Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/987b3c-f345-4112-9240-a4c0aba9bbeb/1/KqPjBJdiCGjhestHhoLOegvRNTQ.mft
File: KqPjBJdiCGjhestHhoLOegvRNTQ.mft (raw, json)
Hash identifier: /sNLiGuflaH3nLV+KG1BpqGmHVtzpnE1JdG+q+mbw34=
Subject key identifier: AF:2C:E3:FC:F8:70:A8:E4:65:86:59:B8:C4:7E:BC:63:3A:17:D3:38
Authority key identifier: 2A:A3:E3:04:97:62:08:68:E1:7A:CB:47:86:82:CE:7A:0B:D1:35:34
Certificate issuer: /CN=2aa3e30497620868e17acb478682ce7a0bd13534
Certificate serial: 019CAC103C2C60502BB6FA1FF6AD66A3E239
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KqPjBJdiCGjhestHhoLOegvRNTQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/987b3c-f345-4112-9240-a4c0aba9bbeb/1/KqPjBJdiCGjhestHhoLOegvRNTQ.mft
Manifest number: 1846
Signing time: Mon 02 Mar 2026 01:01:10 +0000
Manifest this update: Mon 02 Mar 2026 01:01:10 +0000
Manifest next update: Tue 03 Mar 2026 01:01:10 +0000
Files and hashes: 1: KqPjBJdiCGjhestHhoLOegvRNTQ.crl (hash: jOixFXgs5+OcwFq3N6H8YoL7Wzj46y57hT+xKexUo1c=)
2: MhVJs-dWDJmrXlKqcMfoLN_84JY.roa (hash: 2g0t0h8Fxp46vhAobXXA0I4CYe8p0TLn16sQB8keFq4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/987b3c-f345-4112-9240-a4c0aba9bbeb/1/KqPjBJdiCGjhestHhoLOegvRNTQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/21/987b3c-f345-4112-9240-a4c0aba9bbeb/1/KqPjBJdiCGjhestHhoLOegvRNTQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/KqPjBJdiCGjhestHhoLOegvRNTQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ac:10:3c:2c:60:50:2b:b6:fa:1f:f6:ad:66:a3:e2:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2aa3e30497620868e17acb478682ce7a0bd13534
Validity
Not Before: Mar 2 01:01:10 2026 GMT
Not After : Mar 3 01:01:10 2026 GMT
Subject: CN=af2ce3fcf870a8e4658659b8c47ebc633a17d338
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:b0:f2:9a:a7:f9:40:06:12:01:b2:51:ec:94:
2b:e9:ee:d7:36:cc:77:ad:d6:ab:93:d3:5f:03:c4:
22:3a:44:ec:a3:34:9f:38:76:19:0c:37:e8:d7:06:
f1:27:3f:5d:4d:85:7a:07:4a:19:89:4e:85:78:20:
c4:bf:e5:9f:a8:f1:df:db:50:48:7f:76:46:55:ee:
3f:a2:2b:a1:e6:3a:a1:fc:8c:b7:ec:83:81:b0:10:
c5:06:76:52:60:c6:40:d7:aa:5c:55:fc:aa:c4:54:
2c:b8:1f:40:6d:b9:c8:db:35:7d:81:35:58:d0:1a:
85:8c:ee:08:a0:cf:dc:e7:34:f4:b4:b2:46:39:9e:
12:0a:72:cf:15:7a:1e:6a:c1:79:00:ea:54:c6:6a:
86:1b:cc:95:4e:e0:73:18:27:e0:2b:8d:d0:9c:7b:
ec:31:28:ec:ee:87:33:53:58:cd:58:16:2c:d2:90:
68:2a:45:17:d8:f3:6e:a8:f8:63:54:15:63:56:4b:
b0:f5:47:64:fa:a3:43:3a:aa:35:1d:ee:c8:dd:c2:
75:af:c0:de:b7:d3:ec:be:4a:52:b5:a1:d4:03:75:
92:9c:56:cb:0d:a5:3c:e6:c1:9e:ae:1e:65:93:4d:
3b:48:00:59:e5:34:2b:3b:2f:f5:24:29:66:55:ee:
b2:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:2C:E3:FC:F8:70:A8:E4:65:86:59:B8:C4:7E:BC:63:3A:17:D3:38
X509v3 Authority Key Identifier:
