Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/ed0654-724c-4e90-81ff-99f5cb7a3ca5/1/KiGxq-eH4lRkOR-tYdAOPzdrmM8.mft
File: KiGxq-eH4lRkOR-tYdAOPzdrmM8.mft (raw, json)
Hash identifier: 59SNNOf5cS2uD1AyRg2AuGtyqvj2gVCD/yJgOLjflF0=
Subject key identifier: E6:08:1E:19:29:56:2A:E9:50:67:75:23:82:C7:68:AA:65:93:C7:7B
Authority key identifier: 2A:21:B1:AB:E7:87:E2:54:64:39:1F:AD:61:D0:0E:3F:37:6B:98:CF
Certificate issuer: /CN=2a21b1abe787e25464391fad61d00e3f376b98cf
Certificate serial: 019D273AF0878EA54EE3C6FD9893A037BED3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KiGxq-eH4lRkOR-tYdAOPzdrmM8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/ed0654-724c-4e90-81ff-99f5cb7a3ca5/1/KiGxq-eH4lRkOR-tYdAOPzdrmM8.mft
Manifest number: 0DA2
Signing time: Wed 25 Mar 2026 23:01:07 +0000
Manifest this update: Wed 25 Mar 2026 23:01:07 +0000
Manifest next update: Thu 26 Mar 2026 23:01:07 +0000
Files and hashes: 1: CR089RdV9vYVGf4mZ93SrR3FOhs.roa (hash: 568v/GpPM88p9MXGvKjGe+TkORQEJQjb2NVPN9PNx0U=)
2: KiGxq-eH4lRkOR-tYdAOPzdrmM8.crl (hash: oeyOi/9LomWt4CiGCM52KVDwVtUWBcwrLLFaxiKm25Y=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/12/ed0654-724c-4e90-81ff-99f5cb7a3ca5/1/KiGxq-eH4lRkOR-tYdAOPzdrmM8.crl
rsync://rpki.ripe.net/repository/DEFAULT/12/ed0654-724c-4e90-81ff-99f5cb7a3ca5/1/KiGxq-eH4lRkOR-tYdAOPzdrmM8.mft
rsync://rpki.ripe.net/repository/DEFAULT/KiGxq-eH4lRkOR-tYdAOPzdrmM8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 23:01:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:27:3a:f0:87:8e:a5:4e:e3:c6:fd:98:93:a0:37:be:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a21b1abe787e25464391fad61d00e3f376b98cf
Validity
Not Before: Mar 25 23:01:07 2026 GMT
Not After : Mar 26 23:01:07 2026 GMT
Subject: CN=e6081e1929562ae95067752382c768aa6593c77b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:b2:a0:4b:f6:d7:a4:d5:d0:dc:bb:b5:ce:da:
e6:8d:6b:94:5b:c7:e2:3c:d1:73:46:27:fc:f3:a8:
c0:41:36:ea:21:9e:35:a3:a5:21:33:9d:44:aa:30:
17:e8:85:80:b4:40:77:04:6c:fa:bf:dc:30:40:25:
43:f8:45:d5:1b:4e:e3:95:7d:d4:14:18:aa:ab:89:
cd:60:9f:06:54:ed:09:c6:c7:f0:61:ee:70:65:91:
bd:60:20:a2:ea:99:3c:81:37:aa:b8:bb:e7:4f:28:
21:8a:29:a5:fc:25:1a:82:77:9f:d2:45:89:2a:7e:
a7:85:f4:07:05:67:ee:1c:dc:14:d5:1e:35:08:34:
c2:5e:79:61:b4:8c:06:c0:2a:f3:d0:ec:0a:17:52:
00:c3:88:90:bb:9b:db:f0:81:c2:e2:da:99:82:55:
b5:ab:41:b1:4a:1f:bd:1a:b8:3b:a3:e7:60:6b:ed:
31:d6:7d:8b:ae:e6:f3:17:8f:71:5f:db:77:5f:d7:
67:d3:05:91:e3:5a:db:de:08:5b:4e:19:40:71:93:
f2:1f:03:c8:a1:7e:5a:76:6e:b4:0c:9e:d7:45:90:
e2:a2:a8:60:e1:53:d8:82:01:4d:48:aa:f1:77:85:
0f:58:98:12:13:bc:6b:e3:6f:70:7c:b5:bf:07:31:
6c:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:08:1E:19:29:56:2A:E9:50:67:75:23:82:C7:68:AA:65:93:C7:7B
X509v3 Authority Key Identifier:
