Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/a264a8-a666-4c87-851c-ada24ef310ca/1/rKKhlS5xiUSkBDSg6-__2iv-7V8.mft
File: rKKhlS5xiUSkBDSg6-__2iv-7V8.mft (raw, json)
Hash identifier: A/bqHOFmQVvZfMDpU9NjG90a85JRE169Mc7GRs/6ijk=
Subject key identifier: BE:A7:DE:F5:F0:AB:2E:1B:3F:3D:06:21:B7:4A:22:C0:5B:15:4D:3F
Authority key identifier: AC:A2:A1:95:2E:71:89:44:A4:04:34:A0:EB:EF:FF:DA:2B:FE:ED:5F
Certificate issuer: /CN=aca2a1952e718944a40434a0ebefffda2bfeed5f
Certificate serial: 019CAA8FF2F634A9973FA8D85EAAAA29C5EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rKKhlS5xiUSkBDSg6-__2iv-7V8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/a264a8-a666-4c87-851c-ada24ef310ca/1/rKKhlS5xiUSkBDSg6-__2iv-7V8.mft
Manifest number: 1503
Signing time: Sun 01 Mar 2026 18:01:26 +0000
Manifest this update: Sun 01 Mar 2026 18:01:26 +0000
Manifest next update: Mon 02 Mar 2026 18:01:26 +0000
Files and hashes: 1: qtM2kctXnuJchmGpZkBYifDuRYk.roa (hash: ZfaEZVb7iupk65U466u1KICKWagoC63beOYY7AuNp38=)
2: rKKhlS5xiUSkBDSg6-__2iv-7V8.crl (hash: ijTLF7e6UlVegNBy3GIGX/M/QneXnhTl1NnuA+IVoYU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/68/a264a8-a666-4c87-851c-ada24ef310ca/1/rKKhlS5xiUSkBDSg6-__2iv-7V8.crl
rsync://rpki.ripe.net/repository/DEFAULT/68/a264a8-a666-4c87-851c-ada24ef310ca/1/rKKhlS5xiUSkBDSg6-__2iv-7V8.mft
rsync://rpki.ripe.net/repository/DEFAULT/rKKhlS5xiUSkBDSg6-__2iv-7V8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:aa:8f:f2:f6:34:a9:97:3f:a8:d8:5e:aa:aa:29:c5:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aca2a1952e718944a40434a0ebefffda2bfeed5f
Validity
Not Before: Mar 1 18:01:26 2026 GMT
Not After : Mar 2 18:01:26 2026 GMT
Subject: CN=bea7def5f0ab2e1b3f3d0621b74a22c05b154d3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:50:d3:f7:b4:c6:53:5e:e8:92:f3:bd:f6:a7:
1b:a0:16:20:ee:4e:b8:1c:55:21:67:a4:97:22:ea:
06:c1:52:f2:c3:3c:76:d8:ac:6d:7c:42:6d:17:b7:
26:ce:10:20:c0:95:53:48:e0:b5:c6:1e:a4:d5:81:
d3:e5:0a:15:37:59:37:d1:db:29:f5:30:6b:40:91:
26:49:ef:35:cc:cd:04:3d:46:1a:94:9a:90:07:ea:
64:06:03:c5:8a:e2:dd:45:69:d8:19:2c:17:26:87:
9b:0f:ae:60:d2:68:b6:d9:d5:20:de:6f:5e:62:d4:
db:ef:fd:01:3d:09:09:fe:97:e2:3c:6c:80:34:20:
d2:e0:10:6e:bd:93:e5:62:d7:ec:14:b2:6d:20:28:
25:3f:0a:e3:44:3d:8c:f6:17:9a:6a:0a:1e:07:ea:
17:8b:a0:7e:7e:e0:d4:a3:84:8f:35:7a:d2:3b:b8:
5d:5c:6a:2f:99:ea:02:21:5e:cc:6d:18:01:8e:3e:
f3:4a:db:e7:cc:41:cd:ff:8c:90:d5:80:8a:8d:2d:
3b:b5:ef:20:46:c8:1e:dc:9a:54:11:27:6c:98:c9:
c4:65:3e:cc:fa:1a:4f:28:ee:ee:b3:cc:f6:64:70:
5b:a4:bc:50:bf:e6:13:9f:c2:b5:f4:6d:83:3a:56:
cb:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:A7:DE:F5:F0:AB:2E:1B:3F:3D:06:21:B7:4A:22:C0:5B:15:4D:3F
X509v3 Authority Key Identifier:
