Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/d2ff5b-0008-4572-9380-976c04bdf18f/1/KeoL3n9pK8X9wLFoumFKAnLy5k0.mft
File: KeoL3n9pK8X9wLFoumFKAnLy5k0.mft (raw, json)
Hash identifier: uXP/+zy0TKhvGD7RlNw2fImJP6UsePcEjs0XbNw8VEw=
Subject key identifier: 66:7F:51:14:BC:B6:4E:2F:73:A8:EE:9A:B5:7C:B2:6E:CB:2B:B9:57
Authority key identifier: 29:EA:0B:DE:7F:69:2B:C5:FD:C0:B1:68:BA:61:4A:02:72:F2:E6:4D
Certificate issuer: /CN=29ea0bde7f692bc5fdc0b168ba614a0272f2e64d
Certificate serial: 019CE5239A85F9EF2F5901389FF365887F75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KeoL3n9pK8X9wLFoumFKAnLy5k0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/d2ff5b-0008-4572-9380-976c04bdf18f/1/KeoL3n9pK8X9wLFoumFKAnLy5k0.mft
Manifest number: 0ECF
Signing time: Fri 13 Mar 2026 03:00:41 +0000
Manifest this update: Fri 13 Mar 2026 03:00:41 +0000
Manifest next update: Sat 14 Mar 2026 03:00:41 +0000
Files and hashes: 1: AoiLP-aKiV68_RegC3FR8BLmoTY.roa (hash: cAZegRRMeuO3/yO4SqdfyQYoOuuZTcc84vu6Tr6LRDs=)
2: KeoL3n9pK8X9wLFoumFKAnLy5k0.crl (hash: oLBsEAHdRdhelM03O931VaI7UXpo4mDjhmb+3ivtjWE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/d2ff5b-0008-4572-9380-976c04bdf18f/1/KeoL3n9pK8X9wLFoumFKAnLy5k0.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/d2ff5b-0008-4572-9380-976c04bdf18f/1/KeoL3n9pK8X9wLFoumFKAnLy5k0.mft
rsync://rpki.ripe.net/repository/DEFAULT/KeoL3n9pK8X9wLFoumFKAnLy5k0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 14 Mar 2026 00:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:e5:23:9a:85:f9:ef:2f:59:01:38:9f:f3:65:88:7f:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29ea0bde7f692bc5fdc0b168ba614a0272f2e64d
Validity
Not Before: Mar 13 03:00:41 2026 GMT
Not After : Mar 14 03:00:41 2026 GMT
Subject: CN=667f5114bcb64e2f73a8ee9ab57cb26ecb2bb957
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:18:96:b6:a8:ee:6f:82:3c:f4:2e:b6:48:55:
a2:ef:3b:55:7e:a9:ff:08:31:d2:5a:28:e9:ed:a4:
6f:79:8a:d9:e4:8e:c0:db:19:2b:1e:3a:c1:b7:68:
f1:2d:43:fe:cc:a4:fd:0b:83:6c:56:28:c8:c8:02:
5d:3c:7b:1b:d8:4d:71:b5:98:3b:17:02:d7:23:99:
5d:a1:fe:de:65:3f:cc:8c:c8:9e:3e:55:1c:ae:fe:
4e:37:fd:84:6d:fb:02:a7:b8:7f:88:d5:da:e2:15:
2a:4d:a9:a9:6f:a8:63:53:04:0c:1e:72:d3:cd:4a:
ff:49:af:d1:35:bb:81:67:04:91:13:5f:87:12:8f:
94:cb:48:19:46:6b:7f:de:4a:cc:ad:3e:37:b0:d5:
91:8b:ce:02:74:76:9a:b4:4f:88:50:6d:03:e1:a6:
64:14:23:c9:f3:b5:c7:19:5a:82:15:61:94:bc:73:
b8:51:96:0a:17:1e:eb:7c:b6:a5:ca:4a:7f:ff:5a:
c0:ed:6f:bc:84:48:33:e0:c1:6f:d6:7e:38:93:69:
45:b2:f3:ce:48:2f:20:bd:b4:44:54:dc:a7:05:68:
cc:59:fe:06:0f:27:ae:02:4e:de:b2:32:7d:d8:63:
85:66:de:d2:2b:42:b0:f7:b6:8f:ea:dc:f8:23:ad:
1d:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:7F:51:14:BC:B6:4E:2F:73:A8:EE:9A:B5:7C:B2:6E:CB:2B:B9:57
X509v3 Authority Key Identifier:
