Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/1d72ce-be4c-4498-a823-3aebc9f817ce/1/KXpCKXFPNOKdPZKyX3tZx0jw38Y.mft
File: KXpCKXFPNOKdPZKyX3tZx0jw38Y.mft (raw, json)
Hash identifier: TeqlgSoQfrYzf2255CS/BBq3ug5yMD29Hc5lZOfA6O0=
Subject key identifier: E5:DC:2A:63:E9:CD:92:BD:C7:C0:B4:C0:50:4D:2A:E2:4C:FE:D4:27
Authority key identifier: 29:7A:42:29:71:4F:34:E2:9D:3D:92:B2:5F:7B:59:C7:48:F0:DF:C6
Certificate issuer: /CN=297a4229714f34e29d3d92b25f7b59c748f0dfc6
Certificate serial: 019CAA2180671AD84BF3AAE3E636C571EAC6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KXpCKXFPNOKdPZKyX3tZx0jw38Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/1d72ce-be4c-4498-a823-3aebc9f817ce/1/KXpCKXFPNOKdPZKyX3tZx0jw38Y.mft
Manifest number: 0AD4
Signing time: Sun 01 Mar 2026 16:00:48 +0000
Manifest this update: Sun 01 Mar 2026 16:00:48 +0000
Manifest next update: Mon 02 Mar 2026 16:00:48 +0000
Files and hashes: 1: KXpCKXFPNOKdPZKyX3tZx0jw38Y.crl (hash: HrSDfdMaajhRPcMGl6JRw6qehHbhmnfZqQSfqd0EU1g=)
2: xzFbm4sk1g_z1hTqJzkSoYGfwII.roa (hash: vGpqbjJ2sbADDdZ1dTIQ9ghtcR849/Jhk0Pb4QG33k4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e4/1d72ce-be4c-4498-a823-3aebc9f817ce/1/KXpCKXFPNOKdPZKyX3tZx0jw38Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/e4/1d72ce-be4c-4498-a823-3aebc9f817ce/1/KXpCKXFPNOKdPZKyX3tZx0jw38Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/KXpCKXFPNOKdPZKyX3tZx0jw38Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:aa:21:80:67:1a:d8:4b:f3:aa:e3:e6:36:c5:71:ea:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=297a4229714f34e29d3d92b25f7b59c748f0dfc6
Validity
Not Before: Mar 1 16:00:48 2026 GMT
Not After : Mar 2 16:00:48 2026 GMT
Subject: CN=e5dc2a63e9cd92bdc7c0b4c0504d2ae24cfed427
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:fa:8c:fc:54:29:19:36:7f:c2:3d:1f:11:7e:
c5:78:9f:83:57:b8:a3:23:c6:95:b2:fd:a3:a2:f7:
91:39:47:35:25:8d:04:7f:32:e1:af:e5:64:35:95:
88:f9:27:bc:c1:82:1a:35:1c:2e:dd:21:bb:6b:de:
cd:15:7b:3c:a9:88:e4:7f:22:e1:e5:24:47:a4:ac:
78:01:57:d8:c0:0e:0c:33:c4:2d:c5:06:bd:3a:61:
64:4f:53:8c:cb:d1:24:04:1c:c5:3f:fe:10:42:a9:
b1:9e:fe:8e:b1:18:6c:7e:be:ab:3f:1e:12:8e:78:
49:4d:1a:82:84:06:dc:bb:28:54:6c:d5:14:27:b1:
1c:ec:40:b4:5c:84:dd:24:65:26:ea:cd:94:5c:9e:
b4:91:82:2d:7b:8e:56:53:74:e5:f4:89:8f:00:22:
aa:32:c2:86:f3:4c:65:f4:60:15:e9:aa:99:5f:7a:
85:37:cd:8a:7d:f4:e5:03:d3:d9:6f:fb:16:30:ae:
3f:4e:40:9c:b3:b0:5a:27:15:3c:3b:7c:56:e5:7b:
f9:c5:92:cc:81:6b:72:80:67:2c:35:55:1d:09:24:
fd:dc:b1:21:d3:f3:76:13:f8:8a:2d:46:c0:a2:92:
86:cc:3f:fa:72:6c:a8:ed:5d:3a:16:11:64:24:45:
1c:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:DC:2A:63:E9:CD:92:BD:C7:C0:B4:C0:50:4D:2A:E2:4C:FE:D4:27
X509v3 Authority Key Identifier:
keyid:29:7A:42:29:71:4F:34:E2:9D:3D:92:B2:5F:7B:59:C7:48:F0:DF:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KXpCKXFPNOKdPZKyX3tZx0jw38Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/1d72ce-be4c-4498-a823-3aebc9f817ce/1/KXpCKXFPNOKdPZKyX3tZx0jw38Y.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/1d72ce-be4c-4498-a823-3aebc9f817ce/1/KXpCKXFPNOKdPZKyX3tZx0jw38Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5e:ff:45:02:e8:c8:a5:14:27:58:35:7a:fd:a5:1d:8f:40:6f:
10:3c:94:3a:2f:85:7c:94:62:6c:59:3d:24:45:5b:d2:fb:2d:
cd:72:0a:b6:2a:03:c8:67:25:ed:33:95:22:37:83:b8:f0:cf:
5f:de:87:3f:d4:c3:fd:44:17:69:dc:46:f0:cb:00:b9:30:97:
67:02:6e:33:4f:ec:9f:0c:de:39:de:7c:f1:2b:a5:bf:fd:ce:
af:ce:ef:70:e6:11:be:c1:1c:5c:03:c2:b5:ad:64:cb:12:6d:
b8:ac:ea:e8:90:43:78:f7:5e:a3:2f:65:e4:4f:cd:bd:1a:5b:
24:a9:59:64:f9:80:86:3c:34:32:3e:f6:63:e8:3b:f5:80:9e:
2c:92:4b:ff:4a:bd:4e:f6:b2:d0:78:36:ac:ba:f2:ca:ac:a7:
67:e4:dc:9e:3a:8f:06:9b:3e:16:7e:76:a6:ba:30:95:ad:8d:
5c:21:9b:55:2c:d5:c9:62:54:bf:1c:a0:f0:b5:d3:3b:22:57:
58:5b:d8:dc:9a:e3:ca:44:56:88:b7:7a:c5:29:24:01:19:0c:
c6:f4:49:86:4f:29:ad:75:e9:87:c2:56:fa:15:6c:06:4c:06:
a0:9f:65:a1:b2:38:09:c8:ea:aa:10:ca:7d:2e:8b:78:b3:17:
b3:47:dd:f2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqIYBnGthL86rj5jbFcerGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5N2E0MjI5NzE0ZjM0ZTI5ZDNkOTJiMjVmN2I1OWM3NDhm
MGRmYzYwHhcNMjYwMzAxMTYwMDQ4WhcNMjYwMzAyMTYwMDQ4WjAzMTEwLwYDVQQD
EyhlNWRjMmE2M2U5Y2Q5MmJkYzdjMGI0YzA1MDRkMmFlMjRjZmVkNDI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl/qM/FQpGTZ/wj0fEX7FeJ+DV7ij
I8aVsv2joveROUc1JY0EfzLhr+VkNZWI+Se8wYIaNRwu3SG7a97NFXs8qYjkfyLh
5SRHpKx4AVfYwA4MM8QtxQa9OmFkT1OMy9EkBBzFP/4QQqmxnv6OsRhsfr6rPx4S
jnhJTRqChAbcuyhUbNUUJ7Ec7EC0XITdJGUm6s2UXJ60kYIte45WU3Tl9ImPACKq
MsKG80xl9GAV6aqZX3qFN82KffTlA9PZb/sWMK4/TkCcs7BaJxU8O3xW5Xv5xZLM
gWtygGcsNVUdCST93LEh0/N2E/iKLUbAopKGzD/6cmyo7V06FhFkJEUcNwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOXcKmPpzZK9x8C0wFBNKuJM/tQnMB8GA1UdIwQY
MBaAFCl6QilxTzTinT2Ssl97WcdI8N/GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1hwQ0tYRlBOT0tkUFpLeVgzdFp4MGp3MzhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC8xZDcyY2UtYmU0Yy00NDk4LWE4MjMt
M2FlYmM5ZjgxN2NlLzEvS1hwQ0tYRlBOT0tkUFpLeVgzdFp4MGp3MzhZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC8xZDcyY2UtYmU0Yy00NDk4LWE4MjMtM2FlYmM5ZjgxN2Nl
LzEvS1hwQ0tYRlBOT0tkUFpLeVgzdFp4MGp3MzhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXv9FAujI
pRQnWDV6/aUdj0BvEDyUOi+FfJRibFk9JEVb0vstzXIKtioDyGcl7TOVIjeDuPDP
X96HP9TD/UQXadxG8MsAuTCXZwJuM0/snwzeOd588Sulv/3Or87vcOYRvsEcXAPC
ta1kyxJtuKzq6JBDePdeoy9l5E/NvRpbJKlZZPmAhjw0Mj72Y+g79YCeLJJL/0q9
Tvay0Hg2rLryyqynZ+TcnjqPBps+Fn52prowla2NXCGbVSzVyWJUvxyg8LXTOyJX
WFvY3JrjykRWiLd6xSkkARkMxvRJhk8prXXph8JW+hVsBkwGoJ9lobI4CcjqqhDK
fS6LeLMXs0fd8g==
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:44:43 2026 by rpki-client