Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/34e53f-6759-4cf5-9801-5d630e203fd5/1/kaEXOnDkH0WTVHZpraIvDX9o81Q.mft
File: kaEXOnDkH0WTVHZpraIvDX9o81Q.mft (raw, json)
Hash identifier: FVe4EDU+psyDpMJRR9ZA0YHwRmW2hr9ng7b28yWV0Nk=
Subject key identifier: DA:28:42:BE:09:7A:7E:EF:C3:B3:5F:20:86:D6:9C:8A:F4:86:ED:36
Authority key identifier: 91:A1:17:3A:70:E4:1F:45:93:54:76:69:AD:A2:2F:0D:7F:68:F3:54
Certificate issuer: /CN=91a1173a70e41f4593547669ada22f0d7f68f354
Certificate serial: 019D2AE1083249109DAE0AFF9EAC36A332C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kaEXOnDkH0WTVHZpraIvDX9o81Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/34e53f-6759-4cf5-9801-5d630e203fd5/1/kaEXOnDkH0WTVHZpraIvDX9o81Q.mft
Manifest number: 188A
Signing time: Thu 26 Mar 2026 16:01:23 +0000
Manifest this update: Thu 26 Mar 2026 16:01:23 +0000
Manifest next update: Fri 27 Mar 2026 16:01:23 +0000
Files and hashes: 1: EZMelYnsyxsc7u1d-UmuOELSVGA.roa (hash: fiCJAdZiRwTzbxllvOptWzW5kDS3kt1J0JiXeIKn0tM=)
2: kaEXOnDkH0WTVHZpraIvDX9o81Q.crl (hash: n7bJgUelxx+HymjJQRO94REDzGRd5g4nnpYilbTjWlI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/34e53f-6759-4cf5-9801-5d630e203fd5/1/kaEXOnDkH0WTVHZpraIvDX9o81Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/34e53f-6759-4cf5-9801-5d630e203fd5/1/kaEXOnDkH0WTVHZpraIvDX9o81Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/kaEXOnDkH0WTVHZpraIvDX9o81Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 16:01:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:2a:e1:08:32:49:10:9d:ae:0a:ff:9e:ac:36:a3:32:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91a1173a70e41f4593547669ada22f0d7f68f354
Validity
Not Before: Mar 26 16:01:23 2026 GMT
Not After : Mar 27 16:01:23 2026 GMT
Subject: CN=da2842be097a7eefc3b35f2086d69c8af486ed36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:61:23:74:fe:8b:4d:e6:2c:64:5d:dc:c4:dd:
d5:e7:a9:97:2b:32:13:c7:4e:b9:8e:41:d6:22:89:
a4:f8:e1:b7:47:79:1f:25:28:fe:6f:2a:a9:c5:7c:
40:ec:80:75:e3:a3:63:d4:b9:9a:6b:2c:a7:09:ed:
e1:6f:30:10:07:ec:8f:34:1c:a9:cc:48:a4:e3:36:
80:aa:c0:f0:54:e2:2e:5b:91:5d:83:95:df:4d:97:
28:b9:a0:07:a6:5c:02:b8:8a:8a:83:e8:85:22:29:
08:88:69:a1:ca:9c:5b:d9:53:d2:cf:ff:81:92:53:
e3:aa:7f:1b:20:97:a1:6a:38:58:58:2c:78:60:c2:
dc:aa:cb:76:d6:2f:bd:6b:29:c6:e3:55:19:60:2b:
7d:a8:29:a8:46:14:a1:7c:d6:47:8e:e4:33:6c:43:
c5:3d:90:19:81:db:ed:1c:fa:67:c4:b3:fc:5c:20:
dc:89:1d:bb:5f:61:10:9e:7d:11:ad:a3:33:db:41:
06:23:07:8c:8a:48:64:f1:a4:ec:8e:6e:7e:5a:19:
6d:af:fc:c0:a1:36:ce:44:4b:66:a4:81:32:32:18:
c2:fb:71:e0:7b:b8:da:c2:25:55:2b:a3:4f:6e:cf:
7e:cc:69:8c:00:5f:64:2c:f6:43:80:ce:11:19:42:
27:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:28:42:BE:09:7A:7E:EF:C3:B3:5F:20:86:D6:9C:8A:F4:86:ED:36
X509v3 Authority Key Identifier:
keyid:91:A1:17:3A:70:E4:1F:45:93:54:76:69:AD:A2:2F:0D:7F:68:F3:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kaEXOnDkH0WTVHZpraIvDX9o81Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/34e53f-6759-4cf5-9801-5d630e203fd5/1/kaEXOnDkH0WTVHZpraIvDX9o81Q.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/34e53f-6759-4cf5-9801-5d630e203fd5/1/kaEXOnDkH0WTVHZpraIvDX9o81Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1f:f0:3e:8a:66:2e:4f:08:d5:2e:95:80:e4:86:0c:ae:0c:fd:
49:a2:fa:41:12:4e:e4:9b:47:36:78:43:cd:87:e5:03:cf:b7:
9e:58:bb:aa:f1:eb:a4:e3:5d:25:78:62:94:1e:9f:e2:71:4d:
ce:67:16:a4:3c:8a:4c:f6:b4:52:45:9c:a6:dd:13:42:ca:66:
8f:83:b2:f7:4c:9c:7e:8a:17:58:65:48:ba:dd:93:3f:b5:c4:
97:5f:c1:7b:3b:b9:6a:d0:ce:3c:c5:ff:9e:a8:0c:ff:76:9b:
b1:12:16:eb:c3:17:62:1e:40:e3:7c:0e:e7:7d:eb:34:cc:96:
13:bd:66:8e:13:60:c1:de:f3:0f:10:26:6c:ea:af:d0:4a:c6:
38:79:c6:0e:ee:ef:f3:30:41:f2:4f:b4:0f:4b:49:05:9a:74:
a7:d0:6b:40:ac:9c:18:f3:ba:0c:b3:91:f4:61:a0:15:2f:4b:
17:e0:62:56:69:99:30:f2:93:d3:db:78:fb:d6:f6:d4:a7:27:
cc:79:a5:f9:05:d1:59:67:83:ca:85:cd:45:ec:a7:7c:22:5a:
6e:1e:d6:48:68:2a:b6:1e:fa:cf:79:96:66:54:e3:68:bb:f4:
96:ee:0e:64:68:f5:ce:f7:4a:42:6c:2f:60:9f:52:cd:99:82:
d3:b4:d5:ad
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0q4QgySRCdrgr/nqw2ozLDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxYTExNzNhNzBlNDFmNDU5MzU0NzY2OWFkYTIyZjBkN2Y2
OGYzNTQwHhcNMjYwMzI2MTYwMTIzWhcNMjYwMzI3MTYwMTIzWjAzMTEwLwYDVQQD
EyhkYTI4NDJiZTA5N2E3ZWVmYzNiMzVmMjA4NmQ2OWM4YWY0ODZlZDM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxmEjdP6LTeYsZF3cxN3V56mXKzIT
x065jkHWIomk+OG3R3kfJSj+byqpxXxA7IB146Nj1LmaayynCe3hbzAQB+yPNByp
zEik4zaAqsDwVOIuW5Fdg5XfTZcouaAHplwCuIqKg+iFIikIiGmhypxb2VPSz/+B
klPjqn8bIJehajhYWCx4YMLcqst21i+9aynG41UZYCt9qCmoRhShfNZHjuQzbEPF
PZAZgdvtHPpnxLP8XCDciR27X2EQnn0RraMz20EGIweMikhk8aTsjm5+Whltr/zA
oTbOREtmpIEyMhjC+3Hge7jawiVVK6NPbs9+zGmMAF9kLPZDgM4RGUInWQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNooQr4Jen7vw7NfIIbWnIr0hu02MB8GA1UdIwQY
MBaAFJGhFzpw5B9Fk1R2aa2iLw1/aPNUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2FFWE9uRGtIMFdUVkhacHJhSXZEWDlvODFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi8zNGU1M2YtNjc1OS00Y2Y1LTk4MDEt
NWQ2MzBlMjAzZmQ1LzEva2FFWE9uRGtIMFdUVkhacHJhSXZEWDlvODFRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi8zNGU1M2YtNjc1OS00Y2Y1LTk4MDEtNWQ2MzBlMjAzZmQ1
LzEva2FFWE9uRGtIMFdUVkhacHJhSXZEWDlvODFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAH/A+imYu
TwjVLpWA5IYMrgz9SaL6QRJO5JtHNnhDzYflA8+3nli7qvHrpONdJXhilB6f4nFN
zmcWpDyKTPa0UkWcpt0TQspmj4Oy90ycfooXWGVIut2TP7XEl1/Bezu5atDOPMX/
nqgM/3absRIW68MXYh5A43wO533rNMyWE71mjhNgwd7zDxAmbOqv0ErGOHnGDu7v
8zBB8k+0D0tJBZp0p9BrQKycGPO6DLOR9GGgFS9LF+BiVmmZMPKT09t4+9b21Kcn
zHml+QXRWWeDyoXNReynfCJabh7WSGgqth76z3mWZlTjaLv0lu4OZGj1zvdKQmwv
YJ9SzZmC07TVrQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 22:40:31 2026 by rpki-client