Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/352f9a-4fde-484a-b923-c87fbbd03e86/1/KPmBwgqmUqqF4Ai9Ji97wfhWw1g.mft
File: KPmBwgqmUqqF4Ai9Ji97wfhWw1g.mft (raw, json)
Hash identifier: 9oFL9ofBO//S4h7w835jVFl1KA7RZXhN9hPJ4wUnphk=
Subject key identifier: 74:4C:83:3A:B0:14:F6:B6:9D:4D:7E:47:73:58:9C:9C:2B:CF:B6:47
Authority key identifier: 28:F9:81:C2:0A:A6:52:AA:85:E0:08:BD:26:2F:7B:C1:F8:56:C3:58
Certificate issuer: /CN=28f981c20aa652aa85e008bd262f7bc1f856c358
Certificate serial: 019D386658707379E5E189726ECBC7BD47D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KPmBwgqmUqqF4Ai9Ji97wfhWw1g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/352f9a-4fde-484a-b923-c87fbbd03e86/1/KPmBwgqmUqqF4Ai9Ji97wfhWw1g.mft
Manifest number: 12D9
Signing time: Sun 29 Mar 2026 07:02:04 +0000
Manifest this update: Sun 29 Mar 2026 07:02:04 +0000
Manifest next update: Mon 30 Mar 2026 07:02:04 +0000
Files and hashes: 1: 6Rn-wxtOzItHCQZfTf_aB44eX3w.roa (hash: CLsXfryDKRJpVOl8XMFhcPTYQSBV9e1dqAwQW92Ka+4=)
2: KPmBwgqmUqqF4Ai9Ji97wfhWw1g.crl (hash: HvqRzzxkU4BAY51Td9JHqQZq2auPIGCTUjyvx19GLbg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/352f9a-4fde-484a-b923-c87fbbd03e86/1/KPmBwgqmUqqF4Ai9Ji97wfhWw1g.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/352f9a-4fde-484a-b923-c87fbbd03e86/1/KPmBwgqmUqqF4Ai9Ji97wfhWw1g.mft
rsync://rpki.ripe.net/repository/DEFAULT/KPmBwgqmUqqF4Ai9Ji97wfhWw1g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:66:58:70:73:79:e5:e1:89:72:6e:cb:c7:bd:47:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28f981c20aa652aa85e008bd262f7bc1f856c358
Validity
Not Before: Mar 29 07:02:04 2026 GMT
Not After : Mar 30 07:02:04 2026 GMT
Subject: CN=744c833ab014f6b69d4d7e4773589c9c2bcfb647
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:a0:ab:3d:b8:58:6d:d7:7b:b6:98:f3:ee:5b:
73:6b:fd:3c:1a:17:75:2e:0a:39:6b:ce:72:d7:99:
f8:e7:cf:e4:72:24:70:80:f9:cd:51:d4:52:1a:9e:
3f:fc:39:fb:da:c9:39:53:2e:2e:fa:76:02:10:00:
30:a9:e6:63:8d:85:15:ea:16:22:ad:f0:d5:5d:f1:
ea:95:eb:5a:dd:29:fd:de:8d:17:52:02:a2:ca:08:
e4:0c:ad:50:7e:7a:a6:49:f1:94:b8:23:9b:f8:be:
c5:57:b2:84:cd:28:78:35:74:ca:a9:1b:1f:b1:7b:
c0:42:60:7a:a9:7f:48:c8:4d:ce:68:8d:89:c5:2f:
0e:8c:2f:6f:b5:1c:46:88:79:e9:85:47:02:1f:34:
9e:13:6d:ed:0c:e9:d9:01:d5:1c:92:5a:c1:ff:75:
4f:c9:5a:de:46:fb:dd:da:2e:b7:24:dc:c5:57:a0:
bc:60:dd:e2:57:a5:01:99:59:03:e3:bc:ae:ab:fd:
d0:f5:5e:08:ec:cd:1d:5c:f5:7a:a6:79:ad:b4:a9:
4d:a3:e6:10:5b:f9:52:7c:30:4d:67:9a:f2:b6:51:
56:04:54:14:78:12:47:68:5b:32:6d:40:70:42:93:
e2:79:87:71:5f:33:af:f6:d6:eb:e0:f2:50:d1:bc:
04:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:4C:83:3A:B0:14:F6:B6:9D:4D:7E:47:73:58:9C:9C:2B:CF:B6:47
X509v3 Authority Key Identifier:
keyid:28:F9:81:C2:0A:A6:52:AA:85:E0:08:BD:26:2F:7B:C1:F8:56:C3:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KPmBwgqmUqqF4Ai9Ji97wfhWw1g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/352f9a-4fde-484a-b923-c87fbbd03e86/1/KPmBwgqmUqqF4Ai9Ji97wfhWw1g.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/352f9a-4fde-484a-b923-c87fbbd03e86/1/KPmBwgqmUqqF4Ai9Ji97wfhWw1g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8f:03:a9:d8:e0:74:90:23:38:f2:28:1b:e0:4c:77:0b:0a:8d:
c4:8f:a9:7b:79:25:d5:33:76:2a:08:28:67:20:47:82:79:09:
62:d6:b8:cb:01:d5:50:95:90:5f:9a:f3:19:1f:4d:d8:6c:e0:
5f:ef:90:17:a0:ed:45:6a:43:62:5a:db:52:cb:28:2c:91:96:
e7:c4:de:9f:31:d0:15:d1:75:88:94:cd:18:a8:8c:22:74:f8:
04:6d:92:e5:a1:f2:8b:bc:dc:39:78:e6:9e:0e:20:0a:97:80:
8f:59:cf:8f:f6:5c:7d:87:93:af:d8:3b:74:12:7a:5f:40:a6:
e4:f3:59:a0:7a:8a:6c:c7:77:30:c0:05:9e:d8:a5:0b:93:c7:
99:c9:0a:97:f3:7a:cd:3b:a8:b0:05:5b:06:49:77:4e:8a:55:
12:c5:83:b9:84:d1:73:72:44:4b:1b:e4:58:3d:cb:f0:47:24:
51:61:08:a8:45:73:2a:56:9c:23:2b:0e:74:84:15:83:e9:97:
ba:09:b7:24:2a:09:f8:da:05:c6:ac:13:36:50:23:b1:84:97:
71:37:24:4d:37:35:91:51:69:be:d2:73:40:d6:f1:13:63:b5:
3f:df:95:5e:23:82:9c:24:33:18:33:04:d3:2c:81:88:07:c2:
97:70:72:c1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04Zlhwc3nl4YlybsvHvUfYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4Zjk4MWMyMGFhNjUyYWE4NWUwMDhiZDI2MmY3YmMxZjg1
NmMzNTgwHhcNMjYwMzI5MDcwMjA0WhcNMjYwMzMwMDcwMjA0WjAzMTEwLwYDVQQD
Eyg3NDRjODMzYWIwMTRmNmI2OWQ0ZDdlNDc3MzU4OWM5YzJiY2ZiNjQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2aCrPbhYbdd7tpjz7ltza/08Ghd1
Lgo5a85y15n458/kciRwgPnNUdRSGp4//Dn72sk5Uy4u+nYCEAAwqeZjjYUV6hYi
rfDVXfHqleta3Sn93o0XUgKiygjkDK1QfnqmSfGUuCOb+L7FV7KEzSh4NXTKqRsf
sXvAQmB6qX9IyE3OaI2JxS8OjC9vtRxGiHnphUcCHzSeE23tDOnZAdUcklrB/3VP
yVreRvvd2i63JNzFV6C8YN3iV6UBmVkD47yuq/3Q9V4I7M0dXPV6pnmttKlNo+YQ
W/lSfDBNZ5rytlFWBFQUeBJHaFsybUBwQpPieYdxXzOv9tbr4PJQ0bwEmwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHRMgzqwFPa2nU1+R3NYnJwrz7ZHMB8GA1UdIwQY
MBaAFCj5gcIKplKqheAIvSYve8H4VsNYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1BtQndncW1VcXFGNEFpOUppOTd3ZmhXdzFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS8zNTJmOWEtNGZkZS00ODRhLWI5MjMt
Yzg3ZmJiZDAzZTg2LzEvS1BtQndncW1VcXFGNEFpOUppOTd3ZmhXdzFnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS8zNTJmOWEtNGZkZS00ODRhLWI5MjMtYzg3ZmJiZDAzZTg2
LzEvS1BtQndncW1VcXFGNEFpOUppOTd3ZmhXdzFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjwOp2OB0
kCM48igb4Ex3CwqNxI+pe3kl1TN2KggoZyBHgnkJYta4ywHVUJWQX5rzGR9N2Gzg
X++QF6DtRWpDYlrbUssoLJGW58TenzHQFdF1iJTNGKiMInT4BG2S5aHyi7zcOXjm
ng4gCpeAj1nPj/ZcfYeTr9g7dBJ6X0Cm5PNZoHqKbMd3MMAFntilC5PHmckKl/N6
zTuosAVbBkl3TopVEsWDuYTRc3JESxvkWD3L8EckUWEIqEVzKlacIysOdIQVg+mX
ugm3JCoJ+NoFxqwTNlAjsYSXcTckTTc1kVFpvtJzQNbxE2O1P9+VXiOCnCQzGDME
0yyBiAfCl3BywQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 14:06:11 2026 by rpki-client