Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/ed0654-724c-4e90-81ff-99f5cb7a3ca5/1/KiGxq-eH4lRkOR-tYdAOPzdrmM8.mft
File: KiGxq-eH4lRkOR-tYdAOPzdrmM8.mft (raw, json)
Hash identifier: 41bjfPwIbnTWKF7QtKKS7QAEsG0zuWBytmbZ3ktHTf0=
Subject key identifier: 6B:44:FB:04:49:D4:88:D8:E7:58:C9:0C:7D:48:C4:CB:2D:D3:12:0F
Authority key identifier: 2A:21:B1:AB:E7:87:E2:54:64:39:1F:AD:61:D0:0E:3F:37:6B:98:CF
Certificate issuer: /CN=2a21b1abe787e25464391fad61d00e3f376b98cf
Certificate serial: 019CA9B3BADB45DA74BA2DADA789EC0B2EB2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KiGxq-eH4lRkOR-tYdAOPzdrmM8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/ed0654-724c-4e90-81ff-99f5cb7a3ca5/1/KiGxq-eH4lRkOR-tYdAOPzdrmM8.mft
Manifest number: 0D61
Signing time: Sun 01 Mar 2026 14:00:54 +0000
Manifest this update: Sun 01 Mar 2026 14:00:54 +0000
Manifest next update: Mon 02 Mar 2026 14:00:54 +0000
Files and hashes: 1: CR089RdV9vYVGf4mZ93SrR3FOhs.roa (hash: 568v/GpPM88p9MXGvKjGe+TkORQEJQjb2NVPN9PNx0U=)
2: KiGxq-eH4lRkOR-tYdAOPzdrmM8.crl (hash: xALDwIvyRxefdQ+mehrShRdch7T3vKZQTGD7OaPgGVo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/12/ed0654-724c-4e90-81ff-99f5cb7a3ca5/1/KiGxq-eH4lRkOR-tYdAOPzdrmM8.crl
rsync://rpki.ripe.net/repository/DEFAULT/12/ed0654-724c-4e90-81ff-99f5cb7a3ca5/1/KiGxq-eH4lRkOR-tYdAOPzdrmM8.mft
rsync://rpki.ripe.net/repository/DEFAULT/KiGxq-eH4lRkOR-tYdAOPzdrmM8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 14:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:a9:b3:ba:db:45:da:74:ba:2d:ad:a7:89:ec:0b:2e:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a21b1abe787e25464391fad61d00e3f376b98cf
Validity
Not Before: Mar 1 14:00:54 2026 GMT
Not After : Mar 2 14:00:54 2026 GMT
Subject: CN=6b44fb0449d488d8e758c90c7d48c4cb2dd3120f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:a3:e4:f7:df:e8:0e:ed:f9:90:1e:c8:0e:5e:
e5:92:9f:0c:39:a7:2d:ea:77:26:fa:9d:f3:c8:a6:
fc:e4:53:ce:65:4c:c4:c4:fc:18:ce:1c:ae:bf:62:
45:6c:18:a9:00:33:01:fb:56:92:55:55:c8:2a:a3:
1d:ad:95:4e:43:8b:0c:f8:c6:5c:12:c0:4f:dc:c5:
00:ba:bc:88:4e:4d:9f:a7:b2:02:01:b4:15:b5:1d:
01:9e:ac:f3:1f:99:cd:e6:8f:bf:72:e6:86:b1:14:
20:76:62:f5:a4:b2:89:6d:0a:0e:e7:44:e0:c7:10:
4c:90:1b:fc:c8:b8:47:3f:70:12:b0:20:18:48:09:
07:90:69:2a:e0:f8:56:9a:c5:56:70:89:8b:6e:72:
eb:e4:e8:02:0a:c5:52:fb:14:62:38:cf:75:04:03:
a1:86:a9:26:95:f1:66:d2:0e:3e:c2:db:14:65:79:
35:e6:6c:ce:80:f4:e2:6d:14:81:b5:d1:e1:1e:16:
8e:69:68:0a:59:ef:bc:93:2f:8b:08:ff:5a:d9:fa:
70:b9:14:65:ee:09:1a:99:bf:bd:0f:ee:df:b2:3e:
2b:0b:7a:63:b3:4d:93:58:26:ec:98:66:2d:9e:c9:
bb:5a:1e:b5:0c:89:09:68:e1:c4:b4:b4:79:4b:d1:
5d:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:44:FB:04:49:D4:88:D8:E7:58:C9:0C:7D:48:C4:CB:2D:D3:12:0F
X509v3 Authority Key Identifier:
keyid:2A:21:B1:AB:E7:87:E2:54:64:39:1F:AD:61:D0:0E:3F:37:6B:98:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KiGxq-eH4lRkOR-tYdAOPzdrmM8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/ed0654-724c-4e90-81ff-99f5cb7a3ca5/1/KiGxq-eH4lRkOR-tYdAOPzdrmM8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/ed0654-724c-4e90-81ff-99f5cb7a3ca5/1/KiGxq-eH4lRkOR-tYdAOPzdrmM8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
13:80:8d:5e:da:50:13:54:c1:8f:a9:9d:52:27:48:91:91:38:
72:89:82:f7:bd:2b:d2:12:e2:ca:9a:75:25:38:f7:2c:54:88:
fb:1c:da:6b:d7:4f:d9:c4:f1:59:9c:07:ba:2a:6a:68:c3:f9:
c1:d2:7b:fb:82:a2:6d:5e:94:2e:da:05:00:e8:f1:da:ca:c0:
98:40:4d:48:e8:b6:e1:22:4f:40:bd:ac:44:f1:17:d7:f4:7c:
7c:c6:b7:5c:77:09:9b:37:cc:2d:2b:0c:db:d8:04:30:ea:cf:
b2:8a:7b:24:95:39:fa:8f:1b:7e:02:5c:03:6f:99:23:86:28:
88:33:83:de:3a:7c:5c:dd:e2:9a:69:64:3b:3b:e6:73:29:47:
c1:a8:03:b2:59:bb:90:38:58:a0:69:a6:ea:7d:44:68:09:a1:
ae:1e:94:19:4e:60:eb:8a:15:1b:62:39:f1:cf:e5:ad:ca:d7:
93:ab:18:01:0e:c6:f8:6b:99:61:e1:5f:a9:29:41:76:36:ba:
a1:2f:d4:4f:f6:ba:4f:d0:d3:0e:27:fe:9c:ce:42:76:c1:e4:
fa:eb:9c:3a:93:8c:21:4e:5b:e5:ca:66:51:fc:3f:4c:34:2e:
a9:ef:05:aa:99:e5:ad:68:47:3b:ca:a7:e9:b5:09:c7:6a:a8:
9d:7d:e1:b8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyps7rbRdp0ui2tp4nsCy6yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhMjFiMWFiZTc4N2UyNTQ2NDM5MWZhZDYxZDAwZTNmMzc2
Yjk4Y2YwHhcNMjYwMzAxMTQwMDU0WhcNMjYwMzAyMTQwMDU0WjAzMTEwLwYDVQQD
Eyg2YjQ0ZmIwNDQ5ZDQ4OGQ4ZTc1OGM5MGM3ZDQ4YzRjYjJkZDMxMjBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl6Pk99/oDu35kB7IDl7lkp8MOact
6ncm+p3zyKb85FPOZUzExPwYzhyuv2JFbBipADMB+1aSVVXIKqMdrZVOQ4sM+MZc
EsBP3MUAuryITk2fp7ICAbQVtR0BnqzzH5nN5o+/cuaGsRQgdmL1pLKJbQoO50Tg
xxBMkBv8yLhHP3ASsCAYSAkHkGkq4PhWmsVWcImLbnLr5OgCCsVS+xRiOM91BAOh
hqkmlfFm0g4+wtsUZXk15mzOgPTibRSBtdHhHhaOaWgKWe+8ky+LCP9a2fpwuRRl
7gkamb+9D+7fsj4rC3pjs02TWCbsmGYtnsm7Wh61DIkJaOHEtLR5S9FdGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGtE+wRJ1IjY51jJDH1IxMst0xIPMB8GA1UdIwQY
MBaAFCohsavnh+JUZDkfrWHQDj83a5jPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2lHeHEtZUg0bFJrT1ItdFlkQU9QemRybU04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9lZDA2NTQtNzI0Yy00ZTkwLTgxZmYt
OTlmNWNiN2EzY2E1LzEvS2lHeHEtZUg0bFJrT1ItdFlkQU9QemRybU04Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9lZDA2NTQtNzI0Yy00ZTkwLTgxZmYtOTlmNWNiN2EzY2E1
LzEvS2lHeHEtZUg0bFJrT1ItdFlkQU9QemRybU04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAE4CNXtpQ
E1TBj6mdUidIkZE4comC970r0hLiypp1JTj3LFSI+xzaa9dP2cTxWZwHuipqaMP5
wdJ7+4KibV6ULtoFAOjx2srAmEBNSOi24SJPQL2sRPEX1/R8fMa3XHcJmzfMLSsM
29gEMOrPsop7JJU5+o8bfgJcA2+ZI4YoiDOD3jp8XN3immlkOzvmcylHwagDslm7
kDhYoGmm6n1EaAmhrh6UGU5g64oVG2I58c/lrcrXk6sYAQ7G+GuZYeFfqSlBdja6
oS/UT/a6T9DTDif+nM5CdsHk+uucOpOMIU5b5cpmUfw/TDQuqe8FqpnlrWhHO8qn
6bUJx2qonX3huA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:51:39 2026 by rpki-client