Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/34e53f-6759-4cf5-9801-5d630e203fd5/1/kaEXOnDkH0WTVHZpraIvDX9o81Q.mft
File: kaEXOnDkH0WTVHZpraIvDX9o81Q.mft (raw, json)
Hash identifier: PWgCK6dHQYSQjYohl1e4RK6uMZGY65WXdTviHSLd8k4=
Subject key identifier: F5:3B:1A:24:AB:E8:0B:45:FF:AC:70:BD:D6:6A:17:C4:C7:F9:7B:7E
Authority key identifier: 91:A1:17:3A:70:E4:1F:45:93:54:76:69:AD:A2:2F:0D:7F:68:F3:54
Certificate issuer: /CN=91a1173a70e41f4593547669ada22f0d7f68f354
Certificate serial: 019D98F44E9FB276E824D0BD7798396EB54C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kaEXOnDkH0WTVHZpraIvDX9o81Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/34e53f-6759-4cf5-9801-5d630e203fd5/1/kaEXOnDkH0WTVHZpraIvDX9o81Q.mft
Manifest number: 18C3
Signing time: Fri 17 Apr 2026 01:00:40 +0000
Manifest this update: Fri 17 Apr 2026 01:00:40 +0000
Manifest next update: Sat 18 Apr 2026 01:00:40 +0000
Files and hashes: 1: EZMelYnsyxsc7u1d-UmuOELSVGA.roa (hash: fiCJAdZiRwTzbxllvOptWzW5kDS3kt1J0JiXeIKn0tM=)
2: kaEXOnDkH0WTVHZpraIvDX9o81Q.crl (hash: OaHh6hk4VanTb1zzAKt9OwRjFyGhWgBeG3y9A8ov2c0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/34e53f-6759-4cf5-9801-5d630e203fd5/1/kaEXOnDkH0WTVHZpraIvDX9o81Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/34e53f-6759-4cf5-9801-5d630e203fd5/1/kaEXOnDkH0WTVHZpraIvDX9o81Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/kaEXOnDkH0WTVHZpraIvDX9o81Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 01:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:98:f4:4e:9f:b2:76:e8:24:d0:bd:77:98:39:6e:b5:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91a1173a70e41f4593547669ada22f0d7f68f354
Validity
Not Before: Apr 17 01:00:40 2026 GMT
Not After : Apr 18 01:00:40 2026 GMT
Subject: CN=f53b1a24abe80b45ffac70bdd66a17c4c7f97b7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:17:e4:b2:74:89:36:ba:bd:31:f7:1c:eb:c3:
50:c5:e0:a4:40:23:cf:37:af:b0:22:ae:80:9a:5e:
4c:06:ed:fd:a7:28:81:7c:38:e6:12:97:17:b4:7f:
05:f4:d9:9c:2f:b0:fc:6d:32:9e:7c:0a:ae:8c:ca:
2c:0f:cd:1c:46:87:57:4e:c2:ba:51:ce:91:1d:80:
8e:6b:07:eb:c7:d1:89:ae:7a:f0:cc:19:b5:ce:32:
c6:ec:f4:db:a5:98:c5:b9:0e:29:d1:8e:19:88:69:
b4:ab:e0:63:0c:d5:5e:de:f0:63:ba:21:c7:c4:b5:
ee:49:5f:28:18:75:8e:8e:03:2d:97:12:e5:bf:51:
50:a2:49:c3:98:39:50:92:d8:c3:85:1c:48:d0:71:
d8:b5:90:a1:41:2a:d0:ab:fb:29:60:c0:f4:66:e1:
7a:9e:ef:a6:61:4e:61:b1:f9:85:64:aa:72:96:68:
94:02:5b:7e:65:35:f0:01:60:f2:f5:05:96:c6:9a:
c6:ce:cf:82:44:09:b1:52:b1:c5:16:04:39:f7:ec:
f6:61:f1:c9:94:75:b2:57:99:34:7f:a6:f0:fc:e4:
fe:90:3a:b3:c3:82:9a:74:b9:e9:a2:f1:f0:8f:e3:
98:20:a5:4b:ad:17:4f:c0:d9:61:a8:ba:a7:69:8b:
9d:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:3B:1A:24:AB:E8:0B:45:FF:AC:70:BD:D6:6A:17:C4:C7:F9:7B:7E
X509v3 Authority Key Identifier:
