:CC:4F:6F:F1:A7:E7:DB:84:B4:BB:2F:55:B0:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_KmLHQ7MzE9v8afn24S0uy9VsI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/971e73-fa83-4579-8532-58f0f325c2b8/1/_KmLHQ7MzE9v8afn24S0uy9VsI0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/971e73-fa83-4579-8532-58f0f325c2b8/1/_KmLHQ7MzE9v8afn24S0uy9VsI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
c1:a1:3b:bc:5b:6e:f9:dc:83:84:cf:13:52:bc:ef:ab:8f:fe:
4f:8a:0f:47:06:bd:a7:99:2d:5c:4b:df:af:3a:ec:09:50:62:
fd:c1:54:55:d8:e5:5a:92:dd:8f:7b:b0:78:d4:ff:db:31:91:
f4:32:90:c0:78:a9:f8:10:39:3b:85:c6:e7:00:97:bb:69:b5:
e6:09:3c:22:9f:ea:fd:ae:c2:02:10:34:77:1e:42:f9:15:e3:
8f:6a:a2:7c:5f:8a:5c:f2:39:cb:df:90:d6:aa:ab:7c:c0:3b:
9e:d1:3e:f0:95:fa:e6:e7:40:57:25:34:65:0f:40:a5:fb:b9:
f7:6e:19:82:f3:cd:84:3a:1b:c8:60:61:5e:79:6f:c4:77:f1:
9b:fd:08:87:7d:34:54:f8:a6:d1:0b:c4:74:81:91:4d:e7:65:
34:b7:78:1e:4f:7d:9f:ba:ed:14:f4:10:95:8c:05:08:cc:c5:
37:8c:5d:f3:29:e6:2c:11:d0:29:f1:b1:f4:ff:52:c1:70:81:
92:b6:ae:50:cd:e7:ed:c8:88:e3:99:67:0b:8f:2a:0b:0f:a1:
11:c9:15:2a:eb:c6:6f:23:d9:22:56:54:aa:9d:77:5e:38:0b:
10:23:65:8b:16:19:69:dc:b5:ca:fb:76:43:61:0d:7d:1f:b0:
57:44:36:d7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ06HQGd/KN3U/n7cyzB2WkQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjYTk4YjFkMGVjY2NjNGY2ZmYxYTdlN2RiODRiNGJiMmY1
NWIwOGQwHhcNMjYwMzI5MTUwMTEyWhcNMjYwMzMwMTUwMTEyWjAzMTEwLwYDVQQD
Eyg1ZDQzMWNmYjgxMTI5ZjQ3YTg2YTFlYmFjMDMyOWNmOTk2NTdjYTJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqTpX3UuNbKJQOVoxFtFvlCrxT/+T
SwbNruQAEOjBR3mBAFll9OWBEPHn6CvI11GNqNSHgWUA9YcFEFmu6QFmT6I1l3gq
rUnZtEQ0Z8G9oqzyx+42YxVFSU+5BBv/AUz3NG3inlXach7uaSbnBvpZQR9IMMex
W8qmgHqBJaBzfl4HzzVsVNPTZFXSkl0T6+IgIIO3t/ESn+OSG+7dsC7NaeKwXXLw
LpfrijP94AmZTb6/d4YBMegmotYzcTDpwtDTW4mbH1feVXx/JmsrBqfzQTM3xEcE
3jTca2iddcPTPuNQrvV8lBpB1/g+J9ahqsKNDAalwGaaBXnV1uYlANJtwwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF1DHPuBEp9HqGoeusAynPmWV8ovMB8GA1UdIwQY
MBaAFPypix0OzMxPb/Gn59uEtLsvVbCNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0ttTEhRN016RTl2OGFmbjI0UzB1eTlWc0kwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS85NzFlNzMtZmE4My00NTc5LTg1MzIt
NThmMGYzMjVjMmI4LzEvX0ttTEhRN016RTl2OGFmbjI0UzB1eTlWc0kwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS85NzFlNzMtZmE4My00NTc5LTg1MzItNThmMGYzMjVjMmI4
LzEvX0ttTEhRN016RTl2OGFmbjI0UzB1eTlWc0kwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwaE7vFtu
+dyDhM8TUrzvq4/+T4oPRwa9p5ktXEvfrzrsCVBi/cFUVdjlWpLdj3uweNT/2zGR
9DKQwHip+BA5O4XG5wCXu2m15gk8Ip/q/a7CAhA0dx5C+RXjj2qifF+KXPI5y9+Q
1qqrfMA7ntE+8JX65udAVyU0ZQ9Apfu5924ZgvPNhDobyGBhXnlvxHfxm/0Ih300
VPim0QvEdIGRTedlNLd4Hk99n7rtFPQQlYwFCMzFN4xd8ynmLBHQKfGx9P9SwXCB
krauUM3n7ciI45lnC48qCw+hEckVKuvGbyPZIlZUqp13XjgLECNlixYZady1yvt2
Q2ENfR+wV0Q21w==
-----END CERTIFICATE-----
Generated at Sun Mar 29 17:02:22 2026 by rpki-client