Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/34e53f-6759-4cf5-9801-5d630e203fd5/1/kaEXOnDkH0WTVHZpraIvDX9o81Q.mft
File: kaEXOnDkH0WTVHZpraIvDX9o81Q.mft (raw, json)
Hash identifier: fsppDA6SYZ5uc7lmG3n7vxGCLibB+ka475TiOiqG9xk=
Subject key identifier: EB:03:E7:45:DA:4D:0D:EF:76:B7:68:C6:D6:3B:10:43:81:55:07:D0
Authority key identifier: 91:A1:17:3A:70:E4:1F:45:93:54:76:69:AD:A2:2F:0D:7F:68:F3:54
Certificate issuer: /CN=91a1173a70e41f4593547669ada22f0d7f68f354
Certificate serial: 019CAB6BA9E0DD30F1B878B73066256BFA5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kaEXOnDkH0WTVHZpraIvDX9o81Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/34e53f-6759-4cf5-9801-5d630e203fd5/1/kaEXOnDkH0WTVHZpraIvDX9o81Q.mft
Manifest number: 1848
Signing time: Sun 01 Mar 2026 22:01:25 +0000
Manifest this update: Sun 01 Mar 2026 22:01:25 +0000
Manifest next update: Mon 02 Mar 2026 22:01:25 +0000
Files and hashes: 1: EZMelYnsyxsc7u1d-UmuOELSVGA.roa (hash: fiCJAdZiRwTzbxllvOptWzW5kDS3kt1J0JiXeIKn0tM=)
2: kaEXOnDkH0WTVHZpraIvDX9o81Q.crl (hash: 53u8jvBrzT4n21nub8NMSaCuWLKCBAU+htyL3DHn7Pc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/34e53f-6759-4cf5-9801-5d630e203fd5/1/kaEXOnDkH0WTVHZpraIvDX9o81Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/34e53f-6759-4cf5-9801-5d630e203fd5/1/kaEXOnDkH0WTVHZpraIvDX9o81Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/kaEXOnDkH0WTVHZpraIvDX9o81Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ab:6b:a9:e0:dd:30:f1:b8:78:b7:30:66:25:6b:fa:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91a1173a70e41f4593547669ada22f0d7f68f354
Validity
Not Before: Mar 1 22:01:25 2026 GMT
Not After : Mar 2 22:01:25 2026 GMT
Subject: CN=eb03e745da4d0def76b768c6d63b1043815507d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:39:aa:c1:8c:9d:aa:e7:07:0a:bb:ee:c3:8d:
1f:bf:95:fb:af:29:ca:91:c2:34:c4:96:c8:e8:d2:
e7:9f:46:9a:e8:51:fb:b9:55:ca:0d:83:e8:89:80:
4d:e9:f2:ed:ff:5c:56:c1:dd:6b:8a:0a:fb:62:9a:
8c:f5:5c:d3:d9:24:c0:90:44:2c:b6:b1:34:cc:f9:
15:3a:28:1f:c1:4f:2f:12:da:c9:5e:44:e8:e5:b4:
7c:c3:f5:8e:a7:38:a8:92:c7:43:7a:ca:37:76:28:
24:30:6b:73:b5:71:4d:47:70:e1:cf:96:f8:e7:34:
94:5d:58:c7:3c:5b:69:2d:1e:fa:ea:5e:05:90:8c:
5f:02:81:80:8c:70:7b:d5:ab:f5:17:20:45:f6:90:
8a:f1:b2:ce:95:1a:24:32:6a:e9:35:71:d5:e4:67:
fe:b4:5f:11:4b:f0:25:b7:fd:a3:da:42:3b:4b:90:
75:cc:6e:0c:bc:98:e5:bf:be:1c:c6:aa:dd:c7:98:
7b:e8:12:e5:46:37:9b:21:ae:cf:3b:ba:58:55:93:
47:91:04:81:9c:53:e3:61:28:45:8d:77:23:03:2d:
eb:63:97:60:1e:6b:37:be:40:e6:ef:b0:f3:fb:ce:
8a:39:64:dd:ac:42:90:bf:7a:97:58:d5:ff:3e:ad:
07:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:03:E7:45:DA:4D:0D:EF:76:B7:68:C6:D6:3B:10:43:81:55:07:D0
X509v3 Authority Key Identifier:
keyid:91:A1:17:3A:70:E4:1F:45:93:54:76:69:AD:A2:2F:0D:7F:68:F3:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kaEXOnDkH0WTVHZpraIvDX9o81Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/34e53f-6759-4cf5-9801-5d630e203fd5/1/kaEXOnDkH0WTVHZpraIvDX9o81Q.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/34e53f-6759-4cf5-9801-5d630e203fd5/1/kaEXOnDkH0WTVHZpraIvDX9o81Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
01:1c:39:a8:ac:6a:a4:c6:24:3f:a1:b7:ca:ac:3e:86:96:bb:
af:40:5d:98:65:fe:9f:ad:2d:73:f4:08:34:30:63:1e:59:55:
aa:dd:bb:ec:00:bb:c9:5d:b5:53:7e:7f:a7:bf:41:1f:d1:97:
02:b7:e6:5f:9b:93:2d:b1:de:c5:5b:7e:c3:be:58:c4:a5:c3:
5f:cc:86:aa:71:dc:1a:28:16:45:45:a0:c2:57:70:22:32:c8:
ca:cc:f3:f3:43:99:ca:bd:d1:b7:c6:60:ab:98:fb:d7:b7:9e:
07:ec:11:92:9a:f1:0b:e3:18:4a:11:08:ad:a1:db:c4:15:2c:
8e:b1:ce:4a:4b:b5:b8:17:03:bf:3c:f4:60:83:6a:b3:2c:b8:
6f:73:99:56:e6:df:fe:25:81:14:4a:0a:71:7d:5a:1f:97:d2:
c3:8e:7a:97:e8:79:99:2f:78:10:d1:92:19:a2:0a:0a:03:2b:
14:19:57:5f:e7:a9:66:e7:3f:90:68:1d:60:61:cd:05:5a:e3:
31:dc:94:a7:2e:4d:6e:5c:ce:f7:de:9a:05:e4:9b:0c:4c:9a:
79:d3:4d:9e:14:c1:ba:b8:e3:fd:41:ca:e8:9c:3c:00:2a:58:
f9:65:a4:80:ca:94:f4:8e:b6:0b:f5:10:c2:50:ef:b7:ad:65:
f5:ab:83:f0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyra6ng3TDxuHi3MGYla/pbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxYTExNzNhNzBlNDFmNDU5MzU0NzY2OWFkYTIyZjBkN2Y2
OGYzNTQwHhcNMjYwMzAxMjIwMTI1WhcNMjYwMzAyMjIwMTI1WjAzMTEwLwYDVQQD
EyhlYjAzZTc0NWRhNGQwZGVmNzZiNzY4YzZkNjNiMTA0MzgxNTUwN2QwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmDmqwYydqucHCrvuw40fv5X7rynK
kcI0xJbI6NLnn0aa6FH7uVXKDYPoiYBN6fLt/1xWwd1rigr7YpqM9VzT2STAkEQs
trE0zPkVOigfwU8vEtrJXkTo5bR8w/WOpzioksdDeso3digkMGtztXFNR3Dhz5b4
5zSUXVjHPFtpLR766l4FkIxfAoGAjHB71av1FyBF9pCK8bLOlRokMmrpNXHV5Gf+
tF8RS/Alt/2j2kI7S5B1zG4MvJjlv74cxqrdx5h76BLlRjebIa7PO7pYVZNHkQSB
nFPjYShFjXcjAy3rY5dgHms3vkDm77Dz+86KOWTdrEKQv3qXWNX/Pq0H/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOsD50XaTQ3vdrdoxtY7EEOBVQfQMB8GA1UdIwQY
MBaAFJGhFzpw5B9Fk1R2aa2iLw1/aPNUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2FFWE9uRGtIMFdUVkhacHJhSXZEWDlvODFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi8zNGU1M2YtNjc1OS00Y2Y1LTk4MDEt
NWQ2MzBlMjAzZmQ1LzEva2FFWE9uRGtIMFdUVkhacHJhSXZEWDlvODFRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi8zNGU1M2YtNjc1OS00Y2Y1LTk4MDEtNWQ2MzBlMjAzZmQ1
LzEva2FFWE9uRGtIMFdUVkhacHJhSXZEWDlvODFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAARw5qKxq
pMYkP6G3yqw+hpa7r0BdmGX+n60tc/QINDBjHllVqt277AC7yV21U35/p79BH9GX
ArfmX5uTLbHexVt+w75YxKXDX8yGqnHcGigWRUWgwldwIjLIyszz80OZyr3Rt8Zg
q5j717eeB+wRkprxC+MYShEIraHbxBUsjrHOSku1uBcDvzz0YINqsyy4b3OZVubf
/iWBFEoKcX1aH5fSw456l+h5mS94ENGSGaIKCgMrFBlXX+epZuc/kGgdYGHNBVrj
MdyUpy5NblzO996aBeSbDEyaedNNnhTBurjj/UHK6Jw8ACpY+WWkgMqU9I62C/UQ
wlDvt61l9auD8A==
-----END CERTIFICATE-----
Generated at Mon Mar 2 00:46:35 2026 by rpki-client