Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/e5dfa9-5196-48cd-9178-5a31f620b04a/1/KD3ro7EwXJpI03S6Rzab8fgn7gg.mft
File: KD3ro7EwXJpI03S6Rzab8fgn7gg.mft (raw, json)
Hash identifier: rqN/ySQH3E+ojgTk+8yKobdr114Tl3cORk50dEYk+Ss=
Subject key identifier: BD:05:26:71:EC:EA:B7:DF:A6:F0:22:A2:4A:A2:0E:85:93:FA:3E:3E
Authority key identifier: 28:3D:EB:A3:B1:30:5C:9A:48:D3:74:BA:47:36:9B:F1:F8:27:EE:08
Certificate issuer: /CN=283deba3b1305c9a48d374ba47369bf1f827ee08
Certificate serial: 019DDDD5B93CEFBA9B8BEA24CC44E0BA7028
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KD3ro7EwXJpI03S6Rzab8fgn7gg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/e5dfa9-5196-48cd-9178-5a31f620b04a/1/KD3ro7EwXJpI03S6Rzab8fgn7gg.mft
Manifest number: 0C33
Signing time: Thu 30 Apr 2026 10:01:04 +0000
Manifest this update: Thu 30 Apr 2026 10:01:04 +0000
Manifest next update: Fri 01 May 2026 10:01:04 +0000
Files and hashes: 1: KD3ro7EwXJpI03S6Rzab8fgn7gg.crl (hash: z3e4f1hQQG3ArrzkUvW0d0kk3W68faKiNBUjvVtM+FU=)
2: OQ2Ehq2LNnkoW69ybvSmF7Wii1o.roa (hash: R70NXYY+s+0zLQXH0/qTZ8MSPj794apmQlMiNuT9CX0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1a/e5dfa9-5196-48cd-9178-5a31f620b04a/1/KD3ro7EwXJpI03S6Rzab8fgn7gg.crl
rsync://rpki.ripe.net/repository/DEFAULT/1a/e5dfa9-5196-48cd-9178-5a31f620b04a/1/KD3ro7EwXJpI03S6Rzab8fgn7gg.mft
rsync://rpki.ripe.net/repository/DEFAULT/KD3ro7EwXJpI03S6Rzab8fgn7gg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 01 May 2026 07:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:dd:d5:b9:3c:ef:ba:9b:8b:ea:24:cc:44:e0:ba:70:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=283deba3b1305c9a48d374ba47369bf1f827ee08
Validity
Not Before: Apr 30 10:01:04 2026 GMT
Not After : May 1 10:01:04 2026 GMT
Subject: CN=bd052671eceab7dfa6f022a24aa20e8593fa3e3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:6b:19:73:c1:b6:3b:0a:13:b9:48:f0:e4:07:
58:7e:d1:0b:ae:dc:ae:e0:7d:79:20:31:2e:45:0f:
a6:03:98:69:72:b0:21:86:db:23:15:c8:e7:6f:23:
2d:43:9d:5f:b9:7b:6b:97:4c:ca:bf:c9:c1:81:0f:
12:0b:5a:88:79:78:c1:05:08:2d:7e:62:1d:68:a1:
8b:5b:42:ea:ee:aa:82:fe:ba:80:25:0a:d5:05:03:
5c:0c:24:b8:11:65:67:e6:13:a5:a8:c7:e0:40:f8:
01:06:ad:ff:ca:47:44:2d:26:d2:d7:4b:2f:57:f3:
44:bd:f3:3a:18:9b:72:c1:67:58:4d:e5:2a:ca:f7:
b2:b2:87:9b:df:ef:fc:8a:ad:63:36:da:d8:80:db:
e3:4b:60:0f:47:a3:36:3e:a3:82:fc:e8:49:7c:10:
6f:3e:d1:2f:cd:0d:89:0d:9f:87:29:8d:cf:ae:f1:
cd:d9:d5:66:56:91:32:52:fd:62:c1:30:70:47:79:
a6:9e:da:a4:2f:e4:bc:e4:cd:86:b8:46:41:af:29:
fa:d6:76:ad:ff:2f:22:e6:27:30:49:21:fa:d7:e9:
e9:05:7f:ca:21:ae:4f:b0:35:93:3c:a1:ef:06:07:
d7:f4:14:18:dd:72:ca:5d:2f:65:3c:ca:80:64:e6:
d9:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:05:26:71:EC:EA:B7:DF:A6:F0:22:A2:4A:A2:0E:85:93:FA:3E:3E
X509v3 Authority Key Identifier:
keyid:28:3D:EB:A3:B1:30:5C:9A:48:D3:74:BA:47:36:9B:F1:F8:27:EE:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KD3ro7EwXJpI03S6Rzab8fgn7gg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/e5dfa9-5196-48cd-9178-5a31f620b04a/1/KD3ro7EwXJpI03S6Rzab8fgn7gg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/e5dfa9-5196-48cd-9178-5a31f620b04a/1/KD3ro7EwXJpI03S6Rzab8fgn7gg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a4:b3:ad:b1:67:bc:85:2e:c7:7d:34:ba:4c:bd:70:e7:32:5e:
7c:bc:ac:86:c3:ec:97:4f:aa:56:54:02:76:f8:f5:3c:fe:68:
ac:51:ce:c6:15:86:4f:a1:b4:4d:98:b5:e0:35:ed:f0:06:b4:
f6:b7:59:85:eb:0c:82:1a:85:ce:58:2b:6f:42:96:24:ca:c2:
47:a5:60:5c:da:10:b1:fb:63:3a:46:83:e8:5e:de:0c:1e:b8:
4f:43:dd:be:25:a4:3b:50:94:b5:a1:b6:ec:71:75:59:6b:be:
63:42:b0:8c:07:82:29:a7:9f:72:36:e4:72:7e:fe:4c:94:b4:
85:fb:c1:f2:49:aa:04:a4:5a:4b:d4:e9:ac:1c:c5:81:36:63:
ce:3b:a9:50:c2:da:33:c7:fa:05:bc:91:81:96:e8:25:dd:bb:
9a:3f:21:4c:1f:ca:56:97:85:c7:84:41:1f:57:55:36:cb:d8:
34:93:a4:1e:5e:c6:e5:ab:ca:f7:f9:42:7e:07:6d:a2:a8:9a:
25:ef:b5:88:1e:58:eb:0e:c5:81:fc:ee:6d:bb:73:57:cd:4a:
bd:b0:a1:15:c8:de:4f:f5:8f:e1:ab:50:2f:22:40:7c:c3:e9:
cc:16:86:f3:0a:7c:ee:09:49:fe:14:25:9f:1b:35:cc:3f:d7:
aa:12:b1:4a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ3d1bk877qbi+okzETgunAoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4M2RlYmEzYjEzMDVjOWE0OGQzNzRiYTQ3MzY5YmYxZjgy
N2VlMDgwHhcNMjYwNDMwMTAwMTA0WhcNMjYwNTAxMTAwMTA0WjAzMTEwLwYDVQQD
EyhiZDA1MjY3MWVjZWFiN2RmYTZmMDIyYTI0YWEyMGU4NTkzZmEzZTNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4GsZc8G2OwoTuUjw5AdYftELrtyu
4H15IDEuRQ+mA5hpcrAhhtsjFcjnbyMtQ51fuXtrl0zKv8nBgQ8SC1qIeXjBBQgt
fmIdaKGLW0Lq7qqC/rqAJQrVBQNcDCS4EWVn5hOlqMfgQPgBBq3/ykdELSbS10sv
V/NEvfM6GJtywWdYTeUqyveysoeb3+/8iq1jNtrYgNvjS2APR6M2PqOC/OhJfBBv
PtEvzQ2JDZ+HKY3PrvHN2dVmVpEyUv1iwTBwR3mmntqkL+S85M2GuEZBryn61nat
/y8i5icwSSH61+npBX/KIa5PsDWTPKHvBgfX9BQY3XLKXS9lPMqAZObZlQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL0FJnHs6rffpvAiokqiDoWT+j4+MB8GA1UdIwQY
MBaAFCg966OxMFyaSNN0ukc2m/H4J+4IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0Qzcm83RXdYSnBJMDNTNlJ6YWI4ZmduN2dnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS9lNWRmYTktNTE5Ni00OGNkLTkxNzgt
NWEzMWY2MjBiMDRhLzEvS0Qzcm83RXdYSnBJMDNTNlJ6YWI4ZmduN2dnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS9lNWRmYTktNTE5Ni00OGNkLTkxNzgtNWEzMWY2MjBiMDRh
LzEvS0Qzcm83RXdYSnBJMDNTNlJ6YWI4ZmduN2dnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApLOtsWe8
hS7HfTS6TL1w5zJefLyshsPsl0+qVlQCdvj1PP5orFHOxhWGT6G0TZi14DXt8Aa0
9rdZhesMghqFzlgrb0KWJMrCR6VgXNoQsftjOkaD6F7eDB64T0PdviWkO1CUtaG2
7HF1WWu+Y0KwjAeCKaefcjbkcn7+TJS0hfvB8kmqBKRaS9TprBzFgTZjzjupUMLa
M8f6BbyRgZboJd27mj8hTB/KVpeFx4RBH1dVNsvYNJOkHl7G5avK9/lCfgdtoqia
Je+1iB5Y6w7FgfzubbtzV81KvbChFcjeT/WP4atQLyJAfMPpzBaG8wp87glJ/hQl
nxs1zD/XqhKxSg==
-----END CERTIFICATE-----
Generated at Thu Apr 30 13:46:31 2026 by rpki-client