Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/d2ff5b-0008-4572-9380-976c04bdf18f/1/KeoL3n9pK8X9wLFoumFKAnLy5k0.mft
File: KeoL3n9pK8X9wLFoumFKAnLy5k0.mft (raw, json)
Hash identifier: yKvuq0lzz7zcnOJk+Lk94Qnu6rtZmQ53YuwQegODxVU=
Subject key identifier: A1:2A:4E:52:A2:D2:DA:5E:9E:25:51:A7:75:BF:49:74:95:2B:CC:05
Authority key identifier: 29:EA:0B:DE:7F:69:2B:C5:FD:C0:B1:68:BA:61:4A:02:72:F2:E6:4D
Certificate issuer: /CN=29ea0bde7f692bc5fdc0b168ba614a0272f2e64d
Certificate serial: 019CAD23010949EBCD95360B71A6C3E8C1E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KeoL3n9pK8X9wLFoumFKAnLy5k0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/d2ff5b-0008-4572-9380-976c04bdf18f/1/KeoL3n9pK8X9wLFoumFKAnLy5k0.mft
Manifest number: 0EB2
Signing time: Mon 02 Mar 2026 06:01:18 +0000
Manifest this update: Mon 02 Mar 2026 06:01:18 +0000
Manifest next update: Tue 03 Mar 2026 06:01:18 +0000
Files and hashes: 1: AoiLP-aKiV68_RegC3FR8BLmoTY.roa (hash: cAZegRRMeuO3/yO4SqdfyQYoOuuZTcc84vu6Tr6LRDs=)
2: KeoL3n9pK8X9wLFoumFKAnLy5k0.crl (hash: D4t0Gv6f+hJDhEkYOLyNcPJ06HWKZ5e51/1pjHnP4AI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/d2ff5b-0008-4572-9380-976c04bdf18f/1/KeoL3n9pK8X9wLFoumFKAnLy5k0.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/d2ff5b-0008-4572-9380-976c04bdf18f/1/KeoL3n9pK8X9wLFoumFKAnLy5k0.mft
rsync://rpki.ripe.net/repository/DEFAULT/KeoL3n9pK8X9wLFoumFKAnLy5k0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ad:23:01:09:49:eb:cd:95:36:0b:71:a6:c3:e8:c1:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29ea0bde7f692bc5fdc0b168ba614a0272f2e64d
Validity
Not Before: Mar 2 06:01:18 2026 GMT
Not After : Mar 3 06:01:18 2026 GMT
Subject: CN=a12a4e52a2d2da5e9e2551a775bf4974952bcc05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:57:05:12:bc:20:36:4a:69:0f:b5:84:e8:f6:
3e:e8:52:83:19:68:f9:34:a0:df:b3:4c:1e:f3:71:
35:85:ea:0e:7f:10:bc:ea:da:f9:d5:c9:75:d9:06:
fa:d0:2e:02:61:d6:7e:c7:3a:d4:b5:be:8a:d0:cd:
20:a5:d5:0f:91:67:2a:60:f0:6f:12:bd:fa:7b:79:
73:d0:59:f5:94:83:ee:12:ff:5e:1a:b1:8c:dd:12:
b6:fb:88:39:c7:b8:b2:01:c1:8d:e4:d9:2b:dd:21:
24:4c:f5:5a:d1:df:e9:f5:85:fa:f7:c0:bf:4f:0a:
99:3d:27:89:51:13:1e:a9:07:ed:a0:4a:ce:55:f4:
a5:73:c4:07:c8:98:0f:39:60:a0:d4:c0:48:75:ac:
67:9d:1d:ec:cb:9f:e5:51:fe:31:9d:03:91:50:8f:
ca:c5:26:ec:02:a8:7f:d9:e8:6f:8b:15:a8:24:17:
ff:a1:cc:31:44:aa:02:a1:72:75:07:da:b5:17:44:
4e:5b:b5:95:67:6b:6c:2c:55:60:a3:b3:af:74:85:
47:62:25:ae:c8:2d:fd:76:a5:a7:07:fe:fd:1a:30:
27:ab:07:2f:68:02:90:64:40:ee:b2:e1:ec:29:f5:
11:ae:ea:47:18:c4:bf:4e:fc:be:95:19:47:e9:18:
fa:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:2A:4E:52:A2:D2:DA:5E:9E:25:51:A7:75:BF:49:74:95:2B:CC:05
X509v3 Authority Key Identifier:
keyid:29:EA:0B:DE:7F:69:2B:C5:FD:C0:B1:68:BA:61:4A:02:72:F2:E6:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KeoL3n9pK8X9wLFoumFKAnLy5k0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/d2ff5b-0008-4572-9380-976c04bdf18f/1/KeoL3n9pK8X9wLFoumFKAnLy5k0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/d2ff5b-0008-4572-9380-976c04bdf18f/1/KeoL3n9pK8X9wLFoumFKAnLy5k0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5b:1e:58:ca:a8:ad:56:57:9f:13:83:7a:98:34:de:f9:2b:b1:
34:27:56:71:5e:bd:02:35:31:24:86:2e:26:70:d7:cc:ea:10:
9d:af:44:7d:d6:07:40:c9:a2:3a:74:db:79:58:a9:81:20:52:
ba:38:14:0a:37:12:32:7f:7a:12:72:39:9b:f1:bf:bc:b6:ba:
dc:8d:dc:41:45:3c:9d:f8:d7:57:3d:3b:01:fa:a0:9b:f7:a0:
b3:af:1a:c5:8b:f1:41:74:cd:ab:0f:67:4b:58:3d:8a:55:76:
1e:2e:9a:f7:9a:a3:cc:cc:d4:d6:04:fe:49:5e:77:04:e7:c1:
f8:3b:97:28:39:16:7b:81:91:46:4a:ba:e8:ff:96:ad:cb:63:
c1:d3:2b:85:41:05:f5:c3:c0:d0:88:af:f4:3d:d2:d8:5c:4a:
76:75:82:30:d7:64:de:bf:71:40:b8:5a:5c:f1:2c:12:18:d3:
f5:90:7f:44:08:4d:4c:ad:02:86:00:37:8b:09:70:de:64:33:
24:2c:13:c8:61:e0:fc:26:81:b9:b9:19:e6:4d:dd:05:00:6c:
31:71:35:be:64:3f:0c:44:f4:ae:bd:86:ad:3c:8d:3f:93:5d:
1d:ab:c8:12:2d:02:d9:46:d5:de:07:27:08:84:69:d5:16:bf:
1d:54:6b:36
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytIwEJSevNlTYLcabD6MHpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZWEwYmRlN2Y2OTJiYzVmZGMwYjE2OGJhNjE0YTAyNzJm
MmU2NGQwHhcNMjYwMzAyMDYwMTE4WhcNMjYwMzAzMDYwMTE4WjAzMTEwLwYDVQQD
EyhhMTJhNGU1MmEyZDJkYTVlOWUyNTUxYTc3NWJmNDk3NDk1MmJjYzA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2lcFErwgNkppD7WE6PY+6FKDGWj5
NKDfs0we83E1heoOfxC86tr51cl12Qb60C4CYdZ+xzrUtb6K0M0gpdUPkWcqYPBv
Er36e3lz0Fn1lIPuEv9eGrGM3RK2+4g5x7iyAcGN5Nkr3SEkTPVa0d/p9YX698C/
TwqZPSeJURMeqQftoErOVfSlc8QHyJgPOWCg1MBIdaxnnR3sy5/lUf4xnQORUI/K
xSbsAqh/2ehvixWoJBf/ocwxRKoCoXJ1B9q1F0ROW7WVZ2tsLFVgo7OvdIVHYiWu
yC39dqWnB/79GjAnqwcvaAKQZEDusuHsKfURrupHGMS/Tvy+lRlH6Rj6XQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKEqTlKi0tpeniVRp3W/SXSVK8wFMB8GA1UdIwQY
MBaAFCnqC95/aSvF/cCxaLphSgJy8uZNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2VvTDNuOXBLOFg5d0xGb3VtRktBbkx5NWswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC9kMmZmNWItMDAwOC00NTcyLTkzODAt
OTc2YzA0YmRmMThmLzEvS2VvTDNuOXBLOFg5d0xGb3VtRktBbkx5NWswLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC9kMmZmNWItMDAwOC00NTcyLTkzODAtOTc2YzA0YmRmMThm
LzEvS2VvTDNuOXBLOFg5d0xGb3VtRktBbkx5NWswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWx5Yyqit
VlefE4N6mDTe+SuxNCdWcV69AjUxJIYuJnDXzOoQna9EfdYHQMmiOnTbeVipgSBS
ujgUCjcSMn96EnI5m/G/vLa63I3cQUU8nfjXVz07Afqgm/egs68axYvxQXTNqw9n
S1g9ilV2Hi6a95qjzMzU1gT+SV53BOfB+DuXKDkWe4GRRkq66P+WrctjwdMrhUEF
9cPA0Iiv9D3S2FxKdnWCMNdk3r9xQLhaXPEsEhjT9ZB/RAhNTK0ChgA3iwlw3mQz
JCwTyGHg/CaBubkZ5k3dBQBsMXE1vmQ/DET0rr2GrTyNP5NdHavIEi0C2UbV3gcn
CIRp1Ra/HVRrNg==
-----END CERTIFICATE-----
Generated at Mon Mar 2 10:39:00 2026 by rpki-client