Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/2d4818-f182-4b46-9e8c-0827961c05e0/1/rKbwaDzHS63SOoFAw4XxyBziTfc.mft
File: rKbwaDzHS63SOoFAw4XxyBziTfc.mft (raw, json)
Hash identifier: IJBuBDOekw4/Iqhw5IrE4d8vZFzQ+SbFSUZ3RoDg+Mc=
Subject key identifier: 96:1E:B7:B3:40:FA:19:01:EA:5B:74:76:87:F5:28:05:72:B4:6D:E0
Authority key identifier: AC:A6:F0:68:3C:C7:4B:AD:D2:3A:81:40:C3:85:F1:C8:1C:E2:4D:F7
Certificate issuer: /CN=aca6f0683cc74badd23a8140c385f1c81ce24df7
Certificate serial: 019D27044D1211AC3D74B8B2AC2C54FEADB1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rKbwaDzHS63SOoFAw4XxyBziTfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/2d4818-f182-4b46-9e8c-0827961c05e0/1/rKbwaDzHS63SOoFAw4XxyBziTfc.mft
Manifest number: 0F2F
Signing time: Wed 25 Mar 2026 22:01:26 +0000
Manifest this update: Wed 25 Mar 2026 22:01:26 +0000
Manifest next update: Thu 26 Mar 2026 22:01:26 +0000
Files and hashes: 1: Hl-oGjMEXSHh22tv7GvQWauR6Ls.roa (hash: k0kjDMHyxNG6XHvsH8YWl0QTbYb+WeHWx5ruPE+qWhs=)
2: rKbwaDzHS63SOoFAw4XxyBziTfc.crl (hash: Iq5UzxpGhfjQkSppEhxuIGamYZb5LmxR37rNyAybhv4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/31/2d4818-f182-4b46-9e8c-0827961c05e0/1/rKbwaDzHS63SOoFAw4XxyBziTfc.crl
rsync://rpki.ripe.net/repository/DEFAULT/31/2d4818-f182-4b46-9e8c-0827961c05e0/1/rKbwaDzHS63SOoFAw4XxyBziTfc.mft
rsync://rpki.ripe.net/repository/DEFAULT/rKbwaDzHS63SOoFAw4XxyBziTfc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:27:04:4d:12:11:ac:3d:74:b8:b2:ac:2c:54:fe:ad:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aca6f0683cc74badd23a8140c385f1c81ce24df7
Validity
Not Before: Mar 25 22:01:26 2026 GMT
Not After : Mar 26 22:01:26 2026 GMT
Subject: CN=961eb7b340fa1901ea5b747687f5280572b46de0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:f4:8c:39:af:a1:50:17:60:c6:82:26:dc:6d:
de:49:eb:9a:a3:3e:13:34:b0:40:ab:ab:55:89:d1:
f5:fb:47:f4:47:60:db:07:13:69:24:a6:51:30:fc:
45:69:c8:a9:e6:5b:8b:4d:50:da:8e:9f:d0:a0:ce:
54:9a:09:ee:25:5c:70:f7:ff:87:21:8f:7e:a8:91:
3b:72:0c:82:50:5d:f4:35:56:bc:2b:34:c0:b9:af:
d7:7d:1e:1f:89:2a:6c:24:2b:05:a4:6f:2b:96:ea:
b6:1b:ce:74:a2:50:2f:7e:67:66:6e:33:54:4e:e9:
9f:87:84:12:68:5c:e0:5b:e7:27:44:70:84:a8:64:
74:18:b6:56:cb:e5:aa:96:82:2f:30:a7:25:c7:1c:
fd:0c:3f:cb:e8:d9:8e:6e:d9:12:d3:3c:a5:f4:48:
b0:5e:27:23:67:22:79:ac:77:b6:26:29:03:4d:a5:
52:95:60:1a:2b:67:95:27:1c:fe:3d:7a:3f:41:7d:
eb:89:24:da:1e:bc:dd:1b:0c:a2:0d:eb:31:ac:ac:
22:cf:4f:7d:1a:a4:a9:83:97:a5:6b:e8:b3:9e:dd:
0d:72:c8:a5:bf:1d:e1:3a:0e:c6:36:e7:22:d8:cd:
7a:ca:f4:73:a1:3e:b8:e0:e0:b3:2f:72:f3:45:46:
69:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:1E:B7:B3:40:FA:19:01:EA:5B:74:76:87:F5:28:05:72:B4:6D:E0
X509v3 Authority Key Identifier:
keyid:AC:A6:F0:68:3C:C7:4B:AD:D2:3A:81:40:C3:85:F1:C8:1C:E2:4D:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rKbwaDzHS63SOoFAw4XxyBziTfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/2d4818-f182-4b46-9e8c-0827961c05e0/1/rKbwaDzHS63SOoFAw4XxyBziTfc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/2d4818-f182-4b46-9e8c-0827961c05e0/1/rKbwaDzHS63SOoFAw4XxyBziTfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
96:eb:77:65:ac:a7:ad:53:a9:fc:7b:5d:5b:e4:03:b0:1a:0b:
c9:5c:c0:ea:aa:26:7f:90:58:df:de:3a:e2:16:f5:2f:de:0f:
ab:e8:6e:7e:3a:5a:c9:f8:b7:6b:6f:22:9c:a8:2f:50:52:f6:
f4:ae:34:f9:cb:ac:91:7d:10:fc:a1:99:37:9d:4c:45:1d:15:
35:db:f0:0b:14:62:29:2d:0b:42:41:95:bb:ee:48:6d:e7:73:
2b:87:b6:d7:c1:3d:0f:06:2d:a5:08:13:a6:2f:a6:c2:93:e8:
51:08:a4:68:bd:13:46:ea:a0:60:7c:9f:1c:a6:49:89:6a:56:
d5:26:41:72:f3:2c:16:78:13:a4:ac:dc:d7:f6:af:12:62:a9:
ef:88:05:8d:f3:1e:6c:37:29:c1:78:64:0f:2b:f6:c5:a3:80:
a9:c1:73:41:b3:ad:fa:a4:09:a0:84:2b:f3:1e:b7:8c:32:c1:
2e:f0:74:97:51:a3:87:f0:7f:eb:2a:f0:76:8b:1f:89:52:ba:
b5:c3:ac:58:2f:2a:8e:59:26:c8:80:cf:1e:f7:e6:5a:10:b4:
e2:08:5a:65:55:82:d2:8a:78:bd:f1:ca:5b:4b:9a:44:c7:7f:
43:34:d7:15:86:79:18:58:21:e2:75:b2:62:4c:5b:49:fe:54:
2b:69:47:1e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBE0SEaw9dLiyrCxU/q2xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjYTZmMDY4M2NjNzRiYWRkMjNhODE0MGMzODVmMWM4MWNl
MjRkZjcwHhcNMjYwMzI1MjIwMTI2WhcNMjYwMzI2MjIwMTI2WjAzMTEwLwYDVQQD
Eyg5NjFlYjdiMzQwZmExOTAxZWE1Yjc0NzY4N2Y1MjgwNTcyYjQ2ZGUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8PSMOa+hUBdgxoIm3G3eSeuaoz4T
NLBAq6tVidH1+0f0R2DbBxNpJKZRMPxFacip5luLTVDajp/QoM5UmgnuJVxw9/+H
IY9+qJE7cgyCUF30NVa8KzTAua/XfR4fiSpsJCsFpG8rluq2G850olAvfmdmbjNU
Tumfh4QSaFzgW+cnRHCEqGR0GLZWy+WqloIvMKclxxz9DD/L6NmObtkS0zyl9Eiw
XicjZyJ5rHe2JikDTaVSlWAaK2eVJxz+PXo/QX3riSTaHrzdGwyiDesxrKwiz099
GqSpg5ela+iznt0Ncsilvx3hOg7GNuci2M16yvRzoT644OCzL3LzRUZpwQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJYet7NA+hkB6lt0dof1KAVytG3gMB8GA1UdIwQY
MBaAFKym8Gg8x0ut0jqBQMOF8cgc4k33MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcktid2FEekhTNjNTT29GQXc0WHh5QnppVGZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS8yZDQ4MTgtZjE4Mi00YjQ2LTllOGMt
MDgyNzk2MWMwNWUwLzEvcktid2FEekhTNjNTT29GQXc0WHh5QnppVGZjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS8yZDQ4MTgtZjE4Mi00YjQ2LTllOGMtMDgyNzk2MWMwNWUw
LzEvcktid2FEekhTNjNTT29GQXc0WHh5QnppVGZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlut3Zayn
rVOp/HtdW+QDsBoLyVzA6qomf5BY39464hb1L94Pq+hufjpayfi3a28inKgvUFL2
9K40+cuskX0Q/KGZN51MRR0VNdvwCxRiKS0LQkGVu+5IbedzK4e218E9DwYtpQgT
pi+mwpPoUQikaL0TRuqgYHyfHKZJiWpW1SZBcvMsFngTpKzc1/avEmKp74gFjfMe
bDcpwXhkDyv2xaOAqcFzQbOt+qQJoIQr8x63jDLBLvB0l1Gjh/B/6yrwdosfiVK6
tcOsWC8qjlkmyIDPHvfmWhC04ghaZVWC0op4vfHKW0uaRMd/QzTXFYZ5GFgh4nWy
YkxbSf5UK2lHHg==
-----END CERTIFICATE-----
Generated at Thu Mar 26 02:21:35 2026 by rpki-client