Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/a264a8-a666-4c87-851c-ada24ef310ca/1/rKKhlS5xiUSkBDSg6-__2iv-7V8.mft
File: rKKhlS5xiUSkBDSg6-__2iv-7V8.mft (raw, json)
Hash identifier: 4fiTv38v9KhAu9/ZU79MQ3xGPS1d19C3+5FWts2bfcs=
Subject key identifier: 31:85:61:63:DC:B7:81:74:45:0C:21:FC:C5:C4:12:4D:ED:DA:AA:CC
Authority key identifier: AC:A2:A1:95:2E:71:89:44:A4:04:34:A0:EB:EF:FF:DA:2B:FE:ED:5F
Certificate issuer: /CN=aca2a1952e718944a40434a0ebefffda2bfeed5f
Certificate serial: 019D9A06F3474F77E27C4E578896D5A86FC5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rKKhlS5xiUSkBDSg6-__2iv-7V8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/a264a8-a666-4c87-851c-ada24ef310ca/1/rKKhlS5xiUSkBDSg6-__2iv-7V8.mft
Manifest number: 157F
Signing time: Fri 17 Apr 2026 06:00:39 +0000
Manifest this update: Fri 17 Apr 2026 06:00:39 +0000
Manifest next update: Sat 18 Apr 2026 06:00:39 +0000
Files and hashes: 1: qtM2kctXnuJchmGpZkBYifDuRYk.roa (hash: ZfaEZVb7iupk65U466u1KICKWagoC63beOYY7AuNp38=)
2: rKKhlS5xiUSkBDSg6-__2iv-7V8.crl (hash: giGSLqyW44V5tw3Vzc8pww/DHW4AxD9s10VoW8ubEHY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/68/a264a8-a666-4c87-851c-ada24ef310ca/1/rKKhlS5xiUSkBDSg6-__2iv-7V8.crl
rsync://rpki.ripe.net/repository/DEFAULT/68/a264a8-a666-4c87-851c-ada24ef310ca/1/rKKhlS5xiUSkBDSg6-__2iv-7V8.mft
rsync://rpki.ripe.net/repository/DEFAULT/rKKhlS5xiUSkBDSg6-__2iv-7V8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 06:00:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9a:06:f3:47:4f:77:e2:7c:4e:57:88:96:d5:a8:6f:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aca2a1952e718944a40434a0ebefffda2bfeed5f
Validity
Not Before: Apr 17 06:00:39 2026 GMT
Not After : Apr 18 06:00:39 2026 GMT
Subject: CN=31856163dcb78174450c21fcc5c4124deddaaacc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:55:39:a6:d8:eb:47:db:3e:29:9d:d4:08:ba:
82:9d:02:4b:5d:84:e2:e6:58:ee:ce:0f:b9:f7:d4:
ad:3f:0f:7e:7f:80:f6:d0:d1:7c:83:1e:0d:73:d6:
c3:4d:4f:51:48:d6:fb:c3:7e:c7:53:37:01:32:06:
40:41:e0:92:5e:f7:ca:99:a1:12:58:b0:d7:61:19:
2b:a0:86:53:f3:5c:f8:20:26:ec:49:84:9c:34:5a:
5c:9b:24:a0:2f:d3:2a:99:b3:19:2a:59:27:3d:4e:
c9:96:58:09:40:e3:64:6d:56:5e:15:9a:e3:1e:fb:
db:a6:d1:08:b2:2f:67:c6:a5:67:ca:9c:7f:e9:9e:
bf:c0:46:d6:2d:da:7a:24:02:a1:fe:1c:bd:33:66:
21:a6:cb:7b:ae:74:46:9e:2c:61:8d:06:58:e2:fd:
02:2a:14:49:0b:ec:30:45:a8:72:05:89:3e:92:62:
70:03:80:3c:f5:7d:12:69:d6:22:14:c8:e0:aa:c9:
e9:4c:b9:57:ae:1b:b6:e3:17:53:30:ac:e6:df:09:
1d:a6:91:f2:4a:9e:43:77:93:6d:f8:13:3a:57:fc:
5d:0b:89:0a:43:b4:10:70:f6:a9:1e:00:47:71:c8:
cd:bd:50:a0:23:8e:c9:58:a0:41:55:56:7e:b1:5d:
c8:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:85:61:63:DC:B7:81:74:45:0C:21:FC:C5:C4:12:4D:ED:DA:AA:CC
X509v3 Authority Key Identifier:
