Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/ba6df7-f325-4184-a54a-0c481f0ad20e/1/KL8ecjI3QqxNgTarbI6F33ujfus.mft
File: KL8ecjI3QqxNgTarbI6F33ujfus.mft (raw, json)
Hash identifier: qMBvVEB3313+MKUtGK6/FFR5jqKYPRpset9ReoZ7qss=
Subject key identifier: 76:EA:C2:D2:60:46:B2:9B:3F:F9:7F:21:47:5D:E0:28:BD:55:BC:69
Authority key identifier: 28:BF:1E:72:32:37:42:AC:4D:81:36:AB:6C:8E:85:DF:7B:A3:7E:EB
Certificate issuer: /CN=28bf1e72323742ac4d8136ab6c8e85df7ba37eeb
Certificate serial: 019EC148E6C15C68716DE53C78E1AB8DDB63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KL8ecjI3QqxNgTarbI6F33ujfus.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/ba6df7-f325-4184-a54a-0c481f0ad20e/1/KL8ecjI3QqxNgTarbI6F33ujfus.mft
Manifest number: 195D
Signing time: Sat 13 Jun 2026 14:00:40 +0000
Manifest this update: Sat 13 Jun 2026 14:00:40 +0000
Manifest next update: Sun 14 Jun 2026 14:00:40 +0000
Files and hashes: 1: JYwSyuAchjIXKqx-0j7gKo4P2VU.roa (hash: Ont+m3ZNydrhvmwI0GsT3aYVRki6QYVMqq1ZQxnAm0g=)
2: KL8ecjI3QqxNgTarbI6F33ujfus.crl (hash: Zpq1+wcw+hOdQ5XG1ibgtrp5ldcg1EQ00s1ifUut/z4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/ba6df7-f325-4184-a54a-0c481f0ad20e/1/KL8ecjI3QqxNgTarbI6F33ujfus.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/ba6df7-f325-4184-a54a-0c481f0ad20e/1/KL8ecjI3QqxNgTarbI6F33ujfus.mft
rsync://rpki.ripe.net/repository/DEFAULT/KL8ecjI3QqxNgTarbI6F33ujfus.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 14:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:c1:48:e6:c1:5c:68:71:6d:e5:3c:78:e1:ab:8d:db:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28bf1e72323742ac4d8136ab6c8e85df7ba37eeb
Validity
Not Before: Jun 13 14:00:40 2026 GMT
Not After : Jun 14 14:00:40 2026 GMT
Subject: CN=76eac2d26046b29b3ff97f21475de028bd55bc69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:69:0a:92:cf:85:0c:a0:b8:98:ec:d4:b2:ee:
c7:5e:5c:0a:fe:dc:3b:65:2a:09:09:55:f9:a4:d8:
aa:5e:b0:2a:f0:f7:88:91:cd:22:e6:4f:96:2f:b6:
49:90:ef:77:98:17:ba:cc:ee:5e:d8:c0:7f:3f:5d:
2c:99:86:77:e3:09:41:8d:8a:04:dc:8b:c2:41:d4:
e8:b2:3d:13:7c:0a:e5:d3:9d:88:c6:ab:d4:18:27:
df:f0:ec:4a:39:c2:6f:ee:39:ee:79:20:f3:88:61:
27:5b:95:13:1c:45:bc:33:90:ad:d2:b4:c4:6a:b8:
1f:18:27:20:57:ad:9d:e2:1d:80:87:bc:bd:fd:45:
45:8d:11:b0:a0:29:9d:9f:6a:67:45:22:e8:af:5c:
9e:85:7f:a3:8f:ff:9f:c7:85:22:7d:3c:d9:fb:52:
56:11:57:20:91:a5:99:36:e0:38:70:30:7d:1e:91:
26:66:22:e7:50:ef:1c:90:f6:6b:68:5e:c8:0b:1c:
d2:f3:43:36:2b:8a:c8:ab:80:b0:87:e5:a9:86:18:
1d:b5:1a:f5:dc:00:c0:67:ed:7e:6c:ec:eb:cd:8a:
46:e2:50:00:ca:65:b1:c7:19:34:93:cf:a8:fe:d3:
0c:34:64:d5:ac:36:20:df:5a:e9:30:ef:e4:71:cc:
36:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:EA:C2:D2:60:46:B2:9B:3F:F9:7F:21:47:5D:E0:28:BD:55:BC:69
X509v3 Authority Key Identifier:
