Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/10346e-1504-43dd-ab28-66858bc8eb77/1/KqJOWBL8wxBrnrCusA5ie6I10FY.mft
File: KqJOWBL8wxBrnrCusA5ie6I10FY.mft (raw, json)
Hash identifier: NAKU/QIlXVV/+l8LU7LokDk6jVJN6nIPlBKIiVzy4bw=
Subject key identifier: 28:68:C4:8F:76:E5:BF:20:A6:1F:25:8F:5D:A7:CB:9D:6C:AA:0E:28
Authority key identifier: 2A:A2:4E:58:12:FC:C3:10:6B:9E:B0:AE:B0:0E:62:7B:A2:35:D0:56
Certificate issuer: /CN=2aa24e5812fcc3106b9eb0aeb00e627ba235d056
Certificate serial: 019D2695EFF91A8BDC0B636E4F4C32A86684
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KqJOWBL8wxBrnrCusA5ie6I10FY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/10346e-1504-43dd-ab28-66858bc8eb77/1/KqJOWBL8wxBrnrCusA5ie6I10FY.mft
Manifest number: 0B1A
Signing time: Wed 25 Mar 2026 20:00:53 +0000
Manifest this update: Wed 25 Mar 2026 20:00:53 +0000
Manifest next update: Thu 26 Mar 2026 20:00:53 +0000
Files and hashes: 1: KqJOWBL8wxBrnrCusA5ie6I10FY.crl (hash: 38iia7IfmtLUM2dSSXLUwDNu3slWIImAZCu+N9MGnF0=)
2: yXEtTJb7Q9QNq9QwBOpKF1Og1mg.roa (hash: DbsY9yqJmKOSdLO9tL/m8Sp1oKJbQqdJXvqChVz5qJw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/10346e-1504-43dd-ab28-66858bc8eb77/1/KqJOWBL8wxBrnrCusA5ie6I10FY.crl
rsync://rpki.ripe.net/repository/DEFAULT/86/10346e-1504-43dd-ab28-66858bc8eb77/1/KqJOWBL8wxBrnrCusA5ie6I10FY.mft
rsync://rpki.ripe.net/repository/DEFAULT/KqJOWBL8wxBrnrCusA5ie6I10FY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:26:95:ef:f9:1a:8b:dc:0b:63:6e:4f:4c:32:a8:66:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2aa24e5812fcc3106b9eb0aeb00e627ba235d056
Validity
Not Before: Mar 25 20:00:53 2026 GMT
Not After : Mar 26 20:00:53 2026 GMT
Subject: CN=2868c48f76e5bf20a61f258f5da7cb9d6caa0e28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:c1:5e:fc:9a:64:fc:52:35:a9:d1:c8:7b:49:
95:bf:2a:f1:08:0c:83:d1:19:0a:55:5a:22:e5:f1:
c4:f5:f7:fe:93:27:51:17:8f:7b:64:33:26:31:cf:
67:19:15:e7:81:da:13:fc:8d:5e:16:50:d7:71:71:
85:64:57:ad:0e:0f:01:3f:b9:f3:e3:77:ea:5a:00:
26:28:14:2a:88:aa:37:84:10:5b:b2:5c:bf:cb:9d:
57:97:a3:bf:55:12:85:e6:a4:aa:b9:f2:d0:dd:c1:
17:10:bf:d1:97:fa:b6:62:d9:dd:ec:a7:83:97:0b:
4a:31:19:14:f3:02:91:0f:f9:58:1b:fa:8f:c4:47:
c4:a9:20:0f:57:ea:ba:a2:c1:40:b1:11:8e:45:ca:
27:7d:e6:ea:b8:f4:25:dd:29:a8:dc:c9:71:8a:42:
0c:11:a9:4e:ea:7b:20:c0:e4:9a:bf:38:ac:ee:99:
67:e0:d3:2e:2b:91:63:8b:35:63:20:55:0c:66:7d:
6c:e7:4c:12:b2:b3:1c:cf:ee:7a:f9:02:bc:69:f7:
d3:4e:08:0f:e6:6e:0e:e7:72:32:3c:2d:40:49:52:
80:8e:df:c7:75:c5:73:03:18:a6:5f:ed:f8:7f:7d:
33:38:d5:fe:2b:1b:da:2e:06:a5:4a:a2:9d:f8:d0:
2f:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:68:C4:8F:76:E5:BF:20:A6:1F:25:8F:5D:A7:CB:9D:6C:AA:0E:28
X509v3 Authority Key Identifier:
keyid:2A:A2:4E:58:12:FC:C3:10:6B:9E:B0:AE:B0:0E:62:7B:A2:35:D0:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KqJOWBL8wxBrnrCusA5ie6I10FY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/10346e-1504-43dd-ab28-66858bc8eb77/1/KqJOWBL8wxBrnrCusA5ie6I10FY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/10346e-1504-43dd-ab28-66858bc8eb77/1/KqJOWBL8wxBrnrCusA5ie6I10FY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3c:e9:34:16:b7:8e:6f:ac:cc:19:a3:65:78:68:8d:84:1d:d9:
1e:55:be:5a:da:07:88:ce:bb:30:ba:a1:b8:de:60:b0:b7:59:
8f:3d:1d:55:b7:c1:68:55:94:8c:13:f8:a5:8c:4c:36:7f:75:
08:d6:9e:44:01:60:fb:63:8c:3e:e9:b0:d0:89:29:e5:e2:ef:
7f:37:9c:7f:f7:87:ce:37:7a:cc:d1:bd:ac:2b:5f:ad:47:66:
66:99:4f:97:32:39:0f:09:30:46:27:9c:7a:b3:9d:16:e6:27:
54:2a:fc:e3:cc:3a:f7:5d:7a:12:ad:09:08:f9:e9:78:67:83:
2f:8d:60:f3:77:11:db:ed:4a:29:e2:bc:fe:05:77:ed:5c:51:
fb:b0:f8:d1:07:dd:8c:95:85:4a:e5:f9:e9:e9:e8:c6:ac:1c:
e6:11:4b:80:2f:8d:11:d7:fa:1a:f7:23:52:29:8d:f8:46:6f:
ff:14:94:90:24:05:ea:b5:a7:c5:30:f5:df:ad:f5:fc:d6:c5:
a4:22:4a:8e:1b:65:2b:ae:8d:8e:b4:29:ed:55:ae:94:a1:a4:
55:cc:df:94:d1:5c:39:0f:72:92:15:f0:78:10:69:e3:5b:13:
df:76:e1:b9:7d:15:99:61:63:66:28:4a:23:83:83:f7:92:f3:
a7:dd:e6:1a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mle/5GovcC2NuT0wyqGaEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYTI0ZTU4MTJmY2MzMTA2YjllYjBhZWIwMGU2MjdiYTIz
NWQwNTYwHhcNMjYwMzI1MjAwMDUzWhcNMjYwMzI2MjAwMDUzWjAzMTEwLwYDVQQD
EygyODY4YzQ4Zjc2ZTViZjIwYTYxZjI1OGY1ZGE3Y2I5ZDZjYWEwZTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxcFe/Jpk/FI1qdHIe0mVvyrxCAyD
0RkKVVoi5fHE9ff+kydRF497ZDMmMc9nGRXngdoT/I1eFlDXcXGFZFetDg8BP7nz
43fqWgAmKBQqiKo3hBBbsly/y51Xl6O/VRKF5qSqufLQ3cEXEL/Rl/q2Ytnd7KeD
lwtKMRkU8wKRD/lYG/qPxEfEqSAPV+q6osFAsRGORconfebquPQl3Smo3MlxikIM
EalO6nsgwOSavzis7pln4NMuK5FjizVjIFUMZn1s50wSsrMcz+56+QK8affTTggP
5m4O53IyPC1ASVKAjt/HdcVzAximX+34f30zONX+KxvaLgalSqKd+NAv6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFChoxI925b8gph8lj12ny51sqg4oMB8GA1UdIwQY
MBaAFCqiTlgS/MMQa56wrrAOYnuiNdBWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3FKT1dCTDh3eEJybnJDdXNBNWllNkkxMEZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni8xMDM0NmUtMTUwNC00M2RkLWFiMjgt
NjY4NThiYzhlYjc3LzEvS3FKT1dCTDh3eEJybnJDdXNBNWllNkkxMEZZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni8xMDM0NmUtMTUwNC00M2RkLWFiMjgtNjY4NThiYzhlYjc3
LzEvS3FKT1dCTDh3eEJybnJDdXNBNWllNkkxMEZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPOk0FreO
b6zMGaNleGiNhB3ZHlW+WtoHiM67MLqhuN5gsLdZjz0dVbfBaFWUjBP4pYxMNn91
CNaeRAFg+2OMPumw0Ikp5eLvfzecf/eHzjd6zNG9rCtfrUdmZplPlzI5DwkwRiec
erOdFuYnVCr848w69116Eq0JCPnpeGeDL41g83cR2+1KKeK8/gV37VxR+7D40Qfd
jJWFSuX56enoxqwc5hFLgC+NEdf6GvcjUimN+EZv/xSUkCQF6rWnxTD13631/NbF
pCJKjhtlK66NjrQp7VWulKGkVczflNFcOQ9ykhXweBBp41sT33bhuX0VmWFjZihK
I4OD95Lzp93mGg==
-----END CERTIFICATE-----
Generated at Thu Mar 26 02:21:35 2026 by rpki-client