Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/05ca1d-c357-48bc-9609-45a534f222f4/1/JKnYTG0WwIMJPDNxtFddNu9Ej-Q.mft
File: JKnYTG0WwIMJPDNxtFddNu9Ej-Q.mft (raw, json)
Hash identifier: okg8zd5tcqA6qU6g4Cio76oEAhhS0A9PMdfGGVg06wE=
Subject key identifier: 38:8D:D0:2A:D3:FB:CC:5C:85:48:8E:21:82:A2:5B:1D:5D:77:27:D1
Authority key identifier: 24:A9:D8:4C:6D:16:C0:83:09:3C:33:71:B4:57:5D:36:EF:44:8F:E4
Certificate issuer: /CN=24a9d84c6d16c083093c3371b4575d36ef448fe4
Certificate serial: 019D389BF4789E24C43093DF198D56A796BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JKnYTG0WwIMJPDNxtFddNu9Ej-Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/05ca1d-c357-48bc-9609-45a534f222f4/1/JKnYTG0WwIMJPDNxtFddNu9Ej-Q.mft
Manifest number: 0C41
Signing time: Sun 29 Mar 2026 08:00:37 +0000
Manifest this update: Sun 29 Mar 2026 08:00:37 +0000
Manifest next update: Mon 30 Mar 2026 08:00:37 +0000
Files and hashes: 1: JKnYTG0WwIMJPDNxtFddNu9Ej-Q.crl (hash: 3R7wRZWyfndHrjZiw1E+9RqoqCwDwwvGr52EvNu7KXs=)
2: mcYH2WbtharfS1cKE4nDVc9cSUQ.roa (hash: 6NNnIl4fnOkglhpxTOXbgmIwZY5zvuF1yTHWpVT47EM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/55/05ca1d-c357-48bc-9609-45a534f222f4/1/JKnYTG0WwIMJPDNxtFddNu9Ej-Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/55/05ca1d-c357-48bc-9609-45a534f222f4/1/JKnYTG0WwIMJPDNxtFddNu9Ej-Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/JKnYTG0WwIMJPDNxtFddNu9Ej-Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:9b:f4:78:9e:24:c4:30:93:df:19:8d:56:a7:96:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=24a9d84c6d16c083093c3371b4575d36ef448fe4
Validity
Not Before: Mar 29 08:00:37 2026 GMT
Not After : Mar 30 08:00:37 2026 GMT
Subject: CN=388dd02ad3fbcc5c85488e2182a25b1d5d7727d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:f7:29:8c:2a:53:a9:9e:34:f5:10:77:39:97:
03:ad:e6:82:ef:8a:e6:5e:83:cf:c4:b8:a6:de:ff:
17:dc:b6:97:f3:7b:79:07:06:ae:0f:bb:f8:40:42:
97:46:55:42:b5:96:59:e1:f7:c2:ae:83:62:2e:c3:
ab:93:ec:d2:57:26:a6:3c:36:46:9b:60:07:b9:55:
c0:0d:d9:ab:71:f8:52:9a:91:d8:0e:52:33:80:a8:
46:e5:a1:70:aa:6f:26:a6:e4:54:46:44:cc:1d:56:
b1:08:b3:3e:2d:b7:7f:bd:36:d0:dc:c5:92:fb:1c:
24:16:b7:71:35:c9:ee:59:75:7d:d0:39:90:ab:c5:
df:2f:60:fc:53:5e:64:6e:4c:a7:e9:ab:a2:67:f9:
a6:3a:d6:ea:db:b8:56:aa:20:a4:87:20:24:d5:37:
18:2f:c8:d0:61:33:f4:b3:1b:5b:e8:39:f6:49:fd:
e1:23:4e:0d:21:91:19:18:63:12:85:17:1c:61:93:
54:a0:0a:bf:03:13:45:d4:f5:58:ae:19:20:d8:5d:
eb:13:51:03:2f:e0:d9:05:63:c6:b9:f1:8e:8b:0c:
10:aa:94:0c:e7:1c:7e:94:55:31:d5:5e:7a:72:91:
ac:5b:2e:e3:0d:06:07:4b:4a:e7:40:48:71:5a:df:
bd:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:8D:D0:2A:D3:FB:CC:5C:85:48:8E:21:82:A2:5B:1D:5D:77:27:D1
X509v3 Authority Key Identifier:
keyid:24:A9:D8:4C:6D:16:C0:83:09:3C:33:71:B4:57:5D:36:EF:44:8F:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JKnYTG0WwIMJPDNxtFddNu9Ej-Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/05ca1d-c357-48bc-9609-45a534f222f4/1/JKnYTG0WwIMJPDNxtFddNu9Ej-Q.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/05ca1d-c357-48bc-9609-45a534f222f4/1/JKnYTG0WwIMJPDNxtFddNu9Ej-Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
60:74:37:4c:7a:33:9b:83:bb:fe:e6:60:ab:e7:8b:57:69:62:
03:0a:eb:c3:13:53:4b:3b:1d:12:30:f9:d8:06:73:f1:6c:68:
a9:2f:0a:f4:42:ae:73:c0:cd:17:62:3d:35:e4:21:1c:b9:f4:
1e:f1:fc:7b:35:47:33:7c:5e:19:02:c8:e0:dc:a1:e1:22:64:
ca:32:ab:7c:a7:b7:d2:0d:8e:1a:ec:e8:6f:4b:48:12:29:a9:
29:dd:73:48:ad:e6:1b:7b:a3:80:d9:bc:47:37:a8:36:e3:ec:
ab:22:fe:5c:f7:2e:40:2f:26:bf:2f:18:95:05:46:86:8f:18:
ed:fe:2a:a3:a1:dd:57:d7:81:ec:10:ce:d6:69:0c:df:ab:4d:
d5:61:8f:a0:dd:66:61:fd:0f:a3:59:1c:9b:29:10:8a:17:5c:
83:8c:83:44:e9:19:ec:a2:22:6d:9a:d0:ed:9d:73:fd:7f:2e:
03:ab:8a:f6:42:bb:29:d6:9f:3e:7e:db:7c:07:36:ab:6e:1f:
c8:16:f0:c2:81:21:a9:31:64:ea:f4:4e:d1:34:eb:fe:b8:1e:
be:05:5e:eb:03:03:3f:e4:2e:03:30:94:4c:54:7e:56:45:f5:
0c:21:4e:0a:7d:83:a8:9b:6c:58:4d:7c:a7:af:13:9e:c2:ed:
92:cd:27:48
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04m/R4niTEMJPfGY1Wp5a6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0YTlkODRjNmQxNmMwODMwOTNjMzM3MWI0NTc1ZDM2ZWY0
NDhmZTQwHhcNMjYwMzI5MDgwMDM3WhcNMjYwMzMwMDgwMDM3WjAzMTEwLwYDVQQD
EygzODhkZDAyYWQzZmJjYzVjODU0ODhlMjE4MmEyNWIxZDVkNzcyN2QxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsfcpjCpTqZ409RB3OZcDreaC74rm
XoPPxLim3v8X3LaX83t5BwauD7v4QEKXRlVCtZZZ4ffCroNiLsOrk+zSVyamPDZG
m2AHuVXADdmrcfhSmpHYDlIzgKhG5aFwqm8mpuRURkTMHVaxCLM+Lbd/vTbQ3MWS
+xwkFrdxNcnuWXV90DmQq8XfL2D8U15kbkyn6auiZ/mmOtbq27hWqiCkhyAk1TcY
L8jQYTP0sxtb6Dn2Sf3hI04NIZEZGGMShRccYZNUoAq/AxNF1PVYrhkg2F3rE1ED
L+DZBWPGufGOiwwQqpQM5xx+lFUx1V56cpGsWy7jDQYHS0rnQEhxWt+9SQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDiN0CrT+8xchUiOIYKiWx1ddyfRMB8GA1UdIwQY
MBaAFCSp2ExtFsCDCTwzcbRXXTbvRI/kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSktuWVRHMFd3SU1KUEROeHRGZGROdTlFai1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS8wNWNhMWQtYzM1Ny00OGJjLTk2MDkt
NDVhNTM0ZjIyMmY0LzEvSktuWVRHMFd3SU1KUEROeHRGZGROdTlFai1RLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS8wNWNhMWQtYzM1Ny00OGJjLTk2MDktNDVhNTM0ZjIyMmY0
LzEvSktuWVRHMFd3SU1KUEROeHRGZGROdTlFai1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYHQ3THoz
m4O7/uZgq+eLV2liAwrrwxNTSzsdEjD52AZz8WxoqS8K9EKuc8DNF2I9NeQhHLn0
HvH8ezVHM3xeGQLI4Nyh4SJkyjKrfKe30g2OGuzob0tIEimpKd1zSK3mG3ujgNm8
RzeoNuPsqyL+XPcuQC8mvy8YlQVGho8Y7f4qo6HdV9eB7BDO1mkM36tN1WGPoN1m
Yf0Po1kcmykQihdcg4yDROkZ7KIibZrQ7Z1z/X8uA6uK9kK7KdafPn7bfAc2q24f
yBbwwoEhqTFk6vRO0TTr/rgevgVe6wMDP+QuAzCUTFR+VkX1DCFOCn2DqJtsWE18
p68TnsLtks0nSA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 14:55:56 2026 by rpki-client