Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/a2ce64-33af-45fe-90eb-89d2611a95db/1/KMIgKkQ1N_uPsoBWehdIXxIwxBE.mft
File: KMIgKkQ1N_uPsoBWehdIXxIwxBE.mft (raw, json)
Hash identifier: 1n/XV4Y4WQN68ezkr4XkQDa+HoCwOysFvIwcfVBCDMY=
Subject key identifier: 9D:F6:E2:F7:2B:99:09:7B:91:2E:B3:1E:BD:8C:84:CC:D3:E6:A3:EA
Authority key identifier: 28:C2:20:2A:44:35:37:FB:8F:B2:80:56:7A:17:48:5F:12:30:C4:11
Certificate issuer: /CN=28c2202a443537fb8fb280567a17485f1230c411
Certificate serial: 019D3752EC586E81F9F7778E8981B4A438AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KMIgKkQ1N_uPsoBWehdIXxIwxBE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/a2ce64-33af-45fe-90eb-89d2611a95db/1/KMIgKkQ1N_uPsoBWehdIXxIwxBE.mft
Manifest number: 1892
Signing time: Sun 29 Mar 2026 02:01:14 +0000
Manifest this update: Sun 29 Mar 2026 02:01:14 +0000
Manifest next update: Mon 30 Mar 2026 02:01:14 +0000
Files and hashes: 1: KMIgKkQ1N_uPsoBWehdIXxIwxBE.crl (hash: I0i8lVoCbgq3754wyGqf7TnqK69FhbjluqxtSZjF/PM=)
2: rAXOeYyJicjxp8FzJx__Y7hlvEM.roa (hash: shr4TV48j/I82nbVkR38hVjMhfoyIR4wttCVbDSd4eg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/08/a2ce64-33af-45fe-90eb-89d2611a95db/1/KMIgKkQ1N_uPsoBWehdIXxIwxBE.crl
rsync://rpki.ripe.net/repository/DEFAULT/08/a2ce64-33af-45fe-90eb-89d2611a95db/1/KMIgKkQ1N_uPsoBWehdIXxIwxBE.mft
rsync://rpki.ripe.net/repository/DEFAULT/KMIgKkQ1N_uPsoBWehdIXxIwxBE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 02:01:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:52:ec:58:6e:81:f9:f7:77:8e:89:81:b4:a4:38:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28c2202a443537fb8fb280567a17485f1230c411
Validity
Not Before: Mar 29 02:01:14 2026 GMT
Not After : Mar 30 02:01:14 2026 GMT
Subject: CN=9df6e2f72b99097b912eb31ebd8c84ccd3e6a3ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:9e:a4:bf:47:c1:e0:71:89:c3:07:11:25:12:
33:32:97:7c:11:25:7d:c9:dd:8d:f1:de:c8:6b:d1:
d8:af:cd:c9:14:75:3a:36:65:de:8c:98:38:1a:03:
c4:c0:02:3a:3a:b7:d6:71:a3:0e:eb:01:03:b7:0d:
5b:21:38:6f:39:0a:83:4c:10:0e:83:72:38:87:f1:
75:2a:15:1f:a3:64:2b:e2:9e:33:4b:fa:01:97:bc:
8a:a4:c7:26:b7:2a:2a:4f:f5:cb:d3:3c:91:b9:ac:
50:c7:1e:e5:a4:8f:35:44:7e:4e:fa:ee:96:08:37:
97:a4:d9:b1:2c:c6:c6:55:7a:cd:68:73:db:61:cb:
36:87:e7:2d:a0:39:1a:c5:4d:09:e7:d7:e3:34:57:
89:44:df:b0:c3:9f:fb:6e:f8:25:90:42:bb:6c:54:
3d:2c:7a:bb:40:3f:7c:92:ee:e2:14:8e:23:de:e8:
45:1f:a8:1c:2a:75:4b:d9:e3:dd:cc:85:6d:eb:73:
d5:83:07:2e:cd:25:3b:41:83:ca:0e:03:99:ef:50:
42:07:4f:62:be:c2:fa:2e:14:40:4b:a8:76:d9:96:
3c:27:d1:46:89:0f:b6:df:71:fb:42:da:c0:e1:8b:
9d:09:ec:cf:db:f7:cb:72:9a:5c:49:f6:98:af:66:
d8:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:F6:E2:F7:2B:99:09:7B:91:2E:B3:1E:BD:8C:84:CC:D3:E6:A3:EA
X509v3 Authority Key Identifier:
keyid:28:C2:20:2A:44:35:37:FB:8F:B2:80:56:7A:17:48:5F:12:30:C4:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KMIgKkQ1N_uPsoBWehdIXxIwxBE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/a2ce64-33af-45fe-90eb-89d2611a95db/1/KMIgKkQ1N_uPsoBWehdIXxIwxBE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/a2ce64-33af-45fe-90eb-89d2611a95db/1/KMIgKkQ1N_uPsoBWehdIXxIwxBE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
52:c1:24:31:a1:87:d8:9f:74:37:6c:e8:9a:c8:02:ba:65:9b:
ac:65:5d:aa:75:cb:c2:85:94:46:88:28:cd:6a:34:34:2c:30:
dc:c8:0c:9f:d8:85:2d:d0:6d:90:74:d1:e6:5f:a7:ce:5f:d5:
55:ef:b6:bf:35:0f:77:6d:89:4d:b5:cd:6e:aa:bb:21:c9:d8:
6d:67:2b:65:34:37:1c:41:96:29:1c:30:b7:49:dd:0c:8a:6b:
36:87:09:b0:84:a0:c5:67:55:64:c4:09:0c:05:99:f1:10:af:
8c:9c:02:16:e6:e7:8b:39:d7:5b:b2:3d:ec:8b:37:4b:79:c2:
64:53:c8:ed:13:c8:16:ac:7c:e0:07:a8:1e:e7:15:4c:6d:3c:
45:3a:62:5c:88:5c:f2:5f:50:b4:3d:f5:64:04:35:3b:6b:f9:
4d:f5:10:87:1d:88:b3:be:92:8f:29:e8:24:a7:1b:4f:4b:03:
91:b8:9e:71:32:3b:26:a9:93:15:80:c2:c6:ec:2a:87:3f:be:
88:69:11:a9:11:18:27:34:46:45:e0:61:b9:9f:6d:a8:14:43:
58:7d:3d:4b:75:66:0a:dd:97:92:8f:ae:8e:8e:a9:91:2c:d1:
09:87:0b:48:87:76:b1:97:e5:83:8f:05:5f:3f:0e:c0:a0:22:
c1:3a:3c:cb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03UuxYboH593eOiYG0pDitMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4YzIyMDJhNDQzNTM3ZmI4ZmIyODA1NjdhMTc0ODVmMTIz
MGM0MTEwHhcNMjYwMzI5MDIwMTE0WhcNMjYwMzMwMDIwMTE0WjAzMTEwLwYDVQQD
Eyg5ZGY2ZTJmNzJiOTkwOTdiOTEyZWIzMWViZDhjODRjY2QzZTZhM2VhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApp6kv0fB4HGJwwcRJRIzMpd8ESV9
yd2N8d7Ia9HYr83JFHU6NmXejJg4GgPEwAI6OrfWcaMO6wEDtw1bIThvOQqDTBAO
g3I4h/F1KhUfo2Qr4p4zS/oBl7yKpMcmtyoqT/XL0zyRuaxQxx7lpI81RH5O+u6W
CDeXpNmxLMbGVXrNaHPbYcs2h+ctoDkaxU0J59fjNFeJRN+ww5/7bvglkEK7bFQ9
LHq7QD98ku7iFI4j3uhFH6gcKnVL2ePdzIVt63PVgwcuzSU7QYPKDgOZ71BCB09i
vsL6LhRAS6h22ZY8J9FGiQ+233H7QtrA4YudCezP2/fLcppcSfaYr2bYhwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ324vcrmQl7kS6zHr2MhMzT5qPqMB8GA1UdIwQY
MBaAFCjCICpENTf7j7KAVnoXSF8SMMQRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS01JZ0trUTFOX3VQc29CV2VoZElYeEl3eEJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC9hMmNlNjQtMzNhZi00NWZlLTkwZWIt
ODlkMjYxMWE5NWRiLzEvS01JZ0trUTFOX3VQc29CV2VoZElYeEl3eEJFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC9hMmNlNjQtMzNhZi00NWZlLTkwZWItODlkMjYxMWE5NWRi
LzEvS01JZ0trUTFOX3VQc29CV2VoZElYeEl3eEJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUsEkMaGH
2J90N2zomsgCumWbrGVdqnXLwoWURogozWo0NCww3MgMn9iFLdBtkHTR5l+nzl/V
Ve+2vzUPd22JTbXNbqq7IcnYbWcrZTQ3HEGWKRwwt0ndDIprNocJsISgxWdVZMQJ
DAWZ8RCvjJwCFubniznXW7I97Is3S3nCZFPI7RPIFqx84AeoHucVTG08RTpiXIhc
8l9QtD31ZAQ1O2v5TfUQhx2Is76SjynoJKcbT0sDkbiecTI7JqmTFYDCxuwqhz++
iGkRqREYJzRGReBhuZ9tqBRDWH09S3VmCt2Xko+ujo6pkSzRCYcLSId2sZflg48F
Xz8OwKAiwTo8yw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:26:44 2026 by rpki-client