Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/8a31f3-7acf-47b4-b97b-fa31e2dc6abb/1/KtL-ZGbQcJSkJW2izIRwg8UAaxo.mft
File: KtL-ZGbQcJSkJW2izIRwg8UAaxo.mft (raw, json)
Hash identifier: s5WyfP1ffNXMryCq5nJHaqjNg60EwxZMTa5ZgE6xh5I=
Subject key identifier: 40:81:D1:C1:C6:18:B4:E1:27:6F:37:A1:1B:A8:AF:A0:69:E2:A0:53
Authority key identifier: 2A:D2:FE:64:66:D0:70:94:A4:25:6D:A2:CC:84:70:83:C5:00:6B:1A
Certificate issuer: /CN=2ad2fe6466d07094a4256da2cc847083c5006b1a
Certificate serial: 019D389BED83D2B892CD86AB81234D4B8A3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KtL-ZGbQcJSkJW2izIRwg8UAaxo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/8a31f3-7acf-47b4-b97b-fa31e2dc6abb/1/KtL-ZGbQcJSkJW2izIRwg8UAaxo.mft
Manifest number: 1599
Signing time: Sun 29 Mar 2026 08:00:36 +0000
Manifest this update: Sun 29 Mar 2026 08:00:36 +0000
Manifest next update: Mon 30 Mar 2026 08:00:36 +0000
Files and hashes: 1: KtL-ZGbQcJSkJW2izIRwg8UAaxo.crl (hash: 54tp2NByQM4pOW1mViVpaMthfHsnQ2ZevGnev3FXXco=)
2: L7FFVZjn00bwAbkg_Lv5HyPXbUw.roa (hash: DToSgYumdmGKe2TLhpTAx0H6yxJQdXcD2z0JX5cGoUQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/8a31f3-7acf-47b4-b97b-fa31e2dc6abb/1/KtL-ZGbQcJSkJW2izIRwg8UAaxo.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/8a31f3-7acf-47b4-b97b-fa31e2dc6abb/1/KtL-ZGbQcJSkJW2izIRwg8UAaxo.mft
rsync://rpki.ripe.net/repository/DEFAULT/KtL-ZGbQcJSkJW2izIRwg8UAaxo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:9b:ed:83:d2:b8:92:cd:86:ab:81:23:4d:4b:8a:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ad2fe6466d07094a4256da2cc847083c5006b1a
Validity
Not Before: Mar 29 08:00:36 2026 GMT
Not After : Mar 30 08:00:36 2026 GMT
Subject: CN=4081d1c1c618b4e1276f37a11ba8afa069e2a053
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:7c:1e:c0:b0:9c:04:2a:52:d9:71:93:d3:1e:
68:a8:fc:6e:39:97:79:52:98:ce:0b:96:5b:e9:94:
1e:94:7b:cc:e2:88:17:ad:27:46:8c:cd:72:c0:c3:
94:45:b6:0b:23:03:f2:00:8b:2d:6d:91:56:99:a9:
3c:38:49:3f:cc:a2:53:67:a6:32:65:a0:e5:fe:c5:
b3:df:17:7a:ba:9d:d7:ac:bb:73:f1:32:3b:11:e1:
65:69:43:c0:be:3a:e3:2f:d6:b1:e5:34:20:d7:df:
2e:8e:65:05:3b:0c:e9:68:1f:8f:21:a2:9b:3a:be:
00:1a:d8:a8:5d:45:fb:a0:d2:63:18:cb:3f:4f:bd:
35:7d:71:07:d4:f0:0e:9c:97:ff:5f:0b:28:ae:a7:
f8:74:44:91:05:f6:43:11:90:ab:ce:75:d5:8e:ae:
44:67:9a:e1:91:96:8c:93:a1:c5:b3:48:36:04:b3:
f5:98:1a:77:98:19:a2:bc:9e:82:09:55:23:9d:2a:
f0:da:50:a8:bf:d0:a7:c9:ba:73:80:2b:ed:c6:da:
50:a6:0d:fe:02:2f:e2:e5:d5:b1:39:cb:bb:f4:69:
8e:35:f5:83:54:19:db:0a:91:d8:5e:2e:1b:84:78:
7b:e0:8a:ea:53:15:cb:bf:97:18:6d:fe:c5:4d:93:
c3:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:81:D1:C1:C6:18:B4:E1:27:6F:37:A1:1B:A8:AF:A0:69:E2:A0:53
X509v3 Authority Key Identifier:
keyid:2A:D2:FE:64:66:D0:70:94:A4:25:6D:A2:CC:84:70:83:C5:00:6B:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KtL-ZGbQcJSkJW2izIRwg8UAaxo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/8a31f3-7acf-47b4-b97b-fa31e2dc6abb/1/KtL-ZGbQcJSkJW2izIRwg8UAaxo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/8a31f3-7acf-47b4-b97b-fa31e2dc6abb/1/KtL-ZGbQcJSkJW2izIRwg8UAaxo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a7:8f:39:0c:32:b6:b7:67:92:67:3e:ab:87:ab:41:77:29:f3:
e6:a0:fd:87:50:1d:67:15:d0:ec:dc:aa:97:0b:4a:80:f5:74:
1d:36:76:6a:74:23:1a:cd:fe:42:00:f4:84:7f:d2:b8:73:db:
ef:5e:51:8b:8f:c9:4c:52:5d:69:70:16:5b:dd:1d:00:bf:c8:
94:31:8f:fe:c7:7f:80:18:f5:f7:06:2f:56:87:2c:45:99:5b:
72:7b:bd:7a:f0:70:ee:81:0f:4c:5c:47:b3:90:2e:91:11:64:
9b:e0:9d:c9:84:9d:8c:75:ea:a3:22:d3:31:12:71:c1:46:0f:
d3:0c:f2:20:dd:f1:f1:21:cb:6f:e8:31:0f:06:ca:65:0c:1c:
48:3b:72:ce:8d:c1:50:d9:e3:b3:ee:b3:65:b7:04:ae:02:05:
93:32:16:89:de:d4:5b:8d:79:0e:28:9c:99:30:46:71:46:ea:
19:fa:15:cb:75:3d:cb:a5:4e:80:dd:d8:1b:2d:a8:8f:f9:5a:
da:38:09:0b:db:1f:d3:2d:84:44:94:dd:4c:74:4b:7d:44:e1:
de:bb:4e:d6:3e:c3:10:b5:71:70:d0:8c:45:0d:0e:1e:57:66:
3b:a9:f9:1c:b7:50:e2:80:8d:4b:a7:07:94:6a:23:4a:bb:3f:
c9:f7:3a:5f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04m+2D0riSzYargSNNS4o7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhZDJmZTY0NjZkMDcwOTRhNDI1NmRhMmNjODQ3MDgzYzUw
MDZiMWEwHhcNMjYwMzI5MDgwMDM2WhcNMjYwMzMwMDgwMDM2WjAzMTEwLwYDVQQD
Eyg0MDgxZDFjMWM2MThiNGUxMjc2ZjM3YTExYmE4YWZhMDY5ZTJhMDUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyHwewLCcBCpS2XGT0x5oqPxuOZd5
UpjOC5Zb6ZQelHvM4ogXrSdGjM1ywMOURbYLIwPyAIstbZFWmak8OEk/zKJTZ6Yy
ZaDl/sWz3xd6up3XrLtz8TI7EeFlaUPAvjrjL9ax5TQg198ujmUFOwzpaB+PIaKb
Or4AGtioXUX7oNJjGMs/T701fXEH1PAOnJf/Xwsorqf4dESRBfZDEZCrznXVjq5E
Z5rhkZaMk6HFs0g2BLP1mBp3mBmivJ6CCVUjnSrw2lCov9CnybpzgCvtxtpQpg3+
Ai/i5dWxOcu79GmONfWDVBnbCpHYXi4bhHh74IrqUxXLv5cYbf7FTZPDrQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFECB0cHGGLThJ283oRuor6Bp4qBTMB8GA1UdIwQY
MBaAFCrS/mRm0HCUpCVtosyEcIPFAGsaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3RMLVpHYlFjSlNrSlcyaXpJUndnOFVBYXhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC84YTMxZjMtN2FjZi00N2I0LWI5N2It
ZmEzMWUyZGM2YWJiLzEvS3RMLVpHYlFjSlNrSlcyaXpJUndnOFVBYXhvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC84YTMxZjMtN2FjZi00N2I0LWI5N2ItZmEzMWUyZGM2YWJi
LzEvS3RMLVpHYlFjSlNrSlcyaXpJUndnOFVBYXhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAp485DDK2
t2eSZz6rh6tBdynz5qD9h1AdZxXQ7NyqlwtKgPV0HTZ2anQjGs3+QgD0hH/SuHPb
715Ri4/JTFJdaXAWW90dAL/IlDGP/sd/gBj19wYvVocsRZlbcnu9evBw7oEPTFxH
s5AukRFkm+CdyYSdjHXqoyLTMRJxwUYP0wzyIN3x8SHLb+gxDwbKZQwcSDtyzo3B
UNnjs+6zZbcErgIFkzIWid7UW415DiicmTBGcUbqGfoVy3U9y6VOgN3YGy2oj/la
2jgJC9sf0y2ERJTdTHRLfUTh3rtO1j7DELVxcNCMRQ0OHldmO6n5HLdQ4oCNS6cH
lGojSrs/yfc6Xw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:26:12 2026 by rpki-client