Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/KbOnF2ZaETfpncj60i4-f5jbiXM.mft
File: KbOnF2ZaETfpncj60i4-f5jbiXM.mft (raw, json)
Hash identifier: XVhkHX/A6/5t8x4FxY2n89U7nWpyPP3RMOEq8Udxblc=
Subject key identifier: 5D:6C:AB:61:FD:37:99:22:06:0D:BD:07:30:BF:BB:B6:D3:27:A9:A8
Authority key identifier: 29:B3:A7:17:66:5A:11:37:E9:9D:C8:FA:D2:2E:3E:7F:98:DB:89:73
Certificate issuer: /CN=29b3a717665a1137e99dc8fad22e3e7f98db8973
Certificate serial: 019E30727186610E278BAC0E8110BCBC1162
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KbOnF2ZaETfpncj60i4-f5jbiXM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/KbOnF2ZaETfpncj60i4-f5jbiXM.mft
Manifest number: 1915
Signing time: Sat 16 May 2026 11:01:06 +0000
Manifest this update: Sat 16 May 2026 11:01:06 +0000
Manifest next update: Sun 17 May 2026 11:01:06 +0000
Files and hashes: 1: KbOnF2ZaETfpncj60i4-f5jbiXM.crl (hash: 3oWfGMo3ASQpbbnwsyPM9y6VcL/3cUabt5pyS1CcqOA=)
2: Ty9RnsnK3EDnysBvDikYp04oggo.roa (hash: oWmmAPgiMnRBuVQF4Wy8CU51nd17TmIJOxZ3k8HDTIo=)
3: VmNdh6laZxyVCC_g82mHnoN0sjg.roa (hash: fCIZoEHtubiL+1CEYbmHMAzOgcDhgRWMLUT6hfUtnUM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/KbOnF2ZaETfpncj60i4-f5jbiXM.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/KbOnF2ZaETfpncj60i4-f5jbiXM.mft
rsync://rpki.ripe.net/repository/DEFAULT/KbOnF2ZaETfpncj60i4-f5jbiXM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 17 May 2026 11:01:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:30:72:71:86:61:0e:27:8b:ac:0e:81:10:bc:bc:11:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29b3a717665a1137e99dc8fad22e3e7f98db8973
Validity
Not Before: May 16 11:01:06 2026 GMT
Not After : May 17 11:01:06 2026 GMT
Subject: CN=5d6cab61fd379922060dbd0730bfbbb6d327a9a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:32:4a:71:de:33:cb:7d:7c:51:4d:2d:70:d3:
fc:f1:4e:2f:9b:ae:14:3c:15:b5:97:73:64:c5:75:
29:b8:2e:c0:8f:bf:97:ac:bc:81:0d:fc:21:db:50:
6c:1d:25:bf:a4:a5:2c:fe:0d:a1:b3:19:9d:0b:4b:
87:78:96:45:78:e9:1e:5a:72:2e:31:8b:ef:56:61:
be:86:c0:ca:ed:7c:45:18:66:02:22:a8:ef:d0:92:
da:ed:5b:3b:52:05:27:d7:f6:5a:da:7e:73:e4:49:
74:d8:3c:b8:55:10:f8:6d:21:f0:cd:ab:0b:ed:c9:
78:fd:82:73:ef:7d:f0:1b:c3:68:8a:87:7f:4d:b5:
ae:d4:b6:52:04:2c:12:4c:d1:a5:13:3e:2f:83:ae:
f4:64:fb:e0:ed:b1:56:08:d3:06:1a:5c:25:7a:76:
74:9f:4d:6a:13:91:1b:74:24:c9:c4:f2:e8:e1:c4:
0c:20:33:17:d7:91:70:7a:25:dd:87:95:80:ed:bb:
19:2c:5d:75:18:24:90:5d:29:61:5c:cd:51:ab:37:
8d:8b:7c:81:7f:c0:60:ee:ed:9c:9b:08:9d:b0:40:
86:8f:3b:d2:45:eb:dd:d4:18:c2:7f:60:13:48:c0:
eb:39:35:41:69:32:3c:09:23:8c:ec:28:ae:08:44:
94:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:6C:AB:61:FD:37:99:22:06:0D:BD:07:30:BF:BB:B6:D3:27:A9:A8
X509v3 Authority Key Identifier:
