Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/95535b-e630-457f-8a01-aeae5bbc3920/1/KBZKV1f91XJaYIRPKufvc7EHpMA.mft
File: KBZKV1f91XJaYIRPKufvc7EHpMA.mft (raw, json)
Hash identifier: Mu26aOB1qWav+cIshlfEkbkm9jkNLUQBUvkTQDpeFoc=
Subject key identifier: 51:E6:0F:6C:AC:49:6D:F0:AE:BF:24:3B:1B:03:88:48:CF:13:FD:DB
Authority key identifier: 28:16:4A:57:57:FD:D5:72:5A:60:84:4F:2A:E7:EF:73:B1:07:A4:C0
Certificate issuer: /CN=28164a5757fdd5725a60844f2ae7ef73b107a4c0
Certificate serial: 019D39AF2E3EE191BE071CE894F7711B7E00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KBZKV1f91XJaYIRPKufvc7EHpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/95535b-e630-457f-8a01-aeae5bbc3920/1/KBZKV1f91XJaYIRPKufvc7EHpMA.mft
Manifest number: 188E
Signing time: Sun 29 Mar 2026 13:01:14 +0000
Manifest this update: Sun 29 Mar 2026 13:01:14 +0000
Manifest next update: Mon 30 Mar 2026 13:01:14 +0000
Files and hashes: 1: 744IgXzHRA7i_KaZPXPHUM0eSxg.roa (hash: eqDQW7MUEHWcKNovBhhfViXrkME1qg3sj67Td6hUu3A=)
2: KBZKV1f91XJaYIRPKufvc7EHpMA.crl (hash: 3Yj8qTq+PfCcxXOK3dLUl+jzRkgVNN0hx6/iJtRuxf0=)
3: Q9Hzj6xYvSgvTk1AgA8SSFlzHjw.roa (hash: zRP8z6fqTAhTFBNH4EqdLJ2KR4AhqadHe/YBKRqTMqA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/95535b-e630-457f-8a01-aeae5bbc3920/1/KBZKV1f91XJaYIRPKufvc7EHpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/38/95535b-e630-457f-8a01-aeae5bbc3920/1/KBZKV1f91XJaYIRPKufvc7EHpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/KBZKV1f91XJaYIRPKufvc7EHpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 13:01:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:af:2e:3e:e1:91:be:07:1c:e8:94:f7:71:1b:7e:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28164a5757fdd5725a60844f2ae7ef73b107a4c0
Validity
Not Before: Mar 29 13:01:14 2026 GMT
Not After : Mar 30 13:01:14 2026 GMT
Subject: CN=51e60f6cac496df0aebf243b1b038848cf13fddb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:ab:5b:ef:f0:39:8c:df:5f:f5:21:04:ad:fc:
b5:76:c3:94:a4:ff:1b:26:a4:9f:e4:85:e2:83:66:
cc:63:ff:e0:d1:65:41:24:61:81:a1:8f:d3:7c:2f:
28:0c:89:4a:34:26:82:bd:f7:73:8e:d6:21:4e:b7:
98:01:b1:73:7e:83:e6:73:c1:4e:ab:dc:63:c0:35:
db:e4:37:2d:87:9d:7e:9d:1f:12:3f:c5:4b:66:e3:
35:fa:f1:19:d8:fa:38:37:df:cb:fb:7b:8c:5e:b2:
df:a0:96:44:6c:06:56:e9:e4:a6:aa:57:c6:64:0c:
d7:03:3c:09:3f:a1:6d:98:f0:de:c7:d2:56:d1:56:
8e:12:52:98:59:b7:26:6f:1a:8d:73:8b:60:e0:dd:
7a:33:a3:63:d2:46:1c:40:80:73:5a:3e:ad:f7:cf:
bf:65:1f:d9:d0:c5:a4:bf:29:44:53:fe:31:04:52:
04:c3:82:1a:1e:18:c3:19:8f:18:5b:81:68:fd:1a:
55:03:de:07:1b:4a:ee:8d:77:4d:81:9a:4a:d3:cf:
31:da:46:82:b0:0b:a8:9a:be:6a:c5:6c:90:ad:60:
2a:49:2f:ec:d0:27:35:66:81:d6:19:33:7b:e6:9f:
a8:49:e3:20:1b:c3:09:df:c5:55:60:b2:5b:4c:59:
37:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:E6:0F:6C:AC:49:6D:F0:AE:BF:24:3B:1B:03:88:48:CF:13:FD:DB
X509v3 Authority Key Identifier:
keyid:28:16:4A:57:57:FD:D5:72:5A:60:84:4F:2A:E7:EF:73:B1:07:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KBZKV1f91XJaYIRPKufvc7EHpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/95535b-e630-457f-8a01-aeae5bbc3920/1/KBZKV1f91XJaYIRPKufvc7EHpMA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/95535b-e630-457f-8a01-aeae5bbc3920/1/KBZKV1f91XJaYIRPKufvc7EHpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6d:8e:6a:d3:e3:fc:c5:d5:3e:31:10:7d:2b:b8:53:47:c6:7d:
16:c3:7c:ce:6b:81:ba:01:4e:93:a9:99:31:51:62:5b:19:85:
16:2c:92:97:70:16:19:38:72:99:d8:8b:57:27:f1:7e:a5:81:
3d:73:33:fa:f3:80:49:01:74:b7:1a:a4:d8:b3:5c:18:1a:93:
ab:ad:e3:33:4c:25:18:89:2a:2f:6f:cd:96:dd:ce:0c:c9:ce:
71:2b:cd:e4:b8:bd:e2:a9:2a:25:18:4a:c7:ce:eb:c4:cf:d8:
22:51:89:c8:22:32:ac:e3:20:21:08:25:fc:b3:29:5b:24:83:
8c:d3:1d:0e:87:cc:fe:a1:3c:9f:c5:ff:b4:79:d1:e4:b4:16:
f8:28:08:60:69:ca:d9:62:e2:29:75:1d:e3:83:c6:3b:37:a5:
bf:85:27:1d:07:aa:f9:18:9f:74:46:bd:4e:1b:33:10:49:17:
ab:b4:8a:48:e7:95:98:18:e4:6f:50:89:68:ec:01:aa:8a:65:
f4:07:db:ec:81:6d:bf:9a:5c:79:00:6e:6f:36:cd:ab:3e:21:
54:dd:1e:a4:c1:b3:65:ad:f5:ef:88:0b:57:23:fc:50:65:38:
2d:e8:cd:e9:45:72:94:47:32:2c:6c:c8:97:e3:1f:df:47:0f:
7d:b2:f1:dd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05ry4+4ZG+BxzolPdxG34AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4MTY0YTU3NTdmZGQ1NzI1YTYwODQ0ZjJhZTdlZjczYjEw
N2E0YzAwHhcNMjYwMzI5MTMwMTE0WhcNMjYwMzMwMTMwMTE0WjAzMTEwLwYDVQQD
Eyg1MWU2MGY2Y2FjNDk2ZGYwYWViZjI0M2IxYjAzODg0OGNmMTNmZGRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsKtb7/A5jN9f9SEErfy1dsOUpP8b
JqSf5IXig2bMY//g0WVBJGGBoY/TfC8oDIlKNCaCvfdzjtYhTreYAbFzfoPmc8FO
q9xjwDXb5Dcth51+nR8SP8VLZuM1+vEZ2Po4N9/L+3uMXrLfoJZEbAZW6eSmqlfG
ZAzXAzwJP6FtmPDex9JW0VaOElKYWbcmbxqNc4tg4N16M6Nj0kYcQIBzWj6t98+/
ZR/Z0MWkvylEU/4xBFIEw4IaHhjDGY8YW4Fo/RpVA94HG0rujXdNgZpK088x2kaC
sAuomr5qxWyQrWAqSS/s0Cc1ZoHWGTN75p+oSeMgG8MJ38VVYLJbTFk3lwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFHmD2ysSW3wrr8kOxsDiEjPE/3bMB8GA1UdIwQY
MBaAFCgWSldX/dVyWmCETyrn73OxB6TAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0JaS1YxZjkxWEphWUlSUEt1ZnZjN0VIcE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC85NTUzNWItZTYzMC00NTdmLThhMDEt
YWVhZTViYmMzOTIwLzEvS0JaS1YxZjkxWEphWUlSUEt1ZnZjN0VIcE1BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC85NTUzNWItZTYzMC00NTdmLThhMDEtYWVhZTViYmMzOTIw
LzEvS0JaS1YxZjkxWEphWUlSUEt1ZnZjN0VIcE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbY5q0+P8
xdU+MRB9K7hTR8Z9FsN8zmuBugFOk6mZMVFiWxmFFiySl3AWGThymdiLVyfxfqWB
PXMz+vOASQF0txqk2LNcGBqTq63jM0wlGIkqL2/Nlt3ODMnOcSvN5Li94qkqJRhK
x87rxM/YIlGJyCIyrOMgIQgl/LMpWySDjNMdDofM/qE8n8X/tHnR5LQW+CgIYGnK
2WLiKXUd44PGOzelv4UnHQeq+RifdEa9ThszEEkXq7SKSOeVmBjkb1CJaOwBqopl
9Afb7IFtv5pceQBubzbNqz4hVN0epMGzZa3174gLVyP8UGU4LejN6UVylEcyLGzI
l+Mf30cPfbLx3Q==
-----END CERTIFICATE-----
Generated at Sun Mar 29 19:21:03 2026 by rpki-client