Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/d19549-31b8-4a1e-b6d5-6a17e21ca6c7/1/kI7SZXsDRI2ii8JIwvfsSXPabjs.mft
File: kI7SZXsDRI2ii8JIwvfsSXPabjs.mft (raw, json)
Hash identifier: iIgRly1aCPqm0IC31+Cii7mk4eYngiTJW5u16Z7OWgQ=
Subject key identifier: 13:5A:24:45:F5:C3:D3:0D:D9:CF:23:B6:11:DD:B4:E1:2E:3F:9A:5F
Authority key identifier: 90:8E:D2:65:7B:03:44:8D:A2:8B:C2:48:C2:F7:EC:49:73:DA:6E:3B
Certificate issuer: /CN=908ed2657b03448da28bc248c2f7ec4973da6e3b
Certificate serial: 019CAC7DD8CB0765BFF4DBC6A38C7F0445F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kI7SZXsDRI2ii8JIwvfsSXPabjs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/d19549-31b8-4a1e-b6d5-6a17e21ca6c7/1/kI7SZXsDRI2ii8JIwvfsSXPabjs.mft
Manifest number: 014D
Signing time: Mon 02 Mar 2026 03:00:54 +0000
Manifest this update: Mon 02 Mar 2026 03:00:54 +0000
Manifest next update: Tue 03 Mar 2026 03:00:54 +0000
Files and hashes: 1: EQxEyPQDuCTR078fV9h6v3Km5Cw.roa (hash: Lt5RUH9y8xxH2z3qvvXHmC8kiqcqvY/49BCxeZKNAOc=)
2: kI7SZXsDRI2ii8JIwvfsSXPabjs.crl (hash: 6rqVSeg65T1qOxfmkk2mo2b00BA3vaaH6C1Q0r51Qs8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ef/d19549-31b8-4a1e-b6d5-6a17e21ca6c7/1/kI7SZXsDRI2ii8JIwvfsSXPabjs.crl
rsync://rpki.ripe.net/repository/DEFAULT/ef/d19549-31b8-4a1e-b6d5-6a17e21ca6c7/1/kI7SZXsDRI2ii8JIwvfsSXPabjs.mft
rsync://rpki.ripe.net/repository/DEFAULT/kI7SZXsDRI2ii8JIwvfsSXPabjs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ac:7d:d8:cb:07:65:bf:f4:db:c6:a3:8c:7f:04:45:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=908ed2657b03448da28bc248c2f7ec4973da6e3b
Validity
Not Before: Mar 2 03:00:54 2026 GMT
Not After : Mar 3 03:00:54 2026 GMT
Subject: CN=135a2445f5c3d30dd9cf23b611ddb4e12e3f9a5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:8d:cd:f8:49:e2:da:91:56:a5:10:1a:bd:79:
e1:17:0f:e8:41:d5:82:22:5d:09:f4:aa:c1:6c:06:
0a:1c:d7:cb:bf:2c:ba:62:10:35:81:2c:8c:d8:83:
4a:c3:2b:21:fe:96:76:d9:b7:16:6e:62:1e:24:11:
72:ce:6f:02:08:78:c1:39:e7:04:23:61:de:ab:61:
85:04:cf:ea:88:91:10:66:80:59:42:7b:ad:83:95:
5a:04:49:88:3f:54:80:d9:b4:11:35:d3:f4:08:44:
9b:0a:6c:88:08:a9:1e:fc:b0:f4:96:cc:39:74:51:
7d:db:52:b9:8c:f6:07:52:6d:78:34:01:d9:26:e5:
c1:c9:94:7e:9c:1f:b2:d5:fa:fd:d8:49:6c:ba:d6:
0d:c5:c7:33:20:f9:f4:9d:45:a3:37:73:b7:4a:6a:
13:26:97:06:c3:4e:aa:23:f2:c3:49:52:f2:91:11:
a6:6b:d9:a4:6d:c9:b3:60:93:76:84:60:fe:9d:aa:
75:fa:7a:2a:09:4b:1e:4e:18:74:e8:4d:cd:1a:2f:
42:a5:a3:43:1e:81:22:dc:cb:5d:f4:7c:c9:dc:0a:
5a:85:ea:09:8c:db:4e:c4:0e:6e:ab:7a:4d:27:6e:
eb:40:90:cd:90:73:1e:94:9f:90:29:2a:aa:db:2a:
dc:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:5A:24:45:F5:C3:D3:0D:D9:CF:23:B6:11:DD:B4:E1:2E:3F:9A:5F
X509v3 Authority Key Identifier:
keyid:90:8E:D2:65:7B:03:44:8D:A2:8B:C2:48:C2:F7:EC:49:73:DA:6E:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kI7SZXsDRI2ii8JIwvfsSXPabjs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/d19549-31b8-4a1e-b6d5-6a17e21ca6c7/1/kI7SZXsDRI2ii8JIwvfsSXPabjs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/d19549-31b8-4a1e-b6d5-6a17e21ca6c7/1/kI7SZXsDRI2ii8JIwvfsSXPabjs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
43:b2:14:54:37:ec:31:3f:f0:f7:a9:b2:98:b5:b2:84:28:79:
5d:f6:89:59:30:85:5c:48:25:52:f9:21:bc:70:80:49:78:29:
2a:58:3f:9e:d7:5a:d4:1c:46:11:ed:92:33:85:9f:82:35:d9:
df:47:42:6c:cb:e0:91:6b:b3:37:e9:47:ee:14:8c:cf:fd:b0:
54:57:98:ee:d4:4f:30:6a:c2:84:04:13:53:ef:8f:95:b0:72:
34:fa:c5:b1:66:be:4a:54:05:ec:50:4b:b8:9f:ec:02:9a:4e:
ae:d1:41:fa:70:78:ad:03:fd:0f:02:47:d0:39:df:67:0a:49:
b8:a6:b5:fb:e6:ac:c3:7c:3b:04:ae:e8:14:01:fe:d0:35:6c:
1f:47:27:51:23:b2:80:11:64:ba:4d:91:0c:f9:af:c2:a4:29:
09:41:70:6f:fe:6c:dd:28:75:6a:71:b8:22:e2:0c:5a:1e:9e:
92:8b:3f:c1:56:4f:d8:d0:9f:3b:53:f7:e2:95:2c:c7:a5:0a:
de:8e:92:46:f9:f1:85:7d:e5:f3:4f:e8:b9:f8:43:f1:55:36:
bf:5c:b7:05:49:da:35:01:25:ef:40:c1:15:3a:b4:99:8d:f7:
0a:a1:07:ae:46:18:32:1f:11:b2:43:51:84:b7:22:6b:a0:3e:
2b:45:bb:04
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZysfdjLB2W/9NvGo4x/BEXyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwOGVkMjY1N2IwMzQ0OGRhMjhiYzI0OGMyZjdlYzQ5NzNk
YTZlM2IwHhcNMjYwMzAyMDMwMDU0WhcNMjYwMzAzMDMwMDU0WjAzMTEwLwYDVQQD
EygxMzVhMjQ0NWY1YzNkMzBkZDljZjIzYjYxMWRkYjRlMTJlM2Y5YTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtY3N+Eni2pFWpRAavXnhFw/oQdWC
Il0J9KrBbAYKHNfLvyy6YhA1gSyM2INKwysh/pZ22bcWbmIeJBFyzm8CCHjBOecE
I2Heq2GFBM/qiJEQZoBZQnutg5VaBEmIP1SA2bQRNdP0CESbCmyICKke/LD0lsw5
dFF921K5jPYHUm14NAHZJuXByZR+nB+y1fr92ElsutYNxcczIPn0nUWjN3O3SmoT
JpcGw06qI/LDSVLykRGma9mkbcmzYJN2hGD+nap1+noqCUseThh06E3NGi9CpaND
HoEi3Mtd9HzJ3ApaheoJjNtOxA5uq3pNJ27rQJDNkHMelJ+QKSqq2yrcxQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBNaJEX1w9MN2c8jthHdtOEuP5pfMB8GA1UdIwQY
MBaAFJCO0mV7A0SNoovCSML37Elz2m47MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0k3U1pYc0RSSTJpaThKSXd2ZnNTWFBhYmpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi9kMTk1NDktMzFiOC00YTFlLWI2ZDUt
NmExN2UyMWNhNmM3LzEva0k3U1pYc0RSSTJpaThKSXd2ZnNTWFBhYmpzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi9kMTk1NDktMzFiOC00YTFlLWI2ZDUtNmExN2UyMWNhNmM3
LzEva0k3U1pYc0RSSTJpaThKSXd2ZnNTWFBhYmpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQ7IUVDfs
MT/w96mymLWyhCh5XfaJWTCFXEglUvkhvHCASXgpKlg/ntda1BxGEe2SM4WfgjXZ
30dCbMvgkWuzN+lH7hSMz/2wVFeY7tRPMGrChAQTU++PlbByNPrFsWa+SlQF7FBL
uJ/sAppOrtFB+nB4rQP9DwJH0DnfZwpJuKa1++asw3w7BK7oFAH+0DVsH0cnUSOy
gBFkuk2RDPmvwqQpCUFwb/5s3Sh1anG4IuIMWh6ekos/wVZP2NCfO1P34pUsx6UK
3o6SRvnxhX3l80/oufhD8VU2v1y3BUnaNQEl70DBFTq0mY33CqEHrkYYMh8RskNR
hLcia6A+K0W7BA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 10:51:19 2026 by rpki-client