Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/f3fef4-45da-4b43-98c2-4df8840efb17/1/KYXMQ9gGohtjMwIZ62OLsbpJroA.mft
File: KYXMQ9gGohtjMwIZ62OLsbpJroA.mft (raw, json)
Hash identifier: PZeU3BaOqtnRygdRUd6xHeIeEhcckC/8zdi6cuD972Q=
Subject key identifier: 2B:4C:72:59:B2:CB:7C:39:71:74:B2:F6:19:B8:1F:6F:3F:81:27:FF
Authority key identifier: 29:85:CC:43:D8:06:A2:1B:63:33:02:19:EB:63:8B:B1:BA:49:AE:80
Certificate issuer: /CN=2985cc43d806a21b63330219eb638bb1ba49ae80
Certificate serial: 019EB845989BFC30374503A7608C3A876B16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KYXMQ9gGohtjMwIZ62OLsbpJroA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/f3fef4-45da-4b43-98c2-4df8840efb17/1/KYXMQ9gGohtjMwIZ62OLsbpJroA.mft
Manifest number: 0740
Signing time: Thu 11 Jun 2026 20:00:29 +0000
Manifest this update: Thu 11 Jun 2026 20:00:29 +0000
Manifest next update: Fri 12 Jun 2026 20:00:29 +0000
Files and hashes: 1: KYXMQ9gGohtjMwIZ62OLsbpJroA.crl (hash: T6sLbptJg73ohfdQG/zK8QChNy+GxJe+Sj9/kVmGrQE=)
2: ZS3grquCf_l1OKXIoqEGRKP0J6M.roa (hash: 2PBPag/zPM22x9IohJ6q0TulDZRbeQTFCvgCnuCjnz0=)
3: vUdfXnwcRDPW7e3X7ofFMJYqkDk.roa (hash: 4hcskGjMuomfYGEOrtlmJrd0tV2p1HAsJ5FOV+HnCFs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/f3fef4-45da-4b43-98c2-4df8840efb17/1/KYXMQ9gGohtjMwIZ62OLsbpJroA.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/f3fef4-45da-4b43-98c2-4df8840efb17/1/KYXMQ9gGohtjMwIZ62OLsbpJroA.mft
rsync://rpki.ripe.net/repository/DEFAULT/KYXMQ9gGohtjMwIZ62OLsbpJroA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 20:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:b8:45:98:9b:fc:30:37:45:03:a7:60:8c:3a:87:6b:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2985cc43d806a21b63330219eb638bb1ba49ae80
Validity
Not Before: Jun 11 20:00:29 2026 GMT
Not After : Jun 12 20:00:29 2026 GMT
Subject: CN=2b4c7259b2cb7c397174b2f619b81f6f3f8127ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:d5:ab:02:07:28:2e:fd:2c:63:fc:79:9f:44:
54:3f:81:22:f6:1a:0b:59:ac:1c:90:7d:74:24:4f:
6c:63:5c:94:9e:2f:c9:15:ff:78:bc:a2:cd:61:05:
ea:50:25:d6:e4:c0:52:5d:64:95:94:35:a8:3d:d8:
0c:bf:e0:aa:1a:aa:a0:53:c9:8c:e3:39:a0:52:51:
7c:68:ac:19:e9:01:7f:00:19:52:80:3d:09:44:3b:
20:f6:79:80:86:b1:73:e9:84:83:f0:b3:8b:22:11:
2e:b7:f1:07:31:05:28:86:42:a7:a6:1e:ad:2e:ab:
9d:43:4a:3d:72:67:51:69:de:e1:e5:0c:03:7c:20:
6c:9b:4c:71:a1:75:80:e4:88:2d:51:38:64:fc:3f:
be:b5:0d:95:60:65:cc:4f:b1:6b:84:19:dd:1b:74:
ff:ce:fc:74:b3:6a:91:55:55:23:98:88:38:4c:7b:
e6:8c:77:de:3b:35:fd:2a:ea:65:ce:04:08:ae:42:
72:53:28:b3:b2:75:f2:d6:7e:cf:c1:74:d1:0a:b0:
0b:ed:b3:7d:a0:82:6b:d5:5d:e6:4b:f8:ed:54:81:
9f:c0:05:ed:95:13:1f:63:43:d0:27:f3:56:b1:18:
c8:7e:06:94:35:d2:d7:1a:03:67:b8:79:e6:b8:a6:
28:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:4C:72:59:B2:CB:7C:39:71:74:B2:F6:19:B8:1F:6F:3F:81:27:FF
X509v3 Authority Key Identifier:
keyid:29:85:CC:43:D8:06:A2:1B:63:33:02:19:EB:63:8B:B1:BA:49:AE:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KYXMQ9gGohtjMwIZ62OLsbpJroA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/f3fef4-45da-4b43-98c2-4df8840efb17/1/KYXMQ9gGohtjMwIZ62OLsbpJroA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/f3fef4-45da-4b43-98c2-4df8840efb17/1/KYXMQ9gGohtjMwIZ62OLsbpJroA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
46:ff:46:d4:b8:1f:1e:a2:a8:7c:24:b1:c6:e5:8d:12:3b:89:
b0:be:81:e9:15:19:48:d5:79:7e:9f:dc:27:d5:ac:97:92:37:
02:c2:97:76:b1:65:72:20:e8:95:5f:46:d0:ef:71:a7:f4:2a:
e7:65:cc:86:72:9d:68:b6:ea:e0:87:43:76:fc:ef:67:7a:0f:
74:1e:f5:cb:81:3f:19:b3:97:74:67:75:1b:39:57:d2:c3:81:
2a:b3:9a:ca:9a:ab:45:5a:a3:d4:be:83:fc:78:52:30:b0:2b:
bf:eb:98:11:b1:25:c2:18:40:26:73:28:80:55:75:d2:56:a1:
ea:ae:6c:d4:12:26:ea:5d:d4:4b:c5:60:44:c6:24:8c:ab:5f:
39:66:8d:60:e6:81:f9:be:be:02:f4:76:c7:25:3f:77:19:75:
99:bf:4e:9a:fd:7c:77:3e:12:81:12:ab:40:4d:ce:a5:c8:2c:
83:0f:85:2a:5e:64:14:e8:95:a7:bf:77:a1:86:51:2f:a9:d6:
fd:0b:51:f1:b0:18:4a:b3:64:54:ee:c4:db:5e:7f:2a:97:f3:
74:9d:fe:b7:9d:e0:ad:cb:84:8c:46:56:7d:8e:ae:f6:57:70:
fb:68:ba:11:32:ee:70:5e:85:c4:c1:48:d4:ea:a0:8e:9d:59:
08:2b:94:58
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ64RZib/DA3RQOnYIw6h2sWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ODVjYzQzZDgwNmEyMWI2MzMzMDIxOWViNjM4YmIxYmE0
OWFlODAwHhcNMjYwNjExMjAwMDI5WhcNMjYwNjEyMjAwMDI5WjAzMTEwLwYDVQQD
EygyYjRjNzI1OWIyY2I3YzM5NzE3NGIyZjYxOWI4MWY2ZjNmODEyN2ZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo9WrAgcoLv0sY/x5n0RUP4Ei9hoL
WawckH10JE9sY1yUni/JFf94vKLNYQXqUCXW5MBSXWSVlDWoPdgMv+CqGqqgU8mM
4zmgUlF8aKwZ6QF/ABlSgD0JRDsg9nmAhrFz6YSD8LOLIhEut/EHMQUohkKnph6t
LqudQ0o9cmdRad7h5QwDfCBsm0xxoXWA5IgtUThk/D++tQ2VYGXMT7FrhBndG3T/
zvx0s2qRVVUjmIg4THvmjHfeOzX9KuplzgQIrkJyUyizsnXy1n7PwXTRCrAL7bN9
oIJr1V3mS/jtVIGfwAXtlRMfY0PQJ/NWsRjIfgaUNdLXGgNnuHnmuKYodQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCtMclmyy3w5cXSy9hm4H28/gSf/MB8GA1UdIwQY
MBaAFCmFzEPYBqIbYzMCGetji7G6Sa6AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1lYTVE5Z0dvaHRqTXdJWjYyT0xzYnBKcm9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny9mM2ZlZjQtNDVkYS00YjQzLTk4YzIt
NGRmODg0MGVmYjE3LzEvS1lYTVE5Z0dvaHRqTXdJWjYyT0xzYnBKcm9BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny9mM2ZlZjQtNDVkYS00YjQzLTk4YzItNGRmODg0MGVmYjE3
LzEvS1lYTVE5Z0dvaHRqTXdJWjYyT0xzYnBKcm9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARv9G1Lgf
HqKofCSxxuWNEjuJsL6B6RUZSNV5fp/cJ9Wsl5I3AsKXdrFlciDolV9G0O9xp/Qq
52XMhnKdaLbq4IdDdvzvZ3oPdB71y4E/GbOXdGd1GzlX0sOBKrOaypqrRVqj1L6D
/HhSMLArv+uYEbElwhhAJnMogFV10lah6q5s1BIm6l3US8VgRMYkjKtfOWaNYOaB
+b6+AvR2xyU/dxl1mb9Omv18dz4SgRKrQE3Opcgsgw+FKl5kFOiVp793oYZRL6nW
/QtR8bAYSrNkVO7E215/KpfzdJ3+t53grcuEjEZWfY6u9ldw+2i6ETLucF6FxMFI
1Oqgjp1ZCCuUWA==
-----END CERTIFICATE-----
Generated at Fri Jun 12 06:11:54 2026 by rpki-client