keyid:AC:A2:A1:95:2E:71:89:44:A4:04:34:A0:EB:EF:FF:DA:2B:FE:ED:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rKKhlS5xiUSkBDSg6-__2iv-7V8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/a264a8-a666-4c87-851c-ada24ef310ca/1/rKKhlS5xiUSkBDSg6-__2iv-7V8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/a264a8-a666-4c87-851c-ada24ef310ca/1/rKKhlS5xiUSkBDSg6-__2iv-7V8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
de:40:de:87:41:90:94:72:30:1c:fe:91:a9:39:95:4e:95:83:
c6:e1:39:77:52:f1:1e:12:71:7c:ca:d6:95:ee:a9:03:33:3b:
45:63:0d:d0:0d:5d:bd:b1:c0:38:61:0d:98:6e:30:40:7f:ab:
be:8e:53:4e:a5:0d:70:00:1d:17:81:71:31:41:93:01:ec:15:
0f:be:39:a4:cd:b8:39:bf:c4:d8:ac:ce:4e:d1:ef:19:b4:6d:
d9:c6:55:e5:5f:2a:8a:d9:01:25:1b:82:3b:97:d5:00:3b:5e:
59:cd:ed:20:06:15:ef:69:d9:2e:77:73:c7:65:f3:0a:33:d9:
5c:fd:c2:e4:b0:c6:8f:30:4e:d6:95:c9:5e:38:7b:d7:66:cd:
a1:0b:a9:11:ec:f7:71:eb:a4:5e:1d:3f:a0:53:3a:92:04:15:
d6:e4:ec:02:86:d6:56:a7:a6:17:85:db:fb:bf:9f:f3:a1:eb:
5e:2c:b4:f4:db:74:1c:b7:8a:a5:64:f0:31:50:2d:55:89:d6:
db:b2:ca:9b:fd:d6:f6:9e:3c:a9:9f:08:13:66:f0:f0:08:d4:
60:96:de:1a:3e:c1:87:52:51:5a:08:eb:62:a3:98:4a:8f:81:
2a:fb:bc:b1:ca:fb:be:69:24:51:1f:aa:01:22:a7:9a:17:da:
26:f9:11:84
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqj/L2NKmXP6jYXqqqKcXrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjYTJhMTk1MmU3MTg5NDRhNDA0MzRhMGViZWZmZmRhMmJm
ZWVkNWYwHhcNMjYwMzAxMTgwMTI2WhcNMjYwMzAyMTgwMTI2WjAzMTEwLwYDVQQD
EyhiZWE3ZGVmNWYwYWIyZTFiM2YzZDA2MjFiNzRhMjJjMDViMTU0ZDNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2FDT97TGU17okvO99qcboBYg7k64
HFUhZ6SXIuoGwVLywzx22KxtfEJtF7cmzhAgwJVTSOC1xh6k1YHT5QoVN1k30dsp
9TBrQJEmSe81zM0EPUYalJqQB+pkBgPFiuLdRWnYGSwXJoebD65g0mi22dUg3m9e
YtTb7/0BPQkJ/pfiPGyANCDS4BBuvZPlYtfsFLJtICglPwrjRD2M9heaagoeB+oX
i6B+fuDUo4SPNXrSO7hdXGovmeoCIV7MbRgBjj7zStvnzEHN/4yQ1YCKjS07te8g
Rsge3JpUESdsmMnEZT7M+hpPKO7us8z2ZHBbpLxQv+YTn8K19G2DOlbLQwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL6n3vXwqy4bPz0GIbdKIsBbFU0/MB8GA1UdIwQY
MBaAFKyioZUucYlEpAQ0oOvv/9or/u1fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcktLaGxTNXhpVVNrQkRTZzYtX18yaXYtN1Y4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC9hMjY0YTgtYTY2Ni00Yzg3LTg1MWMt
YWRhMjRlZjMxMGNhLzEvcktLaGxTNXhpVVNrQkRTZzYtX18yaXYtN1Y4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC9hMjY0YTgtYTY2Ni00Yzg3LTg1MWMtYWRhMjRlZjMxMGNh
LzEvcktLaGxTNXhpVVNrQkRTZzYtX18yaXYtN1Y4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA3kDeh0GQ
lHIwHP6RqTmVTpWDxuE5d1LxHhJxfMrWle6pAzM7RWMN0A1dvbHAOGENmG4wQH+r
vo5TTqUNcAAdF4FxMUGTAewVD745pM24Ob/E2KzOTtHvGbRt2cZV5V8qitkBJRuC
O5fVADteWc3tIAYV72nZLndzx2XzCjPZXP3C5LDGjzBO1pXJXjh712bNoQupEez3
ceukXh0/oFM6kgQV1uTsAobWVqemF4Xb+7+f86HrXiy09Nt0HLeKpWTwMVAtVYnW
27LKm/3W9p48qZ8IE2bw8AjUYJbeGj7Bh1JRWgjrYqOYSo+BKvu8scr7vmkkUR+q
ASKnmhfaJvkRhA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 03:28:06 2026 by rpki-client