Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/ed0654-724c-4e90-81ff-99f5cb7a3ca5/1/KiGxq-eH4lRkOR-tYdAOPzdrmM8.mft
File: KiGxq-eH4lRkOR-tYdAOPzdrmM8.mft (raw, json)
Hash identifier: 9q/kHtp4Nn9GN2msNvIhdYcbvH3pWhXTYD6TJMJS+1k=
Subject key identifier: 57:A5:7B:F3:10:CD:F7:90:8C:45:D3:EE:80:9F:FD:63:62:F3:C2:C8
Authority key identifier: 2A:21:B1:AB:E7:87:E2:54:64:39:1F:AD:61:D0:0E:3F:37:6B:98:CF
Certificate issuer: /CN=2a21b1abe787e25464391fad61d00e3f376b98cf
Certificate serial: 019DA2D3800FE0E97F5CDD6E4F0C6D05C0AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KiGxq-eH4lRkOR-tYdAOPzdrmM8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/ed0654-724c-4e90-81ff-99f5cb7a3ca5/1/KiGxq-eH4lRkOR-tYdAOPzdrmM8.mft
Manifest number: 0DE2
Signing time: Sat 18 Apr 2026 23:01:02 +0000
Manifest this update: Sat 18 Apr 2026 23:01:02 +0000
Manifest next update: Sun 19 Apr 2026 23:01:02 +0000
Files and hashes: 1: CR089RdV9vYVGf4mZ93SrR3FOhs.roa (hash: 568v/GpPM88p9MXGvKjGe+TkORQEJQjb2NVPN9PNx0U=)
2: KiGxq-eH4lRkOR-tYdAOPzdrmM8.crl (hash: /yVps+KLtClQp+lI34EC5csQqdj477ZEELwKf5t3wqE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/12/ed0654-724c-4e90-81ff-99f5cb7a3ca5/1/KiGxq-eH4lRkOR-tYdAOPzdrmM8.crl
rsync://rpki.ripe.net/repository/DEFAULT/12/ed0654-724c-4e90-81ff-99f5cb7a3ca5/1/KiGxq-eH4lRkOR-tYdAOPzdrmM8.mft
rsync://rpki.ripe.net/repository/DEFAULT/KiGxq-eH4lRkOR-tYdAOPzdrmM8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 Apr 2026 23:01:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:a2:d3:80:0f:e0:e9:7f:5c:dd:6e:4f:0c:6d:05:c0:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a21b1abe787e25464391fad61d00e3f376b98cf
Validity
Not Before: Apr 18 23:01:02 2026 GMT
Not After : Apr 19 23:01:02 2026 GMT
Subject: CN=57a57bf310cdf7908c45d3ee809ffd6362f3c2c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:2a:ce:23:13:d4:bd:91:f8:4d:fb:b3:51:14:
59:39:86:34:de:26:14:ad:c3:c2:c9:bb:52:44:38:
df:36:5d:4b:61:a1:55:d2:19:78:4d:88:a8:97:43:
cc:f8:02:1b:af:fb:54:a8:d0:be:eb:0c:2d:cd:c5:
b2:fe:a9:74:77:eb:f0:4d:d1:3c:66:5d:2d:5c:71:
fd:d7:e5:9c:7a:b0:19:d9:ac:3e:f9:ca:95:f7:10:
d4:1e:a5:0c:40:86:cd:3f:74:1e:56:9b:2d:5f:6b:
62:db:0f:17:13:80:4f:01:d2:22:19:af:b8:51:7d:
1b:12:73:59:b1:a0:f4:90:dc:d8:a0:ef:79:69:a6:
3b:49:f3:b3:66:96:80:66:49:9b:87:7a:76:7a:12:
82:54:b4:b0:c5:17:0a:86:88:2b:08:e0:6a:ec:c0:
cd:6d:68:10:c1:2b:53:ec:11:aa:ed:eb:1f:57:c5:
2d:c5:e2:8a:8a:6c:7d:44:85:31:4c:45:cd:dc:76:
f7:20:6c:71:df:27:be:e9:8c:31:48:8c:8e:05:dd:
24:4a:c3:f1:dd:c1:33:7c:64:e7:89:d9:74:5f:a4:
b7:dd:ad:ef:dc:05:d3:58:6a:63:fe:b9:7c:38:ac:
f5:7b:3c:d2:23:d7:f8:9c:0a:ce:df:9c:eb:4e:c3:
d7:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:A5:7B:F3:10:CD:F7:90:8C:45:D3:EE:80:9F:FD:63:62:F3:C2:C8
X509v3 Authority Key Identifier:
