Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/cc9099-7101-472e-aefc-5eb66bce318d/1/kNdTolR-A6Sw0vkccOnOTkRoBBg.mft
File: kNdTolR-A6Sw0vkccOnOTkRoBBg.mft (raw, json)
Hash identifier: iGsrQvRlPXsgTSd7tg1Yt1aLYqSybjFiKcOZBauFeOQ=
Subject key identifier: F0:00:54:EB:01:F9:1B:0D:4B:76:6D:67:C4:54:6C:22:C3:85:FA:10
Authority key identifier: 90:D7:53:A2:54:7E:03:A4:B0:D2:F9:1C:70:E9:CE:4E:44:68:04:18
Certificate issuer: /CN=90d753a2547e03a4b0d2f91c70e9ce4e44680418
Certificate serial: 019D3940EFB4433D2800A5A079971713E99E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kNdTolR-A6Sw0vkccOnOTkRoBBg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/cc9099-7101-472e-aefc-5eb66bce318d/1/kNdTolR-A6Sw0vkccOnOTkRoBBg.mft
Manifest number: 0D34
Signing time: Sun 29 Mar 2026 11:00:50 +0000
Manifest this update: Sun 29 Mar 2026 11:00:50 +0000
Manifest next update: Mon 30 Mar 2026 11:00:50 +0000
Files and hashes: 1: Mk7_Zq9Rpk43_vAbKxyUcFK-u8s.roa (hash: VGCcTcxG7jSWPwlxbtqAn1nYTHEFZWiZCyYyw1eM6QU=)
2: kNdTolR-A6Sw0vkccOnOTkRoBBg.crl (hash: dMboYuTYQwlNsXypPIqXWvFbSnC3+un9nR1iIwnxcOU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/cc9099-7101-472e-aefc-5eb66bce318d/1/kNdTolR-A6Sw0vkccOnOTkRoBBg.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/cc9099-7101-472e-aefc-5eb66bce318d/1/kNdTolR-A6Sw0vkccOnOTkRoBBg.mft
rsync://rpki.ripe.net/repository/DEFAULT/kNdTolR-A6Sw0vkccOnOTkRoBBg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:40:ef:b4:43:3d:28:00:a5:a0:79:97:17:13:e9:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90d753a2547e03a4b0d2f91c70e9ce4e44680418
Validity
Not Before: Mar 29 11:00:50 2026 GMT
Not After : Mar 30 11:00:50 2026 GMT
Subject: CN=f00054eb01f91b0d4b766d67c4546c22c385fa10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:9c:d5:c1:b4:48:7d:34:c5:a6:e2:e2:b2:29:
77:15:68:24:e1:36:3f:f5:b0:d2:41:6f:9f:68:c1:
2c:98:48:4c:16:cf:7a:f4:07:6d:60:34:99:32:33:
82:3f:6e:81:74:94:17:34:aa:06:ca:f9:7a:a1:8b:
1c:33:3c:f0:e3:63:a9:75:67:d9:be:f9:93:10:38:
43:25:8c:64:19:7e:07:d7:74:f4:b5:e6:0d:65:91:
e6:1e:63:e4:8a:af:53:be:a0:64:fc:5d:3d:cd:87:
7d:43:44:98:cf:85:97:d8:ba:d1:13:5e:71:9c:20:
2c:3f:30:d4:59:f6:9d:18:3f:49:de:1a:71:75:5e:
9b:c5:8c:3e:ef:47:e0:c3:3a:ce:cb:ab:81:cf:45:
ba:7a:1b:23:87:15:23:6f:39:86:3a:e1:07:0a:5e:
e7:34:7c:0b:1f:81:b5:5f:1f:08:99:10:d8:be:f6:
59:0c:eb:19:89:09:61:6b:e4:84:37:3f:79:4f:0a:
cf:1b:df:eb:af:33:df:f7:c6:76:5f:76:0f:11:f4:
09:80:1f:d1:0f:07:67:3c:87:83:39:cd:ae:cb:e9:
d7:1b:bb:1a:68:64:50:77:4a:67:1b:11:9a:3c:8c:
96:fc:fd:84:e0:f1:05:40:5a:08:5b:79:ab:30:8e:
b1:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:00:54:EB:01:F9:1B:0D:4B:76:6D:67:C4:54:6C:22:C3:85:FA:10
X509v3 Authority Key Identifier:
keyid:90:D7:53:A2:54:7E:03:A4:B0:D2:F9:1C:70:E9:CE:4E:44:68:04:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kNdTolR-A6Sw0vkccOnOTkRoBBg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/cc9099-7101-472e-aefc-5eb66bce318d/1/kNdTolR-A6Sw0vkccOnOTkRoBBg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/cc9099-7101-472e-aefc-5eb66bce318d/1/kNdTolR-A6Sw0vkccOnOTkRoBBg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6a:d1:b3:71:20:94:ba:5e:30:f1:7f:bd:65:34:20:81:51:44:
76:2b:e0:e4:df:96:a0:f6:4d:3e:28:cd:34:bf:a4:58:3d:00:
d4:ab:3b:f1:5c:62:09:a0:d1:2d:95:6d:ef:94:94:74:73:be:
4a:41:ef:69:78:9b:a3:d0:d0:e3:ea:fe:eb:f1:35:94:3d:ce:
29:2f:66:41:a1:eb:c0:79:b3:91:ad:d0:00:d4:73:54:a5:14:
c0:c4:3d:f4:e0:ba:86:11:20:e8:23:ed:b2:c8:3b:00:36:84:
c6:59:bc:ab:ae:8c:9e:e9:f0:0a:aa:39:a0:74:1a:eb:3d:df:
cf:31:ab:c6:91:b0:c3:38:a3:76:62:51:1d:b0:52:19:c9:8d:
8e:5c:eb:d8:f7:bd:38:b0:eb:b2:43:c7:80:7d:03:9b:56:ef:
69:51:fa:4d:1f:15:9a:39:84:ca:55:fe:c1:fc:63:22:87:a5:
27:8f:93:85:53:09:de:c7:ca:c1:6c:a7:6a:36:10:c5:fe:bc:
c1:bb:2b:b8:19:49:35:d0:d3:3b:5b:5c:dc:46:59:ac:e5:c6:
bb:c5:23:4c:2b:d2:44:51:eb:0c:06:25:73:ae:b3:dd:dc:68:
b8:0c:cf:01:04:88:90:59:43:95:fa:0d:23:ac:ae:43:48:59:
07:bb:71:95
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05QO+0Qz0oAKWgeZcXE+meMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwZDc1M2EyNTQ3ZTAzYTRiMGQyZjkxYzcwZTljZTRlNDQ2
ODA0MTgwHhcNMjYwMzI5MTEwMDUwWhcNMjYwMzMwMTEwMDUwWjAzMTEwLwYDVQQD
EyhmMDAwNTRlYjAxZjkxYjBkNGI3NjZkNjdjNDU0NmMyMmMzODVmYTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzJzVwbRIfTTFpuLisil3FWgk4TY/
9bDSQW+faMEsmEhMFs969AdtYDSZMjOCP26BdJQXNKoGyvl6oYscMzzw42OpdWfZ
vvmTEDhDJYxkGX4H13T0teYNZZHmHmPkiq9TvqBk/F09zYd9Q0SYz4WX2LrRE15x
nCAsPzDUWfadGD9J3hpxdV6bxYw+70fgwzrOy6uBz0W6ehsjhxUjbzmGOuEHCl7n
NHwLH4G1Xx8ImRDYvvZZDOsZiQlha+SENz95TwrPG9/rrzPf98Z2X3YPEfQJgB/R
DwdnPIeDOc2uy+nXG7saaGRQd0pnGxGaPIyW/P2E4PEFQFoIW3mrMI6x2QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPAAVOsB+RsNS3ZtZ8RUbCLDhfoQMB8GA1UdIwQY
MBaAFJDXU6JUfgOksNL5HHDpzk5EaAQYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva05kVG9sUi1BNlN3MHZrY2NPbk9Ua1JvQkJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9jYzkwOTktNzEwMS00NzJlLWFlZmMt
NWViNjZiY2UzMThkLzEva05kVG9sUi1BNlN3MHZrY2NPbk9Ua1JvQkJnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9jYzkwOTktNzEwMS00NzJlLWFlZmMtNWViNjZiY2UzMThk
LzEva05kVG9sUi1BNlN3MHZrY2NPbk9Ua1JvQkJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAatGzcSCU
ul4w8X+9ZTQggVFEdivg5N+WoPZNPijNNL+kWD0A1Ks78VxiCaDRLZVt75SUdHO+
SkHvaXibo9DQ4+r+6/E1lD3OKS9mQaHrwHmzka3QANRzVKUUwMQ99OC6hhEg6CPt
ssg7ADaExlm8q66MnunwCqo5oHQa6z3fzzGrxpGwwzijdmJRHbBSGcmNjlzr2Pe9
OLDrskPHgH0Dm1bvaVH6TR8VmjmEylX+wfxjIoelJ4+ThVMJ3sfKwWynajYQxf68
wbsruBlJNdDTO1tc3EZZrOXGu8UjTCvSRFHrDAYlc66z3dxouAzPAQSIkFlDlfoN
I6yuQ0hZB7txlQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 15:02:09 2026 by rpki-client