Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/a264a8-a666-4c87-851c-ada24ef310ca/1/rKKhlS5xiUSkBDSg6-__2iv-7V8.mft
File: rKKhlS5xiUSkBDSg6-__2iv-7V8.mft (raw, json)
Hash identifier: Dw+p+MdgS2zoRKZaqBBhfqLtqk51wn11y3dK0OII63M=
Subject key identifier: DB:80:32:87:99:3C:B5:07:9F:02:2E:33:89:C7:3D:02:05:2A:5C:30
Authority key identifier: AC:A2:A1:95:2E:71:89:44:A4:04:34:A0:EB:EF:FF:DA:2B:FE:ED:5F
Certificate issuer: /CN=aca2a1952e718944a40434a0ebefffda2bfeed5f
Certificate serial: 019D28164426620135714A64A803E876C781
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rKKhlS5xiUSkBDSg6-__2iv-7V8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/a264a8-a666-4c87-851c-ada24ef310ca/1/rKKhlS5xiUSkBDSg6-__2iv-7V8.mft
Manifest number: 1544
Signing time: Thu 26 Mar 2026 03:00:40 +0000
Manifest this update: Thu 26 Mar 2026 03:00:40 +0000
Manifest next update: Fri 27 Mar 2026 03:00:40 +0000
Files and hashes: 1: qtM2kctXnuJchmGpZkBYifDuRYk.roa (hash: ZfaEZVb7iupk65U466u1KICKWagoC63beOYY7AuNp38=)
2: rKKhlS5xiUSkBDSg6-__2iv-7V8.crl (hash: +I+8ZjYzbbJv8zhCF9dF27PxJkmXzW91KJ3+46uFFms=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/68/a264a8-a666-4c87-851c-ada24ef310ca/1/rKKhlS5xiUSkBDSg6-__2iv-7V8.crl
rsync://rpki.ripe.net/repository/DEFAULT/68/a264a8-a666-4c87-851c-ada24ef310ca/1/rKKhlS5xiUSkBDSg6-__2iv-7V8.mft
rsync://rpki.ripe.net/repository/DEFAULT/rKKhlS5xiUSkBDSg6-__2iv-7V8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:28:16:44:26:62:01:35:71:4a:64:a8:03:e8:76:c7:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aca2a1952e718944a40434a0ebefffda2bfeed5f
Validity
Not Before: Mar 26 03:00:40 2026 GMT
Not After : Mar 27 03:00:40 2026 GMT
Subject: CN=db803287993cb5079f022e3389c73d02052a5c30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:38:c7:77:bf:5c:2e:28:2d:ad:a8:17:90:94:
85:32:1e:9e:e0:93:50:fe:f5:8a:2b:c2:0c:24:d2:
f2:57:ec:0a:ef:a2:db:68:8a:96:3e:d3:5e:de:cd:
e4:e8:81:37:3e:b1:f1:28:72:de:89:03:2a:7b:86:
07:2a:36:40:44:5c:9f:be:4c:5f:9f:8b:22:30:93:
eb:a8:67:8d:70:94:93:ac:42:1d:5e:b1:66:11:50:
b5:8f:10:24:b9:ff:c6:3e:15:05:c7:ed:92:c5:2b:
65:fe:36:4a:ff:94:2a:3f:2c:bf:3b:b8:f0:13:91:
38:36:85:41:a7:c3:aa:2f:7f:d5:7a:5f:eb:24:8e:
95:8a:c8:aa:dc:b1:d4:f3:32:79:a9:f8:5b:e3:5d:
8c:cb:36:d5:41:b3:f1:53:72:e0:4a:10:ad:c9:ff:
0d:0d:61:36:51:7b:e5:9a:9e:21:9a:32:24:e2:03:
96:7d:98:73:d0:a7:8e:64:af:6e:37:db:45:0f:4c:
8a:73:a8:bc:c2:76:62:d7:4d:44:ca:7f:94:b3:ff:
7c:1b:2c:84:99:09:c4:f0:53:78:86:22:ac:f4:b6:
0a:d1:51:5b:88:a7:0c:8f:37:62:58:5c:b2:e7:79:
48:cb:e3:84:aa:95:0b:5e:99:83:39:b5:f4:d4:3a:
4c:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:80:32:87:99:3C:B5:07:9F:02:2E:33:89:C7:3D:02:05:2A:5C:30
X509v3 Authority Key Identifier:
keyid:AC:A2:A1:95:2E:71:89:44:A4:04:34:A0:EB:EF:FF:DA:2B:FE:ED:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rKKhlS5xiUSkBDSg6-__2iv-7V8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/a264a8-a666-4c87-851c-ada24ef310ca/1/rKKhlS5xiUSkBDSg6-__2iv-7V8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/a264a8-a666-4c87-851c-ada24ef310ca/1/rKKhlS5xiUSkBDSg6-__2iv-7V8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
26:1f:86:4b:6b:6b:d6:52:04:4f:10:84:90:e5:f2:e4:c1:07:
4d:e3:0d:a0:51:8a:11:e9:3d:c3:5f:d9:fa:97:b2:0c:6b:48:
af:87:ee:9a:86:69:25:dd:c5:7b:1a:32:bc:0a:cd:a5:81:3d:
24:b0:35:47:d0:f8:42:2b:0d:17:c7:b8:f8:94:f3:d7:06:50:
aa:ca:26:45:a7:3b:28:49:b6:c1:76:38:b5:83:97:d2:04:15:
cd:46:ca:21:d0:56:3f:b0:90:eb:34:7f:89:33:bb:29:57:8a:
6d:9a:c5:0f:74:10:97:a3:f2:9b:51:80:9e:c4:9a:90:bb:88:
3e:4e:d6:89:35:96:c8:d8:f7:4d:17:62:f2:ca:fe:39:38:b4:
e0:05:14:02:be:0a:60:c1:76:f9:65:08:f5:f0:57:aa:3e:9a:
70:c7:b8:41:7b:54:a1:55:0d:bd:4a:1e:b0:41:79:92:94:45:
82:23:6c:83:ae:aa:56:02:d6:62:8b:96:97:50:07:5a:bf:32:
65:76:37:92:1c:67:bc:fa:c3:ac:b4:ed:51:d9:b3:32:91:cd:
8e:5e:a9:45:5e:f2:c4:dd:7c:d9:60:c5:5a:71:42:44:3a:27:
f3:1a:f6:72:aa:32:d8:55:38:91:73:8b:83:0f:a3:03:6f:88:
b0:ad:d3:af
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0oFkQmYgE1cUpkqAPodseBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjYTJhMTk1MmU3MTg5NDRhNDA0MzRhMGViZWZmZmRhMmJm
ZWVkNWYwHhcNMjYwMzI2MDMwMDQwWhcNMjYwMzI3MDMwMDQwWjAzMTEwLwYDVQQD
EyhkYjgwMzI4Nzk5M2NiNTA3OWYwMjJlMzM4OWM3M2QwMjA1MmE1YzMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnDjHd79cLigtragXkJSFMh6e4JNQ
/vWKK8IMJNLyV+wK76LbaIqWPtNe3s3k6IE3PrHxKHLeiQMqe4YHKjZARFyfvkxf
n4siMJPrqGeNcJSTrEIdXrFmEVC1jxAkuf/GPhUFx+2SxStl/jZK/5QqPyy/O7jw
E5E4NoVBp8OqL3/Vel/rJI6Visiq3LHU8zJ5qfhb412MyzbVQbPxU3LgShCtyf8N
DWE2UXvlmp4hmjIk4gOWfZhz0KeOZK9uN9tFD0yKc6i8wnZi101Eyn+Us/98GyyE
mQnE8FN4hiKs9LYK0VFbiKcMjzdiWFyy53lIy+OEqpULXpmDObX01DpMXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNuAMoeZPLUHnwIuM4nHPQIFKlwwMB8GA1UdIwQY
MBaAFKyioZUucYlEpAQ0oOvv/9or/u1fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcktLaGxTNXhpVVNrQkRTZzYtX18yaXYtN1Y4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC9hMjY0YTgtYTY2Ni00Yzg3LTg1MWMt
YWRhMjRlZjMxMGNhLzEvcktLaGxTNXhpVVNrQkRTZzYtX18yaXYtN1Y4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC9hMjY0YTgtYTY2Ni00Yzg3LTg1MWMtYWRhMjRlZjMxMGNh
LzEvcktLaGxTNXhpVVNrQkRTZzYtX18yaXYtN1Y4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJh+GS2tr
1lIETxCEkOXy5MEHTeMNoFGKEek9w1/Z+peyDGtIr4fumoZpJd3FexoyvArNpYE9
JLA1R9D4QisNF8e4+JTz1wZQqsomRac7KEm2wXY4tYOX0gQVzUbKIdBWP7CQ6zR/
iTO7KVeKbZrFD3QQl6Pym1GAnsSakLuIPk7WiTWWyNj3TRdi8sr+OTi04AUUAr4K
YMF2+WUI9fBXqj6acMe4QXtUoVUNvUoesEF5kpRFgiNsg66qVgLWYouWl1AHWr8y
ZXY3khxnvPrDrLTtUdmzMpHNjl6pRV7yxN182WDFWnFCRDon8xr2cqoy2FU4kXOL
gw+jA2+IsK3Trw==
-----END CERTIFICATE-----
Generated at Thu Mar 26 09:53:00 2026 by rpki-client