keyid:29:B3:A7:17:66:5A:11:37:E9:9D:C8:FA:D2:2E:3E:7F:98:DB:89:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KbOnF2ZaETfpncj60i4-f5jbiXM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/KbOnF2ZaETfpncj60i4-f5jbiXM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/KbOnF2ZaETfpncj60i4-f5jbiXM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0b:00:96:37:c2:2b:1b:27:80:0f:27:69:84:7f:01:43:57:cf:
8c:57:c5:12:43:34:ee:c9:0a:8a:78:8c:78:37:13:f5:43:54:
a6:0d:93:0b:5a:ad:52:1b:de:d7:60:d7:f8:f6:d0:eb:b6:2c:
9c:93:b8:31:34:df:e9:a6:5f:1b:31:e9:70:78:74:be:10:43:
a0:40:d8:31:bd:c3:6b:65:ac:b6:ee:75:2e:c0:bf:07:3d:8b:
2c:a1:50:a4:a2:27:ac:1c:7c:ee:5d:e6:82:d8:7e:ba:56:33:
cc:e9:1b:bb:e1:4f:3e:1b:29:7b:9f:bf:01:e1:77:39:71:36:
3b:31:44:14:3d:bb:e1:c5:0c:56:b5:45:e7:8e:e6:3b:14:2e:
90:16:ac:3d:51:51:4d:bf:7e:56:f1:07:ad:d2:e8:d4:3e:b4:
55:d3:b4:3d:b7:5d:98:35:89:cf:7d:ad:17:84:3b:e8:f9:6e:
82:50:11:bd:aa:b4:05:0f:23:3d:7d:21:41:ed:03:23:b5:22:
c7:dc:75:12:31:89:20:67:e7:b9:6e:37:41:e4:a2:e5:37:f8:
88:4a:bd:50:3a:d2:28:a6:73:fb:49:d9:59:61:91:91:22:7c:
29:fe:7f:56:9a:85:96:6c:e6:c4:8c:de:c3:71:1d:44:32:84:
52:8a:1c:43
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4wcnGGYQ4ni6wOgRC8vBFiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5YjNhNzE3NjY1YTExMzdlOTlkYzhmYWQyMmUzZTdmOThk
Yjg5NzMwHhcNMjYwNTE2MTEwMTA2WhcNMjYwNTE3MTEwMTA2WjAzMTEwLwYDVQQD
Eyg1ZDZjYWI2MWZkMzc5OTIyMDYwZGJkMDczMGJmYmJiNmQzMjdhOWE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnDJKcd4zy318UU0tcNP88U4vm64U
PBW1l3NkxXUpuC7Aj7+XrLyBDfwh21BsHSW/pKUs/g2hsxmdC0uHeJZFeOkeWnIu
MYvvVmG+hsDK7XxFGGYCIqjv0JLa7Vs7UgUn1/Za2n5z5El02Dy4VRD4bSHwzasL
7cl4/YJz733wG8Noiod/TbWu1LZSBCwSTNGlEz4vg670ZPvg7bFWCNMGGlwlenZ0
n01qE5EbdCTJxPLo4cQMIDMX15FweiXdh5WA7bsZLF11GCSQXSlhXM1RqzeNi3yB
f8Bg7u2cmwidsECGjzvSRevd1BjCf2ATSMDrOTVBaTI8CSOM7CiuCESU3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF1sq2H9N5kiBg29BzC/u7bTJ6moMB8GA1UdIwQY
MBaAFCmzpxdmWhE36Z3I+tIuPn+Y24lzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2JPbkYyWmFFVGZwbmNqNjBpNC1mNWpiaVhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hY2QyOGUtNTJhZS00YWM5LWIwMjgt
NjY5ZjdhNzYxNjMxLzEvS2JPbkYyWmFFVGZwbmNqNjBpNC1mNWpiaVhNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hY2QyOGUtNTJhZS00YWM5LWIwMjgtNjY5ZjdhNzYxNjMx
LzEvS2JPbkYyWmFFVGZwbmNqNjBpNC1mNWpiaVhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACwCWN8Ir
GyeADydphH8BQ1fPjFfFEkM07skKiniMeDcT9UNUpg2TC1qtUhve12DX+PbQ67Ys
nJO4MTTf6aZfGzHpcHh0vhBDoEDYMb3Da2Wstu51LsC/Bz2LLKFQpKInrBx87l3m
gth+ulYzzOkbu+FPPhspe5+/AeF3OXE2OzFEFD274cUMVrVF547mOxQukBasPVFR
Tb9+VvEHrdLo1D60VdO0PbddmDWJz32tF4Q76PluglARvaq0BQ8jPX0hQe0DI7Ui
x9x1EjGJIGfnuW43QeSi5Tf4iEq9UDrSKKZz+0nZWWGRkSJ8Kf5/VpqFlmzmxIze
w3EdRDKEUoocQw==
-----END CERTIFICATE-----
Generated at Sat May 16 19:30:52 2026 by rpki-client