Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/a54eb1-33de-401f-935a-f349284509b7/1/kpbYTmTVXsgSR2-4BvD-daCL-ys.mft
File: kpbYTmTVXsgSR2-4BvD-daCL-ys.mft (raw, json)
Hash identifier: SxOFhPy7eMbPYG+ZrJIiWoCUVLbgQiIC5aVvK+/KBh4=
Subject key identifier: 85:6F:A6:32:A8:46:2B:9E:14:33:0F:D8:40:9E:7D:99:FD:35:B1:41
Authority key identifier: 92:96:D8:4E:64:D5:5E:C8:12:47:6F:B8:06:F0:FE:75:A0:8B:FB:2B
Certificate issuer: /CN=9296d84e64d55ec812476fb806f0fe75a08bfb2b
Certificate serial: 019D3940C69B680DA75DBD8437918EA1D85F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kpbYTmTVXsgSR2-4BvD-daCL-ys.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/a54eb1-33de-401f-935a-f349284509b7/1/kpbYTmTVXsgSR2-4BvD-daCL-ys.mft
Manifest number: 1891
Signing time: Sun 29 Mar 2026 11:00:39 +0000
Manifest this update: Sun 29 Mar 2026 11:00:39 +0000
Manifest next update: Mon 30 Mar 2026 11:00:39 +0000
Files and hashes: 1: WMTxNqy5dxe24um7JtSXmDnNRnM.roa (hash: TxZKxHcS8Fj+JFe1cwBosTBaRiZeeZ2HacumzoOW+L8=)
2: kpbYTmTVXsgSR2-4BvD-daCL-ys.crl (hash: Gs+KzGNmjnEejQWtkqZzWHMmpOHj47wP03P+jw6u1D0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/a54eb1-33de-401f-935a-f349284509b7/1/kpbYTmTVXsgSR2-4BvD-daCL-ys.crl
rsync://rpki.ripe.net/repository/DEFAULT/53/a54eb1-33de-401f-935a-f349284509b7/1/kpbYTmTVXsgSR2-4BvD-daCL-ys.mft
rsync://rpki.ripe.net/repository/DEFAULT/kpbYTmTVXsgSR2-4BvD-daCL-ys.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:40:c6:9b:68:0d:a7:5d:bd:84:37:91:8e:a1:d8:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9296d84e64d55ec812476fb806f0fe75a08bfb2b
Validity
Not Before: Mar 29 11:00:39 2026 GMT
Not After : Mar 30 11:00:39 2026 GMT
Subject: CN=856fa632a8462b9e14330fd8409e7d99fd35b141
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:52:10:cd:96:09:7b:d4:04:fa:a9:29:5c:ee:
52:83:92:d6:8f:c5:b0:c4:91:6c:3a:8b:14:65:60:
a8:01:41:73:5c:34:0d:8a:30:22:04:e0:2e:2b:1f:
cd:c7:0c:ec:20:f0:0c:66:66:23:c9:bf:37:7e:d9:
38:d1:04:f9:53:89:61:50:bd:15:cd:c0:5f:66:0b:
fe:4b:f7:14:03:74:5f:28:65:0b:ba:5e:6f:38:dc:
d8:7c:d9:04:37:33:b3:ab:cb:c4:da:6e:e7:34:c0:
f5:80:95:30:4d:a8:99:d4:1b:d0:5f:59:01:44:f9:
d4:b1:4d:5a:71:2a:b4:e3:6c:62:60:b0:dc:5f:b2:
83:62:3b:e9:df:01:af:7d:d9:e2:8e:67:1f:11:2f:
02:ac:6f:a7:8a:4c:ad:26:ea:ec:c0:fa:15:6c:30:
18:e8:38:b9:3a:38:21:f4:be:3a:a7:fa:22:bf:83:
36:03:aa:b7:b0:fc:99:05:14:9c:6d:73:9f:6c:c3:
07:1e:77:c8:42:98:d7:a4:12:13:0b:b9:38:5f:33:
0a:c1:32:54:29:b4:95:a9:e3:64:d6:7b:61:35:66:
96:82:a0:b1:c7:25:43:ec:2a:0d:f3:ad:26:9a:0d:
26:13:ca:4a:7a:67:56:db:92:e3:84:8c:13:05:24:
94:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:6F:A6:32:A8:46:2B:9E:14:33:0F:D8:40:9E:7D:99:FD:35:B1:41
X509v3 Authority Key Identifier:
