Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/c60f08-b24b-4dc4-a27c-fc0aa72e8ead/1/KC5DLtiL7BrRRURJYygU1DmWseA.mft
File: KC5DLtiL7BrRRURJYygU1DmWseA.mft (raw, json)
Hash identifier: 61M3JsUMgQ9ahH/zCvFgbuWG6BsJwC68TAgf2irqnS4=
Subject key identifier: 25:AB:CA:F8:38:21:31:0E:75:FA:6D:73:D7:D3:60:74:33:3B:DB:8C
Authority key identifier: 28:2E:43:2E:D8:8B:EC:1A:D1:45:44:49:63:28:14:D4:39:96:B1:E0
Certificate issuer: /CN=282e432ed88bec1ad1454449632814d43996b1e0
Certificate serial: 019D29291B0C2CB0EBD4464FA12EF6FDFB13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KC5DLtiL7BrRRURJYygU1DmWseA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/c60f08-b24b-4dc4-a27c-fc0aa72e8ead/1/KC5DLtiL7BrRRURJYygU1DmWseA.mft
Manifest number: 0EDF
Signing time: Thu 26 Mar 2026 08:00:52 +0000
Manifest this update: Thu 26 Mar 2026 08:00:52 +0000
Manifest next update: Fri 27 Mar 2026 08:00:52 +0000
Files and hashes: 1: Ej1NGALUAyZGkeedSA07ESoqQtI.roa (hash: bVGUYeTkungmGZQJc78ekhzyESu4jsfHGMMaJDPhxpU=)
2: KC5DLtiL7BrRRURJYygU1DmWseA.crl (hash: L9+VHbvXEUnD5S3eWCLTJtf58OsCI9fnjohG+oU5r0g=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f2/c60f08-b24b-4dc4-a27c-fc0aa72e8ead/1/KC5DLtiL7BrRRURJYygU1DmWseA.crl
rsync://rpki.ripe.net/repository/DEFAULT/f2/c60f08-b24b-4dc4-a27c-fc0aa72e8ead/1/KC5DLtiL7BrRRURJYygU1DmWseA.mft
rsync://rpki.ripe.net/repository/DEFAULT/KC5DLtiL7BrRRURJYygU1DmWseA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 08:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:29:29:1b:0c:2c:b0:eb:d4:46:4f:a1:2e:f6:fd:fb:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=282e432ed88bec1ad1454449632814d43996b1e0
Validity
Not Before: Mar 26 08:00:52 2026 GMT
Not After : Mar 27 08:00:52 2026 GMT
Subject: CN=25abcaf83821310e75fa6d73d7d36074333bdb8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:5c:7f:95:65:eb:7f:51:0d:cf:64:5e:ac:32:
4f:b9:a3:1a:56:f0:da:cc:6a:9a:73:11:04:ef:0a:
e8:94:fc:f9:6c:4e:f1:f7:68:a4:96:a5:d2:87:74:
fb:aa:7f:c3:2c:cd:c6:85:dd:dd:6c:e6:e9:09:69:
b7:68:83:32:02:29:c6:70:ca:17:4d:7d:8c:dd:20:
b1:32:f1:10:09:f8:a6:14:75:f7:7b:28:be:d1:e2:
e4:c1:a4:bd:08:2e:40:19:02:f7:cd:f6:8f:7b:19:
87:5a:57:b9:7d:47:d5:e9:f6:7f:fd:74:d2:c2:82:
41:04:d3:98:1b:de:48:ea:13:28:ff:61:93:a3:5c:
5b:6f:d4:6d:b2:30:13:72:77:50:47:4b:b8:72:f4:
3f:c4:b9:43:b2:b6:e0:f6:e5:b9:d5:2e:1d:1f:20:
54:6d:5c:90:62:80:9a:00:91:1f:16:fc:9a:f2:31:
2c:6d:d5:1c:34:36:71:4f:ef:f1:a9:14:da:7e:a8:
94:7c:06:b7:16:64:99:f4:4a:27:93:7d:08:24:cf:
6e:70:ba:d9:7a:6a:fe:c6:d0:3b:66:b8:fb:bd:e7:
aa:d1:0a:35:ad:91:02:32:39:44:9f:fa:98:2c:8d:
8d:0a:a8:8d:7d:1c:2e:62:78:17:3c:5d:fc:b9:ed:
c6:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:AB:CA:F8:38:21:31:0E:75:FA:6D:73:D7:D3:60:74:33:3B:DB:8C
X509v3 Authority Key Identifier:
keyid:28:2E:43:2E:D8:8B:EC:1A:D1:45:44:49:63:28:14:D4:39:96:B1:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KC5DLtiL7BrRRURJYygU1DmWseA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/c60f08-b24b-4dc4-a27c-fc0aa72e8ead/1/KC5DLtiL7BrRRURJYygU1DmWseA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/c60f08-b24b-4dc4-a27c-fc0aa72e8ead/1/KC5DLtiL7BrRRURJYygU1DmWseA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
12:0e:ac:0e:b6:b7:63:8b:57:27:8a:31:d9:52:14:a9:22:3a:
00:2b:79:7f:a5:b9:98:8b:e2:86:f0:2f:a5:15:47:34:3e:75:
a4:71:cf:51:33:a9:a9:5a:ab:b3:f2:2a:39:50:16:6b:50:e9:
4b:c4:8e:5a:11:f8:74:2a:b8:4b:dc:70:61:d6:e0:ef:c4:12:
90:69:96:d3:e0:a9:83:91:b7:c1:02:61:36:15:d1:a1:29:d3:
e6:e0:3c:40:5f:86:66:f4:67:1f:17:1e:8b:b9:a5:89:a2:59:
e7:13:52:ea:2a:1b:29:4a:18:ee:a8:0b:0e:1c:16:03:84:11:
b5:d7:1e:93:90:e1:71:e8:2c:de:01:fa:58:77:56:fc:c0:47:
cb:29:13:ea:75:4f:de:b2:7a:4e:52:e4:0c:b1:48:e3:79:c8:
7b:91:75:40:67:d5:fc:ae:ef:8f:e7:ce:29:0c:c1:6b:b0:67:
47:25:31:4b:9e:56:d9:d3:d8:2e:2e:fc:06:cf:05:00:fb:4e:
f8:b2:9d:a6:ab:5f:d7:07:dc:fa:76:14:92:09:20:c3:a5:10:
81:74:0c:a4:2b:d6:23:98:ad:b4:5c:3a:59:5d:c9:69:bb:8a:
9f:93:ae:7a:9d:ae:96:74:d8:67:a4:1b:97:6a:69:e6:8a:3c:
18:ef:84:71
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pKRsMLLDr1EZPoS72/fsTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4MmU0MzJlZDg4YmVjMWFkMTQ1NDQ0OTYzMjgxNGQ0Mzk5
NmIxZTAwHhcNMjYwMzI2MDgwMDUyWhcNMjYwMzI3MDgwMDUyWjAzMTEwLwYDVQQD
EygyNWFiY2FmODM4MjEzMTBlNzVmYTZkNzNkN2QzNjA3NDMzM2JkYjhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApVx/lWXrf1ENz2RerDJPuaMaVvDa
zGqacxEE7wrolPz5bE7x92iklqXSh3T7qn/DLM3Ghd3dbObpCWm3aIMyAinGcMoX
TX2M3SCxMvEQCfimFHX3eyi+0eLkwaS9CC5AGQL3zfaPexmHWle5fUfV6fZ//XTS
woJBBNOYG95I6hMo/2GTo1xbb9RtsjATcndQR0u4cvQ/xLlDsrbg9uW51S4dHyBU
bVyQYoCaAJEfFvya8jEsbdUcNDZxT+/xqRTafqiUfAa3FmSZ9Eonk30IJM9ucLrZ
emr+xtA7Zrj7veeq0Qo1rZECMjlEn/qYLI2NCqiNfRwuYngXPF38ue3G+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCWryvg4ITEOdfptc9fTYHQzO9uMMB8GA1UdIwQY
MBaAFCguQy7Yi+wa0UVESWMoFNQ5lrHgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0M1REx0aUw3QnJSUlVSSll5Z1UxRG1Xc2VBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi9jNjBmMDgtYjI0Yi00ZGM0LWEyN2Mt
ZmMwYWE3MmU4ZWFkLzEvS0M1REx0aUw3QnJSUlVSSll5Z1UxRG1Xc2VBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi9jNjBmMDgtYjI0Yi00ZGM0LWEyN2MtZmMwYWE3MmU4ZWFk
LzEvS0M1REx0aUw3QnJSUlVSSll5Z1UxRG1Xc2VBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEg6sDra3
Y4tXJ4ox2VIUqSI6ACt5f6W5mIvihvAvpRVHND51pHHPUTOpqVqrs/IqOVAWa1Dp
S8SOWhH4dCq4S9xwYdbg78QSkGmW0+Cpg5G3wQJhNhXRoSnT5uA8QF+GZvRnHxce
i7mliaJZ5xNS6iobKUoY7qgLDhwWA4QRtdcek5Dhcegs3gH6WHdW/MBHyykT6nVP
3rJ6TlLkDLFI43nIe5F1QGfV/K7vj+fOKQzBa7BnRyUxS55W2dPYLi78Bs8FAPtO
+LKdpqtf1wfc+nYUkgkgw6UQgXQMpCvWI5ittFw6WV3JabuKn5Ouep2ulnTYZ6Qb
l2pp5oo8GO+EcQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 17:07:51 2026 by rpki-client