Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/688da5-d238-47ce-b2e8-890ffea8d0bc/1/kgm43V6nJYkIN4Zh8rqe-JrToLE.mft
File: kgm43V6nJYkIN4Zh8rqe-JrToLE.mft (raw, json)
Hash identifier: t3/1pveVWKHtVvi/PFi8MTipzkg97fiyaW/z8h33RsA=
Subject key identifier: 80:45:E7:D3:10:E0:E5:10:1C:11:98:45:DC:CE:53:44:7C:06:20:31
Authority key identifier: 92:09:B8:DD:5E:A7:25:89:08:37:86:61:F2:BA:9E:F8:9A:D3:A0:B1
Certificate issuer: /CN=9209b8dd5ea7258908378661f2ba9ef89ad3a0b1
Certificate serial: 019D288490CD0D4964F45FE391ADCB57D487
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kgm43V6nJYkIN4Zh8rqe-JrToLE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/688da5-d238-47ce-b2e8-890ffea8d0bc/1/kgm43V6nJYkIN4Zh8rqe-JrToLE.mft
Manifest number: 03FA
Signing time: Thu 26 Mar 2026 05:01:09 +0000
Manifest this update: Thu 26 Mar 2026 05:01:09 +0000
Manifest next update: Fri 27 Mar 2026 05:01:09 +0000
Files and hashes: 1: F6o9j4Ie6b4y0wHKIVuz_fNCXFg.roa (hash: +0BcBPAOax0BdntxWWSdx/T51z6sfm76K1uE6tYz2Uk=)
2: kgm43V6nJYkIN4Zh8rqe-JrToLE.crl (hash: 7kw5ljm/JiCksSykHyOb0TUTGtuRpATfNWkQPIodTfI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/688da5-d238-47ce-b2e8-890ffea8d0bc/1/kgm43V6nJYkIN4Zh8rqe-JrToLE.crl
rsync://rpki.ripe.net/repository/DEFAULT/a3/688da5-d238-47ce-b2e8-890ffea8d0bc/1/kgm43V6nJYkIN4Zh8rqe-JrToLE.mft
rsync://rpki.ripe.net/repository/DEFAULT/kgm43V6nJYkIN4Zh8rqe-JrToLE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:28:84:90:cd:0d:49:64:f4:5f:e3:91:ad:cb:57:d4:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9209b8dd5ea7258908378661f2ba9ef89ad3a0b1
Validity
Not Before: Mar 26 05:01:09 2026 GMT
Not After : Mar 27 05:01:09 2026 GMT
Subject: CN=8045e7d310e0e5101c119845dcce53447c062031
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:38:19:93:51:8d:f9:b9:83:76:b9:1f:65:06:
1f:22:67:d4:6f:d8:51:ec:6e:b6:e9:42:75:8f:c0:
90:54:a3:06:de:bb:8f:ee:b6:6a:de:75:c0:4f:a3:
cb:8e:89:fe:d0:de:dc:43:90:34:33:56:95:4c:d4:
87:bb:dc:9c:59:b0:63:d5:80:af:fb:bd:08:fa:c9:
9c:8e:a4:e5:d3:6b:ec:50:5e:c0:46:0c:43:ca:b3:
04:a6:d5:24:14:13:3f:81:59:e1:5c:ac:0a:ef:fa:
fb:83:60:4e:c3:9c:92:7a:c6:b5:50:2e:41:eb:6e:
20:14:33:62:6d:92:3b:4e:5d:81:f3:cb:c3:86:70:
be:02:99:31:bc:a4:90:9e:fe:22:83:74:4d:64:36:
25:89:dd:3e:9b:a5:39:d5:6d:7f:89:ca:98:ff:06:
f4:ba:51:7b:73:a4:e3:82:4e:ea:ff:f7:a6:da:7e:
28:56:69:86:51:37:16:b4:9a:ab:62:19:fb:4a:11:
ae:e1:db:c9:4f:b9:1d:6a:7b:84:be:95:1d:b2:bb:
ed:89:2e:68:50:47:f1:3f:2c:d3:c5:ba:c4:32:c2:
bc:2d:54:be:0e:49:09:5c:e1:a7:f9:42:f9:3a:31:
ed:e4:e1:4f:fb:a0:f3:19:73:c7:0f:db:3a:8f:58:
c2:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:45:E7:D3:10:E0:E5:10:1C:11:98:45:DC:CE:53:44:7C:06:20:31
X509v3 Authority Key Identifier:
