Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/a54eb1-33de-401f-935a-f349284509b7/1/kpbYTmTVXsgSR2-4BvD-daCL-ys.mft
File: kpbYTmTVXsgSR2-4BvD-daCL-ys.mft (raw, json)
Hash identifier: 2OB04fERaInagFcrD5AbbxcPbz/giiIAT31SQ17ySV4=
Subject key identifier: 04:F1:54:71:9A:BC:B6:10:85:7A:BB:CE:B6:EA:B3:46:9F:B1:B1:FE
Authority key identifier: 92:96:D8:4E:64:D5:5E:C8:12:47:6F:B8:06:F0:FE:75:A0:8B:FB:2B
Certificate issuer: /CN=9296d84e64d55ec812476fb806f0fe75a08bfb2b
Certificate serial: 019E9101D53E751E8A926F944CBA89408250
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kpbYTmTVXsgSR2-4BvD-daCL-ys.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/a54eb1-33de-401f-935a-f349284509b7/1/kpbYTmTVXsgSR2-4BvD-daCL-ys.mft
Manifest number: 1943
Signing time: Thu 04 Jun 2026 05:01:16 +0000
Manifest this update: Thu 04 Jun 2026 05:01:16 +0000
Manifest next update: Fri 05 Jun 2026 05:01:16 +0000
Files and hashes: 1: WMTxNqy5dxe24um7JtSXmDnNRnM.roa (hash: TxZKxHcS8Fj+JFe1cwBosTBaRiZeeZ2HacumzoOW+L8=)
2: kpbYTmTVXsgSR2-4BvD-daCL-ys.crl (hash: 7FioxeLHiKlNd8dy7Xleo1OMMv2P4woJyMcpPQRk0r4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/a54eb1-33de-401f-935a-f349284509b7/1/kpbYTmTVXsgSR2-4BvD-daCL-ys.crl
rsync://rpki.ripe.net/repository/DEFAULT/53/a54eb1-33de-401f-935a-f349284509b7/1/kpbYTmTVXsgSR2-4BvD-daCL-ys.mft
rsync://rpki.ripe.net/repository/DEFAULT/kpbYTmTVXsgSR2-4BvD-daCL-ys.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 05 Jun 2026 05:01:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:91:01:d5:3e:75:1e:8a:92:6f:94:4c:ba:89:40:82:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9296d84e64d55ec812476fb806f0fe75a08bfb2b
Validity
Not Before: Jun 4 05:01:16 2026 GMT
Not After : Jun 5 05:01:16 2026 GMT
Subject: CN=04f154719abcb610857abbceb6eab3469fb1b1fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:63:7f:64:cc:aa:d5:c0:ef:77:e2:aa:ce:9d:
4b:90:ae:18:9e:92:4d:7d:ac:7a:7e:40:aa:2e:57:
75:d7:2c:eb:cd:59:8e:85:a6:43:a4:9f:0c:df:75:
40:87:cb:34:b4:bf:72:5e:02:e8:28:06:c4:aa:70:
38:7a:7d:d2:14:ea:9f:18:ae:36:83:d8:fa:9f:93:
ee:bd:c1:e4:a1:ff:9e:b9:c4:4b:a8:94:94:ae:0c:
d6:c0:3f:ce:f6:ce:81:70:2e:a8:62:ef:19:9e:85:
65:f8:44:f9:ac:24:23:21:14:20:08:9a:15:64:19:
e7:0e:ed:14:f2:d1:58:d0:9f:7b:24:dc:c3:91:43:
da:db:37:77:85:5d:71:e2:fe:24:57:ef:cc:12:8d:
28:91:66:1d:b5:db:15:31:7a:37:6d:2a:96:a4:8f:
96:ff:2f:e9:44:75:1d:d1:3b:fe:6d:f0:55:64:46:
bd:8a:63:56:f1:d3:ec:55:ef:fa:bd:8a:75:2c:b9:
87:2d:d2:2f:c9:b1:e2:30:8b:5d:bb:69:38:36:a0:
13:b0:3f:5a:27:2b:10:ae:9c:c6:45:ca:30:da:ef:
d4:51:53:62:b8:8c:14:a7:64:9c:5c:70:d5:cf:d7:
ad:26:87:f2:57:c2:a5:3f:86:f8:87:60:c2:c2:db:
25:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:F1:54:71:9A:BC:B6:10:85:7A:BB:CE:B6:EA:B3:46:9F:B1:B1:FE
X509v3 Authority Key Identifier:
keyid:92:96:D8:4E:64:D5:5E:C8:12:47:6F:B8:06:F0:FE:75:A0:8B:FB:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kpbYTmTVXsgSR2-4BvD-daCL-ys.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/a54eb1-33de-401f-935a-f349284509b7/1/kpbYTmTVXsgSR2-4BvD-daCL-ys.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/a54eb1-33de-401f-935a-f349284509b7/1/kpbYTmTVXsgSR2-4BvD-daCL-ys.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1e:d6:8e:d4:60:54:97:74:c1:60:95:ef:bf:af:76:37:13:60:
dc:77:70:68:9b:37:43:ad:38:59:0f:9e:d3:a4:a2:2a:90:0f:
29:13:78:65:43:d0:29:61:3a:06:dc:08:93:6c:b5:b3:83:b9:
1f:f6:6a:37:47:46:66:66:ad:ef:6a:9a:57:51:5a:67:42:f7:
48:83:6b:f2:2e:e3:48:f4:a8:bb:c7:0f:d1:7c:ba:35:b7:17:
8d:6d:92:05:95:7b:69:3f:34:ba:83:0d:b1:55:08:cc:ca:fd:
76:56:be:8a:12:81:13:f1:fd:42:e5:98:5b:b2:5b:85:a8:da:
83:5c:27:8d:d5:be:1d:b4:f7:3c:ed:fa:85:25:c8:ba:d4:cb:
8c:5b:53:b3:8a:bb:73:d1:f6:49:43:42:e2:0f:c5:0c:e3:e5:
e5:08:71:d9:09:9d:20:a9:36:2e:fe:05:72:9d:b4:06:c6:c8:
81:39:b5:d2:42:b3:33:6b:55:29:09:70:92:f0:23:fa:a3:d4:
71:76:5b:0a:bf:08:ec:7a:ba:b5:5a:17:8f:e3:51:38:b0:41:
a7:63:7a:e2:18:52:27:07:06:7b:b0:b0:e6:e9:67:f6:d5:ba:
3c:ac:1b:c1:98:9e:91:aa:63:18:e3:18:6b:e5:aa:24:7f:03:
ed:33:cc:72
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ6RAdU+dR6Kkm+UTLqJQIJQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyOTZkODRlNjRkNTVlYzgxMjQ3NmZiODA2ZjBmZTc1YTA4
YmZiMmIwHhcNMjYwNjA0MDUwMTE2WhcNMjYwNjA1MDUwMTE2WjAzMTEwLwYDVQQD
EygwNGYxNTQ3MTlhYmNiNjEwODU3YWJiY2ViNmVhYjM0NjlmYjFiMWZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArWN/ZMyq1cDvd+Kqzp1LkK4YnpJN
fax6fkCqLld11yzrzVmOhaZDpJ8M33VAh8s0tL9yXgLoKAbEqnA4en3SFOqfGK42
g9j6n5PuvcHkof+eucRLqJSUrgzWwD/O9s6BcC6oYu8ZnoVl+ET5rCQjIRQgCJoV
ZBnnDu0U8tFY0J97JNzDkUPa2zd3hV1x4v4kV+/MEo0okWYdtdsVMXo3bSqWpI+W
/y/pRHUd0Tv+bfBVZEa9imNW8dPsVe/6vYp1LLmHLdIvybHiMItdu2k4NqATsD9a
JysQrpzGRcow2u/UUVNiuIwUp2ScXHDVz9etJofyV8KlP4b4h2DCwtsl6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFATxVHGavLYQhXq7zrbqs0afsbH+MB8GA1UdIwQY
MBaAFJKW2E5k1V7IEkdvuAbw/nWgi/srMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3BiWVRtVFZYc2dTUjItNEJ2RC1kYUNMLXlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My9hNTRlYjEtMzNkZS00MDFmLTkzNWEt
ZjM0OTI4NDUwOWI3LzEva3BiWVRtVFZYc2dTUjItNEJ2RC1kYUNMLXlzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My9hNTRlYjEtMzNkZS00MDFmLTkzNWEtZjM0OTI4NDUwOWI3
LzEva3BiWVRtVFZYc2dTUjItNEJ2RC1kYUNMLXlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHtaO1GBU
l3TBYJXvv692NxNg3HdwaJs3Q604WQ+e06SiKpAPKRN4ZUPQKWE6BtwIk2y1s4O5
H/ZqN0dGZmat72qaV1FaZ0L3SINr8i7jSPSou8cP0Xy6NbcXjW2SBZV7aT80uoMN
sVUIzMr9dla+ihKBE/H9QuWYW7Jbhajag1wnjdW+HbT3PO36hSXIutTLjFtTs4q7
c9H2SUNC4g/FDOPl5Qhx2QmdIKk2Lv4Fcp20BsbIgTm10kKzM2tVKQlwkvAj+qPU
cXZbCr8I7Hq6tVoXj+NROLBBp2N64hhSJwcGe7Cw5uln9tW6PKwbwZiekapjGOMY
a+WqJH8D7TPMcg==
-----END CERTIFICATE-----
Generated at Thu Jun 4 14:29:23 2026 by rpki-client