keyid:28:BF:1E:72:32:37:42:AC:4D:81:36:AB:6C:8E:85:DF:7B:A3:7E:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KL8ecjI3QqxNgTarbI6F33ujfus.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/ba6df7-f325-4184-a54a-0c481f0ad20e/1/KL8ecjI3QqxNgTarbI6F33ujfus.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/ba6df7-f325-4184-a54a-0c481f0ad20e/1/KL8ecjI3QqxNgTarbI6F33ujfus.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
cf:3f:c7:70:c2:cb:6c:7e:b6:f3:85:fb:dd:46:36:73:04:13:
04:51:12:48:e0:47:f0:37:f8:ec:cf:4d:3c:33:47:ae:4c:66:
6b:d2:a2:d3:ea:c5:ca:a3:9d:ed:32:a8:96:5d:64:19:b3:28:
5c:9c:d9:28:11:cf:cc:6a:15:d4:0f:a6:10:a8:b8:ec:bf:c3:
d9:e4:6d:56:43:7c:4c:7d:cb:d0:11:d0:59:59:6b:e9:7f:3c:
e2:83:23:12:c4:54:b4:ca:5c:a5:71:77:5f:8f:21:a3:d0:cc:
11:e4:fb:80:3d:c9:7e:22:28:56:91:6a:27:67:90:f7:d8:9f:
f1:46:9d:39:ad:8c:6e:7f:5c:da:8b:57:57:b0:24:47:b3:8b:
9d:fd:07:ee:2b:be:08:84:13:ba:1d:8b:fa:f8:c2:2e:e4:e8:
62:a1:ca:4d:21:34:a4:22:f1:e7:45:38:75:68:3d:25:00:a6:
88:a4:5d:95:ff:37:89:a3:f2:f5:31:ee:2f:05:d5:61:80:fe:
ed:37:7f:80:17:dc:2f:e3:08:5e:fb:a1:07:b8:15:fc:a4:93:
7c:f3:1e:9e:b4:54:b5:b1:cb:31:a9:5b:93:82:ed:bd:ce:d3:
c0:03:7c:6a:f6:13:35:2e:e9:1b:82:6b:a8:7d:3f:b8:3c:7b:
f8:62:8a:ec
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ7BSObBXGhxbeU8eOGrjdtjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4YmYxZTcyMzIzNzQyYWM0ZDgxMzZhYjZjOGU4NWRmN2Jh
MzdlZWIwHhcNMjYwNjEzMTQwMDQwWhcNMjYwNjE0MTQwMDQwWjAzMTEwLwYDVQQD
Eyg3NmVhYzJkMjYwNDZiMjliM2ZmOTdmMjE0NzVkZTAyOGJkNTViYzY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlWkKks+FDKC4mOzUsu7HXlwK/tw7
ZSoJCVX5pNiqXrAq8PeIkc0i5k+WL7ZJkO93mBe6zO5e2MB/P10smYZ34wlBjYoE
3IvCQdTosj0TfArl052IxqvUGCff8OxKOcJv7jnueSDziGEnW5UTHEW8M5Ct0rTE
argfGCcgV62d4h2Ah7y9/UVFjRGwoCmdn2pnRSLor1yehX+jj/+fx4UifTzZ+1JW
EVcgkaWZNuA4cDB9HpEmZiLnUO8ckPZraF7ICxzS80M2K4rIq4Cwh+WphhgdtRr1
3ADAZ+1+bOzrzYpG4lAAymWxxxk0k8+o/tMMNGTVrDYg31rpMO/kccw2qwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHbqwtJgRrKbP/l/IUdd4Ci9VbxpMB8GA1UdIwQY
MBaAFCi/HnIyN0KsTYE2q2yOhd97o37rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0w4ZWNqSTNRcXhOZ1RhcmJJNkYzM3VqZnVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9iYTZkZjctZjMyNS00MTg0LWE1NGEt
MGM0ODFmMGFkMjBlLzEvS0w4ZWNqSTNRcXhOZ1RhcmJJNkYzM3VqZnVzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9iYTZkZjctZjMyNS00MTg0LWE1NGEtMGM0ODFmMGFkMjBl
LzEvS0w4ZWNqSTNRcXhOZ1RhcmJJNkYzM3VqZnVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAzz/HcMLL
bH6284X73UY2cwQTBFESSOBH8Df47M9NPDNHrkxma9Ki0+rFyqOd7TKoll1kGbMo
XJzZKBHPzGoV1A+mEKi47L/D2eRtVkN8TH3L0BHQWVlr6X884oMjEsRUtMpcpXF3
X48ho9DMEeT7gD3JfiIoVpFqJ2eQ99if8UadOa2Mbn9c2otXV7AkR7OLnf0H7iu+
CIQTuh2L+vjCLuToYqHKTSE0pCLx50U4dWg9JQCmiKRdlf83iaPy9THuLwXVYYD+
7Td/gBfcL+MIXvuhB7gV/KSTfPMenrRUtbHLMalbk4Ltvc7TwAN8avYTNS7pG4Jr
qH0/uDx7+GKK7A==
-----END CERTIFICATE-----
Generated at Sun Jun 14 00:24:54 2026 by rpki-client