Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/f3fef4-45da-4b43-98c2-4df8840efb17/1/KYXMQ9gGohtjMwIZ62OLsbpJroA.mft
File: KYXMQ9gGohtjMwIZ62OLsbpJroA.mft (raw, json)
Hash identifier: +1FxVpkxaM6ywtJ6ImBI0aiNYmosK0ltszpjW80/nWA=
Subject key identifier: 4E:3E:08:05:5A:1A:05:73:2B:9C:59:61:B5:33:CC:88:17:AF:68:1D
Authority key identifier: 29:85:CC:43:D8:06:A2:1B:63:33:02:19:EB:63:8B:B1:BA:49:AE:80
Certificate issuer: /CN=2985cc43d806a21b63330219eb638bb1ba49ae80
Certificate serial: 019DCE99518D10558EBAAA4472A066E64E8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KYXMQ9gGohtjMwIZ62OLsbpJroA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/f3fef4-45da-4b43-98c2-4df8840efb17/1/KYXMQ9gGohtjMwIZ62OLsbpJroA.mft
Manifest number: 06C7
Signing time: Mon 27 Apr 2026 11:00:47 +0000
Manifest this update: Mon 27 Apr 2026 11:00:47 +0000
Manifest next update: Tue 28 Apr 2026 11:00:47 +0000
Files and hashes: 1: KYXMQ9gGohtjMwIZ62OLsbpJroA.crl (hash: fhsa5cSoh/vw2rHdFGTccmhBGkj7/zWQNtNLgnqWUZk=)
2: ZS3grquCf_l1OKXIoqEGRKP0J6M.roa (hash: 2PBPag/zPM22x9IohJ6q0TulDZRbeQTFCvgCnuCjnz0=)
3: vUdfXnwcRDPW7e3X7ofFMJYqkDk.roa (hash: 4hcskGjMuomfYGEOrtlmJrd0tV2p1HAsJ5FOV+HnCFs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/f3fef4-45da-4b43-98c2-4df8840efb17/1/KYXMQ9gGohtjMwIZ62OLsbpJroA.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/f3fef4-45da-4b43-98c2-4df8840efb17/1/KYXMQ9gGohtjMwIZ62OLsbpJroA.mft
rsync://rpki.ripe.net/repository/DEFAULT/KYXMQ9gGohtjMwIZ62OLsbpJroA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Apr 2026 11:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:ce:99:51:8d:10:55:8e:ba:aa:44:72:a0:66:e6:4e:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2985cc43d806a21b63330219eb638bb1ba49ae80
Validity
Not Before: Apr 27 11:00:47 2026 GMT
Not After : Apr 28 11:00:47 2026 GMT
Subject: CN=4e3e08055a1a05732b9c5961b533cc8817af681d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:82:6a:20:74:b4:11:27:b9:4a:ce:4f:19:d6:
b9:a5:02:e8:83:cf:f8:07:51:c5:7b:ad:ea:53:6b:
b4:9e:f4:5d:72:89:37:fa:70:a4:39:fd:b0:f3:32:
b1:92:21:75:23:82:a9:1a:85:37:a3:3b:2f:85:a0:
41:09:d7:bb:71:a7:8e:f9:23:ae:ca:a5:56:24:35:
11:55:3e:12:79:25:e5:7f:c4:4c:f6:9f:67:23:51:
cb:c0:b2:da:42:e0:b5:dc:93:8b:f4:d1:ba:cf:82:
ba:d8:70:f9:ab:9c:40:d6:92:6f:c7:3e:94:03:af:
36:17:a8:1c:48:d1:85:3e:a9:a4:0e:11:83:10:3d:
66:e3:ce:dc:f7:52:07:f7:cb:a5:b3:92:4e:96:76:
26:cc:70:bf:3d:d2:30:68:e8:17:3f:cf:d8:9f:7c:
77:2a:e6:ad:ef:b7:7b:95:fa:28:51:5e:1d:76:51:
d5:bb:fa:f7:7c:f2:49:61:b2:54:ae:48:bf:49:6f:
50:7b:1f:4d:bf:76:44:dd:98:ad:19:eb:45:d1:cb:
89:2b:89:78:34:f0:a8:5c:61:d0:91:56:00:8f:c8:
b0:05:a0:20:c6:65:d5:58:e3:76:9b:88:65:eb:5d:
76:63:83:f5:f9:97:1d:96:e5:fe:26:a2:7d:8c:24:
13:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:3E:08:05:5A:1A:05:73:2B:9C:59:61:B5:33:CC:88:17:AF:68:1D
X509v3 Authority Key Identifier:
keyid:29:85:CC:43:D8:06:A2:1B:63:33:02:19:EB:63:8B:B1:BA:49:AE:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KYXMQ9gGohtjMwIZ62OLsbpJroA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/f3fef4-45da-4b43-98c2-4df8840efb17/1/KYXMQ9gGohtjMwIZ62OLsbpJroA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/f3fef4-45da-4b43-98c2-4df8840efb17/1/KYXMQ9gGohtjMwIZ62OLsbpJroA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3f:7a:72:aa:18:f1:ef:58:13:b5:28:09:f0:c2:8e:db:b0:9d:
0d:be:56:16:6b:eb:a0:cd:02:bb:f1:fd:3a:6f:64:6c:38:0c:
39:c0:19:1d:c5:27:da:f0:c2:12:74:84:69:dd:c1:e1:ff:7d:
04:03:af:69:4b:e6:8b:73:bb:a8:e4:60:1f:60:22:13:02:f4:
a1:92:a7:d6:11:bf:aa:80:7b:6a:55:85:c6:58:f0:6a:b6:22:
95:da:bb:70:0f:2d:2b:ad:1e:a9:dc:6e:f7:70:2c:5c:6e:2e:
df:83:5b:94:f4:ce:c0:7c:9e:fe:2f:30:3a:f3:5e:db:d2:ad:
f3:9e:6e:80:a1:05:9f:5b:a0:1e:65:e8:c7:78:63:57:78:91:
f1:15:43:a6:52:29:4e:df:85:6f:46:76:b1:c0:72:10:fb:e3:
83:b9:8a:5a:51:08:51:64:b1:9e:b0:c9:c1:c8:ca:13:ae:4d:
87:44:1e:46:6d:f3:23:fb:ba:20:33:3f:b5:e7:0d:02:eb:7d:
69:ee:9b:a0:c7:5e:6b:9e:73:e3:27:e4:8d:45:9b:92:c5:ae:
f2:19:7b:b7:64:1f:3d:ae:ad:79:80:b7:7c:34:4f:e6:aa:f7:
ce:9a:52:96:6d:fb:31:2f:19:06:b5:b8:6f:24:3a:1d:1b:3c:
3c:56:3e:d6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ3OmVGNEFWOuqpEcqBm5k6OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ODVjYzQzZDgwNmEyMWI2MzMzMDIxOWViNjM4YmIxYmE0
OWFlODAwHhcNMjYwNDI3MTEwMDQ3WhcNMjYwNDI4MTEwMDQ3WjAzMTEwLwYDVQQD
Eyg0ZTNlMDgwNTVhMWEwNTczMmI5YzU5NjFiNTMzY2M4ODE3YWY2ODFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt4JqIHS0ESe5Ss5PGda5pQLog8/4
B1HFe63qU2u0nvRdcok3+nCkOf2w8zKxkiF1I4KpGoU3ozsvhaBBCde7caeO+SOu
yqVWJDURVT4SeSXlf8RM9p9nI1HLwLLaQuC13JOL9NG6z4K62HD5q5xA1pJvxz6U
A682F6gcSNGFPqmkDhGDED1m487c91IH98uls5JOlnYmzHC/PdIwaOgXP8/Yn3x3
Kuat77d7lfooUV4ddlHVu/r3fPJJYbJUrki/SW9Qex9Nv3ZE3ZitGetF0cuJK4l4
NPCoXGHQkVYAj8iwBaAgxmXVWON2m4hl6112Y4P1+ZcdluX+JqJ9jCQTOwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE4+CAVaGgVzK5xZYbUzzIgXr2gdMB8GA1UdIwQY
MBaAFCmFzEPYBqIbYzMCGetji7G6Sa6AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1lYTVE5Z0dvaHRqTXdJWjYyT0xzYnBKcm9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny9mM2ZlZjQtNDVkYS00YjQzLTk4YzIt
NGRmODg0MGVmYjE3LzEvS1lYTVE5Z0dvaHRqTXdJWjYyT0xzYnBKcm9BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny9mM2ZlZjQtNDVkYS00YjQzLTk4YzItNGRmODg0MGVmYjE3
LzEvS1lYTVE5Z0dvaHRqTXdJWjYyT0xzYnBKcm9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAP3pyqhjx
71gTtSgJ8MKO27CdDb5WFmvroM0Cu/H9Om9kbDgMOcAZHcUn2vDCEnSEad3B4f99
BAOvaUvmi3O7qORgH2AiEwL0oZKn1hG/qoB7alWFxljwarYildq7cA8tK60eqdxu
93AsXG4u34NblPTOwHye/i8wOvNe29Kt855ugKEFn1ugHmXox3hjV3iR8RVDplIp
Tt+Fb0Z2scByEPvjg7mKWlEIUWSxnrDJwcjKE65Nh0QeRm3zI/u6IDM/tecNAut9
ae6boMdea55z4yfkjUWbksWu8hl7t2QfPa6teYC3fDRP5qr3zppSlm37MS8ZBrW4
byQ6HRs8PFY+1g==
-----END CERTIFICATE-----
Generated at Mon Apr 27 19:48:32 2026 by rpki-client