Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/e71d21-a360-4579-81a0-bcca26fc8945/1/_kFOohqRFtLN-PXALQhnOvpXaJM.mft
File: _kFOohqRFtLN-PXALQhnOvpXaJM.mft (raw, json)
Hash identifier: 8+1VJ/Y71qdg7hWNUe0t1eq2OBZ5fG+xanAxCJWUAMo=
Subject key identifier: 93:69:73:CA:E8:17:22:AF:72:F0:39:7C:8E:80:27:0D:EC:90:54:17
Authority key identifier: FE:41:4E:A2:1A:91:16:D2:CD:F8:F5:C0:2D:08:67:3A:FA:57:68:93
Certificate issuer: /CN=fe414ea21a9116d2cdf8f5c02d08673afa576893
Certificate serial: 019D2628A4767FAFA0E438A20A3736E53310
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_kFOohqRFtLN-PXALQhnOvpXaJM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/e71d21-a360-4579-81a0-bcca26fc8945/1/_kFOohqRFtLN-PXALQhnOvpXaJM.mft
Manifest number: 0621
Signing time: Wed 25 Mar 2026 18:01:30 +0000
Manifest this update: Wed 25 Mar 2026 18:01:30 +0000
Manifest next update: Thu 26 Mar 2026 18:01:30 +0000
Files and hashes: 1: CvfDNt_o3V9Xyed6qs_Km7x3Pic.roa (hash: vJACC0uKZmQi+4OgqVZ0iCIi7einYP0jPPi7IU1FuY4=)
2: _kFOohqRFtLN-PXALQhnOvpXaJM.crl (hash: x7meVWbfi4Vc2aO3gkwQM05Lf2I7kQCpwKdxAl/wUrE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/e71d21-a360-4579-81a0-bcca26fc8945/1/_kFOohqRFtLN-PXALQhnOvpXaJM.crl
rsync://rpki.ripe.net/repository/DEFAULT/64/e71d21-a360-4579-81a0-bcca26fc8945/1/_kFOohqRFtLN-PXALQhnOvpXaJM.mft
rsync://rpki.ripe.net/repository/DEFAULT/_kFOohqRFtLN-PXALQhnOvpXaJM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:26:28:a4:76:7f:af:a0:e4:38:a2:0a:37:36:e5:33:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe414ea21a9116d2cdf8f5c02d08673afa576893
Validity
Not Before: Mar 25 18:01:30 2026 GMT
Not After : Mar 26 18:01:30 2026 GMT
Subject: CN=936973cae81722af72f0397c8e80270dec905417
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:dd:0d:bc:e2:7c:e5:51:78:42:a6:a5:a0:be:
5f:e2:68:80:45:2b:48:a8:03:6c:0d:7a:b4:07:0f:
31:d8:bf:0a:70:af:89:fa:a9:1e:00:be:f4:c1:83:
01:3d:68:09:1c:3a:08:8e:2f:a8:46:97:ed:fa:72:
2e:09:89:c0:9f:0d:39:e5:70:d7:54:ed:f0:e3:b1:
4c:4d:e7:10:9a:0f:0e:18:29:b8:07:8f:70:30:71:
f5:12:be:92:8d:a0:e7:20:4c:d8:61:2c:00:33:fc:
fe:44:28:40:1d:c2:7c:b3:15:a7:5d:d6:7f:78:4a:
e9:1f:d3:06:0c:42:3a:a3:30:cf:9d:02:7d:5a:a4:
74:48:b0:bc:ab:9f:51:d6:31:c9:1e:9e:90:2e:e0:
95:b9:8b:5a:c6:63:56:a6:a3:46:92:e2:b1:38:eb:
c4:59:e5:d9:7c:45:a6:23:6b:72:f6:5a:d5:e3:a0:
c9:c5:dd:85:d5:6a:1d:ac:7c:be:82:c5:3d:c7:97:
4b:0e:38:71:e1:f3:76:8f:9b:0b:ff:08:4d:41:13:
b7:8b:85:49:38:4b:c7:db:35:97:0c:54:c3:c0:56:
e5:19:00:74:82:31:74:ac:76:78:3d:72:c9:22:7e:
08:cc:d7:7b:43:b2:43:99:21:7a:05:0b:35:5a:ff:
da:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:69:73:CA:E8:17:22:AF:72:F0:39:7C:8E:80:27:0D:EC:90:54:17
X509v3 Authority Key Identifier:
keyid:FE:41:4E:A2:1A:91:16:D2:CD:F8:F5:C0:2D:08:67:3A:FA:57:68:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_kFOohqRFtLN-PXALQhnOvpXaJM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/e71d21-a360-4579-81a0-bcca26fc8945/1/_kFOohqRFtLN-PXALQhnOvpXaJM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/e71d21-a360-4579-81a0-bcca26fc8945/1/_kFOohqRFtLN-PXALQhnOvpXaJM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
34:fc:fb:f7:e6:8e:da:42:f3:78:c8:ea:57:b9:4b:bf:0f:af:
1b:22:6f:f7:94:aa:13:90:31:fd:3f:87:ad:52:59:96:cf:0a:
30:58:8a:91:df:d4:96:94:77:11:f3:f9:7e:2b:2a:60:37:94:
23:c3:d6:04:af:a3:5d:40:dc:ee:e6:5c:17:a0:f9:29:3f:a7:
2b:40:d1:15:41:aa:4b:c0:16:11:f2:40:82:a0:bb:07:6e:b2:
9a:52:73:b4:7b:fe:c0:f2:64:50:de:34:78:55:20:ae:b8:2d:
68:4a:a4:1c:cf:f1:f2:eb:da:a8:0f:1c:0e:24:04:db:c1:8c:
bf:de:f2:83:36:bc:09:cb:58:a3:cf:45:40:a5:3b:84:9a:06:
22:ab:53:3b:52:3c:bf:e5:27:06:ae:77:63:58:d0:ab:7d:c1:
9d:c8:17:87:23:88:37:8c:61:de:55:96:bc:a9:45:c4:3f:fa:
b4:c7:62:51:34:16:71:cb:74:ae:e3:83:23:06:f7:84:0e:c5:
1e:00:d0:51:b2:91:d0:b3:ec:4b:c7:ea:20:c1:4e:7e:8d:7f:
a9:a9:ad:75:61:79:f1:a5:6a:2c:f9:f5:e4:3f:da:a6:0e:3f:
15:7a:56:81:39:45:41:f9:06:78:56:d6:df:72:77:21:ca:c1:
21:98:7e:a6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mKKR2f6+g5DiiCjc25TMQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNDE0ZWEyMWE5MTE2ZDJjZGY4ZjVjMDJkMDg2NzNhZmE1
NzY4OTMwHhcNMjYwMzI1MTgwMTMwWhcNMjYwMzI2MTgwMTMwWjAzMTEwLwYDVQQD
Eyg5MzY5NzNjYWU4MTcyMmFmNzJmMDM5N2M4ZTgwMjcwZGVjOTA1NDE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsd0NvOJ85VF4QqaloL5f4miARStI
qANsDXq0Bw8x2L8KcK+J+qkeAL70wYMBPWgJHDoIji+oRpft+nIuCYnAnw055XDX
VO3w47FMTecQmg8OGCm4B49wMHH1Er6SjaDnIEzYYSwAM/z+RChAHcJ8sxWnXdZ/
eErpH9MGDEI6ozDPnQJ9WqR0SLC8q59R1jHJHp6QLuCVuYtaxmNWpqNGkuKxOOvE
WeXZfEWmI2ty9lrV46DJxd2F1WodrHy+gsU9x5dLDjhx4fN2j5sL/whNQRO3i4VJ
OEvH2zWXDFTDwFblGQB0gjF0rHZ4PXLJIn4IzNd7Q7JDmSF6BQs1Wv/aFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJNpc8roFyKvcvA5fI6AJw3skFQXMB8GA1UdIwQY
MBaAFP5BTqIakRbSzfj1wC0IZzr6V2iTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2tGT29ocVJGdExOLVBYQUxRaG5PdnBYYUpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9lNzFkMjEtYTM2MC00NTc5LTgxYTAt
YmNjYTI2ZmM4OTQ1LzEvX2tGT29ocVJGdExOLVBYQUxRaG5PdnBYYUpNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9lNzFkMjEtYTM2MC00NTc5LTgxYTAtYmNjYTI2ZmM4OTQ1
LzEvX2tGT29ocVJGdExOLVBYQUxRaG5PdnBYYUpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANPz79+aO
2kLzeMjqV7lLvw+vGyJv95SqE5Ax/T+HrVJZls8KMFiKkd/UlpR3EfP5fisqYDeU
I8PWBK+jXUDc7uZcF6D5KT+nK0DRFUGqS8AWEfJAgqC7B26ymlJztHv+wPJkUN40
eFUgrrgtaEqkHM/x8uvaqA8cDiQE28GMv97ygza8CctYo89FQKU7hJoGIqtTO1I8
v+UnBq53Y1jQq33BncgXhyOIN4xh3lWWvKlFxD/6tMdiUTQWcct0ruODIwb3hA7F
HgDQUbKR0LPsS8fqIMFOfo1/qamtdWF58aVqLPn15D/apg4/FXpWgTlFQfkGeFbW
33J3IcrBIZh+pg==
-----END CERTIFICATE-----
Generated at Thu Mar 26 02:06:20 2026 by rpki-client