Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/a0b63e-1166-46b5-9e3e-38b5d1788007/1/KqPJn_WLj3M-8sYqd3LAwfKeV_w.mft
File: KqPJn_WLj3M-8sYqd3LAwfKeV_w.mft (raw, json)
Hash identifier: 8esY2nsQ8RdX3qCkcD94yixh2bpMmJGJGPAafAk9jrg=
Subject key identifier: 68:5E:DE:21:FF:DA:74:EB:22:00:B7:AE:9F:AC:39:D4:D8:76:AA:97
Authority key identifier: 2A:A3:C9:9F:F5:8B:8F:73:3E:F2:C6:2A:77:72:C0:C1:F2:9E:57:FC
Certificate issuer: /CN=2aa3c99ff58b8f733ef2c62a7772c0c1f29e57fc
Certificate serial: 019CAD59875FB3F79E46E24E1D8B37E05CC1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KqPJn_WLj3M-8sYqd3LAwfKeV_w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/a0b63e-1166-46b5-9e3e-38b5d1788007/1/KqPJn_WLj3M-8sYqd3LAwfKeV_w.mft
Manifest number: 1153
Signing time: Mon 02 Mar 2026 07:00:51 +0000
Manifest this update: Mon 02 Mar 2026 07:00:51 +0000
Manifest next update: Tue 03 Mar 2026 07:00:51 +0000
Files and hashes: 1: KqPJn_WLj3M-8sYqd3LAwfKeV_w.crl (hash: YIrmlRPNEo4FVrZcYSKeMkYO34hu3qsBj3ytbgbye1A=)
2: TjwUrt0QbOg_7Hv7hnE5gPoovGE.roa (hash: vCYAcdHdzTkyR5n/fzt3EtvDXfAERXz/dZUmibVHkag=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e4/a0b63e-1166-46b5-9e3e-38b5d1788007/1/KqPJn_WLj3M-8sYqd3LAwfKeV_w.crl
rsync://rpki.ripe.net/repository/DEFAULT/e4/a0b63e-1166-46b5-9e3e-38b5d1788007/1/KqPJn_WLj3M-8sYqd3LAwfKeV_w.mft
rsync://rpki.ripe.net/repository/DEFAULT/KqPJn_WLj3M-8sYqd3LAwfKeV_w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ad:59:87:5f:b3:f7:9e:46:e2:4e:1d:8b:37:e0:5c:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2aa3c99ff58b8f733ef2c62a7772c0c1f29e57fc
Validity
Not Before: Mar 2 07:00:51 2026 GMT
Not After : Mar 3 07:00:51 2026 GMT
Subject: CN=685ede21ffda74eb2200b7ae9fac39d4d876aa97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:b1:22:d1:19:b9:36:ba:13:16:71:3e:ff:80:
17:47:03:55:fa:58:39:19:1b:1c:d0:42:71:44:17:
79:22:8a:41:50:0f:48:6d:ca:eb:ee:40:10:f1:ac:
8c:66:2a:12:60:57:74:58:10:c0:e1:28:69:be:9a:
7c:b1:c7:c8:ad:f0:76:53:91:f7:64:97:be:cf:75:
93:a1:d6:5c:33:24:d1:45:51:af:93:45:cf:13:70:
fa:75:33:79:16:96:51:3d:6b:db:24:3a:76:17:59:
47:5c:d2:0b:55:f5:07:ca:35:ef:34:d4:94:1d:91:
55:a9:9b:e3:82:95:40:4b:9f:e4:97:4b:20:93:0e:
30:3b:17:9a:98:fc:f2:25:5d:6a:90:16:a1:d8:ef:
9b:cb:ab:94:48:aa:75:75:db:0a:2a:ba:b8:dd:0e:
e2:d3:a3:50:f2:31:46:f6:8f:e2:a3:75:54:5b:22:
21:99:c5:8c:aa:97:b6:ef:ce:26:21:da:8c:b3:c6:
2a:12:4a:87:55:f2:d5:2f:0a:53:08:f5:fa:f4:74:
c1:bc:44:a6:d2:ac:3f:98:06:cf:c5:09:9c:d8:b7:
14:95:1a:d8:5d:fc:8b:13:ab:d7:36:4c:41:6e:80:
36:94:40:bd:9a:34:1d:8b:b7:23:f7:41:a3:e0:56:
41:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:5E:DE:21:FF:DA:74:EB:22:00:B7:AE:9F:AC:39:D4:D8:76:AA:97
X509v3 Authority Key Identifier:
keyid:2A:A3:C9:9F:F5:8B:8F:73:3E:F2:C6:2A:77:72:C0:C1:F2:9E:57:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KqPJn_WLj3M-8sYqd3LAwfKeV_w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/a0b63e-1166-46b5-9e3e-38b5d1788007/1/KqPJn_WLj3M-8sYqd3LAwfKeV_w.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/a0b63e-1166-46b5-9e3e-38b5d1788007/1/KqPJn_WLj3M-8sYqd3LAwfKeV_w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
22:a4:f1:d8:b6:db:5c:ac:c3:19:48:2b:4c:7e:5b:49:8e:db:
30:5c:06:f0:b7:8a:20:b6:e1:49:c4:89:10:1f:d3:02:73:1c:
c0:03:b5:7f:6b:46:56:5b:6d:88:bc:31:c6:69:10:77:96:8e:
1a:cf:8d:7c:81:ba:d3:e3:0f:03:f5:4d:32:4a:ae:e9:37:8c:
a0:e1:ff:48:d4:96:73:a2:9a:e3:45:3a:e0:87:06:08:47:b6:
e7:c4:c1:38:b9:6d:ea:11:a5:84:5a:e8:67:7e:96:ac:ce:d0:
30:c4:61:53:93:10:a2:a2:29:c7:bf:aa:e6:cb:b6:20:ba:94:
d8:c0:54:05:50:9e:f1:fe:0d:dc:1d:ad:ad:dd:84:61:ce:7f:
f3:91:a4:87:da:d8:28:4a:b0:94:69:66:e5:19:5b:a0:0c:46:
cb:0f:51:23:04:48:e2:f4:bf:5d:35:81:90:d8:18:b4:07:2d:
3b:87:60:77:74:9e:4f:82:b0:8c:0c:b8:b0:82:6b:1f:a9:15:
7c:aa:66:5f:04:9a:86:14:20:13:f9:0e:3f:dc:45:ae:3b:56:
91:f8:b8:ed:6b:65:6b:0b:a1:e2:00:ae:3e:fc:45:88:2e:2b:
e3:8b:28:1e:0f:03:7d:56:a7:68:4d:e3:89:d0:99:74:5d:9d:
95:e7:dc:9e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytWYdfs/eeRuJOHYs34FzBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYTNjOTlmZjU4YjhmNzMzZWYyYzYyYTc3NzJjMGMxZjI5
ZTU3ZmMwHhcNMjYwMzAyMDcwMDUxWhcNMjYwMzAzMDcwMDUxWjAzMTEwLwYDVQQD
Eyg2ODVlZGUyMWZmZGE3NGViMjIwMGI3YWU5ZmFjMzlkNGQ4NzZhYTk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0LEi0Rm5NroTFnE+/4AXRwNV+lg5
GRsc0EJxRBd5IopBUA9Ibcrr7kAQ8ayMZioSYFd0WBDA4Shpvpp8scfIrfB2U5H3
ZJe+z3WTodZcMyTRRVGvk0XPE3D6dTN5FpZRPWvbJDp2F1lHXNILVfUHyjXvNNSU
HZFVqZvjgpVAS5/kl0sgkw4wOxeamPzyJV1qkBah2O+by6uUSKp1ddsKKrq43Q7i
06NQ8jFG9o/io3VUWyIhmcWMqpe2784mIdqMs8YqEkqHVfLVLwpTCPX69HTBvESm
0qw/mAbPxQmc2LcUlRrYXfyLE6vXNkxBboA2lEC9mjQdi7cj90Gj4FZBQQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGhe3iH/2nTrIgC3rp+sOdTYdqqXMB8GA1UdIwQY
MBaAFCqjyZ/1i49zPvLGKndywMHynlf8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3FQSm5fV0xqM00tOHNZcWQzTEF3ZktlVl93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC9hMGI2M2UtMTE2Ni00NmI1LTllM2Ut
MzhiNWQxNzg4MDA3LzEvS3FQSm5fV0xqM00tOHNZcWQzTEF3ZktlVl93Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC9hMGI2M2UtMTE2Ni00NmI1LTllM2UtMzhiNWQxNzg4MDA3
LzEvS3FQSm5fV0xqM00tOHNZcWQzTEF3ZktlVl93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIqTx2Lbb
XKzDGUgrTH5bSY7bMFwG8LeKILbhScSJEB/TAnMcwAO1f2tGVlttiLwxxmkQd5aO
Gs+NfIG60+MPA/VNMkqu6TeMoOH/SNSWc6Ka40U64IcGCEe258TBOLlt6hGlhFro
Z36WrM7QMMRhU5MQoqIpx7+q5su2ILqU2MBUBVCe8f4N3B2trd2EYc5/85Gkh9rY
KEqwlGlm5RlboAxGyw9RIwRI4vS/XTWBkNgYtActO4dgd3SeT4KwjAy4sIJrH6kV
fKpmXwSahhQgE/kOP9xFrjtWkfi47Wtlawuh4gCuPvxFiC4r44soHg8DfVanaE3j
idCZdF2dlefcng==
-----END CERTIFICATE-----
Generated at Mon Mar 2 10:23:39 2026 by rpki-client