keyid:92:09:B8:DD:5E:A7:25:89:08:37:86:61:F2:BA:9E:F8:9A:D3:A0:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kgm43V6nJYkIN4Zh8rqe-JrToLE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/688da5-d238-47ce-b2e8-890ffea8d0bc/1/kgm43V6nJYkIN4Zh8rqe-JrToLE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/688da5-d238-47ce-b2e8-890ffea8d0bc/1/kgm43V6nJYkIN4Zh8rqe-JrToLE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
56:7e:54:bb:2e:eb:98:36:89:ab:ad:61:df:f6:4d:84:d0:f0:
16:9a:52:9e:88:8d:96:f4:e1:5b:8c:9e:90:c8:d1:e2:36:c7:
d6:7f:1f:c1:55:fa:38:4c:77:ba:b8:86:5f:c1:6e:04:d9:f0:
59:91:8d:bc:be:40:07:7d:66:8f:2b:36:b3:37:95:92:72:16:
d5:88:ce:eb:8d:45:ac:70:2f:91:d1:90:45:24:76:c5:cc:a1:
54:7c:5a:ed:38:48:b3:6d:24:88:07:a2:81:02:3d:7c:58:c3:
46:da:9a:92:91:06:30:3c:5e:01:40:bc:1e:00:43:c1:fe:7e:
50:e9:a6:3b:08:03:75:6d:d8:87:52:ae:e9:c7:37:60:b0:b1:
f3:cd:26:a9:63:56:f1:07:7c:7b:38:fd:34:91:d1:17:93:f7:
5d:98:69:37:5f:5d:80:03:53:f7:60:83:06:f5:8a:8f:17:7a:
92:6c:8d:ca:68:e2:b9:ee:ee:06:d7:d3:35:b0:8c:e0:5e:71:
ad:95:d2:c6:ff:ca:af:b7:7c:36:9a:e5:02:0f:29:ef:f6:f1:
24:d6:cb:5a:85:7f:d3:c6:28:f1:19:ca:80:48:62:6c:67:c2:
ef:4d:3f:16:88:35:58:1a:33:19:11:80:f5:07:7c:31:a6:c5:
5f:e5:9a:ef
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ohJDNDUlk9F/jka3LV9SHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMDliOGRkNWVhNzI1ODkwODM3ODY2MWYyYmE5ZWY4OWFk
M2EwYjEwHhcNMjYwMzI2MDUwMTA5WhcNMjYwMzI3MDUwMTA5WjAzMTEwLwYDVQQD
Eyg4MDQ1ZTdkMzEwZTBlNTEwMWMxMTk4NDVkY2NlNTM0NDdjMDYyMDMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5zgZk1GN+bmDdrkfZQYfImfUb9hR
7G626UJ1j8CQVKMG3ruP7rZq3nXAT6PLjon+0N7cQ5A0M1aVTNSHu9ycWbBj1YCv
+70I+smcjqTl02vsUF7ARgxDyrMEptUkFBM/gVnhXKwK7/r7g2BOw5ySesa1UC5B
624gFDNibZI7Tl2B88vDhnC+ApkxvKSQnv4ig3RNZDYlid0+m6U51W1/icqY/wb0
ulF7c6Tjgk7q//em2n4oVmmGUTcWtJqrYhn7ShGu4dvJT7kdanuEvpUdsrvtiS5o
UEfxPyzTxbrEMsK8LVS+DkkJXOGn+UL5OjHt5OFP+6DzGXPHD9s6j1jCbQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIBF59MQ4OUQHBGYRdzOU0R8BiAxMB8GA1UdIwQY
MBaAFJIJuN1epyWJCDeGYfK6nvia06CxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2dtNDNWNm5KWWtJTjRaaDhycWUtSnJUb0xFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy82ODhkYTUtZDIzOC00N2NlLWIyZTgt
ODkwZmZlYThkMGJjLzEva2dtNDNWNm5KWWtJTjRaaDhycWUtSnJUb0xFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy82ODhkYTUtZDIzOC00N2NlLWIyZTgtODkwZmZlYThkMGJj
LzEva2dtNDNWNm5KWWtJTjRaaDhycWUtSnJUb0xFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVn5Uuy7r
mDaJq61h3/ZNhNDwFppSnoiNlvThW4yekMjR4jbH1n8fwVX6OEx3uriGX8FuBNnw
WZGNvL5AB31mjys2szeVknIW1YjO641FrHAvkdGQRSR2xcyhVHxa7ThIs20kiAei
gQI9fFjDRtqakpEGMDxeAUC8HgBDwf5+UOmmOwgDdW3Yh1Ku6cc3YLCx880mqWNW
8Qd8ezj9NJHRF5P3XZhpN19dgANT92CDBvWKjxd6kmyNymjiue7uBtfTNbCM4F5x
rZXSxv/Kr7d8NprlAg8p7/bxJNbLWoV/08Yo8RnKgEhibGfC700/Fog1WBozGRGA
9Qd8MabFX+Wa7w==
-----END CERTIFICATE-----
Generated at Thu Mar 26 09:07:59 2026 by rpki-client