Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/2d4818-f182-4b46-9e8c-0827961c05e0/1/rKbwaDzHS63SOoFAw4XxyBziTfc.mft
File: rKbwaDzHS63SOoFAw4XxyBziTfc.mft (raw, json)
Hash identifier: UUa//Pu3FKXs9ciFcsjQ6RIpemwuEvr7jNpzYbcllPM=
Subject key identifier: A1:DE:56:52:F3:39:23:CE:53:EE:25:C9:69:D2:8D:26:0D:E5:9A:40
Authority key identifier: AC:A6:F0:68:3C:C7:4B:AD:D2:3A:81:40:C3:85:F1:C8:1C:E2:4D:F7
Certificate issuer: /CN=aca6f0683cc74badd23a8140c385f1c81ce24df7
Certificate serial: 019CAD5A5F067EFC3260E87B3B47059A33C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rKbwaDzHS63SOoFAw4XxyBziTfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/2d4818-f182-4b46-9e8c-0827961c05e0/1/rKbwaDzHS63SOoFAw4XxyBziTfc.mft
Manifest number: 0EF0
Signing time: Mon 02 Mar 2026 07:01:46 +0000
Manifest this update: Mon 02 Mar 2026 07:01:46 +0000
Manifest next update: Tue 03 Mar 2026 07:01:46 +0000
Files and hashes: 1: Hl-oGjMEXSHh22tv7GvQWauR6Ls.roa (hash: k0kjDMHyxNG6XHvsH8YWl0QTbYb+WeHWx5ruPE+qWhs=)
2: rKbwaDzHS63SOoFAw4XxyBziTfc.crl (hash: rNkC6sU9XTRLmRmHqNV4IQn5e67oetjdwpBgCAZ/JfA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/31/2d4818-f182-4b46-9e8c-0827961c05e0/1/rKbwaDzHS63SOoFAw4XxyBziTfc.crl
rsync://rpki.ripe.net/repository/DEFAULT/31/2d4818-f182-4b46-9e8c-0827961c05e0/1/rKbwaDzHS63SOoFAw4XxyBziTfc.mft
rsync://rpki.ripe.net/repository/DEFAULT/rKbwaDzHS63SOoFAw4XxyBziTfc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 07:01:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ad:5a:5f:06:7e:fc:32:60:e8:7b:3b:47:05:9a:33:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aca6f0683cc74badd23a8140c385f1c81ce24df7
Validity
Not Before: Mar 2 07:01:46 2026 GMT
Not After : Mar 3 07:01:46 2026 GMT
Subject: CN=a1de5652f33923ce53ee25c969d28d260de59a40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:b8:fe:7c:09:7c:8d:d0:50:6a:06:cf:68:12:
74:8a:7a:bb:c4:13:10:50:b5:c3:84:b5:84:b5:ca:
ed:3f:61:12:d9:2a:2e:04:43:7f:3f:48:a7:8c:35:
0c:07:cf:32:39:e4:1a:98:f4:c9:9f:94:66:3c:05:
22:66:0a:d1:ee:79:a1:6f:d4:a6:b4:9e:a9:05:86:
46:cf:65:9d:36:0e:06:0a:39:ad:18:52:27:c8:f1:
47:5e:a7:7d:41:00:f1:4c:e3:62:17:cc:37:39:30:
13:f8:6a:24:5d:b0:a6:9c:33:c9:f1:47:2a:74:88:
e5:39:f7:58:b2:16:78:4e:80:da:87:65:a7:a7:53:
8f:fe:b7:ac:4f:e5:57:fe:4a:02:7a:50:30:32:90:
44:2a:4e:49:37:c7:ca:fe:5f:55:5c:07:3a:68:dd:
e9:da:39:4c:b5:ae:e9:b5:2b:38:c4:b3:f0:0e:19:
3c:1f:e1:2d:06:8b:ad:75:2d:4e:2e:37:df:ae:46:
90:26:e9:8c:c8:02:57:b2:5c:32:94:df:9f:87:0c:
06:6c:94:6c:4f:09:2a:61:fa:0c:c5:df:ad:b2:d8:
a2:2a:cd:dc:9f:9b:ec:08:b1:8d:44:51:74:87:8f:
40:5c:03:db:04:7a:1b:05:94:6f:7a:9b:e4:eb:2f:
44:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:DE:56:52:F3:39:23:CE:53:EE:25:C9:69:D2:8D:26:0D:E5:9A:40
X509v3 Authority Key Identifier:
keyid:AC:A6:F0:68:3C:C7:4B:AD:D2:3A:81:40:C3:85:F1:C8:1C:E2:4D:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rKbwaDzHS63SOoFAw4XxyBziTfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/2d4818-f182-4b46-9e8c-0827961c05e0/1/rKbwaDzHS63SOoFAw4XxyBziTfc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/2d4818-f182-4b46-9e8c-0827961c05e0/1/rKbwaDzHS63SOoFAw4XxyBziTfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0b:95:17:97:75:7d:80:1a:e7:11:c4:1c:44:7f:5b:01:38:31:
96:4b:04:26:7d:66:c1:66:11:5f:db:89:e6:ac:c8:2a:2a:b6:
ea:a9:6e:13:eb:c2:17:50:88:7f:80:d2:77:a7:01:00:b4:d2:
8d:26:54:97:ae:76:fc:b0:2f:14:1d:3b:0c:61:fe:02:2d:e1:
c8:f5:ef:6b:92:0d:48:5a:66:38:6d:87:4c:a8:53:b0:55:d6:
43:e9:58:13:6f:33:b6:0e:8f:c5:ae:7e:3e:cc:0e:ad:ad:81:
e1:a8:24:9c:1d:78:77:ed:c7:8c:37:5b:76:53:53:61:83:b1:
a2:05:64:39:1c:22:df:57:c5:68:76:5b:c5:fc:fb:1c:d0:71:
f1:29:77:62:2b:2d:1c:6b:0e:a7:6e:2d:16:66:d7:e2:66:87:
3b:52:de:fa:65:02:6a:95:da:c4:f7:90:41:2a:ca:10:fb:f2:
e7:97:25:37:6d:b0:f8:b8:0b:10:66:4f:17:46:e1:88:7a:27:
bc:7a:67:07:97:e3:72:8f:2b:70:c7:51:4c:c0:2a:23:04:fc:
76:4b:84:41:58:ac:ab:ef:98:5e:51:ea:e0:06:6f:f3:bb:39:
86:af:c3:56:02:f8:87:12:3d:c1:6b:7f:59:ca:78:f1:8f:65:
3a:c8:15:59
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytWl8GfvwyYOh7O0cFmjPFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjYTZmMDY4M2NjNzRiYWRkMjNhODE0MGMzODVmMWM4MWNl
MjRkZjcwHhcNMjYwMzAyMDcwMTQ2WhcNMjYwMzAzMDcwMTQ2WjAzMTEwLwYDVQQD
EyhhMWRlNTY1MmYzMzkyM2NlNTNlZTI1Yzk2OWQyOGQyNjBkZTU5YTQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAirj+fAl8jdBQagbPaBJ0inq7xBMQ
ULXDhLWEtcrtP2ES2SouBEN/P0injDUMB88yOeQamPTJn5RmPAUiZgrR7nmhb9Sm
tJ6pBYZGz2WdNg4GCjmtGFInyPFHXqd9QQDxTONiF8w3OTAT+GokXbCmnDPJ8Ucq
dIjlOfdYshZ4ToDah2Wnp1OP/resT+VX/koCelAwMpBEKk5JN8fK/l9VXAc6aN3p
2jlMta7ptSs4xLPwDhk8H+EtBoutdS1OLjffrkaQJumMyAJXslwylN+fhwwGbJRs
TwkqYfoMxd+tstiiKs3cn5vsCLGNRFF0h49AXAPbBHobBZRvepvk6y9ELQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKHeVlLzOSPOU+4lyWnSjSYN5ZpAMB8GA1UdIwQY
MBaAFKym8Gg8x0ut0jqBQMOF8cgc4k33MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcktid2FEekhTNjNTT29GQXc0WHh5QnppVGZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS8yZDQ4MTgtZjE4Mi00YjQ2LTllOGMt
MDgyNzk2MWMwNWUwLzEvcktid2FEekhTNjNTT29GQXc0WHh5QnppVGZjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS8yZDQ4MTgtZjE4Mi00YjQ2LTllOGMtMDgyNzk2MWMwNWUw
LzEvcktid2FEekhTNjNTT29GQXc0WHh5QnppVGZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAC5UXl3V9
gBrnEcQcRH9bATgxlksEJn1mwWYRX9uJ5qzIKiq26qluE+vCF1CIf4DSd6cBALTS
jSZUl652/LAvFB07DGH+Ai3hyPXva5INSFpmOG2HTKhTsFXWQ+lYE28ztg6Pxa5+
PswOra2B4agknB14d+3HjDdbdlNTYYOxogVkORwi31fFaHZbxfz7HNBx8Sl3Yist
HGsOp24tFmbX4maHO1Le+mUCapXaxPeQQSrKEPvy55clN22w+LgLEGZPF0bhiHon
vHpnB5fjco8rcMdRTMAqIwT8dkuEQVisq++YXlHq4AZv87s5hq/DVgL4hxI9wWt/
Wcp48Y9lOsgVWQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 14:14:19 2026 by rpki-client