Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/e6632b-1fbf-496f-b355-1536fc78385d/1/KMtfP7lXJRqtS6CdC6tzUrdLsH0.mft
File: KMtfP7lXJRqtS6CdC6tzUrdLsH0.mft (raw, json)
Hash identifier: nLWAjN6ADgXzXU6mSNCempp9VkGNYDMCl1SvGX2CqNk=
Subject key identifier: A6:BA:44:27:B5:06:EF:A3:F5:A4:7B:38:C1:1B:9F:C9:60:87:AA:82
Authority key identifier: 28:CB:5F:3F:B9:57:25:1A:AD:4B:A0:9D:0B:AB:73:52:B7:4B:B0:7D
Certificate issuer: /CN=28cb5f3fb957251aad4ba09d0bab7352b74bb07d
Certificate serial: 019D25F14975B215267AC20E9E1454ECFDF1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KMtfP7lXJRqtS6CdC6tzUrdLsH0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/e6632b-1fbf-496f-b355-1536fc78385d/1/KMtfP7lXJRqtS6CdC6tzUrdLsH0.mft
Manifest number: 0D6C
Signing time: Wed 25 Mar 2026 17:01:03 +0000
Manifest this update: Wed 25 Mar 2026 17:01:03 +0000
Manifest next update: Thu 26 Mar 2026 17:01:03 +0000
Files and hashes: 1: 0d0jGfKX-gxJysHLosjRpYlTW5Q.roa (hash: CvfYQwzjI8vLt2H1NJc+s052pBAhojbFkOv6NxHUB/E=)
2: KMtfP7lXJRqtS6CdC6tzUrdLsH0.crl (hash: pSYdMwogL/uymwyBhQlTKJSZSauSTdOwoptWLwnpnqk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e7/e6632b-1fbf-496f-b355-1536fc78385d/1/KMtfP7lXJRqtS6CdC6tzUrdLsH0.crl
rsync://rpki.ripe.net/repository/DEFAULT/e7/e6632b-1fbf-496f-b355-1536fc78385d/1/KMtfP7lXJRqtS6CdC6tzUrdLsH0.mft
rsync://rpki.ripe.net/repository/DEFAULT/KMtfP7lXJRqtS6CdC6tzUrdLsH0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 17:01:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:25:f1:49:75:b2:15:26:7a:c2:0e:9e:14:54:ec:fd:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28cb5f3fb957251aad4ba09d0bab7352b74bb07d
Validity
Not Before: Mar 25 17:01:03 2026 GMT
Not After : Mar 26 17:01:03 2026 GMT
Subject: CN=a6ba4427b506efa3f5a47b38c11b9fc96087aa82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:47:09:d8:d1:2e:7e:ec:5b:dd:8d:22:76:97:
70:79:dc:08:1c:a7:7b:71:91:e7:f0:13:18:ad:e0:
35:a5:08:15:92:48:73:bb:57:b7:06:a8:c9:7a:eb:
ca:74:16:0b:76:e1:47:b4:c4:97:76:54:e9:dc:4b:
38:5f:6a:c1:81:8d:f3:26:69:33:95:fc:26:e9:9e:
8b:65:2d:34:eb:a5:04:77:7d:5a:2a:c5:1d:18:00:
95:cf:9f:66:0b:04:cb:d2:aa:1b:f4:23:e6:37:44:
1b:da:dc:80:94:fb:61:a1:15:9c:b2:9e:60:10:25:
48:14:b5:2d:1d:3b:94:a5:28:80:60:cb:19:fe:00:
d7:bc:71:65:a9:92:92:dc:97:94:2a:ed:5b:54:a2:
cd:60:89:41:ff:22:10:11:ba:6f:01:f2:c7:0b:04:
e9:31:98:fb:36:91:7a:7c:e1:ac:11:f9:ec:c9:98:
6f:10:03:df:48:f1:35:92:67:0e:9b:72:36:c2:70:
d3:1c:13:3a:ad:82:bc:71:c3:4d:11:15:f6:79:03:
df:99:91:fd:1d:92:6b:81:0c:27:56:46:b3:a8:0e:
c8:1c:2f:f5:c0:f7:cc:7b:54:2c:d4:7a:19:19:16:
b7:4c:c8:e2:bf:42:fe:39:b2:cd:4b:b8:2f:8f:06:
5a:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:BA:44:27:B5:06:EF:A3:F5:A4:7B:38:C1:1B:9F:C9:60:87:AA:82
X509v3 Authority Key Identifier:
keyid:28:CB:5F:3F:B9:57:25:1A:AD:4B:A0:9D:0B:AB:73:52:B7:4B:B0:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KMtfP7lXJRqtS6CdC6tzUrdLsH0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/e6632b-1fbf-496f-b355-1536fc78385d/1/KMtfP7lXJRqtS6CdC6tzUrdLsH0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/e6632b-1fbf-496f-b355-1536fc78385d/1/KMtfP7lXJRqtS6CdC6tzUrdLsH0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
c0:e6:5f:8e:e8:c4:57:fd:a6:ec:b6:a2:75:3b:98:bd:23:01:
e7:4e:f4:c5:19:6b:ec:b4:fb:be:53:a7:4a:d6:f9:7f:af:1b:
53:ba:cd:74:d2:1d:0d:b1:a5:81:0c:ec:b9:09:fa:5e:b3:6d:
94:ff:ee:74:9b:1a:5f:cc:b2:12:58:25:eb:c3:23:81:d0:ab:
3b:82:e9:b4:6e:e0:df:5a:28:54:f6:7c:d6:b6:04:27:fe:47:
54:e4:d6:10:85:47:36:03:fd:51:9f:6f:28:9a:f7:74:97:b0:
91:a2:70:c7:24:46:a3:de:05:1c:a1:10:8e:86:5e:30:04:7f:
8a:02:76:91:ea:3f:23:ba:ee:40:69:67:fb:e2:e0:0b:4f:29:
9b:01:96:d9:d2:c4:9a:ee:ea:6a:70:8b:08:c0:c7:f0:bc:3b:
f5:56:1d:af:76:65:8d:df:c4:12:b4:54:e3:bd:59:d2:f1:23:
76:4b:42:2a:16:d8:e6:bd:5d:81:57:d4:1c:ee:85:03:04:92:
5b:60:7e:71:c2:c4:3a:c7:3b:18:6f:f1:c0:f5:ef:4c:41:90:
c4:c6:de:b2:3f:bc:9c:d6:60:aa:24:58:9d:37:45:f0:48:e2:
e9:ec:cf:af:46:13:3c:04:04:60:28:51:19:1d:9a:5b:44:7a:
48:a2:4e:0d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0l8Ul1shUmesIOnhRU7P3xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4Y2I1ZjNmYjk1NzI1MWFhZDRiYTA5ZDBiYWI3MzUyYjc0
YmIwN2QwHhcNMjYwMzI1MTcwMTAzWhcNMjYwMzI2MTcwMTAzWjAzMTEwLwYDVQQD
EyhhNmJhNDQyN2I1MDZlZmEzZjVhNDdiMzhjMTFiOWZjOTYwODdhYTgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnkcJ2NEufuxb3Y0idpdwedwIHKd7
cZHn8BMYreA1pQgVkkhzu1e3BqjJeuvKdBYLduFHtMSXdlTp3Es4X2rBgY3zJmkz
lfwm6Z6LZS0066UEd31aKsUdGACVz59mCwTL0qob9CPmN0Qb2tyAlPthoRWcsp5g
ECVIFLUtHTuUpSiAYMsZ/gDXvHFlqZKS3JeUKu1bVKLNYIlB/yIQEbpvAfLHCwTp
MZj7NpF6fOGsEfnsyZhvEAPfSPE1kmcOm3I2wnDTHBM6rYK8ccNNERX2eQPfmZH9
HZJrgQwnVkazqA7IHC/1wPfMe1Qs1HoZGRa3TMjiv0L+ObLNS7gvjwZaRQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKa6RCe1Bu+j9aR7OMEbn8lgh6qCMB8GA1UdIwQY
MBaAFCjLXz+5VyUarUugnQurc1K3S7B9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS010ZlA3bFhKUnF0UzZDZEM2dHpVcmRMc0gwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9lNjYzMmItMWZiZi00OTZmLWIzNTUt
MTUzNmZjNzgzODVkLzEvS010ZlA3bFhKUnF0UzZDZEM2dHpVcmRMc0gwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9lNjYzMmItMWZiZi00OTZmLWIzNTUtMTUzNmZjNzgzODVk
LzEvS010ZlA3bFhKUnF0UzZDZEM2dHpVcmRMc0gwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwOZfjujE
V/2m7LaidTuYvSMB5070xRlr7LT7vlOnStb5f68bU7rNdNIdDbGlgQzsuQn6XrNt
lP/udJsaX8yyElgl68MjgdCrO4LptG7g31ooVPZ81rYEJ/5HVOTWEIVHNgP9UZ9v
KJr3dJewkaJwxyRGo94FHKEQjoZeMAR/igJ2keo/I7ruQGln++LgC08pmwGW2dLE
mu7qanCLCMDH8Lw79VYdr3Zljd/EErRU471Z0vEjdktCKhbY5r1dgVfUHO6FAwSS
W2B+ccLEOsc7GG/xwPXvTEGQxMbesj+8nNZgqiRYnTdF8Eji6ezPr0YTPAQEYChR
GR2aW0R6SKJODQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 05:00:02 2026 by rpki-client