keyid:2A:A3:E3:04:97:62:08:68:E1:7A:CB:47:86:82:CE:7A:0B:D1:35:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KqPjBJdiCGjhestHhoLOegvRNTQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/987b3c-f345-4112-9240-a4c0aba9bbeb/1/KqPjBJdiCGjhestHhoLOegvRNTQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/987b3c-f345-4112-9240-a4c0aba9bbeb/1/KqPjBJdiCGjhestHhoLOegvRNTQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3b:b5:cb:0b:26:9d:cb:b6:10:de:4d:ba:2e:ab:d5:fa:44:1a:
3d:e7:c3:9c:10:87:2e:61:44:89:14:e3:71:b9:05:7d:bf:90:
47:e0:26:d4:f7:e3:be:e7:8f:a8:e6:d9:52:6c:d6:af:71:9e:
12:cd:09:f1:26:2d:8d:a5:7e:50:cd:d0:16:00:f8:3a:da:2f:
c7:39:6b:df:25:d4:6c:24:01:47:fb:23:ec:df:01:22:17:2d:
39:7e:11:c3:5d:80:bd:54:17:a9:a2:57:72:67:fd:e0:87:a6:
02:eb:7d:8b:b1:6c:e5:fc:10:9b:38:4b:9c:61:fc:4b:e4:86:
05:a7:05:9c:89:e0:1b:df:78:27:1f:10:a7:d9:33:26:cd:d5:
0f:67:d9:5d:4e:10:ad:56:5d:34:7f:6f:92:7b:e9:3b:8f:75:
a7:56:64:40:e8:d0:8b:8a:d7:41:0a:c4:dd:89:62:33:a0:2a:
ef:bd:b6:7b:8e:b1:03:f8:bf:c7:4e:61:44:03:25:3d:82:39:
e2:ed:6d:31:8d:72:11:41:46:0a:c7:6d:c5:36:d1:2d:cc:61:
7c:c4:65:1b:6f:b8:d4:92:94:fa:bc:ae:ec:f3:51:d5:fd:16:
6a:54:27:e5:c1:ab:d5:77:ce:56:e8:f3:d9:12:dd:82:78:1c:
86:23:a6:c4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZysEDwsYFArtvof9q1mo+I5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYTNlMzA0OTc2MjA4NjhlMTdhY2I0Nzg2ODJjZTdhMGJk
MTM1MzQwHhcNMjYwMzAyMDEwMTEwWhcNMjYwMzAzMDEwMTEwWjAzMTEwLwYDVQQD
EyhhZjJjZTNmY2Y4NzBhOGU0NjU4NjU5YjhjNDdlYmM2MzNhMTdkMzM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlLDymqf5QAYSAbJR7JQr6e7XNsx3
rdark9NfA8QiOkTsozSfOHYZDDfo1wbxJz9dTYV6B0oZiU6FeCDEv+WfqPHf21BI
f3ZGVe4/oiuh5jqh/Iy37IOBsBDFBnZSYMZA16pcVfyqxFQsuB9AbbnI2zV9gTVY
0BqFjO4IoM/c5zT0tLJGOZ4SCnLPFXoeasF5AOpUxmqGG8yVTuBzGCfgK43QnHvs
MSjs7oczU1jNWBYs0pBoKkUX2PNuqPhjVBVjVkuw9Udk+qNDOqo1He7I3cJ1r8De
t9PsvkpStaHUA3WSnFbLDaU85sGerh5lk007SABZ5TQrOy/1JClmVe6y2QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK8s4/z4cKjkZYZZuMR+vGM6F9M4MB8GA1UdIwQY
MBaAFCqj4wSXYgho4XrLR4aCznoL0TU0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3FQakJKZGlDR2poZXN0SGhvTE9lZ3ZSTlRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS85ODdiM2MtZjM0NS00MTEyLTkyNDAt
YTRjMGFiYTliYmViLzEvS3FQakJKZGlDR2poZXN0SGhvTE9lZ3ZSTlRRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS85ODdiM2MtZjM0NS00MTEyLTkyNDAtYTRjMGFiYTliYmVi
LzEvS3FQakJKZGlDR2poZXN0SGhvTE9lZ3ZSTlRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAO7XLCyad
y7YQ3k26LqvV+kQaPefDnBCHLmFEiRTjcbkFfb+QR+Am1PfjvuePqObZUmzWr3Ge
Es0J8SYtjaV+UM3QFgD4Otovxzlr3yXUbCQBR/sj7N8BIhctOX4Rw12AvVQXqaJX
cmf94IemAut9i7Fs5fwQmzhLnGH8S+SGBacFnIngG994Jx8Qp9kzJs3VD2fZXU4Q
rVZdNH9vknvpO491p1ZkQOjQi4rXQQrE3YliM6Aq7722e46xA/i/x05hRAMlPYI5
4u1tMY1yEUFGCsdtxTbRLcxhfMRlG2+41JKU+ryu7PNR1f0WalQn5cGr1XfOVujz
2RLdgngchiOmxA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 11:23:49 2026 by rpki-client