keyid:AC:A2:A1:95:2E:71:89:44:A4:04:34:A0:EB:EF:FF:DA:2B:FE:ED:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rKKhlS5xiUSkBDSg6-__2iv-7V8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/a264a8-a666-4c87-851c-ada24ef310ca/1/rKKhlS5xiUSkBDSg6-__2iv-7V8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/a264a8-a666-4c87-851c-ada24ef310ca/1/rKKhlS5xiUSkBDSg6-__2iv-7V8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5a:83:3a:b7:ab:00:b5:6d:52:7c:29:eb:af:db:6d:87:45:9e:
25:8b:e5:6f:ac:8a:1e:93:ab:ae:62:91:1f:51:1f:d6:2e:f1:
54:e2:11:ce:da:bf:aa:25:2b:27:ee:48:e4:be:b3:de:70:f2:
2d:3e:85:19:3b:60:a9:f0:5d:c8:e2:92:e7:51:e5:8d:77:8f:
68:bd:06:7e:1f:db:da:28:b2:c9:a6:37:c1:a5:c1:8e:71:58:
44:7b:8f:e8:7f:70:d0:90:94:a5:95:9d:c2:0f:b1:a6:f7:db:
ff:48:01:de:84:45:ef:d4:23:60:6b:40:df:02:49:2a:e8:89:
4c:0b:8e:f3:2f:e6:37:97:e4:81:b9:36:a3:90:3d:df:4e:67:
ab:74:ea:3e:99:9b:85:4f:51:0d:3c:2c:04:da:58:44:e1:18:
4f:3f:d3:b1:85:a1:60:3b:17:09:02:0b:fd:10:28:c9:4a:35:
59:77:f2:2c:9f:76:a5:f1:ff:69:ce:7a:d6:dd:e5:6b:91:6f:
8b:eb:bb:9a:38:d2:c3:2c:dc:09:4c:16:b5:b5:1e:4c:0f:9f:
32:85:cf:ae:bb:79:87:41:8f:37:0d:0f:49:1b:2f:31:ef:9a:
74:2d:e9:66:a5:e9:12:fe:18:ad:58:dc:b5:a5:7f:22:43:a8:
7e:04:75:57
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2aBvNHT3fifE5XiJbVqG/FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjYTJhMTk1MmU3MTg5NDRhNDA0MzRhMGViZWZmZmRhMmJm
ZWVkNWYwHhcNMjYwNDE3MDYwMDM5WhcNMjYwNDE4MDYwMDM5WjAzMTEwLwYDVQQD
EygzMTg1NjE2M2RjYjc4MTc0NDUwYzIxZmNjNWM0MTI0ZGVkZGFhYWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0VU5ptjrR9s+KZ3UCLqCnQJLXYTi
5ljuzg+599StPw9+f4D20NF8gx4Nc9bDTU9RSNb7w37HUzcBMgZAQeCSXvfKmaES
WLDXYRkroIZT81z4ICbsSYScNFpcmySgL9MqmbMZKlknPU7JllgJQONkbVZeFZrj
HvvbptEIsi9nxqVnypx/6Z6/wEbWLdp6JAKh/hy9M2Yhpst7rnRGnixhjQZY4v0C
KhRJC+wwRahyBYk+kmJwA4A89X0SadYiFMjgqsnpTLlXrhu24xdTMKzm3wkdppHy
Sp5Dd5Nt+BM6V/xdC4kKQ7QQcPapHgBHccjNvVCgI47JWKBBVVZ+sV3I/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDGFYWPct4F0RQwh/MXEEk3t2qrMMB8GA1UdIwQY
MBaAFKyioZUucYlEpAQ0oOvv/9or/u1fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcktLaGxTNXhpVVNrQkRTZzYtX18yaXYtN1Y4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC9hMjY0YTgtYTY2Ni00Yzg3LTg1MWMt
YWRhMjRlZjMxMGNhLzEvcktLaGxTNXhpVVNrQkRTZzYtX18yaXYtN1Y4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC9hMjY0YTgtYTY2Ni00Yzg3LTg1MWMtYWRhMjRlZjMxMGNh
LzEvcktLaGxTNXhpVVNrQkRTZzYtX18yaXYtN1Y4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWoM6t6sA
tW1SfCnrr9tth0WeJYvlb6yKHpOrrmKRH1Ef1i7xVOIRztq/qiUrJ+5I5L6z3nDy
LT6FGTtgqfBdyOKS51HljXePaL0Gfh/b2iiyyaY3waXBjnFYRHuP6H9w0JCUpZWd
wg+xpvfb/0gB3oRF79QjYGtA3wJJKuiJTAuO8y/mN5fkgbk2o5A9305nq3TqPpmb
hU9RDTwsBNpYROEYTz/TsYWhYDsXCQIL/RAoyUo1WXfyLJ92pfH/ac561t3la5Fv
i+u7mjjSwyzcCUwWtbUeTA+fMoXPrrt5h0GPNw0PSRsvMe+adC3pZqXpEv4YrVjc
taV/IkOofgR1Vw==
-----END CERTIFICATE-----
Generated at Fri Apr 17 10:36:51 2026 by rpki-client