Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/b0ca94-0f1b-488f-9723-521fce6b64d9/1/K3OqhDe8ZyNRnQ8yC_HxcEFBpT0.mft
File: K3OqhDe8ZyNRnQ8yC_HxcEFBpT0.mft (raw, json)
Hash identifier: BD/IOYVtcnZ569BiEnB+1+zUipPu20MEQxvxhoXJ3i0=
Subject key identifier: 74:5E:06:63:B8:84:C3:14:25:A4:38:98:C5:AD:4F:2A:10:88:48:2D
Authority key identifier: 2B:73:AA:84:37:BC:67:23:51:9D:0F:32:0B:F1:F1:70:41:41:A5:3D
Certificate issuer: /CN=2b73aa8437bc6723519d0f320bf1f1704141a53d
Certificate serial: 019CAE351871BCE8514258F465CA7B6EDE89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K3OqhDe8ZyNRnQ8yC_HxcEFBpT0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/b0ca94-0f1b-488f-9723-521fce6b64d9/1/K3OqhDe8ZyNRnQ8yC_HxcEFBpT0.mft
Manifest number: 0611
Signing time: Mon 02 Mar 2026 11:00:41 +0000
Manifest this update: Mon 02 Mar 2026 11:00:41 +0000
Manifest next update: Tue 03 Mar 2026 11:00:41 +0000
Files and hashes: 1: HNWOK-qSzLEKLOiT1RxncC81FBw.roa (hash: VsSGzqx4mMKPsvTq4Mnx3YPfOOngg/lj8h0zkR3wf/A=)
2: K3OqhDe8ZyNRnQ8yC_HxcEFBpT0.crl (hash: 38rZxPdwzCNeM34LOYN+veL1mJ466Bh52tndlTMqfr0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d4/b0ca94-0f1b-488f-9723-521fce6b64d9/1/K3OqhDe8ZyNRnQ8yC_HxcEFBpT0.crl
rsync://rpki.ripe.net/repository/DEFAULT/d4/b0ca94-0f1b-488f-9723-521fce6b64d9/1/K3OqhDe8ZyNRnQ8yC_HxcEFBpT0.mft
rsync://rpki.ripe.net/repository/DEFAULT/K3OqhDe8ZyNRnQ8yC_HxcEFBpT0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 11:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ae:35:18:71:bc:e8:51:42:58:f4:65:ca:7b:6e:de:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b73aa8437bc6723519d0f320bf1f1704141a53d
Validity
Not Before: Mar 2 11:00:41 2026 GMT
Not After : Mar 3 11:00:41 2026 GMT
Subject: CN=745e0663b884c31425a43898c5ad4f2a1088482d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:de:46:27:61:04:c3:a6:b7:5e:92:dd:93:cc:
b3:fd:55:d1:d0:b7:b4:57:98:7b:76:ec:dd:89:78:
1b:06:4d:99:70:63:9c:8d:9c:f0:34:c8:f2:29:c0:
f5:d3:bf:ef:b4:b7:89:e6:89:d7:da:9d:cd:87:aa:
50:3c:5b:b8:07:85:67:2d:d7:3f:26:66:9b:f5:06:
ab:8a:d4:0c:03:42:d6:43:0e:d2:d9:80:28:74:0b:
39:c8:e9:42:3b:2b:eb:42:6e:e5:ca:8c:a3:27:dd:
10:93:3e:e5:24:d6:79:34:a4:65:21:3f:5b:64:51:
fd:2a:02:39:c7:17:3b:7d:99:25:26:7e:6f:ce:02:
ad:f5:00:a2:1a:1d:29:74:9d:8d:d9:bb:54:d7:16:
43:8e:22:8c:30:ad:67:33:51:75:67:f8:09:a3:65:
28:0f:a0:c1:80:f7:6d:74:8e:e9:8d:fa:88:b8:91:
15:4c:b2:93:be:c0:7e:5e:e3:77:fc:13:a3:2f:57:
09:d3:8d:4a:f9:82:37:b0:bf:8c:a8:f7:36:57:9c:
af:c3:36:0d:f6:ec:33:02:04:f2:8b:bf:cb:09:69:
5c:2f:94:62:08:c6:75:81:35:64:ca:ce:6e:86:9e:
7a:5c:37:bf:0e:7b:1f:2f:81:f2:e7:51:28:ab:7c:
d6:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:5E:06:63:B8:84:C3:14:25:A4:38:98:C5:AD:4F:2A:10:88:48:2D
X509v3 Authority Key Identifier:
keyid:2B:73:AA:84:37:BC:67:23:51:9D:0F:32:0B:F1:F1:70:41:41:A5:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K3OqhDe8ZyNRnQ8yC_HxcEFBpT0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/b0ca94-0f1b-488f-9723-521fce6b64d9/1/K3OqhDe8ZyNRnQ8yC_HxcEFBpT0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/b0ca94-0f1b-488f-9723-521fce6b64d9/1/K3OqhDe8ZyNRnQ8yC_HxcEFBpT0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
68:bf:77:8e:ba:ee:4d:fc:a2:b9:fa:a2:e6:de:5f:79:94:ef:
22:07:c4:18:a9:bb:75:2d:9c:1a:71:31:ea:dd:c5:3e:99:d5:
0c:1c:13:30:30:66:70:e9:8a:0f:f2:c9:0e:7a:b0:56:da:40:
13:68:cf:e0:43:35:86:f3:1a:2d:9c:dc:b5:15:19:72:43:98:
32:c6:71:3e:ad:99:07:29:50:72:d6:8b:70:0d:6b:d9:f9:18:
af:0c:76:72:3d:4b:8b:c2:fb:8b:b9:e1:91:f3:6a:cb:b7:b0:
ba:96:f3:da:9f:d0:d1:88:08:11:46:9d:36:6a:f5:46:a9:25:
51:a4:ae:fa:d6:9a:12:31:6b:97:f9:88:15:e6:2b:7f:2b:46:
58:82:fd:0b:f3:a0:6c:ce:ef:81:21:ef:03:58:1e:b8:e7:0a:
00:5e:f2:bc:6a:2a:b5:3d:53:c0:07:88:a3:92:43:9a:e5:c8:
a9:2c:05:f3:35:c1:40:21:a3:83:69:d4:f9:2c:0c:a8:2b:d9:
72:75:5d:56:b3:ed:57:1d:17:c4:e0:f7:32:df:0b:d9:eb:75:
ab:4c:38:7e:56:a0:a6:4b:74:7a:e5:c5:23:97:12:a7:33:eb:
47:92:b4:b9:61:f7:b4:99:3c:9a:21:ce:40:4a:3d:31:c9:fa:
fa:06:55:20
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyuNRhxvOhRQlj0Zcp7bt6JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiNzNhYTg0MzdiYzY3MjM1MTlkMGYzMjBiZjFmMTcwNDE0
MWE1M2QwHhcNMjYwMzAyMTEwMDQxWhcNMjYwMzAzMTEwMDQxWjAzMTEwLwYDVQQD
Eyg3NDVlMDY2M2I4ODRjMzE0MjVhNDM4OThjNWFkNGYyYTEwODg0ODJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAot5GJ2EEw6a3XpLdk8yz/VXR0Le0
V5h7duzdiXgbBk2ZcGOcjZzwNMjyKcD107/vtLeJ5onX2p3Nh6pQPFu4B4VnLdc/
Jmab9QaritQMA0LWQw7S2YAodAs5yOlCOyvrQm7lyoyjJ90Qkz7lJNZ5NKRlIT9b
ZFH9KgI5xxc7fZklJn5vzgKt9QCiGh0pdJ2N2btU1xZDjiKMMK1nM1F1Z/gJo2Uo
D6DBgPdtdI7pjfqIuJEVTLKTvsB+XuN3/BOjL1cJ041K+YI3sL+MqPc2V5yvwzYN
9uwzAgTyi7/LCWlcL5RiCMZ1gTVkys5uhp56XDe/DnsfL4Hy51Eoq3zWDwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHReBmO4hMMUJaQ4mMWtTyoQiEgtMB8GA1UdIwQY
MBaAFCtzqoQ3vGcjUZ0PMgvx8XBBQaU9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzNPcWhEZThaeU5SblE4eUNfSHhjRUZCcFQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9iMGNhOTQtMGYxYi00ODhmLTk3MjMt
NTIxZmNlNmI2NGQ5LzEvSzNPcWhEZThaeU5SblE4eUNfSHhjRUZCcFQwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9iMGNhOTQtMGYxYi00ODhmLTk3MjMtNTIxZmNlNmI2NGQ5
LzEvSzNPcWhEZThaeU5SblE4eUNfSHhjRUZCcFQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaL93jrru
Tfyiufqi5t5feZTvIgfEGKm7dS2cGnEx6t3FPpnVDBwTMDBmcOmKD/LJDnqwVtpA
E2jP4EM1hvMaLZzctRUZckOYMsZxPq2ZBylQctaLcA1r2fkYrwx2cj1Li8L7i7nh
kfNqy7ewupbz2p/Q0YgIEUadNmr1RqklUaSu+taaEjFrl/mIFeYrfytGWIL9C/Og
bM7vgSHvA1geuOcKAF7yvGoqtT1TwAeIo5JDmuXIqSwF8zXBQCGjg2nU+SwMqCvZ
cnVdVrPtVx0XxOD3Mt8L2et1q0w4flagpkt0euXFI5cSpzPrR5K0uWH3tJk8miHO
QEo9Mcn6+gZVIA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 16:11:51 2026 by rpki-client