keyid:92:96:D8:4E:64:D5:5E:C8:12:47:6F:B8:06:F0:FE:75:A0:8B:FB:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kpbYTmTVXsgSR2-4BvD-daCL-ys.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/a54eb1-33de-401f-935a-f349284509b7/1/kpbYTmTVXsgSR2-4BvD-daCL-ys.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/a54eb1-33de-401f-935a-f349284509b7/1/kpbYTmTVXsgSR2-4BvD-daCL-ys.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
71:ce:9b:e9:f2:a4:1c:52:fb:f6:f5:09:aa:c6:7b:84:c9:75:
32:7f:9c:8c:77:68:77:b6:66:cc:e0:55:3c:7c:fa:46:24:3a:
73:e9:1e:25:13:70:94:46:ca:01:ea:9b:bd:3d:7d:df:6e:aa:
6d:d7:74:99:fe:0d:38:1c:1a:8f:63:92:30:07:ed:20:f8:7a:
08:1d:10:bf:5e:c4:86:c5:f2:2e:61:15:46:51:05:09:8c:12:
a5:20:e7:54:f9:ec:c8:e2:33:36:5d:62:4b:f0:01:98:ce:4d:
5c:5b:32:81:08:a7:5d:2a:36:7d:ef:d7:9d:52:ae:db:63:7d:
af:9b:cb:7a:1a:14:a7:a8:bb:a0:21:0a:68:40:98:b5:e0:d9:
9c:65:4c:a1:ad:96:79:ea:3d:60:45:9f:d1:a7:b0:3f:20:34:
c6:d3:98:db:f7:15:fa:0f:12:7b:81:18:30:b1:02:a1:c1:17:
ec:f8:9f:5f:79:cb:49:ff:a2:92:9c:dd:22:3a:09:98:68:70:
2e:52:84:2b:d2:b1:40:1f:65:65:01:e1:58:c5:9a:69:6c:db:
64:bb:89:f2:83:91:aa:ad:aa:ef:14:e5:09:d6:a3:21:08:7b:
5f:2e:ce:04:34:cd:8e:3a:d9:24:bb:dd:74:13:70:44:4c:77:
b1:29:9f:32
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05QMabaA2nXb2EN5GOodhfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyOTZkODRlNjRkNTVlYzgxMjQ3NmZiODA2ZjBmZTc1YTA4
YmZiMmIwHhcNMjYwMzI5MTEwMDM5WhcNMjYwMzMwMTEwMDM5WjAzMTEwLwYDVQQD
Eyg4NTZmYTYzMmE4NDYyYjllMTQzMzBmZDg0MDllN2Q5OWZkMzViMTQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs1IQzZYJe9QE+qkpXO5Sg5LWj8Ww
xJFsOosUZWCoAUFzXDQNijAiBOAuKx/NxwzsIPAMZmYjyb83ftk40QT5U4lhUL0V
zcBfZgv+S/cUA3RfKGULul5vONzYfNkENzOzq8vE2m7nNMD1gJUwTaiZ1BvQX1kB
RPnUsU1acSq042xiYLDcX7KDYjvp3wGvfdnijmcfES8CrG+nikytJurswPoVbDAY
6Di5Ojgh9L46p/oiv4M2A6q3sPyZBRScbXOfbMMHHnfIQpjXpBITC7k4XzMKwTJU
KbSVqeNk1nthNWaWgqCxxyVD7CoN860mmg0mE8pKemdW25LjhIwTBSSUaQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIVvpjKoRiueFDMP2ECefZn9NbFBMB8GA1UdIwQY
MBaAFJKW2E5k1V7IEkdvuAbw/nWgi/srMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3BiWVRtVFZYc2dTUjItNEJ2RC1kYUNMLXlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My9hNTRlYjEtMzNkZS00MDFmLTkzNWEt
ZjM0OTI4NDUwOWI3LzEva3BiWVRtVFZYc2dTUjItNEJ2RC1kYUNMLXlzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My9hNTRlYjEtMzNkZS00MDFmLTkzNWEtZjM0OTI4NDUwOWI3
LzEva3BiWVRtVFZYc2dTUjItNEJ2RC1kYUNMLXlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcc6b6fKk
HFL79vUJqsZ7hMl1Mn+cjHdod7ZmzOBVPHz6RiQ6c+keJRNwlEbKAeqbvT19326q
bdd0mf4NOBwaj2OSMAftIPh6CB0Qv17EhsXyLmEVRlEFCYwSpSDnVPnsyOIzNl1i
S/ABmM5NXFsygQinXSo2fe/XnVKu22N9r5vLehoUp6i7oCEKaECYteDZnGVMoa2W
eeo9YEWf0aewPyA0xtOY2/cV+g8Se4EYMLECocEX7PifX3nLSf+ikpzdIjoJmGhw
LlKEK9KxQB9lZQHhWMWaaWzbZLuJ8oORqq2q7xTlCdajIQh7Xy7OBDTNjjrZJLvd
dBNwREx3sSmfMg==
-----END CERTIFICATE-----
Generated at Sun Mar 29 14:11:50 2026 by rpki-client