Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/640370-e21b-408e-8935-27891484d985/1/KH97Jo822TFYldOyCDdzEHGanUE.mft
File: KH97Jo822TFYldOyCDdzEHGanUE.mft (raw, json)
Hash identifier: m/3TaWs1BQQejgxAdGfY/qzFHrnLbj4nDvg/mIjYcNQ=
Subject key identifier: FB:3A:05:69:F7:49:38:64:60:E5:06:DF:0B:C0:A5:22:EB:58:38:AD
Authority key identifier: 28:7F:7B:26:8F:36:D9:31:58:95:D3:B2:08:37:73:10:71:9A:9D:41
Certificate issuer: /CN=287f7b268f36d9315895d3b208377310719a9d41
Certificate serial: 019D375256FB6D8E56976E82C2D3D7BE1D5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KH97Jo822TFYldOyCDdzEHGanUE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/640370-e21b-408e-8935-27891484d985/1/KH97Jo822TFYldOyCDdzEHGanUE.mft
Manifest number: 0FE7
Signing time: Sun 29 Mar 2026 02:00:36 +0000
Manifest this update: Sun 29 Mar 2026 02:00:36 +0000
Manifest next update: Mon 30 Mar 2026 02:00:36 +0000
Files and hashes: 1: KH97Jo822TFYldOyCDdzEHGanUE.crl (hash: W9OiCN+Vnc165GrrRecuU1Nc0GQ/KZaWneXWPRy12HI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1a/640370-e21b-408e-8935-27891484d985/1/KH97Jo822TFYldOyCDdzEHGanUE.crl
rsync://rpki.ripe.net/repository/DEFAULT/1a/640370-e21b-408e-8935-27891484d985/1/KH97Jo822TFYldOyCDdzEHGanUE.mft
rsync://rpki.ripe.net/repository/DEFAULT/KH97Jo822TFYldOyCDdzEHGanUE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 02:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:52:56:fb:6d:8e:56:97:6e:82:c2:d3:d7:be:1d:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=287f7b268f36d9315895d3b208377310719a9d41
Validity
Not Before: Mar 29 02:00:36 2026 GMT
Not After : Mar 30 02:00:36 2026 GMT
Subject: CN=fb3a0569f749386460e506df0bc0a522eb5838ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:66:0d:1a:a6:66:ad:32:34:e7:ac:df:01:9b:
c3:6e:6d:02:f8:ef:5e:13:30:cc:1b:a9:8e:d2:fc:
35:5d:60:4b:63:21:81:8d:3b:d1:2c:28:a6:26:a0:
26:b3:ba:08:44:0f:2d:eb:de:33:97:b3:3b:93:05:
b2:8c:51:1f:f4:66:52:db:34:10:8e:a5:ad:dd:2c:
9f:34:17:f0:f5:69:90:3b:dc:47:6a:46:61:1e:e0:
30:f7:28:ee:fa:e9:fe:f7:9b:f4:c5:f3:05:8d:48:
b4:ce:56:10:d4:18:aa:79:86:be:2f:a5:23:99:8d:
a2:fa:2f:87:ad:4f:56:1b:1e:f1:1c:b5:59:dd:22:
e6:6f:73:e8:d3:2b:30:99:0f:da:8f:aa:ba:7c:ba:
9c:f6:65:c5:f0:1e:03:ed:40:c8:29:09:4d:41:fe:
f6:3a:ee:18:2a:a6:b3:9c:5a:93:9d:45:64:6d:c0:
f7:a2:f9:a7:ff:c6:27:5d:8a:90:dd:89:8c:f3:65:
e5:b7:3c:f4:76:a2:5a:92:9d:f4:9a:84:e2:c4:7d:
18:73:3f:43:9e:f0:ad:4c:52:bb:ad:a5:67:23:96:
e8:d6:9b:37:80:3a:13:0a:b8:bf:fb:7b:74:6c:a6:
75:d6:c4:f2:a6:a2:0a:3d:cd:2b:51:4c:22:92:14:
17:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:3A:05:69:F7:49:38:64:60:E5:06:DF:0B:C0:A5:22:EB:58:38:AD
X509v3 Authority Key Identifier:
keyid:28:7F:7B:26:8F:36:D9:31:58:95:D3:B2:08:37:73:10:71:9A:9D:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KH97Jo822TFYldOyCDdzEHGanUE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/640370-e21b-408e-8935-27891484d985/1/KH97Jo822TFYldOyCDdzEHGanUE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/640370-e21b-408e-8935-27891484d985/1/KH97Jo822TFYldOyCDdzEHGanUE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
23:5f:db:ee:9c:1c:9b:ca:33:f3:cd:65:be:04:cd:71:30:a2:
e8:83:dd:39:4b:34:b4:29:64:e3:d5:a9:e9:b6:16:fa:69:2a:
28:fa:d3:05:8a:f5:8d:d3:37:ec:39:27:6c:d6:69:82:1e:e5:
9e:b8:c3:9a:11:d0:f2:de:b4:2a:91:b8:c3:18:e4:f6:ee:04:
4e:e4:52:2a:1e:81:7a:e2:ef:93:d8:d5:61:f7:e4:29:7e:91:
d6:9c:ee:77:db:b6:ec:e5:8e:33:ac:7f:ad:45:9a:5b:16:1a:
e3:63:bf:c0:23:7b:1e:ff:df:1f:a1:34:54:2f:07:0d:db:ff:
37:64:8e:09:f4:10:07:3d:4f:9b:fe:bd:e5:20:ff:18:70:aa:
de:05:9a:c5:c3:ec:31:c8:4e:35:1e:47:8f:08:fb:fe:d2:3a:
d4:fa:d4:07:5f:07:b4:ae:db:aa:5f:69:a1:af:91:ed:23:1e:
54:0b:ca:88:ec:82:23:81:99:1f:47:92:18:7b:ee:8b:96:32:
5c:55:a5:46:21:8c:87:82:93:4a:03:c2:a2:5c:37:90:d1:ff:
97:b1:eb:4a:a7:89:48:24:93:cf:0f:ac:7c:19:45:04:86:d1:
85:ee:da:51:5f:bd:4c:9c:62:a1:bc:ad:3b:30:6d:fb:a1:ee:
1a:e5:69:05
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03Ulb7bY5Wl26CwtPXvh1bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4N2Y3YjI2OGYzNmQ5MzE1ODk1ZDNiMjA4Mzc3MzEwNzE5
YTlkNDEwHhcNMjYwMzI5MDIwMDM2WhcNMjYwMzMwMDIwMDM2WjAzMTEwLwYDVQQD
EyhmYjNhMDU2OWY3NDkzODY0NjBlNTA2ZGYwYmMwYTUyMmViNTgzOGFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx2YNGqZmrTI056zfAZvDbm0C+O9e
EzDMG6mO0vw1XWBLYyGBjTvRLCimJqAms7oIRA8t694zl7M7kwWyjFEf9GZS2zQQ
jqWt3SyfNBfw9WmQO9xHakZhHuAw9yju+un+95v0xfMFjUi0zlYQ1BiqeYa+L6Uj
mY2i+i+HrU9WGx7xHLVZ3SLmb3Po0yswmQ/aj6q6fLqc9mXF8B4D7UDIKQlNQf72
Ou4YKqaznFqTnUVkbcD3ovmn/8YnXYqQ3YmM82Xltzz0dqJakp30moTixH0Ycz9D
nvCtTFK7raVnI5bo1ps3gDoTCri/+3t0bKZ11sTypqIKPc0rUUwikhQX/QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPs6BWn3SThkYOUG3wvApSLrWDitMB8GA1UdIwQY
MBaAFCh/eyaPNtkxWJXTsgg3cxBxmp1BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0g5N0pvODIyVEZZbGRPeUNEZHpFSEdhblVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS82NDAzNzAtZTIxYi00MDhlLTg5MzUt
Mjc4OTE0ODRkOTg1LzEvS0g5N0pvODIyVEZZbGRPeUNEZHpFSEdhblVFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS82NDAzNzAtZTIxYi00MDhlLTg5MzUtMjc4OTE0ODRkOTg1
LzEvS0g5N0pvODIyVEZZbGRPeUNEZHpFSEdhblVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAI1/b7pwc
m8oz881lvgTNcTCi6IPdOUs0tClk49Wp6bYW+mkqKPrTBYr1jdM37DknbNZpgh7l
nrjDmhHQ8t60KpG4wxjk9u4ETuRSKh6BeuLvk9jVYffkKX6R1pzud9u27OWOM6x/
rUWaWxYa42O/wCN7Hv/fH6E0VC8HDdv/N2SOCfQQBz1Pm/695SD/GHCq3gWaxcPs
MchONR5Hjwj7/tI61PrUB18HtK7bql9poa+R7SMeVAvKiOyCI4GZH0eSGHvui5Yy
XFWlRiGMh4KTSgPColw3kNH/l7HrSqeJSCSTzw+sfBlFBIbRhe7aUV+9TJxiobyt
OzBt+6HuGuVpBQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:27:42 2026 by rpki-client