keyid:2A:21:B1:AB:E7:87:E2:54:64:39:1F:AD:61:D0:0E:3F:37:6B:98:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KiGxq-eH4lRkOR-tYdAOPzdrmM8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/ed0654-724c-4e90-81ff-99f5cb7a3ca5/1/KiGxq-eH4lRkOR-tYdAOPzdrmM8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/ed0654-724c-4e90-81ff-99f5cb7a3ca5/1/KiGxq-eH4lRkOR-tYdAOPzdrmM8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
59:bf:97:cd:dc:94:d3:31:c7:87:a2:17:e2:8e:57:c2:b6:a9:
e2:d6:c6:f2:9b:70:1c:2d:de:70:7d:84:b8:30:39:51:5a:81:
2f:92:d4:7b:94:c7:02:a5:ff:07:15:95:9f:0f:df:a3:fe:c5:
cc:26:9e:36:b4:fe:e5:7d:da:43:2a:0e:b8:10:9c:60:7d:44:
38:4c:22:61:77:99:a0:40:8a:f7:fd:a9:66:7b:3b:3a:e7:6c:
b0:e1:e0:0d:62:3d:11:c4:c6:ce:52:dc:95:31:b6:6d:7e:24:
48:24:29:83:28:25:c1:83:ca:fb:37:09:f7:67:ef:ee:65:d4:
9d:1e:a9:d7:f6:65:ad:43:9c:49:2a:2c:49:8e:2b:c5:f2:2b:
3e:8c:1d:74:37:99:f2:bb:f8:30:2b:bc:fb:e6:4f:ab:3e:f8:
ab:bc:09:5d:67:7c:e9:7e:c9:65:81:da:b3:96:b8:1c:1c:08:
87:f3:ab:23:f4:4d:b0:a0:e1:6f:56:67:a0:9b:f2:32:01:62:
ea:56:21:0f:bb:c0:52:48:29:29:70:2c:12:7b:02:f1:dd:ec:
59:a2:dc:44:82:eb:da:f6:a2:f5:a1:6e:c3:85:19:9f:c6:c4:
cb:ff:70:f1:38:a7:96:1b:90:47:33:43:91:16:1a:fb:ae:db:
cb:4a:98:16
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nOvCHjqVO48b9mJOgN77TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhMjFiMWFiZTc4N2UyNTQ2NDM5MWZhZDYxZDAwZTNmMzc2
Yjk4Y2YwHhcNMjYwMzI1MjMwMTA3WhcNMjYwMzI2MjMwMTA3WjAzMTEwLwYDVQQD
EyhlNjA4MWUxOTI5NTYyYWU5NTA2Nzc1MjM4MmM3NjhhYTY1OTNjNzdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA77KgS/bXpNXQ3Lu1ztrmjWuUW8fi
PNFzRif886jAQTbqIZ41o6UhM51EqjAX6IWAtEB3BGz6v9wwQCVD+EXVG07jlX3U
FBiqq4nNYJ8GVO0JxsfwYe5wZZG9YCCi6pk8gTequLvnTyghiiml/CUagnef0kWJ
Kn6nhfQHBWfuHNwU1R41CDTCXnlhtIwGwCrz0OwKF1IAw4iQu5vb8IHC4tqZglW1
q0GxSh+9Grg7o+dga+0x1n2LrubzF49xX9t3X9dn0wWR41rb3ghbThlAcZPyHwPI
oX5adm60DJ7XRZDioqhg4VPYggFNSKrxd4UPWJgSE7xr429wfLW/BzFsIwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOYIHhkpVirpUGd1I4LHaKplk8d7MB8GA1UdIwQY
MBaAFCohsavnh+JUZDkfrWHQDj83a5jPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2lHeHEtZUg0bFJrT1ItdFlkQU9QemRybU04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9lZDA2NTQtNzI0Yy00ZTkwLTgxZmYt
OTlmNWNiN2EzY2E1LzEvS2lHeHEtZUg0bFJrT1ItdFlkQU9QemRybU04Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9lZDA2NTQtNzI0Yy00ZTkwLTgxZmYtOTlmNWNiN2EzY2E1
LzEvS2lHeHEtZUg0bFJrT1ItdFlkQU9QemRybU04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWb+XzdyU
0zHHh6IX4o5Xwrap4tbG8ptwHC3ecH2EuDA5UVqBL5LUe5THAqX/BxWVnw/fo/7F
zCaeNrT+5X3aQyoOuBCcYH1EOEwiYXeZoECK9/2pZns7OudssOHgDWI9EcTGzlLc
lTG2bX4kSCQpgyglwYPK+zcJ92fv7mXUnR6p1/ZlrUOcSSosSY4rxfIrPowddDeZ
8rv4MCu8++ZPqz74q7wJXWd86X7JZYHas5a4HBwIh/OrI/RNsKDhb1ZnoJvyMgFi
6lYhD7vAUkgpKXAsEnsC8d3sWaLcRILr2vai9aFuw4UZn8bEy/9w8TinlhuQRzND
kRYa+67by0qYFg==
-----END CERTIFICATE-----
Generated at Thu Mar 26 04:59:10 2026 by rpki-client