keyid:2A:21:B1:AB:E7:87:E2:54:64:39:1F:AD:61:D0:0E:3F:37:6B:98:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KiGxq-eH4lRkOR-tYdAOPzdrmM8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/ed0654-724c-4e90-81ff-99f5cb7a3ca5/1/KiGxq-eH4lRkOR-tYdAOPzdrmM8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/ed0654-724c-4e90-81ff-99f5cb7a3ca5/1/KiGxq-eH4lRkOR-tYdAOPzdrmM8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
81:67:fa:b8:3a:87:75:2e:8d:8d:3d:54:60:20:ac:82:3c:05:
9c:9e:9a:de:9c:9a:e3:79:0a:a1:1a:52:98:f3:97:ad:da:1e:
e1:41:f5:d7:df:f3:af:ae:ba:75:56:a1:1d:d7:6a:ed:ce:f3:
dc:bf:d6:a4:2e:4e:74:5a:b2:da:5e:5b:10:a7:4c:b5:46:e0:
aa:a0:04:71:fd:e0:35:45:04:1d:0b:33:91:ef:e9:f1:6d:84:
5a:9a:78:97:ac:a2:08:82:2e:0a:13:f5:8e:95:62:91:96:30:
ae:7c:61:f6:10:d8:4a:1b:39:fb:18:91:5b:e6:f7:77:3f:e0:
a6:66:00:30:f8:1b:77:49:43:00:49:83:5e:af:1b:6b:66:86:
90:f3:ad:6f:ad:c4:73:03:0d:39:5b:b9:a7:3e:e9:4e:04:c8:
af:fa:23:ad:a6:6b:69:30:dd:52:f1:92:a8:fa:94:9d:ba:2a:
38:3c:44:68:c9:e7:bb:a5:0c:d2:9b:5d:6f:a9:62:10:04:72:
dc:be:49:4c:35:81:b3:9e:4d:b5:e2:f8:82:5f:f1:3b:f2:eb:
91:39:9e:74:1f:84:7b:bf:fc:50:8d:96:f7:1e:aa:aa:92:37:
01:0c:b2:9e:02:f5:36:53:21:54:d0:97:e6:51:5d:40:d4:0a:
33:c2:b1:5b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2i04AP4Ol/XN1uTwxtBcCrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhMjFiMWFiZTc4N2UyNTQ2NDM5MWZhZDYxZDAwZTNmMzc2
Yjk4Y2YwHhcNMjYwNDE4MjMwMTAyWhcNMjYwNDE5MjMwMTAyWjAzMTEwLwYDVQQD
Eyg1N2E1N2JmMzEwY2RmNzkwOGM0NWQzZWU4MDlmZmQ2MzYyZjNjMmM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlirOIxPUvZH4TfuzURRZOYY03iYU
rcPCybtSRDjfNl1LYaFV0hl4TYiol0PM+AIbr/tUqNC+6wwtzcWy/ql0d+vwTdE8
Zl0tXHH91+WcerAZ2aw++cqV9xDUHqUMQIbNP3QeVpstX2ti2w8XE4BPAdIiGa+4
UX0bEnNZsaD0kNzYoO95aaY7SfOzZpaAZkmbh3p2ehKCVLSwxRcKhogrCOBq7MDN
bWgQwStT7BGq7esfV8UtxeKKimx9RIUxTEXN3Hb3IGxx3ye+6YwxSIyOBd0kSsPx
3cEzfGTnidl0X6S33a3v3AXTWGpj/rl8OKz1ezzSI9f4nArO35zrTsPXpwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFele/MQzfeQjEXT7oCf/WNi88LIMB8GA1UdIwQY
MBaAFCohsavnh+JUZDkfrWHQDj83a5jPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2lHeHEtZUg0bFJrT1ItdFlkQU9QemRybU04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9lZDA2NTQtNzI0Yy00ZTkwLTgxZmYt
OTlmNWNiN2EzY2E1LzEvS2lHeHEtZUg0bFJrT1ItdFlkQU9QemRybU04Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9lZDA2NTQtNzI0Yy00ZTkwLTgxZmYtOTlmNWNiN2EzY2E1
LzEvS2lHeHEtZUg0bFJrT1ItdFlkQU9QemRybU04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgWf6uDqH
dS6NjT1UYCCsgjwFnJ6a3pya43kKoRpSmPOXrdoe4UH119/zr666dVahHddq7c7z
3L/WpC5OdFqy2l5bEKdMtUbgqqAEcf3gNUUEHQszke/p8W2EWpp4l6yiCIIuChP1
jpVikZYwrnxh9hDYShs5+xiRW+b3dz/gpmYAMPgbd0lDAEmDXq8ba2aGkPOtb63E
cwMNOVu5pz7pTgTIr/ojraZraTDdUvGSqPqUnboqODxEaMnnu6UM0ptdb6liEARy
3L5JTDWBs55NteL4gl/xO/LrkTmedB+Ee7/8UI2W9x6qqpI3AQyyngL1NlMhVNCX
5lFdQNQKM8KxWw==
-----END CERTIFICATE-----
Generated at Sun Apr 19 08:48:22 2026 by rpki-client