Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/6541b4-7424-4758-bd32-5e4041d93008/1/KxlTcbTPcLiOdz4bgHyyORYyOFs.mft
File: KxlTcbTPcLiOdz4bgHyyORYyOFs.mft (raw, json)
Hash identifier: TIOvNRPrxDNlUSflvE9TI38Ip3vMpAElHWcMkbsztDs=
Subject key identifier: C2:F9:E7:C8:8E:BE:09:89:3D:50:1B:7B:52:90:95:C7:D1:B5:85:B6
Authority key identifier: 2B:19:53:71:B4:CF:70:B8:8E:77:3E:1B:80:7C:B2:39:16:32:38:5B
Certificate issuer: /CN=2b195371b4cf70b88e773e1b807cb2391632385b
Certificate serial: 019CABD9250FD1906A8507B504C3E3C269E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KxlTcbTPcLiOdz4bgHyyORYyOFs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/6541b4-7424-4758-bd32-5e4041d93008/1/KxlTcbTPcLiOdz4bgHyyORYyOFs.mft
Manifest number: 0128
Signing time: Mon 02 Mar 2026 00:01:00 +0000
Manifest this update: Mon 02 Mar 2026 00:01:00 +0000
Manifest next update: Tue 03 Mar 2026 00:01:00 +0000
Files and hashes: 1: KxlTcbTPcLiOdz4bgHyyORYyOFs.crl (hash: uFuQNY3t8LI0yCKAxxMhNh+bQCpk1WwcEnz3LMsqkzs=)
2: zoysAnJ75pvxhA2S0m-6Zp0HLpE.roa (hash: kFXM7sahaxaI4pXMltbaQts/ViuuZYbtivX7x0d9V2A=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/6541b4-7424-4758-bd32-5e4041d93008/1/KxlTcbTPcLiOdz4bgHyyORYyOFs.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/6541b4-7424-4758-bd32-5e4041d93008/1/KxlTcbTPcLiOdz4bgHyyORYyOFs.mft
rsync://rpki.ripe.net/repository/DEFAULT/KxlTcbTPcLiOdz4bgHyyORYyOFs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ab:d9:25:0f:d1:90:6a:85:07:b5:04:c3:e3:c2:69:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b195371b4cf70b88e773e1b807cb2391632385b
Validity
Not Before: Mar 2 00:01:00 2026 GMT
Not After : Mar 3 00:01:00 2026 GMT
Subject: CN=c2f9e7c88ebe09893d501b7b529095c7d1b585b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:df:09:00:0e:d0:d1:c6:50:18:09:7f:2b:4d:
8d:01:4c:1d:61:a7:bd:50:a8:88:93:ea:b5:43:f1:
34:bc:0a:5f:b3:97:a3:8b:f6:ea:60:15:e5:07:ca:
41:21:79:ee:7a:4b:f9:d8:84:eb:63:7b:91:96:b5:
e3:27:7d:06:ce:59:00:3f:bf:86:85:b6:73:bc:79:
15:bb:65:e1:ed:19:e7:38:88:5e:c3:d9:be:2b:f2:
6f:ba:80:a7:a2:b3:57:00:fa:55:5a:d0:30:d3:8b:
8a:80:43:62:1d:df:ae:7e:43:5e:31:b7:39:8e:10:
be:9e:55:af:d1:2d:58:82:8a:a5:af:1e:aa:21:ce:
7f:94:65:23:a8:5c:9a:d6:a7:5c:49:bd:70:5f:e7:
d8:9a:08:5b:12:58:a3:fd:89:5f:5f:fa:ad:b2:a2:
d7:31:10:c7:61:49:c8:b4:94:17:98:99:8f:be:0f:
5b:f2:45:e1:dd:49:a8:6c:8f:51:9a:73:20:b2:ea:
49:2d:f7:66:6e:13:82:51:9b:89:28:75:35:46:b7:
3d:8f:6e:92:fc:ae:b7:70:6a:18:56:3a:62:57:18:
75:2c:f7:cd:44:29:ef:1b:e8:0a:ce:37:da:30:04:
26:40:9e:ad:b0:7e:87:b2:54:47:99:dc:88:40:2a:
f8:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:F9:E7:C8:8E:BE:09:89:3D:50:1B:7B:52:90:95:C7:D1:B5:85:B6
X509v3 Authority Key Identifier:
keyid:2B:19:53:71:B4:CF:70:B8:8E:77:3E:1B:80:7C:B2:39:16:32:38:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KxlTcbTPcLiOdz4bgHyyORYyOFs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/6541b4-7424-4758-bd32-5e4041d93008/1/KxlTcbTPcLiOdz4bgHyyORYyOFs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/6541b4-7424-4758-bd32-5e4041d93008/1/KxlTcbTPcLiOdz4bgHyyORYyOFs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
78:27:2e:07:71:0c:9c:c1:68:d4:88:dd:7c:23:07:bc:e6:18:
47:2f:6f:72:16:d7:dd:cb:d4:57:51:6c:b8:5d:45:5a:bf:97:
b1:e1:4d:9f:87:32:6f:86:ad:a2:7d:de:fc:96:ce:42:1d:e1:
2e:64:51:97:d2:ae:0e:d1:9b:15:17:cf:b7:26:12:6f:4a:a8:
54:c4:ad:9e:9e:8c:5a:b9:4f:0e:96:a7:f3:13:92:22:19:96:
d7:9d:57:01:0c:50:ab:06:07:5e:76:47:33:f6:7a:2c:80:c0:
92:3f:2b:12:8a:03:6a:41:1f:22:d1:ad:6f:98:60:6c:dc:1a:
d0:93:48:16:c7:5c:b1:8b:9d:f3:07:ca:77:0d:66:49:f1:4e:
ff:a4:6d:46:c4:d6:df:27:5a:d8:7f:44:50:14:48:73:ec:94:
8b:94:7b:4c:83:20:8b:bd:db:75:c5:14:3a:25:10:a9:59:67:
eb:78:a8:54:e2:53:4d:64:af:17:cd:3f:00:f6:a0:9b:15:a5:
a3:65:fe:ea:42:99:1c:c3:82:5a:14:4b:ea:19:45:74:b0:9d:
29:37:17:d6:a1:0f:1c:7d:bc:8d:68:6c:2c:62:a8:21:3d:f7:
4c:d8:c0:84:0f:69:67:11:ba:d5:48:8e:b6:b9:c5:8d:14:91:
0b:b5:e3:51
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyr2SUP0ZBqhQe1BMPjwmnpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiMTk1MzcxYjRjZjcwYjg4ZTc3M2UxYjgwN2NiMjM5MTYz
MjM4NWIwHhcNMjYwMzAyMDAwMTAwWhcNMjYwMzAzMDAwMTAwWjAzMTEwLwYDVQQD
EyhjMmY5ZTdjODhlYmUwOTg5M2Q1MDFiN2I1MjkwOTVjN2QxYjU4NWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtt8JAA7Q0cZQGAl/K02NAUwdYae9
UKiIk+q1Q/E0vApfs5eji/bqYBXlB8pBIXnuekv52ITrY3uRlrXjJ30GzlkAP7+G
hbZzvHkVu2Xh7RnnOIhew9m+K/JvuoCnorNXAPpVWtAw04uKgENiHd+ufkNeMbc5
jhC+nlWv0S1Ygoqlrx6qIc5/lGUjqFya1qdcSb1wX+fYmghbElij/YlfX/qtsqLX
MRDHYUnItJQXmJmPvg9b8kXh3UmobI9RmnMgsupJLfdmbhOCUZuJKHU1Rrc9j26S
/K63cGoYVjpiVxh1LPfNRCnvG+gKzjfaMAQmQJ6tsH6HslRHmdyIQCr4pwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFML558iOvgmJPVAbe1KQlcfRtYW2MB8GA1UdIwQY
MBaAFCsZU3G0z3C4jnc+G4B8sjkWMjhbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3hsVGNiVFBjTGlPZHo0YmdIeXlPUll5T0ZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS82NTQxYjQtNzQyNC00NzU4LWJkMzIt
NWU0MDQxZDkzMDA4LzEvS3hsVGNiVFBjTGlPZHo0YmdIeXlPUll5T0ZzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS82NTQxYjQtNzQyNC00NzU4LWJkMzItNWU0MDQxZDkzMDA4
LzEvS3hsVGNiVFBjTGlPZHo0YmdIeXlPUll5T0ZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeCcuB3EM
nMFo1IjdfCMHvOYYRy9vchbX3cvUV1FsuF1FWr+XseFNn4cyb4aton3e/JbOQh3h
LmRRl9KuDtGbFRfPtyYSb0qoVMStnp6MWrlPDpan8xOSIhmW151XAQxQqwYHXnZH
M/Z6LIDAkj8rEooDakEfItGtb5hgbNwa0JNIFsdcsYud8wfKdw1mSfFO/6RtRsTW
3yda2H9EUBRIc+yUi5R7TIMgi73bdcUUOiUQqVln63ioVOJTTWSvF80/APagmxWl
o2X+6kKZHMOCWhRL6hlFdLCdKTcX1qEPHH28jWhsLGKoIT33TNjAhA9pZxG61UiO
trnFjRSRC7XjUQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 10:39:04 2026 by rpki-client