keyid:29:EA:0B:DE:7F:69:2B:C5:FD:C0:B1:68:BA:61:4A:02:72:F2:E6:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KeoL3n9pK8X9wLFoumFKAnLy5k0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/d2ff5b-0008-4572-9380-976c04bdf18f/1/KeoL3n9pK8X9wLFoumFKAnLy5k0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/d2ff5b-0008-4572-9380-976c04bdf18f/1/KeoL3n9pK8X9wLFoumFKAnLy5k0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
85:df:54:ce:80:02:23:3c:f1:f6:53:94:05:e2:45:a3:20:b9:
cc:b0:93:61:ba:cb:ec:12:52:60:bd:53:ec:66:4b:23:d1:3a:
b4:8c:28:05:60:cc:0a:6c:d0:65:67:b3:81:44:d9:a2:29:20:
08:ba:73:b0:26:59:4f:24:42:bf:ce:54:9d:41:5d:05:2c:62:
97:13:23:be:c4:76:3e:df:92:6c:4c:50:fb:36:86:ed:b0:76:
d9:a3:9b:2c:d6:55:f0:11:3f:54:79:28:4c:28:76:65:1b:43:
15:14:0b:d8:29:53:13:81:e9:1d:0e:a3:ec:a8:c7:0d:57:2d:
91:b1:21:30:ff:3b:ff:5e:c0:73:a9:10:38:2e:6d:7f:d6:97:
79:1e:22:fc:a6:f6:1d:d8:d1:47:d7:cc:67:da:fa:3d:ec:9f:
eb:12:1f:4b:88:56:8b:fc:5f:47:e4:7e:60:ff:47:73:1a:96:
99:ff:96:14:19:01:a8:83:55:82:5e:66:90:29:43:46:62:85:
be:88:9f:3a:66:f2:c9:d4:28:4a:07:ae:1b:be:97:10:e3:ff:
90:54:3a:0b:0c:90:fb:14:8b:21:ac:06:e4:b1:0e:d2:54:3e:
d5:6f:ac:28:5a:9a:5d:5b:4b:a7:c6:3c:9b:3a:f7:eb:d9:18:
c1:15:6d:57
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZzlI5qF+e8vWQE4n/NliH91MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZWEwYmRlN2Y2OTJiYzVmZGMwYjE2OGJhNjE0YTAyNzJm
MmU2NGQwHhcNMjYwMzEzMDMwMDQxWhcNMjYwMzE0MDMwMDQxWjAzMTEwLwYDVQQD
Eyg2NjdmNTExNGJjYjY0ZTJmNzNhOGVlOWFiNTdjYjI2ZWNiMmJiOTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAshiWtqjub4I89C62SFWi7ztVfqn/
CDHSWijp7aRveYrZ5I7A2xkrHjrBt2jxLUP+zKT9C4NsVijIyAJdPHsb2E1xtZg7
FwLXI5ldof7eZT/MjMiePlUcrv5ON/2EbfsCp7h/iNXa4hUqTampb6hjUwQMHnLT
zUr/Sa/RNbuBZwSRE1+HEo+Uy0gZRmt/3krMrT43sNWRi84CdHaatE+IUG0D4aZk
FCPJ87XHGVqCFWGUvHO4UZYKFx7rfLalykp//1rA7W+8hEgz4MFv1n44k2lFsvPO
SC8gvbREVNynBWjMWf4GDyeuAk7esjJ92GOFZt7SK0Kw97aP6tz4I60dFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGZ/URS8tk4vc6jumrV8sm7LK7lXMB8GA1UdIwQY
MBaAFCnqC95/aSvF/cCxaLphSgJy8uZNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2VvTDNuOXBLOFg5d0xGb3VtRktBbkx5NWswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC9kMmZmNWItMDAwOC00NTcyLTkzODAt
OTc2YzA0YmRmMThmLzEvS2VvTDNuOXBLOFg5d0xGb3VtRktBbkx5NWswLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC9kMmZmNWItMDAwOC00NTcyLTkzODAtOTc2YzA0YmRmMThm
LzEvS2VvTDNuOXBLOFg5d0xGb3VtRktBbkx5NWswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhd9UzoAC
Izzx9lOUBeJFoyC5zLCTYbrL7BJSYL1T7GZLI9E6tIwoBWDMCmzQZWezgUTZoikg
CLpzsCZZTyRCv85UnUFdBSxilxMjvsR2Pt+SbExQ+zaG7bB22aObLNZV8BE/VHko
TCh2ZRtDFRQL2ClTE4HpHQ6j7KjHDVctkbEhMP87/17Ac6kQOC5tf9aXeR4i/Kb2
HdjRR9fMZ9r6Peyf6xIfS4hWi/xfR+R+YP9HcxqWmf+WFBkBqINVgl5mkClDRmKF
voifOmbyydQoSgeuG76XEOP/kFQ6CwyQ+xSLIawG5LEO0lQ+1W+sKFqaXVtLp8Y8
mzr369kYwRVtVw==
-----END CERTIFICATE-----
Generated at Fri Mar 13 08:51:17 2026 by rpki-client