Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/35049e-223d-4908-9754-38bac139c844/1/KipfTZdgeKzXSVfxcoF-zRnQJQI.mft
File: KipfTZdgeKzXSVfxcoF-zRnQJQI.mft (raw, json)
Hash identifier: 2So53lRJa5GM8LRjFVXHqpdM5ZwHQPbESO4b7jHQwlU=
Subject key identifier: 4C:C9:96:93:B8:1C:15:4C:FC:F8:FB:56:EC:4C:43:22:C1:50:80:31
Authority key identifier: 2A:2A:5F:4D:97:60:78:AC:D7:49:57:F1:72:81:7E:CD:19:D0:25:02
Certificate issuer: /CN=2a2a5f4d976078acd74957f172817ecd19d02502
Certificate serial: 019D3940CE9EB3957FA15D18974F2BD71EC7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KipfTZdgeKzXSVfxcoF-zRnQJQI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/35049e-223d-4908-9754-38bac139c844/1/KipfTZdgeKzXSVfxcoF-zRnQJQI.mft
Manifest number: 0227
Signing time: Sun 29 Mar 2026 11:00:41 +0000
Manifest this update: Sun 29 Mar 2026 11:00:41 +0000
Manifest next update: Mon 30 Mar 2026 11:00:41 +0000
Files and hashes: 1: KipfTZdgeKzXSVfxcoF-zRnQJQI.crl (hash: cymBb8O3IkDWJNPxOqV/gv/+aXhbbXbrbiD5lyUL+DI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/35049e-223d-4908-9754-38bac139c844/1/KipfTZdgeKzXSVfxcoF-zRnQJQI.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/35049e-223d-4908-9754-38bac139c844/1/KipfTZdgeKzXSVfxcoF-zRnQJQI.mft
rsync://rpki.ripe.net/repository/DEFAULT/KipfTZdgeKzXSVfxcoF-zRnQJQI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:40:ce:9e:b3:95:7f:a1:5d:18:97:4f:2b:d7:1e:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a2a5f4d976078acd74957f172817ecd19d02502
Validity
Not Before: Mar 29 11:00:41 2026 GMT
Not After : Mar 30 11:00:41 2026 GMT
Subject: CN=4cc99693b81c154cfcf8fb56ec4c4322c1508031
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:99:f7:57:6e:80:00:fa:b0:e0:f2:2e:c2:fe:
32:66:41:3f:db:5b:91:22:08:b5:31:b5:f6:a9:02:
53:c5:ac:2a:6d:33:2c:73:c2:eb:92:80:f4:ec:2e:
e0:30:54:ee:7b:35:5c:f9:b1:c8:e9:40:d8:53:6b:
a5:ac:9e:0e:c4:b6:7c:34:a6:2a:5f:4e:19:5c:65:
94:be:b7:ac:4f:50:29:0f:49:d0:81:68:46:0a:4b:
d6:1b:49:92:28:14:fd:c6:1e:2a:c5:b0:ce:52:ea:
d9:56:61:e6:dd:47:e9:2e:73:d3:ec:db:e5:d8:a4:
bf:94:39:c9:6a:9d:2d:2c:f0:c8:80:5d:40:0b:95:
0f:07:5d:d3:d5:e9:c0:24:82:df:89:2d:fe:8b:18:
b2:dd:79:b9:89:2e:64:20:ab:7e:f9:a6:fd:7a:1b:
a3:5b:7b:92:06:a8:d1:93:cd:59:3a:54:62:96:c4:
60:a6:32:75:f0:f5:11:ef:82:d4:e9:00:b3:d1:ed:
5c:23:b8:48:ec:56:f9:80:33:ab:fe:58:7b:b8:4f:
14:80:1d:c7:0f:54:24:43:cc:a1:eb:c0:35:b2:79:
e7:39:6b:97:b7:a5:2b:11:68:0e:20:e7:44:23:18:
ca:9e:dc:75:41:4e:69:be:bf:e4:4c:cc:35:59:48:
72:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:C9:96:93:B8:1C:15:4C:FC:F8:FB:56:EC:4C:43:22:C1:50:80:31
X509v3 Authority Key Identifier:
keyid:2A:2A:5F:4D:97:60:78:AC:D7:49:57:F1:72:81:7E:CD:19:D0:25:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KipfTZdgeKzXSVfxcoF-zRnQJQI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/35049e-223d-4908-9754-38bac139c844/1/KipfTZdgeKzXSVfxcoF-zRnQJQI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/35049e-223d-4908-9754-38bac139c844/1/KipfTZdgeKzXSVfxcoF-zRnQJQI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
08:10:ff:a2:de:72:ec:be:a0:b4:98:f8:14:f7:1e:7a:f1:28:
24:50:55:e9:e1:9c:d5:31:f2:1d:d7:bb:97:ec:67:7a:57:da:
8a:a4:5d:72:54:1d:c0:28:24:b0:0d:bc:f1:8b:e5:76:8b:e7:
ae:ba:6e:b2:24:8c:68:5b:9c:eb:a9:e9:b3:21:60:c5:27:70:
01:2c:dd:f9:1c:eb:d6:0f:d8:a9:8a:c9:c0:b1:41:27:cf:22:
f7:37:ca:c6:48:8e:64:2d:c3:1c:bf:77:f2:bd:c4:59:ba:c4:
34:44:39:11:4c:b0:e3:d5:71:c3:cf:6c:41:7b:5d:52:02:e1:
bf:94:45:48:ed:10:dd:1b:2f:85:eb:c9:1b:7d:07:c9:7b:bd:
8b:4c:41:8e:32:90:1a:b7:13:a1:20:86:8f:dd:0f:f0:06:ea:
fc:b4:d2:32:32:8c:9c:90:f3:4d:82:c7:c5:9c:1a:72:7d:fc:
da:63:58:61:8a:75:1f:86:37:99:db:b6:37:03:aa:57:49:e7:
a6:e9:21:c6:25:19:2c:f9:cf:96:b7:b3:9e:b1:3a:4a:d7:35:
6f:a3:ca:93:f2:d6:1f:4e:5f:fd:3e:07:35:8e:29:2a:38:03:
bf:1f:15:84:da:b6:39:34:57:cf:39:af:1b:d9:8f:44:f0:b5:
32:dd:78:db
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05QM6es5V/oV0Yl08r1x7HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhMmE1ZjRkOTc2MDc4YWNkNzQ5NTdmMTcyODE3ZWNkMTlk
MDI1MDIwHhcNMjYwMzI5MTEwMDQxWhcNMjYwMzMwMTEwMDQxWjAzMTEwLwYDVQQD
Eyg0Y2M5OTY5M2I4MWMxNTRjZmNmOGZiNTZlYzRjNDMyMmMxNTA4MDMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwJn3V26AAPqw4PIuwv4yZkE/21uR
Igi1MbX2qQJTxawqbTMsc8LrkoD07C7gMFTuezVc+bHI6UDYU2ulrJ4OxLZ8NKYq
X04ZXGWUvresT1ApD0nQgWhGCkvWG0mSKBT9xh4qxbDOUurZVmHm3UfpLnPT7Nvl
2KS/lDnJap0tLPDIgF1AC5UPB13T1enAJILfiS3+ixiy3Xm5iS5kIKt++ab9ehuj
W3uSBqjRk81ZOlRilsRgpjJ18PUR74LU6QCz0e1cI7hI7Fb5gDOr/lh7uE8UgB3H
D1QkQ8yh68A1snnnOWuXt6UrEWgOIOdEIxjKntx1QU5pvr/kTMw1WUhyawIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEzJlpO4HBVM/Pj7VuxMQyLBUIAxMB8GA1UdIwQY
MBaAFCoqX02XYHis10lX8XKBfs0Z0CUCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2lwZlRaZGdlS3pYU1ZmeGNvRi16Um5RSlFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zNTA0OWUtMjIzZC00OTA4LTk3NTQt
MzhiYWMxMzljODQ0LzEvS2lwZlRaZGdlS3pYU1ZmeGNvRi16Um5RSlFJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8zNTA0OWUtMjIzZC00OTA4LTk3NTQtMzhiYWMxMzljODQ0
LzEvS2lwZlRaZGdlS3pYU1ZmeGNvRi16Um5RSlFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACBD/ot5y
7L6gtJj4FPceevEoJFBV6eGc1THyHde7l+xnelfaiqRdclQdwCgksA288Yvldovn
rrpusiSMaFuc66npsyFgxSdwASzd+Rzr1g/YqYrJwLFBJ88i9zfKxkiOZC3DHL93
8r3EWbrENEQ5EUyw49Vxw89sQXtdUgLhv5RFSO0Q3RsvhevJG30HyXu9i0xBjjKQ
GrcToSCGj90P8Abq/LTSMjKMnJDzTYLHxZwacn382mNYYYp1H4Y3mdu2NwOqV0nn
pukhxiUZLPnPlreznrE6Stc1b6PKk/LWH05f/T4HNY4pKjgDvx8VhNq2OTRXzzmv
G9mPRPC1Mt142w==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:56:09 2026 by rpki-client