Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/43a672-d151-4c4e-9809-149f6365ffda/1/KgGcraFj42jMM2J2PyBrPerE0yA.mft
File: KgGcraFj42jMM2J2PyBrPerE0yA.mft (raw, json)
Hash identifier: Rp5gwWLPLh+FQoYEp8YjdEi51kXCGz5DFDTKj2WpasQ=
Subject key identifier: F0:35:AC:74:E9:16:EB:81:C8:3E:DD:28:BB:C9:BA:7F:EB:0C:F4:4B
Authority key identifier: 2A:01:9C:AD:A1:63:E3:68:CC:33:62:76:3F:20:6B:3D:EA:C4:D3:20
Certificate issuer: /CN=2a019cada163e368cc3362763f206b3deac4d320
Certificate serial: 019CADFDF3A56ABBD246E8D47021F17D9CA3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KgGcraFj42jMM2J2PyBrPerE0yA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/43a672-d151-4c4e-9809-149f6365ffda/1/KgGcraFj42jMM2J2PyBrPerE0yA.mft
Manifest number: 0DB6
Signing time: Mon 02 Mar 2026 10:00:27 +0000
Manifest this update: Mon 02 Mar 2026 10:00:27 +0000
Manifest next update: Tue 03 Mar 2026 10:00:27 +0000
Files and hashes: 1: KgGcraFj42jMM2J2PyBrPerE0yA.crl (hash: vySsh1u6DSMrNoFLbYARvyG/BEiizyklYWbqRXXt+4U=)
2: jY0MoOJ3PtdveQuCsZ0fuBIhTjY.roa (hash: vqPVQAGkx6I5WnNS9zEmXw+PjdH2vmfPnggrjPunD0I=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f2/43a672-d151-4c4e-9809-149f6365ffda/1/KgGcraFj42jMM2J2PyBrPerE0yA.crl
rsync://rpki.ripe.net/repository/DEFAULT/f2/43a672-d151-4c4e-9809-149f6365ffda/1/KgGcraFj42jMM2J2PyBrPerE0yA.mft
rsync://rpki.ripe.net/repository/DEFAULT/KgGcraFj42jMM2J2PyBrPerE0yA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 09:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ad:fd:f3:a5:6a:bb:d2:46:e8:d4:70:21:f1:7d:9c:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a019cada163e368cc3362763f206b3deac4d320
Validity
Not Before: Mar 2 10:00:27 2026 GMT
Not After : Mar 3 10:00:27 2026 GMT
Subject: CN=f035ac74e916eb81c83edd28bbc9ba7feb0cf44b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:b5:7f:e7:9f:71:6c:10:56:79:97:76:d0:20:
2c:cf:db:f6:1d:02:6d:6f:a2:8b:97:31:cf:2c:0a:
c8:0d:fd:56:75:26:77:ea:f7:77:11:84:23:d6:55:
5f:a3:0d:3d:f9:12:4b:35:fc:cd:48:e2:b9:04:4b:
fd:d9:5d:29:d5:88:59:2d:a5:ee:a8:2d:15:21:70:
6a:d4:7c:55:12:b3:f4:02:f1:a0:04:e0:4e:33:7b:
07:25:4f:89:ae:18:42:2f:d9:46:21:15:91:6d:90:
ae:69:e2:8f:b8:99:d1:11:d5:5b:0c:1d:55:b2:b6:
60:99:0d:c1:d5:69:02:e7:84:1f:ca:4a:cc:9f:03:
c7:73:6f:e8:a8:fa:24:f8:fe:51:34:33:87:fe:80:
5d:87:0b:1b:31:03:7d:93:75:e3:18:d4:18:d8:4e:
4e:be:d9:82:84:b3:69:39:b0:ef:c2:41:ec:88:17:
64:c2:35:76:f9:0f:00:98:cb:fa:b6:e6:23:e8:b9:
50:aa:cc:c6:af:7f:19:ea:e5:dd:43:64:f5:a7:da:
3d:22:ea:a5:3f:7e:4e:e2:83:d8:07:b2:5a:c8:6e:
bf:0b:e5:b9:a3:31:9e:06:46:ec:1d:2d:71:7f:fd:
01:0e:3a:d8:24:99:c8:50:c8:65:a5:d2:46:97:07:
a9:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:35:AC:74:E9:16:EB:81:C8:3E:DD:28:BB:C9:BA:7F:EB:0C:F4:4B
X509v3 Authority Key Identifier:
keyid:2A:01:9C:AD:A1:63:E3:68:CC:33:62:76:3F:20:6B:3D:EA:C4:D3:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KgGcraFj42jMM2J2PyBrPerE0yA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/43a672-d151-4c4e-9809-149f6365ffda/1/KgGcraFj42jMM2J2PyBrPerE0yA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/43a672-d151-4c4e-9809-149f6365ffda/1/KgGcraFj42jMM2J2PyBrPerE0yA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
20:f0:f1:9d:81:16:cd:f5:20:c4:13:bd:93:1a:c5:22:dd:0a:
ca:df:4a:98:b3:72:e0:25:6b:5a:fe:ca:30:53:c0:b7:98:92:
23:4e:d1:b8:76:e1:4f:78:fe:25:56:da:44:75:1e:46:d2:1e:
f7:64:03:f3:49:45:c3:e8:6c:78:41:97:9e:d1:d0:8e:ab:a8:
fa:64:a0:c7:fa:4a:e7:f9:4a:5c:32:74:40:ad:ba:e7:7a:a0:
b5:c2:4b:10:9e:05:c9:b3:8d:ad:7d:de:98:05:0a:2d:d4:46:
b1:f4:3b:c5:0b:b4:91:c9:68:dd:f0:5c:85:53:b6:84:ec:47:
31:7f:52:90:b5:d4:ce:04:8f:0e:89:6d:ff:a4:09:30:6a:c9:
26:0d:e9:4b:09:0b:ac:5a:bd:de:f4:a6:0c:b3:34:33:ec:9b:
08:73:6d:be:3d:8e:57:c5:84:2a:c5:8f:36:14:be:a2:07:0a:
d3:ea:5d:79:91:93:2e:bf:96:2f:cb:c7:63:83:4c:38:0c:9d:
b5:af:c8:0e:0e:77:a5:9f:eb:af:7e:d0:74:2a:a0:b8:d6:5b:
90:ac:20:6e:12:8b:99:d3:e7:30:93:3a:96:85:10:2b:f8:4c:
5f:88:3a:a1:31:b2:31:80:08:31:f2:c2:69:84:72:25:dd:0f:
3e:5f:01:9c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyt/fOlarvSRujUcCHxfZyjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhMDE5Y2FkYTE2M2UzNjhjYzMzNjI3NjNmMjA2YjNkZWFj
NGQzMjAwHhcNMjYwMzAyMTAwMDI3WhcNMjYwMzAzMTAwMDI3WjAzMTEwLwYDVQQD
EyhmMDM1YWM3NGU5MTZlYjgxYzgzZWRkMjhiYmM5YmE3ZmViMGNmNDRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv7V/559xbBBWeZd20CAsz9v2HQJt
b6KLlzHPLArIDf1WdSZ36vd3EYQj1lVfow09+RJLNfzNSOK5BEv92V0p1YhZLaXu
qC0VIXBq1HxVErP0AvGgBOBOM3sHJU+JrhhCL9lGIRWRbZCuaeKPuJnREdVbDB1V
srZgmQ3B1WkC54QfykrMnwPHc2/oqPok+P5RNDOH/oBdhwsbMQN9k3XjGNQY2E5O
vtmChLNpObDvwkHsiBdkwjV2+Q8AmMv6tuYj6LlQqszGr38Z6uXdQ2T1p9o9Iuql
P35O4oPYB7JayG6/C+W5ozGeBkbsHS1xf/0BDjrYJJnIUMhlpdJGlwepJwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPA1rHTpFuuByD7dKLvJun/rDPRLMB8GA1UdIwQY
MBaAFCoBnK2hY+NozDNidj8gaz3qxNMgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2dHY3JhRmo0MmpNTTJKMlB5QnJQZXJFMHlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi80M2E2NzItZDE1MS00YzRlLTk4MDkt
MTQ5ZjYzNjVmZmRhLzEvS2dHY3JhRmo0MmpNTTJKMlB5QnJQZXJFMHlBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi80M2E2NzItZDE1MS00YzRlLTk4MDktMTQ5ZjYzNjVmZmRh
LzEvS2dHY3JhRmo0MmpNTTJKMlB5QnJQZXJFMHlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIPDxnYEW
zfUgxBO9kxrFIt0Kyt9KmLNy4CVrWv7KMFPAt5iSI07RuHbhT3j+JVbaRHUeRtIe
92QD80lFw+hseEGXntHQjquo+mSgx/pK5/lKXDJ0QK2653qgtcJLEJ4FybONrX3e
mAUKLdRGsfQ7xQu0kclo3fBchVO2hOxHMX9SkLXUzgSPDolt/6QJMGrJJg3pSwkL
rFq93vSmDLM0M+ybCHNtvj2OV8WEKsWPNhS+ogcK0+pdeZGTLr+WL8vHY4NMOAyd
ta/IDg53pZ/rr37QdCqguNZbkKwgbhKLmdPnMJM6loUQK/hMX4g6oTGyMYAIMfLC
aYRyJd0PPl8BnA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 15:50:08 2026 by rpki-client