Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/122ff4-c4a7-4698-879f-ecab70ef32da/1/mK9kDIIO61-8kigcYRRPEae9cH4.mft
File: mK9kDIIO61-8kigcYRRPEae9cH4.mft (raw, json)
Hash identifier: H5lqWPmHNALW2R15HOFD/E2/EUTp7W23vC3YX6LjDHQ=
Subject key identifier: 2D:F7:2E:39:0E:34:8C:43:C5:EC:AF:C2:3D:EB:E0:D6:BA:09:90:30
Authority key identifier: 98:AF:64:0C:82:0E:EB:5F:BC:92:28:1C:61:14:4F:11:A7:BD:70:7E
Certificate issuer: /CN=98af640c820eeb5fbc92281c61144f11a7bd707e
Certificate serial: 019D2696007CCEBBE1871A723EDCE7F2C0F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mK9kDIIO61-8kigcYRRPEae9cH4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/122ff4-c4a7-4698-879f-ecab70ef32da/1/mK9kDIIO61-8kigcYRRPEae9cH4.mft
Manifest number: 05DD
Signing time: Wed 25 Mar 2026 20:00:57 +0000
Manifest this update: Wed 25 Mar 2026 20:00:57 +0000
Manifest next update: Thu 26 Mar 2026 20:00:57 +0000
Files and hashes: 1: L314PIS9EZuLIllvbYG4hWHPUco.roa (hash: oCRJ7CpfVca9XR76mJtqFGhJ4HnpliA09q5+Ns2Ex/4=)
2: mK9kDIIO61-8kigcYRRPEae9cH4.crl (hash: cASD1T4ZcDLfwS23Zd3E+TnwuGBOGyytJGU5onhN3QI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1a/122ff4-c4a7-4698-879f-ecab70ef32da/1/mK9kDIIO61-8kigcYRRPEae9cH4.crl
rsync://rpki.ripe.net/repository/DEFAULT/1a/122ff4-c4a7-4698-879f-ecab70ef32da/1/mK9kDIIO61-8kigcYRRPEae9cH4.mft
rsync://rpki.ripe.net/repository/DEFAULT/mK9kDIIO61-8kigcYRRPEae9cH4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:26:96:00:7c:ce:bb:e1:87:1a:72:3e:dc:e7:f2:c0:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=98af640c820eeb5fbc92281c61144f11a7bd707e
Validity
Not Before: Mar 25 20:00:57 2026 GMT
Not After : Mar 26 20:00:57 2026 GMT
Subject: CN=2df72e390e348c43c5ecafc23debe0d6ba099030
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:d9:5b:7c:6e:3c:33:99:40:4b:bf:a5:03:cc:
62:ad:e9:11:53:1c:5e:93:f9:02:94:d7:88:95:d1:
6a:24:9f:3a:0b:2d:c8:46:76:f0:63:b3:6b:89:c5:
5d:e7:45:78:f8:23:06:f8:02:67:98:38:aa:32:b6:
8d:45:6e:46:4a:c3:6e:8a:bc:ec:a7:c5:d9:42:18:
b6:2d:05:ad:92:44:ff:b4:1f:46:db:f7:76:bf:3e:
37:b6:e6:b4:30:73:d6:c8:31:da:4d:23:f5:23:09:
be:cc:6b:3a:40:13:ea:6c:b1:da:82:9e:30:7b:9f:
b7:ed:75:d3:f1:51:aa:b5:97:7e:e6:21:5b:3d:28:
25:2b:05:b5:27:03:af:46:11:07:d9:f2:0f:ac:66:
65:9e:67:c4:fd:dc:a3:42:78:10:34:c5:bd:f8:98:
6f:18:d8:c2:c2:c4:86:d7:de:3d:e6:5b:f9:0c:0f:
e5:8e:c1:5d:86:4e:99:44:16:3e:c2:63:73:94:6f:
44:83:30:71:df:48:fc:89:68:d8:56:a5:54:cf:a5:
8f:d0:92:5e:27:80:73:f9:9c:c0:61:d5:a7:3a:87:
04:de:e2:ab:85:0d:c4:95:17:e8:76:a0:dd:6f:db:
0b:80:fd:1e:74:a3:c0:78:49:da:36:72:cd:05:1c:
39:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:F7:2E:39:0E:34:8C:43:C5:EC:AF:C2:3D:EB:E0:D6:BA:09:90:30
X509v3 Authority Key Identifier:
keyid:98:AF:64:0C:82:0E:EB:5F:BC:92:28:1C:61:14:4F:11:A7:BD:70:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mK9kDIIO61-8kigcYRRPEae9cH4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/122ff4-c4a7-4698-879f-ecab70ef32da/1/mK9kDIIO61-8kigcYRRPEae9cH4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/122ff4-c4a7-4698-879f-ecab70ef32da/1/mK9kDIIO61-8kigcYRRPEae9cH4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
55:ef:45:05:af:b4:81:4e:be:d8:2a:51:6d:be:0b:9f:05:89:
33:f3:6c:ab:28:94:4c:f2:d4:82:42:66:31:38:84:c6:52:0f:
04:e6:03:0e:f8:fa:d3:9a:86:91:19:9c:90:7c:9f:1b:9a:3a:
fd:13:c8:5d:6c:7b:ed:67:91:42:d6:a4:80:17:73:1d:9e:e0:
a4:a0:e2:ce:12:2d:de:69:b1:39:7b:26:d6:35:ad:f0:0b:5c:
be:a2:f6:99:ca:3f:ad:c8:27:be:2c:06:e5:ed:21:1e:13:10:
f1:b2:50:22:9b:f0:64:f2:a0:22:fb:37:a7:f0:b2:7a:b0:0a:
c5:81:3f:66:da:64:a0:b7:08:3c:6a:4c:15:ca:05:ef:50:1b:
8e:68:77:8c:d0:cf:10:d2:b6:c4:f6:fd:2f:35:31:b0:e3:f9:
5a:9a:ec:79:1f:f4:35:bc:bb:b4:57:ee:f2:4b:27:9d:5f:f3:
92:9d:9c:10:da:a1:3f:86:cb:36:b0:bb:10:9d:cd:33:29:a9:
d9:0d:f3:7d:e5:5b:8a:7b:2c:23:bc:4d:a8:61:36:04:ca:40:
07:25:2d:b2:eb:cb:3c:f6:0c:c9:25:5a:2d:a0:f9:84:bc:ca:
31:fd:c3:1a:77:1e:63:94:24:cf:19:e4:de:e4:bd:ee:36:9b:
59:2a:d1:37
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mlgB8zrvhhxpyPtzn8sD1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4YWY2NDBjODIwZWViNWZiYzkyMjgxYzYxMTQ0ZjExYTdi
ZDcwN2UwHhcNMjYwMzI1MjAwMDU3WhcNMjYwMzI2MjAwMDU3WjAzMTEwLwYDVQQD
EygyZGY3MmUzOTBlMzQ4YzQzYzVlY2FmYzIzZGViZTBkNmJhMDk5MDMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqtlbfG48M5lAS7+lA8xirekRUxxe
k/kClNeIldFqJJ86Cy3IRnbwY7NricVd50V4+CMG+AJnmDiqMraNRW5GSsNuirzs
p8XZQhi2LQWtkkT/tB9G2/d2vz43tua0MHPWyDHaTSP1Iwm+zGs6QBPqbLHagp4w
e5+37XXT8VGqtZd+5iFbPSglKwW1JwOvRhEH2fIPrGZlnmfE/dyjQngQNMW9+Jhv
GNjCwsSG19495lv5DA/ljsFdhk6ZRBY+wmNzlG9EgzBx30j8iWjYVqVUz6WP0JJe
J4Bz+ZzAYdWnOocE3uKrhQ3ElRfodqDdb9sLgP0edKPAeEnaNnLNBRw5MwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC33LjkONIxDxeyvwj3r4Na6CZAwMB8GA1UdIwQY
MBaAFJivZAyCDutfvJIoHGEUTxGnvXB+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUs5a0RJSU82MS04a2lnY1lSUlBFYWU5Y0g0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS8xMjJmZjQtYzRhNy00Njk4LTg3OWYt
ZWNhYjcwZWYzMmRhLzEvbUs5a0RJSU82MS04a2lnY1lSUlBFYWU5Y0g0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS8xMjJmZjQtYzRhNy00Njk4LTg3OWYtZWNhYjcwZWYzMmRh
LzEvbUs5a0RJSU82MS04a2lnY1lSUlBFYWU5Y0g0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVe9FBa+0
gU6+2CpRbb4LnwWJM/NsqyiUTPLUgkJmMTiExlIPBOYDDvj605qGkRmckHyfG5o6
/RPIXWx77WeRQtakgBdzHZ7gpKDizhIt3mmxOXsm1jWt8AtcvqL2mco/rcgnviwG
5e0hHhMQ8bJQIpvwZPKgIvs3p/CyerAKxYE/ZtpkoLcIPGpMFcoF71Abjmh3jNDP
ENK2xPb9LzUxsOP5WprseR/0Nby7tFfu8ksnnV/zkp2cENqhP4bLNrC7EJ3NMymp
2Q3zfeVbinssI7xNqGE2BMpAByUtsuvLPPYMySVaLaD5hLzKMf3DGnceY5Qkzxnk
3uS97jabWSrRNw==
-----END CERTIFICATE-----
Generated at Thu Mar 26 02:29:47 2026 by rpki-client