Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/KbOnF2ZaETfpncj60i4-f5jbiXM.mft
File: KbOnF2ZaETfpncj60i4-f5jbiXM.mft (raw, json)
Hash identifier: Nih8HePxKwhwP6y16Irj8sptHV7SZnoAV2AhvxAs/EA=
Subject key identifier: 24:FE:2B:86:D1:EE:FF:30:8D:9B:ED:30:34:77:EE:DE:72:25:4E:61
Authority key identifier: 29:B3:A7:17:66:5A:11:37:E9:9D:C8:FA:D2:2E:3E:7F:98:DB:89:73
Certificate issuer: /CN=29b3a717665a1137e99dc8fad22e3e7f98db8973
Certificate serial: 019D37522FB94EE540812FCFC7AD98C586D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KbOnF2ZaETfpncj60i4-f5jbiXM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/KbOnF2ZaETfpncj60i4-f5jbiXM.mft
Manifest number: 1894
Signing time: Sun 29 Mar 2026 02:00:26 +0000
Manifest this update: Sun 29 Mar 2026 02:00:26 +0000
Manifest next update: Mon 30 Mar 2026 02:00:26 +0000
Files and hashes: 1: KbOnF2ZaETfpncj60i4-f5jbiXM.crl (hash: 4MXZaTM0NGY6/7bLahrAGIJbSxKm/Pc8vd0hdbzJusw=)
2: Ty9RnsnK3EDnysBvDikYp04oggo.roa (hash: oWmmAPgiMnRBuVQF4Wy8CU51nd17TmIJOxZ3k8HDTIo=)
3: VmNdh6laZxyVCC_g82mHnoN0sjg.roa (hash: fCIZoEHtubiL+1CEYbmHMAzOgcDhgRWMLUT6hfUtnUM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/KbOnF2ZaETfpncj60i4-f5jbiXM.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/KbOnF2ZaETfpncj60i4-f5jbiXM.mft
rsync://rpki.ripe.net/repository/DEFAULT/KbOnF2ZaETfpncj60i4-f5jbiXM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 02:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:52:2f:b9:4e:e5:40:81:2f:cf:c7:ad:98:c5:86:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29b3a717665a1137e99dc8fad22e3e7f98db8973
Validity
Not Before: Mar 29 02:00:26 2026 GMT
Not After : Mar 30 02:00:26 2026 GMT
Subject: CN=24fe2b86d1eeff308d9bed303477eede72254e61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:1c:bb:a2:94:35:e6:6d:cf:fe:2f:44:8f:b6:
4f:05:63:c5:76:ae:88:d0:3d:01:f7:ed:b6:c1:ed:
db:2c:a7:5c:fa:66:c5:cb:de:63:7d:94:6d:bb:73:
08:be:e8:a0:72:96:f5:ba:94:0a:03:8d:a4:f4:67:
1b:5d:d4:cd:26:dc:b2:9c:e2:ea:f3:96:4a:ca:28:
cc:3d:74:af:bf:40:aa:9a:56:24:e8:d8:76:d7:f0:
87:49:47:6b:58:c4:6d:b9:18:ec:37:80:07:7e:9c:
74:1d:ec:51:90:7c:e1:2a:2f:82:c6:55:56:45:9e:
c8:91:d5:53:22:d2:45:ca:9a:cd:11:4a:8e:34:8a:
13:81:34:5f:c7:65:25:72:32:2c:4e:1c:e9:50:0f:
90:ac:ca:5d:62:d0:8b:18:a5:c1:2c:5d:00:30:ef:
be:94:51:45:be:19:b2:b2:b8:37:2b:5d:33:b0:24:
97:25:f5:af:aa:5a:62:75:9d:f3:84:a2:57:c7:1d:
0e:c3:69:1a:54:1c:97:e0:a0:d3:64:e0:0c:ee:0e:
a8:28:c4:b7:8f:47:93:cd:03:ed:7e:0d:61:64:73:
36:79:e9:8c:cf:63:0b:8b:4d:d5:f0:ca:ec:35:2d:
8d:5c:d6:a8:a6:2a:a0:6f:b5:59:b9:a7:47:cf:19:
d3:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:FE:2B:86:D1:EE:FF:30:8D:9B:ED:30:34:77:EE:DE:72:25:4E:61
X509v3 Authority Key Identifier:
keyid:29:B3:A7:17:66:5A:11:37:E9:9D:C8:FA:D2:2E:3E:7F:98:DB:89:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KbOnF2ZaETfpncj60i4-f5jbiXM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/KbOnF2ZaETfpncj60i4-f5jbiXM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/KbOnF2ZaETfpncj60i4-f5jbiXM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
94:cd:cc:d3:b4:c2:06:ae:f5:1d:5f:7a:1b:a1:90:23:1c:3d:
b9:f5:69:d5:c6:83:e7:6a:c1:85:96:3a:ee:0f:07:ad:87:5a:
01:4f:45:43:0d:cc:f5:01:94:91:13:f6:90:e8:d6:93:3d:3a:
f4:32:6b:f7:7f:ef:26:63:be:de:9c:a8:23:07:43:9f:e5:75:
b9:f8:9a:ac:a8:a6:ab:a2:8b:3e:1d:87:5c:b7:61:c2:18:f3:
de:13:60:7c:84:86:96:b3:6d:89:8b:b8:6b:8e:24:51:ef:3e:
f5:71:d3:48:59:86:16:69:d5:9e:64:ed:62:fd:e3:15:cf:52:
f1:30:b8:da:d1:cb:a7:5e:8e:f8:84:44:69:0a:1f:7d:6a:02:
2f:1e:37:21:34:bd:04:38:17:ae:05:22:ed:12:12:0d:e2:a8:
ff:2a:87:1f:bf:37:d9:60:b2:f1:0e:12:a8:37:40:60:3c:e4:
38:52:56:a3:9f:18:8d:75:d1:44:e1:7d:8b:97:a4:d3:a4:51:
74:da:90:4e:76:e2:9d:d2:52:f3:59:67:5c:2e:10:15:ab:42:
2b:19:15:c3:38:43:fe:26:d7:06:91:2d:68:48:07:ce:0c:bc:
d8:03:79:5b:39:b5:66:3b:55:7a:21:18:d8:36:d3:a8:47:b3:
82:58:ac:ba
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03Ui+5TuVAgS/Px62YxYbSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5YjNhNzE3NjY1YTExMzdlOTlkYzhmYWQyMmUzZTdmOThk
Yjg5NzMwHhcNMjYwMzI5MDIwMDI2WhcNMjYwMzMwMDIwMDI2WjAzMTEwLwYDVQQD
EygyNGZlMmI4NmQxZWVmZjMwOGQ5YmVkMzAzNDc3ZWVkZTcyMjU0ZTYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvxy7opQ15m3P/i9Ej7ZPBWPFdq6I
0D0B9+22we3bLKdc+mbFy95jfZRtu3MIvuigcpb1upQKA42k9GcbXdTNJtyynOLq
85ZKyijMPXSvv0CqmlYk6Nh21/CHSUdrWMRtuRjsN4AHfpx0HexRkHzhKi+CxlVW
RZ7IkdVTItJFyprNEUqONIoTgTRfx2UlcjIsThzpUA+QrMpdYtCLGKXBLF0AMO++
lFFFvhmysrg3K10zsCSXJfWvqlpidZ3zhKJXxx0Ow2kaVByX4KDTZOAM7g6oKMS3
j0eTzQPtfg1hZHM2eemMz2MLi03V8MrsNS2NXNaopiqgb7VZuadHzxnT2wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCT+K4bR7v8wjZvtMDR37t5yJU5hMB8GA1UdIwQY
MBaAFCmzpxdmWhE36Z3I+tIuPn+Y24lzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2JPbkYyWmFFVGZwbmNqNjBpNC1mNWpiaVhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hY2QyOGUtNTJhZS00YWM5LWIwMjgt
NjY5ZjdhNzYxNjMxLzEvS2JPbkYyWmFFVGZwbmNqNjBpNC1mNWpiaVhNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hY2QyOGUtNTJhZS00YWM5LWIwMjgtNjY5ZjdhNzYxNjMx
LzEvS2JPbkYyWmFFVGZwbmNqNjBpNC1mNWpiaVhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlM3M07TC
Bq71HV96G6GQIxw9ufVp1caD52rBhZY67g8HrYdaAU9FQw3M9QGUkRP2kOjWkz06
9DJr93/vJmO+3pyoIwdDn+V1ufiarKimq6KLPh2HXLdhwhjz3hNgfISGlrNtiYu4
a44kUe8+9XHTSFmGFmnVnmTtYv3jFc9S8TC42tHLp16O+IREaQoffWoCLx43ITS9
BDgXrgUi7RISDeKo/yqHH7832WCy8Q4SqDdAYDzkOFJWo58YjXXRROF9i5ek06RR
dNqQTnbindJS81lnXC4QFatCKxkVwzhD/ibXBpEtaEgHzgy82AN5Wzm1ZjtVeiEY
2DbTqEezglisug==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:26:45 2026 by rpki-client