Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/ba6df7-f325-4184-a54a-0c481f0ad20e/1/KL8ecjI3QqxNgTarbI6F33ujfus.mft
File: KL8ecjI3QqxNgTarbI6F33ujfus.mft (raw, json)
Hash identifier: PeFOtBwXKrJMcO+W8Q1XfnpUgOs2EuGTmGgFbkVin9g=
Subject key identifier: 81:67:66:D8:84:03:BD:BA:C3:C6:03:AB:0A:38:68:9A:7A:4C:F1:EB
Authority key identifier: 28:BF:1E:72:32:37:42:AC:4D:81:36:AB:6C:8E:85:DF:7B:A3:7E:EB
Certificate issuer: /CN=28bf1e72323742ac4d8136ab6c8e85df7ba37eeb
Certificate serial: 019D29CDF4E79B9F13FF825B42505A6A243D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KL8ecjI3QqxNgTarbI6F33ujfus.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/ba6df7-f325-4184-a54a-0c481f0ad20e/1/KL8ecjI3QqxNgTarbI6F33ujfus.mft
Manifest number: 1889
Signing time: Thu 26 Mar 2026 11:00:56 +0000
Manifest this update: Thu 26 Mar 2026 11:00:56 +0000
Manifest next update: Fri 27 Mar 2026 11:00:56 +0000
Files and hashes: 1: KL8ecjI3QqxNgTarbI6F33ujfus.crl (hash: l+HeY50K0B57sEaaio61uyN52zdbjkq1i/XNmzWoItY=)
2: ecRzktYrFjLVxOC-GlugSTEtWK0.roa (hash: rKqBSvS82bzwCh2lS4Ae0RGYw1nfUEHFPUJO90hBbGI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/ba6df7-f325-4184-a54a-0c481f0ad20e/1/KL8ecjI3QqxNgTarbI6F33ujfus.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/ba6df7-f325-4184-a54a-0c481f0ad20e/1/KL8ecjI3QqxNgTarbI6F33ujfus.mft
rsync://rpki.ripe.net/repository/DEFAULT/KL8ecjI3QqxNgTarbI6F33ujfus.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 11:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:29:cd:f4:e7:9b:9f:13:ff:82:5b:42:50:5a:6a:24:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28bf1e72323742ac4d8136ab6c8e85df7ba37eeb
Validity
Not Before: Mar 26 11:00:56 2026 GMT
Not After : Mar 27 11:00:56 2026 GMT
Subject: CN=816766d88403bdbac3c603ab0a38689a7a4cf1eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:7a:eb:ce:d5:95:c1:4c:e6:64:29:94:51:cc:
0d:e0:07:86:5f:e9:3b:3c:80:27:59:d2:20:64:4d:
17:fe:46:a5:fb:45:54:61:cf:3e:ec:9b:0b:55:cb:
0d:0f:6b:c7:9d:16:3e:ad:e6:2b:cf:27:56:36:53:
ac:d3:3b:bd:de:ee:7f:2f:69:fa:45:b6:e2:6f:5c:
2e:94:5f:6f:58:2e:cf:65:79:f7:a7:ae:82:c4:88:
fa:9b:eb:d6:37:9d:5d:8e:33:05:01:e1:2f:25:b5:
b8:5e:04:ae:c5:ce:a9:d6:bf:91:08:4d:17:47:57:
cd:14:30:4d:f6:6f:db:36:ec:63:02:10:2d:34:47:
ad:68:4c:c1:64:f5:2c:64:e2:bf:54:e0:97:06:17:
25:18:ba:30:1d:09:fa:06:65:aa:b9:54:d3:75:c8:
59:af:a1:24:50:67:e3:28:b1:7a:09:55:61:47:b5:
50:f5:de:4e:62:6a:9c:a0:54:1b:31:09:80:0d:21:
0c:d1:62:90:7d:c4:8f:b3:9c:83:60:c6:55:51:b4:
51:d3:04:5d:2f:bd:ad:80:1c:16:a8:95:03:55:2a:
de:26:c1:c4:a3:ea:c5:c1:ca:67:5c:80:8d:3c:1e:
cb:3f:35:c0:22:a9:2f:95:28:c4:54:dc:b6:bd:08:
ab:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:67:66:D8:84:03:BD:BA:C3:C6:03:AB:0A:38:68:9A:7A:4C:F1:EB
X509v3 Authority Key Identifier:
keyid:28:BF:1E:72:32:37:42:AC:4D:81:36:AB:6C:8E:85:DF:7B:A3:7E:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KL8ecjI3QqxNgTarbI6F33ujfus.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/ba6df7-f325-4184-a54a-0c481f0ad20e/1/KL8ecjI3QqxNgTarbI6F33ujfus.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/ba6df7-f325-4184-a54a-0c481f0ad20e/1/KL8ecjI3QqxNgTarbI6F33ujfus.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9b:fc:89:6b:8a:62:1f:2e:f4:4b:3f:cc:2a:a3:f9:f8:8b:6a:
bf:d1:a2:0e:b3:2d:aa:a7:f8:d7:61:10:6d:56:00:82:da:cb:
75:e5:83:ca:66:ff:e4:d3:b6:1b:65:2c:bd:42:3e:9a:d7:9d:
27:8f:24:f0:7b:6d:ca:d5:31:9d:74:21:65:ad:9a:c1:d5:fa:
e6:91:3b:31:19:ff:6e:bd:d1:82:e6:6d:83:c7:c9:fd:50:ca:
74:ad:29:ea:10:9e:e0:36:05:b6:27:0a:ee:b3:86:1b:fd:31:
c6:8c:69:b3:d6:6e:e1:a1:7a:d8:64:d7:34:e4:0f:c4:1b:a5:
0d:59:a7:4a:23:54:d4:aa:c8:6f:68:f9:a5:c1:8d:29:c9:f7:
6a:69:53:a8:86:43:02:f2:63:1b:d7:c7:79:95:84:07:fb:1e:
ab:d1:03:26:31:fa:10:21:d9:40:92:ca:02:96:3a:d5:34:eb:
2a:1f:52:bf:25:93:04:57:72:99:16:40:cd:2d:72:79:8b:9d:
c3:dc:56:ba:b9:e4:69:38:b3:6f:3f:ba:85:1a:25:cc:ca:1b:
00:c8:3b:b2:f0:de:3d:15:db:c5:ef:a3:de:c8:71:57:39:35:
ce:b0:7a:77:72:a4:31:43:3c:f9:82:8b:77:5b:0d:ba:f6:5e:
9b:8d:67:65
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pzfTnm58T/4JbQlBaaiQ9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4YmYxZTcyMzIzNzQyYWM0ZDgxMzZhYjZjOGU4NWRmN2Jh
MzdlZWIwHhcNMjYwMzI2MTEwMDU2WhcNMjYwMzI3MTEwMDU2WjAzMTEwLwYDVQQD
Eyg4MTY3NjZkODg0MDNiZGJhYzNjNjAzYWIwYTM4Njg5YTdhNGNmMWViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArnrrztWVwUzmZCmUUcwN4AeGX+k7
PIAnWdIgZE0X/kal+0VUYc8+7JsLVcsND2vHnRY+reYrzydWNlOs0zu93u5/L2n6
Rbbib1wulF9vWC7PZXn3p66CxIj6m+vWN51djjMFAeEvJbW4XgSuxc6p1r+RCE0X
R1fNFDBN9m/bNuxjAhAtNEetaEzBZPUsZOK/VOCXBhclGLowHQn6BmWquVTTdchZ
r6EkUGfjKLF6CVVhR7VQ9d5OYmqcoFQbMQmADSEM0WKQfcSPs5yDYMZVUbRR0wRd
L72tgBwWqJUDVSreJsHEo+rFwcpnXICNPB7LPzXAIqkvlSjEVNy2vQirrQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIFnZtiEA726w8YDqwo4aJp6TPHrMB8GA1UdIwQY
MBaAFCi/HnIyN0KsTYE2q2yOhd97o37rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0w4ZWNqSTNRcXhOZ1RhcmJJNkYzM3VqZnVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9iYTZkZjctZjMyNS00MTg0LWE1NGEt
MGM0ODFmMGFkMjBlLzEvS0w4ZWNqSTNRcXhOZ1RhcmJJNkYzM3VqZnVzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9iYTZkZjctZjMyNS00MTg0LWE1NGEtMGM0ODFmMGFkMjBl
LzEvS0w4ZWNqSTNRcXhOZ1RhcmJJNkYzM3VqZnVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAm/yJa4pi
Hy70Sz/MKqP5+Itqv9GiDrMtqqf412EQbVYAgtrLdeWDymb/5NO2G2UsvUI+mted
J48k8HttytUxnXQhZa2awdX65pE7MRn/br3RguZtg8fJ/VDKdK0p6hCe4DYFticK
7rOGG/0xxoxps9Zu4aF62GTXNOQPxBulDVmnSiNU1KrIb2j5pcGNKcn3amlTqIZD
AvJjG9fHeZWEB/seq9EDJjH6ECHZQJLKApY61TTrKh9SvyWTBFdymRZAzS1yeYud
w9xWurnkaTizbz+6hRolzMobAMg7svDePRXbxe+j3shxVzk1zrB6d3KkMUM8+YKL
d1sNuvZem41nZQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 21:54:28 2026 by rpki-client