Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/ba6df7-f325-4184-a54a-0c481f0ad20e/1/KL8ecjI3QqxNgTarbI6F33ujfus.mft
File: KL8ecjI3QqxNgTarbI6F33ujfus.mft (raw, json)
Hash identifier: oQyDxiaX52vtqcrw5OdT3rJPhgCB1zmrGW+wELM8w0s=
Subject key identifier: C2:F1:64:EE:24:5B:AE:95:AC:DF:83:81:8E:E5:3D:3F:2F:CD:E9:12
Authority key identifier: 28:BF:1E:72:32:37:42:AC:4D:81:36:AB:6C:8E:85:DF:7B:A3:7E:EB
Certificate issuer: /CN=28bf1e72323742ac4d8136ab6c8e85df7ba37eeb
Certificate serial: 019CAE351473ECC42129564DC74937B5C1BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KL8ecjI3QqxNgTarbI6F33ujfus.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/ba6df7-f325-4184-a54a-0c481f0ad20e/1/KL8ecjI3QqxNgTarbI6F33ujfus.mft
Manifest number: 1849
Signing time: Mon 02 Mar 2026 11:00:40 +0000
Manifest this update: Mon 02 Mar 2026 11:00:40 +0000
Manifest next update: Tue 03 Mar 2026 11:00:40 +0000
Files and hashes: 1: KL8ecjI3QqxNgTarbI6F33ujfus.crl (hash: PFUVMj6F0SNZI43a44yUrv/zefkoCnDwGFrxY5a0VMk=)
2: ecRzktYrFjLVxOC-GlugSTEtWK0.roa (hash: rKqBSvS82bzwCh2lS4Ae0RGYw1nfUEHFPUJO90hBbGI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/ba6df7-f325-4184-a54a-0c481f0ad20e/1/KL8ecjI3QqxNgTarbI6F33ujfus.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/ba6df7-f325-4184-a54a-0c481f0ad20e/1/KL8ecjI3QqxNgTarbI6F33ujfus.mft
rsync://rpki.ripe.net/repository/DEFAULT/KL8ecjI3QqxNgTarbI6F33ujfus.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 11:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ae:35:14:73:ec:c4:21:29:56:4d:c7:49:37:b5:c1:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28bf1e72323742ac4d8136ab6c8e85df7ba37eeb
Validity
Not Before: Mar 2 11:00:40 2026 GMT
Not After : Mar 3 11:00:40 2026 GMT
Subject: CN=c2f164ee245bae95acdf83818ee53d3f2fcde912
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:fd:91:c7:be:9c:83:f6:9e:2d:f4:55:71:a9:
86:40:fb:9f:20:15:c6:78:2f:2d:e0:e0:16:5a:00:
56:81:ef:30:0d:6d:ba:fe:f1:e7:31:0d:15:98:b2:
2e:6f:c7:06:e3:8d:90:7a:eb:b3:30:af:d9:8e:58:
63:b0:df:8e:db:df:f8:35:d3:db:22:00:db:94:29:
f6:cd:3c:26:58:35:d1:be:a4:4e:8c:8a:16:96:25:
e6:1a:34:4c:1d:7e:59:8f:b4:6c:4a:29:ec:d4:59:
b4:3f:76:7b:1b:c7:f0:8b:3a:ae:9d:e7:79:81:08:
c0:ca:df:51:f0:89:d8:0c:51:9c:4b:d9:e4:e7:a8:
59:1f:46:8f:8e:3d:95:f7:a4:0d:8f:25:33:90:4b:
be:04:43:7a:c2:ee:fb:e8:91:34:dc:af:d9:36:4f:
e3:79:6d:a0:39:6e:e6:eb:f3:8f:83:49:5b:44:8b:
18:bd:fa:6a:76:94:74:f5:4d:84:c1:2f:b9:d1:a5:
e3:2e:a0:fd:3a:38:30:64:93:c9:d0:b4:f3:a2:d0:
6f:4c:2f:38:a4:73:c0:f6:51:d0:d1:91:d2:b0:b1:
d2:14:ee:d7:2e:cc:e5:fd:f1:d8:54:75:c8:19:2d:
4b:91:55:d4:8e:06:a8:8d:fd:9d:1d:cf:ea:c1:bc:
24:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:F1:64:EE:24:5B:AE:95:AC:DF:83:81:8E:E5:3D:3F:2F:CD:E9:12
X509v3 Authority Key Identifier:
keyid:28:BF:1E:72:32:37:42:AC:4D:81:36:AB:6C:8E:85:DF:7B:A3:7E:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KL8ecjI3QqxNgTarbI6F33ujfus.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/ba6df7-f325-4184-a54a-0c481f0ad20e/1/KL8ecjI3QqxNgTarbI6F33ujfus.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/ba6df7-f325-4184-a54a-0c481f0ad20e/1/KL8ecjI3QqxNgTarbI6F33ujfus.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
79:d3:9c:99:77:d6:e1:db:ee:99:05:a2:03:7f:0e:09:a9:0e:
1d:89:62:85:f3:2f:71:40:58:b6:20:fb:fa:7a:a8:05:09:1e:
e9:1d:a4:23:46:bf:64:96:28:e8:26:7c:10:0f:24:55:7a:86:
51:53:02:d7:66:74:c5:a9:6f:15:32:ce:f4:89:3e:80:ec:83:
c5:a3:a0:e4:cb:03:e8:d0:2b:d8:3b:b9:e9:36:b1:4c:5a:35:
56:bf:cd:6d:e8:af:42:e5:85:1e:86:ed:d4:ad:d4:cc:00:09:
c4:78:ef:91:26:f6:7d:1e:13:9a:70:d0:81:7b:e1:2a:9e:78:
7c:65:b5:4b:dd:54:9a:43:d9:57:33:38:72:cb:f8:ce:11:72:
44:97:b5:5b:55:a9:34:31:6b:b5:68:73:c3:37:1d:c2:ce:0a:
48:14:09:df:5c:29:60:c7:e5:0b:bf:df:3e:6a:a7:56:f8:bb:
4f:35:af:d1:a1:0f:e8:84:b5:71:cd:85:20:6d:65:da:d6:87:
42:0f:b7:8c:b7:78:9e:11:14:dc:4d:60:59:0c:a0:cd:f0:05:
00:7c:39:b1:ab:f0:1b:a4:a9:2d:13:51:1b:b5:4f:40:6d:98:
dd:51:59:66:9a:37:5b:56:1c:80:a3:70:0b:b3:40:80:d6:12:
6a:26:87:aa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyuNRRz7MQhKVZNx0k3tcG8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4YmYxZTcyMzIzNzQyYWM0ZDgxMzZhYjZjOGU4NWRmN2Jh
MzdlZWIwHhcNMjYwMzAyMTEwMDQwWhcNMjYwMzAzMTEwMDQwWjAzMTEwLwYDVQQD
EyhjMmYxNjRlZTI0NWJhZTk1YWNkZjgzODE4ZWU1M2QzZjJmY2RlOTEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvv2Rx76cg/aeLfRVcamGQPufIBXG
eC8t4OAWWgBWge8wDW26/vHnMQ0VmLIub8cG442QeuuzMK/ZjlhjsN+O29/4NdPb
IgDblCn2zTwmWDXRvqROjIoWliXmGjRMHX5Zj7RsSins1Fm0P3Z7G8fwizquned5
gQjAyt9R8InYDFGcS9nk56hZH0aPjj2V96QNjyUzkEu+BEN6wu776JE03K/ZNk/j
eW2gOW7m6/OPg0lbRIsYvfpqdpR09U2EwS+50aXjLqD9OjgwZJPJ0LTzotBvTC84
pHPA9lHQ0ZHSsLHSFO7XLszl/fHYVHXIGS1LkVXUjgaojf2dHc/qwbwkDwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMLxZO4kW66VrN+DgY7lPT8vzekSMB8GA1UdIwQY
MBaAFCi/HnIyN0KsTYE2q2yOhd97o37rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0w4ZWNqSTNRcXhOZ1RhcmJJNkYzM3VqZnVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9iYTZkZjctZjMyNS00MTg0LWE1NGEt
MGM0ODFmMGFkMjBlLzEvS0w4ZWNqSTNRcXhOZ1RhcmJJNkYzM3VqZnVzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9iYTZkZjctZjMyNS00MTg0LWE1NGEtMGM0ODFmMGFkMjBl
LzEvS0w4ZWNqSTNRcXhOZ1RhcmJJNkYzM3VqZnVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAedOcmXfW
4dvumQWiA38OCakOHYlihfMvcUBYtiD7+nqoBQke6R2kI0a/ZJYo6CZ8EA8kVXqG
UVMC12Z0xalvFTLO9Ik+gOyDxaOg5MsD6NAr2Du56TaxTFo1Vr/NbeivQuWFHobt
1K3UzAAJxHjvkSb2fR4TmnDQgXvhKp54fGW1S91UmkPZVzM4csv4zhFyRJe1W1Wp
NDFrtWhzwzcdws4KSBQJ31wpYMflC7/fPmqnVvi7TzWv0aEP6IS1cc2FIG1l2taH
Qg+3jLd4nhEU3E1gWQygzfAFAHw5savwG6SpLRNRG7VPQG2Y3VFZZpo3W1YcgKNw
C7NAgNYSaiaHqg==
-----END CERTIFICATE-----
Generated at Mon Mar 2 17:44:46 2026 by rpki-client