keyid:91:A1:17:3A:70:E4:1F:45:93:54:76:69:AD:A2:2F:0D:7F:68:F3:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kaEXOnDkH0WTVHZpraIvDX9o81Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/34e53f-6759-4cf5-9801-5d630e203fd5/1/kaEXOnDkH0WTVHZpraIvDX9o81Q.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/34e53f-6759-4cf5-9801-5d630e203fd5/1/kaEXOnDkH0WTVHZpraIvDX9o81Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
77:b7:70:93:e2:de:b1:a0:6f:71:ab:30:83:e3:76:b0:c2:90:
25:95:44:bb:c6:df:03:b0:2c:c3:74:b5:43:61:0a:9f:97:b4:
26:3d:33:ba:93:69:4a:da:d7:72:2d:6a:a6:15:97:15:dc:5d:
4b:82:d3:61:06:cb:0c:f7:5c:97:5a:14:97:60:6f:6a:72:a9:
96:51:fa:a5:19:5d:9a:95:05:1c:71:12:ec:19:54:30:4b:43:
c0:41:69:a2:d9:96:17:ce:35:1a:82:5a:b8:fd:b0:c6:e8:dc:
8e:99:e0:18:9c:a2:ef:3b:18:f2:ff:24:fe:b9:07:56:21:b3:
e9:98:d7:48:82:da:92:ee:37:a7:35:eb:c3:e1:9b:a0:8c:d0:
61:97:24:ad:54:66:e4:61:98:60:b7:3b:66:a0:8c:2d:2f:f2:
21:3a:b7:d8:7d:4f:9e:6a:d3:49:78:15:2e:6c:fb:27:d3:a8:
51:a7:7f:72:52:1f:5f:3e:7c:ea:b0:f9:c7:2b:47:14:55:d3:
3b:40:0c:fe:6f:fb:bc:88:ae:2d:f2:a3:48:12:fb:e5:5e:66:
d9:29:fc:91:6c:73:a3:0c:60:75:a8:57:34:b6:d1:5c:b0:42:
1d:91:4c:cc:db:e3:c9:09:30:01:90:3a:8e:38:a3:25:88:98:
d8:e6:dd:37
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Y9E6fsnboJNC9d5g5brVMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxYTExNzNhNzBlNDFmNDU5MzU0NzY2OWFkYTIyZjBkN2Y2
OGYzNTQwHhcNMjYwNDE3MDEwMDQwWhcNMjYwNDE4MDEwMDQwWjAzMTEwLwYDVQQD
EyhmNTNiMWEyNGFiZTgwYjQ1ZmZhYzcwYmRkNjZhMTdjNGM3Zjk3YjdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5hfksnSJNrq9Mfcc68NQxeCkQCPP
N6+wIq6Aml5MBu39pyiBfDjmEpcXtH8F9NmcL7D8bTKefAqujMosD80cRodXTsK6
Uc6RHYCOawfrx9GJrnrwzBm1zjLG7PTbpZjFuQ4p0Y4ZiGm0q+BjDNVe3vBjuiHH
xLXuSV8oGHWOjgMtlxLlv1FQoknDmDlQktjDhRxI0HHYtZChQSrQq/spYMD0ZuF6
nu+mYU5hsfmFZKpylmiUAlt+ZTXwAWDy9QWWxprGzs+CRAmxUrHFFgQ59+z2YfHJ
lHWyV5k0f6bw/OT+kDqzw4KadLnpovHwj+OYIKVLrRdPwNlhqLqnaYudkwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPU7GiSr6AtF/6xwvdZqF8TH+Xt+MB8GA1UdIwQY
MBaAFJGhFzpw5B9Fk1R2aa2iLw1/aPNUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2FFWE9uRGtIMFdUVkhacHJhSXZEWDlvODFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi8zNGU1M2YtNjc1OS00Y2Y1LTk4MDEt
NWQ2MzBlMjAzZmQ1LzEva2FFWE9uRGtIMFdUVkhacHJhSXZEWDlvODFRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi8zNGU1M2YtNjc1OS00Y2Y1LTk4MDEtNWQ2MzBlMjAzZmQ1
LzEva2FFWE9uRGtIMFdUVkhacHJhSXZEWDlvODFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAd7dwk+Le
saBvcaswg+N2sMKQJZVEu8bfA7Asw3S1Q2EKn5e0Jj0zupNpStrXci1qphWXFdxd
S4LTYQbLDPdcl1oUl2BvanKpllH6pRldmpUFHHES7BlUMEtDwEFpotmWF841GoJa
uP2wxujcjpngGJyi7zsY8v8k/rkHViGz6ZjXSILaku43pzXrw+GboIzQYZckrVRm
5GGYYLc7ZqCMLS/yITq32H1PnmrTSXgVLmz7J9OoUad/clIfXz586rD5xytHFFXT
O0AM/m/7vIiuLfKjSBL75V5m2Sn8kWxzowxgdahXNLbRXLBCHZFMzNvjyQkwAZA6
jjijJYiY2ObdNw==
-----END CERTIFICATE-----
Generated at Fri Apr 17 11:57:10 2026 by rpki-client