Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/06ca5d-d0c4-4215-8968-b6d4c4fc0c21/1/kMuqazbmzWh0x47UWk-N1xcwMdk.mft
File: kMuqazbmzWh0x47UWk-N1xcwMdk.mft (raw, json)
Hash identifier: RTToi39WharUwlH3Ky18zvFH6JC0K13a2N23aHmgPA4=
Subject key identifier: 00:CE:7E:21:DB:34:C2:20:C7:BE:21:84:CF:E7:73:AE:C5:54:1D:E9
Authority key identifier: 90:CB:AA:6B:36:E6:CD:68:74:C7:8E:D4:5A:4F:8D:D7:17:30:31:D9
Certificate issuer: /CN=90cbaa6b36e6cd6874c78ed45a4f8dd7173031d9
Certificate serial: 019CAE6BE04532538382FC6493B5520AEA6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kMuqazbmzWh0x47UWk-N1xcwMdk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/06ca5d-d0c4-4215-8968-b6d4c4fc0c21/1/kMuqazbmzWh0x47UWk-N1xcwMdk.mft
Manifest number: 0DB9
Signing time: Mon 02 Mar 2026 12:00:31 +0000
Manifest this update: Mon 02 Mar 2026 12:00:31 +0000
Manifest next update: Tue 03 Mar 2026 12:00:31 +0000
Files and hashes: 1: kMuqazbmzWh0x47UWk-N1xcwMdk.crl (hash: d/xO3tbRKKpyAiYLlxkVZon7EyKHsz1Ep1rSjDyy8ig=)
2: pMXoRrm1A-T70xPjALrZ4oMq61E.roa (hash: FsTM7joUHNqdKecmC2zVhM+EhuHDUQROQu4Azrsbbr0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/37/06ca5d-d0c4-4215-8968-b6d4c4fc0c21/1/kMuqazbmzWh0x47UWk-N1xcwMdk.crl
rsync://rpki.ripe.net/repository/DEFAULT/37/06ca5d-d0c4-4215-8968-b6d4c4fc0c21/1/kMuqazbmzWh0x47UWk-N1xcwMdk.mft
rsync://rpki.ripe.net/repository/DEFAULT/kMuqazbmzWh0x47UWk-N1xcwMdk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 12:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ae:6b:e0:45:32:53:83:82:fc:64:93:b5:52:0a:ea:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90cbaa6b36e6cd6874c78ed45a4f8dd7173031d9
Validity
Not Before: Mar 2 12:00:31 2026 GMT
Not After : Mar 3 12:00:31 2026 GMT
Subject: CN=00ce7e21db34c220c7be2184cfe773aec5541de9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:ea:f2:f9:8b:47:4a:75:05:04:1c:4d:83:34:
09:d0:11:00:73:af:14:75:05:3a:a1:bd:03:cf:ee:
b4:29:5c:0d:73:16:28:85:33:08:56:21:ee:70:79:
30:e9:ba:41:f9:6a:b9:3b:f6:21:5d:5e:1c:0f:7c:
8c:33:31:3b:51:a6:7a:e7:01:1c:2b:bb:77:ef:7c:
22:fc:8d:b5:f3:2d:09:ec:4e:95:b6:c8:c5:3e:cf:
0c:34:8a:de:fa:b5:3c:9a:94:3c:dd:4d:0b:43:e6:
19:ea:0f:6e:03:e9:10:89:3c:eb:37:12:20:37:5a:
f0:64:a3:2a:ae:37:81:b4:d7:18:57:74:74:9f:df:
8b:d5:0f:da:f6:16:9c:cd:6c:4f:32:b9:f9:6e:23:
ba:aa:13:1e:fa:9c:6f:88:bc:8e:c8:35:15:2b:36:
9e:89:c9:6d:d5:53:6d:d8:bb:d3:e5:12:2f:c8:16:
81:ce:c5:82:ba:f0:3b:c4:63:24:61:68:3b:87:82:
4b:72:0e:98:0f:7a:a8:a0:f9:6a:7f:22:95:96:37:
9f:63:a5:d9:ef:17:ce:f3:ea:93:22:f5:c3:80:e4:
ff:1a:71:fa:24:2c:46:ae:f8:66:c3:bb:1a:94:f7:
9d:df:80:01:01:be:59:d6:a1:ab:df:94:9c:52:4f:
52:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:CE:7E:21:DB:34:C2:20:C7:BE:21:84:CF:E7:73:AE:C5:54:1D:E9
X509v3 Authority Key Identifier:
keyid:90:CB:AA:6B:36:E6:CD:68:74:C7:8E:D4:5A:4F:8D:D7:17:30:31:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kMuqazbmzWh0x47UWk-N1xcwMdk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/06ca5d-d0c4-4215-8968-b6d4c4fc0c21/1/kMuqazbmzWh0x47UWk-N1xcwMdk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/06ca5d-d0c4-4215-8968-b6d4c4fc0c21/1/kMuqazbmzWh0x47UWk-N1xcwMdk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1c:b3:fc:64:34:18:60:7f:99:db:bc:02:9c:94:78:20:b5:0f:
59:e6:b7:ee:84:05:6c:fa:c1:b7:26:ed:a5:06:a4:63:ed:92:
46:84:78:9a:46:5a:33:46:85:3f:df:d9:8d:d9:e5:9e:92:d2:
83:5a:0d:82:f7:19:a5:4d:1c:84:d4:c7:df:4d:d8:92:ae:3b:
1c:ee:58:ba:d9:29:81:be:e1:54:a2:41:40:30:df:92:5a:ae:
a9:bd:98:d8:64:ac:e7:c7:85:07:d5:14:4a:b5:7c:23:a2:f0:
f7:56:12:5b:08:d4:9c:27:10:70:2b:e6:39:e1:75:2f:f1:14:
72:1d:01:38:33:96:72:dc:31:bb:0f:9d:b8:5a:c2:76:0c:87:
8a:da:30:a5:40:f9:c8:c2:ca:bc:18:26:65:b5:64:f2:07:de:
27:ab:f7:4c:1a:fb:ba:4f:db:8d:39:9f:50:53:9c:09:c3:42:
2b:91:11:34:e3:76:65:95:bc:57:4a:b3:ae:76:4f:6c:03:f7:
a2:0a:2a:d8:d6:b0:a2:2c:15:f7:28:e8:a0:7c:99:27:93:07:
78:b1:ec:9d:16:dc:6d:7a:57:f6:d2:d3:4e:d3:2d:75:89:2e:
69:9e:5d:ae:72:19:58:96:b9:05:86:01:1d:02:30:20:38:64:
aa:e7:21:b9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyua+BFMlODgvxkk7VSCupsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwY2JhYTZiMzZlNmNkNjg3NGM3OGVkNDVhNGY4ZGQ3MTcz
MDMxZDkwHhcNMjYwMzAyMTIwMDMxWhcNMjYwMzAzMTIwMDMxWjAzMTEwLwYDVQQD
EygwMGNlN2UyMWRiMzRjMjIwYzdiZTIxODRjZmU3NzNhZWM1NTQxZGU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx+ry+YtHSnUFBBxNgzQJ0BEAc68U
dQU6ob0Dz+60KVwNcxYohTMIViHucHkw6bpB+Wq5O/YhXV4cD3yMMzE7UaZ65wEc
K7t373wi/I218y0J7E6VtsjFPs8MNIre+rU8mpQ83U0LQ+YZ6g9uA+kQiTzrNxIg
N1rwZKMqrjeBtNcYV3R0n9+L1Q/a9haczWxPMrn5biO6qhMe+pxviLyOyDUVKzae
iclt1VNt2LvT5RIvyBaBzsWCuvA7xGMkYWg7h4JLcg6YD3qooPlqfyKVljefY6XZ
7xfO8+qTIvXDgOT/GnH6JCxGrvhmw7salPed34ABAb5Z1qGr35ScUk9S6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFADOfiHbNMIgx74hhM/nc67FVB3pMB8GA1UdIwQY
MBaAFJDLqms25s1odMeO1FpPjdcXMDHZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva011cWF6Ym16V2gweDQ3VVdrLU4xeGN3TWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy8wNmNhNWQtZDBjNC00MjE1LTg5Njgt
YjZkNGM0ZmMwYzIxLzEva011cWF6Ym16V2gweDQ3VVdrLU4xeGN3TWRrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy8wNmNhNWQtZDBjNC00MjE1LTg5NjgtYjZkNGM0ZmMwYzIx
LzEva011cWF6Ym16V2gweDQ3VVdrLU4xeGN3TWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHLP8ZDQY
YH+Z27wCnJR4ILUPWea37oQFbPrBtybtpQakY+2SRoR4mkZaM0aFP9/ZjdnlnpLS
g1oNgvcZpU0chNTH303Ykq47HO5Yutkpgb7hVKJBQDDfklquqb2Y2GSs58eFB9UU
SrV8I6Lw91YSWwjUnCcQcCvmOeF1L/EUch0BODOWctwxuw+duFrCdgyHitowpUD5
yMLKvBgmZbVk8gfeJ6v3TBr7uk/bjTmfUFOcCcNCK5ERNON2ZZW8V0qzrnZPbAP3
ogoq2NawoiwV9yjooHyZJ5MHeLHsnRbcbXpX9tLTTtMtdYkuaZ5drnIZWJa5BYYB
HQIwIDhkquchuQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 21:10:53 2026 by rpki-client