Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/24ec8e-1cc6-45e3-9063-99149867dbf7/1/kERLB53wCKfHy-KPy6Xb4GIOjhc.mft
File: kERLB53wCKfHy-KPy6Xb4GIOjhc.mft (raw, json)
Hash identifier: BnmwaeeXUJTjRzIpBJ4XrRdFvgb7ge/00miKDMcnt6Q=
Subject key identifier: 9A:87:64:B2:B4:45:40:13:AE:2B:44:50:3C:5F:97:1D:FF:D4:48:A3
Authority key identifier: 90:44:4B:07:9D:F0:08:A7:C7:CB:E2:8F:CB:A5:DB:E0:62:0E:8E:17
Certificate issuer: /CN=90444b079df008a7c7cbe28fcba5dbe0620e8e17
Certificate serial: 019CAA586AA8F32EBD0448F89A74C249C314
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kERLB53wCKfHy-KPy6Xb4GIOjhc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/24ec8e-1cc6-45e3-9063-99149867dbf7/1/kERLB53wCKfHy-KPy6Xb4GIOjhc.mft
Manifest number: 16B9
Signing time: Sun 01 Mar 2026 17:00:46 +0000
Manifest this update: Sun 01 Mar 2026 17:00:46 +0000
Manifest next update: Mon 02 Mar 2026 17:00:46 +0000
Files and hashes: 1: kERLB53wCKfHy-KPy6Xb4GIOjhc.crl (hash: jiL7QNyirsXC4OYTAD1l3W0VbaQYNA890kIyUJnvkKU=)
2: qh7XZDst8WsBCGjKLPzTSR00_9w.roa (hash: 91hvylgfnm1S7Q889lgwTcLMuKxZDx/xX3dO/XE0rko=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/24ec8e-1cc6-45e3-9063-99149867dbf7/1/kERLB53wCKfHy-KPy6Xb4GIOjhc.crl
rsync://rpki.ripe.net/repository/DEFAULT/0e/24ec8e-1cc6-45e3-9063-99149867dbf7/1/kERLB53wCKfHy-KPy6Xb4GIOjhc.mft
rsync://rpki.ripe.net/repository/DEFAULT/kERLB53wCKfHy-KPy6Xb4GIOjhc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 17:00:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:aa:58:6a:a8:f3:2e:bd:04:48:f8:9a:74:c2:49:c3:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90444b079df008a7c7cbe28fcba5dbe0620e8e17
Validity
Not Before: Mar 1 17:00:46 2026 GMT
Not After : Mar 2 17:00:46 2026 GMT
Subject: CN=9a8764b2b4454013ae2b44503c5f971dffd448a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:72:c8:bf:c2:f2:8c:38:9f:0c:35:9b:73:21:
23:b6:a5:d6:bf:a2:d0:8a:49:87:ae:13:4b:35:ec:
39:76:52:ac:7f:ca:8d:04:91:fd:bf:4b:08:b5:0a:
6e:bb:f5:c3:19:41:9e:f3:64:de:a1:48:ce:48:64:
ad:dd:08:e2:ba:31:94:14:9c:8b:ea:a5:68:58:7b:
6d:29:e3:d6:2f:30:1c:07:4e:55:64:37:1b:bb:a5:
75:d1:98:37:e8:8d:fc:80:79:18:3d:f7:38:56:70:
a0:7d:d5:b2:a3:20:50:c3:e0:f4:c2:bf:f0:21:a5:
8e:0e:b8:88:5a:07:d9:c7:c9:c4:2f:03:82:e5:30:
0e:88:5f:d6:77:f3:cf:b5:a9:1d:71:56:bf:38:f9:
30:26:1f:4d:fe:a5:cc:03:26:88:e0:cd:c5:8e:e2:
a2:7a:aa:52:20:fa:de:9d:f8:16:f1:44:1c:2b:4c:
6c:0f:a7:84:ae:3a:21:7d:51:bc:9d:06:87:2e:71:
4d:8b:1d:e8:ac:a5:b5:50:5a:f1:2f:98:e2:7e:da:
af:89:89:d2:9d:bf:13:0c:c3:92:3f:8a:c4:b4:a8:
81:47:c2:d5:1e:4a:bf:98:bc:77:45:3d:3e:02:bb:
25:d9:cf:1a:7e:80:13:90:f6:63:66:df:63:3a:0f:
98:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:87:64:B2:B4:45:40:13:AE:2B:44:50:3C:5F:97:1D:FF:D4:48:A3
X509v3 Authority Key Identifier:
keyid:90:44:4B:07:9D:F0:08:A7:C7:CB:E2:8F:CB:A5:DB:E0:62:0E:8E:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kERLB53wCKfHy-KPy6Xb4GIOjhc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/24ec8e-1cc6-45e3-9063-99149867dbf7/1/kERLB53wCKfHy-KPy6Xb4GIOjhc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/24ec8e-1cc6-45e3-9063-99149867dbf7/1/kERLB53wCKfHy-KPy6Xb4GIOjhc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3d:b5:dc:07:15:3b:64:38:e1:03:32:83:8e:1a:e4:22:29:d9:
b8:42:87:84:de:bd:25:58:9d:54:b6:a7:89:67:04:f6:5f:a4:
cd:52:c5:c5:be:9e:dc:3e:cf:ed:a7:4a:07:3b:58:ac:82:9d:
f7:83:72:20:c8:f6:d2:73:f5:40:d8:e2:ff:df:cd:d0:b5:4b:
a6:55:94:71:d5:b4:90:76:db:2b:40:dc:5f:04:5b:1c:2f:4f:
54:7e:31:ae:64:50:8d:e9:80:72:0f:ac:d9:7d:a2:8c:4a:6a:
8a:5d:56:1f:b2:0a:c0:ad:97:02:52:20:eb:4d:63:ff:16:b9:
0a:82:bb:fc:52:9b:9e:52:cf:57:31:22:ce:5a:a0:61:7a:3c:
32:5b:62:1d:a0:bd:eb:8f:9f:8d:cc:51:23:7e:a3:7c:c1:84:
0e:27:ee:0d:f4:07:0b:44:43:ad:ae:52:2c:c4:96:8f:0f:a4:
de:c8:c4:f6:d3:29:6f:be:3e:2f:84:00:1e:d3:8a:92:80:24:
7a:16:73:a6:be:52:81:ef:30:68:ce:5e:60:18:74:95:42:c8:
46:ad:a5:7c:9d:92:73:32:a5:05:16:29:5c:3f:e0:18:64:77:
c6:d9:f7:29:d0:4b:44:a2:99:30:9c:4c:c0:75:5a:c4:da:f5:
b9:e7:2c:16
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqWGqo8y69BEj4mnTCScMUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwNDQ0YjA3OWRmMDA4YTdjN2NiZTI4ZmNiYTVkYmUwNjIw
ZThlMTcwHhcNMjYwMzAxMTcwMDQ2WhcNMjYwMzAyMTcwMDQ2WjAzMTEwLwYDVQQD
Eyg5YTg3NjRiMmI0NDU0MDEzYWUyYjQ0NTAzYzVmOTcxZGZmZDQ0OGEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuHLIv8LyjDifDDWbcyEjtqXWv6LQ
ikmHrhNLNew5dlKsf8qNBJH9v0sItQpuu/XDGUGe82TeoUjOSGSt3QjiujGUFJyL
6qVoWHttKePWLzAcB05VZDcbu6V10Zg36I38gHkYPfc4VnCgfdWyoyBQw+D0wr/w
IaWODriIWgfZx8nELwOC5TAOiF/Wd/PPtakdcVa/OPkwJh9N/qXMAyaI4M3FjuKi
eqpSIPrenfgW8UQcK0xsD6eErjohfVG8nQaHLnFNix3orKW1UFrxL5jiftqviYnS
nb8TDMOSP4rEtKiBR8LVHkq/mLx3RT0+Arsl2c8afoATkPZjZt9jOg+YyQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJqHZLK0RUATritEUDxflx3/1EijMB8GA1UdIwQY
MBaAFJBESwed8Ainx8vij8ul2+BiDo4XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0VSTEI1M3dDS2ZIeS1LUHk2WGI0R0lPamhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8yNGVjOGUtMWNjNi00NWUzLTkwNjMt
OTkxNDk4NjdkYmY3LzEva0VSTEI1M3dDS2ZIeS1LUHk2WGI0R0lPamhjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8yNGVjOGUtMWNjNi00NWUzLTkwNjMtOTkxNDk4NjdkYmY3
LzEva0VSTEI1M3dDS2ZIeS1LUHk2WGI0R0lPamhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPbXcBxU7
ZDjhAzKDjhrkIinZuEKHhN69JVidVLaniWcE9l+kzVLFxb6e3D7P7adKBztYrIKd
94NyIMj20nP1QNji/9/N0LVLplWUcdW0kHbbK0DcXwRbHC9PVH4xrmRQjemAcg+s
2X2ijEpqil1WH7IKwK2XAlIg601j/xa5CoK7/FKbnlLPVzEizlqgYXo8MltiHaC9
64+fjcxRI36jfMGEDifuDfQHC0RDra5SLMSWjw+k3sjE9tMpb74+L4QAHtOKkoAk
ehZzpr5Sge8waM5eYBh0lULIRq2lfJ2SczKlBRYpXD/gGGR3xtn3KdBLRKKZMJxM
wHVaxNr1uecsFg==
-----END CERTIFICATE-----
Generated at Mon Mar 2 03:42:54 2026 by rpki-client