Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/60c724-a005-46d7-8452-16ce339016a0/1/KDYkAH9E3K9WjDcOf3H5UMsZQO8.mft
File: KDYkAH9E3K9WjDcOf3H5UMsZQO8.mft (raw, json)
Hash identifier: l/Z663g3l28a0z38O26wTgqLI4ywOC/7I+dr9W1krdQ=
Subject key identifier: D1:49:75:C0:27:30:E4:E5:1A:D0:DB:04:61:36:CB:B4:B4:03:EC:02
Authority key identifier: 28:36:24:00:7F:44:DC:AF:56:8C:37:0E:7F:71:F9:50:CB:19:40:EF
Certificate issuer: /CN=283624007f44dcaf568c370e7f71f950cb1940ef
Certificate serial: 019D38D3B94A8E13823A89057F0D0D6AB3D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KDYkAH9E3K9WjDcOf3H5UMsZQO8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/60c724-a005-46d7-8452-16ce339016a0/1/KDYkAH9E3K9WjDcOf3H5UMsZQO8.mft
Manifest number: 0A0B
Signing time: Sun 29 Mar 2026 09:01:32 +0000
Manifest this update: Sun 29 Mar 2026 09:01:32 +0000
Manifest next update: Mon 30 Mar 2026 09:01:32 +0000
Files and hashes: 1: KDYkAH9E3K9WjDcOf3H5UMsZQO8.crl (hash: TVyD58EaCCJTagso+feSbtt8nZXsO1+NcR2S8DXOvn0=)
2: wyIJp-MtwD9wUV37AIQAnQ5KD5g.roa (hash: 27rqphnZqec6wo9U62eKve93o5VP/+kmAfxs2ybJPtU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/60c724-a005-46d7-8452-16ce339016a0/1/KDYkAH9E3K9WjDcOf3H5UMsZQO8.crl
rsync://rpki.ripe.net/repository/DEFAULT/21/60c724-a005-46d7-8452-16ce339016a0/1/KDYkAH9E3K9WjDcOf3H5UMsZQO8.mft
rsync://rpki.ripe.net/repository/DEFAULT/KDYkAH9E3K9WjDcOf3H5UMsZQO8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:d3:b9:4a:8e:13:82:3a:89:05:7f:0d:0d:6a:b3:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=283624007f44dcaf568c370e7f71f950cb1940ef
Validity
Not Before: Mar 29 09:01:32 2026 GMT
Not After : Mar 30 09:01:32 2026 GMT
Subject: CN=d14975c02730e4e51ad0db046136cbb4b403ec02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:30:67:b5:13:eb:08:16:88:e4:d8:63:c1:7c:
9e:80:70:21:dc:80:48:e3:b1:73:89:6e:25:a4:8b:
53:4f:c1:90:30:96:fd:5b:93:5b:ef:18:d7:68:f5:
58:1a:3a:80:97:e5:f0:55:d5:48:8f:10:83:50:bc:
39:5c:12:0f:39:5a:50:57:ef:37:24:89:78:9c:88:
3d:95:ab:be:c5:5e:4d:b5:16:e0:58:4e:b0:43:c2:
f2:97:02:02:c9:d7:18:6a:a7:09:77:7f:91:27:d4:
9c:ee:a4:4d:65:48:13:33:68:66:9d:5b:18:bf:4a:
ba:50:25:d3:db:aa:91:7a:f1:e2:f3:24:c9:27:ec:
a7:3b:50:96:d1:af:0c:36:d2:69:60:00:d7:c6:cf:
a0:4c:54:39:7a:24:54:b0:fd:46:5a:4a:f9:c5:95:
0d:13:9a:97:87:07:51:2c:28:8e:11:d6:07:74:9a:
52:40:18:fe:2e:8e:14:40:88:95:22:e4:1b:c6:19:
f3:c8:02:11:83:86:71:04:08:25:98:85:97:c5:7a:
51:63:ba:44:fe:da:b8:33:47:02:90:d2:94:65:60:
55:4a:6b:1f:03:f3:bf:61:2d:32:f8:13:db:04:17:
15:ac:65:8a:3a:8f:23:c3:fc:0d:8d:69:45:f6:6d:
c1:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:49:75:C0:27:30:E4:E5:1A:D0:DB:04:61:36:CB:B4:B4:03:EC:02
X509v3 Authority Key Identifier:
keyid:28:36:24:00:7F:44:DC:AF:56:8C:37:0E:7F:71:F9:50:CB:19:40:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KDYkAH9E3K9WjDcOf3H5UMsZQO8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/60c724-a005-46d7-8452-16ce339016a0/1/KDYkAH9E3K9WjDcOf3H5UMsZQO8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/60c724-a005-46d7-8452-16ce339016a0/1/KDYkAH9E3K9WjDcOf3H5UMsZQO8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5d:ca:c8:96:9a:21:f7:49:fe:e6:dd:43:a8:91:37:7f:79:6c:
37:42:78:3c:35:7c:f6:c3:d1:16:94:f4:6f:92:f5:18:f3:78:
b9:a1:39:88:e1:c9:20:22:d9:cd:83:a0:3c:8e:15:59:53:d0:
d2:d1:45:5e:96:b2:65:4b:36:10:66:e7:23:af:fd:0a:ab:cc:
94:be:cf:b9:0b:fb:e7:86:5d:6d:c6:5c:e5:ac:d7:df:cc:9d:
17:1d:08:97:b2:3d:e6:db:38:f4:47:cf:23:27:ec:fb:d9:29:
19:29:aa:dc:58:17:65:14:c7:3e:13:bf:74:79:83:48:f3:a3:
78:3a:d1:d1:92:3a:54:95:10:17:98:9b:eb:55:78:1e:36:61:
f4:38:88:da:dd:61:65:e5:68:c0:58:ac:d0:80:a1:ac:3f:5c:
13:8e:6d:e8:bb:36:61:d0:57:bc:5a:50:5d:a6:fb:87:a9:c8:
d7:ca:3d:3b:c2:0b:6f:47:d4:29:02:03:66:c6:e0:18:74:0b:
73:5e:89:d0:47:e1:55:d0:66:90:39:6e:1b:dd:71:e0:b2:cd:
d9:88:f5:15:e8:35:80:87:52:1e:bb:bc:48:75:d2:34:6b:77:
20:98:f3:e7:a6:28:2d:c1:ed:e9:61:a3:8e:36:bc:ea:0b:0b:
44:a7:ec:85
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0407lKjhOCOokFfw0NarPWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4MzYyNDAwN2Y0NGRjYWY1NjhjMzcwZTdmNzFmOTUwY2Ix
OTQwZWYwHhcNMjYwMzI5MDkwMTMyWhcNMjYwMzMwMDkwMTMyWjAzMTEwLwYDVQQD
EyhkMTQ5NzVjMDI3MzBlNGU1MWFkMGRiMDQ2MTM2Y2JiNGI0MDNlYzAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzjBntRPrCBaI5NhjwXyegHAh3IBI
47FziW4lpItTT8GQMJb9W5Nb7xjXaPVYGjqAl+XwVdVIjxCDULw5XBIPOVpQV+83
JIl4nIg9lau+xV5NtRbgWE6wQ8LylwICydcYaqcJd3+RJ9Sc7qRNZUgTM2hmnVsY
v0q6UCXT26qRevHi8yTJJ+ynO1CW0a8MNtJpYADXxs+gTFQ5eiRUsP1GWkr5xZUN
E5qXhwdRLCiOEdYHdJpSQBj+Lo4UQIiVIuQbxhnzyAIRg4ZxBAglmIWXxXpRY7pE
/tq4M0cCkNKUZWBVSmsfA/O/YS0y+BPbBBcVrGWKOo8jw/wNjWlF9m3B2QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNFJdcAnMOTlGtDbBGE2y7S0A+wCMB8GA1UdIwQY
MBaAFCg2JAB/RNyvVow3Dn9x+VDLGUDvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0RZa0FIOUUzSzlXakRjT2YzSDVVTXNaUU84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS82MGM3MjQtYTAwNS00NmQ3LTg0NTIt
MTZjZTMzOTAxNmEwLzEvS0RZa0FIOUUzSzlXakRjT2YzSDVVTXNaUU84Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS82MGM3MjQtYTAwNS00NmQ3LTg0NTItMTZjZTMzOTAxNmEw
LzEvS0RZa0FIOUUzSzlXakRjT2YzSDVVTXNaUU84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXcrIlpoh
90n+5t1DqJE3f3lsN0J4PDV89sPRFpT0b5L1GPN4uaE5iOHJICLZzYOgPI4VWVPQ
0tFFXpayZUs2EGbnI6/9CqvMlL7PuQv754ZdbcZc5azX38ydFx0Il7I95ts49EfP
Iyfs+9kpGSmq3FgXZRTHPhO/dHmDSPOjeDrR0ZI6VJUQF5ib61V4HjZh9DiI2t1h
ZeVowFis0IChrD9cE45t6Ls2YdBXvFpQXab7h6nI18o9O8ILb0fUKQIDZsbgGHQL
c16J0EfhVdBmkDluG91x4LLN2Yj1Feg1gIdSHru8SHXSNGt3IJjz56YoLcHt6WGj
jja86gsLRKfshQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 14:05:45 2026 by rpki-client