Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/0bd4d3-d46c-483f-956e-ea7ae72bd32d/1/kziECSasc-rVthh5GeiPEAMimco.mft
File: kziECSasc-rVthh5GeiPEAMimco.mft (raw, json)
Hash identifier: AhEFYBBiDUaQZxkhsyy1uUpJeuhLKwPVkTM07r89GKs=
Subject key identifier: A9:5F:19:51:C4:CA:B6:2E:62:A3:ED:69:48:C8:6A:C7:0A:BF:11:5A
Authority key identifier: 93:38:84:09:26:AC:73:EA:D5:B6:18:79:19:E8:8F:10:03:22:99:CA
Certificate issuer: /CN=9338840926ac73ead5b6187919e88f10032299ca
Certificate serial: 019DCD877B1E8F369BCAB2E3E97A9E72D703
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kziECSasc-rVthh5GeiPEAMimco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/0bd4d3-d46c-483f-956e-ea7ae72bd32d/1/kziECSasc-rVthh5GeiPEAMimco.mft
Manifest number: 01D2
Signing time: Mon 27 Apr 2026 06:01:41 +0000
Manifest this update: Mon 27 Apr 2026 06:01:41 +0000
Manifest next update: Tue 28 Apr 2026 06:01:41 +0000
Files and hashes: 1: 1-z0Y3fH_aErOAd2Nag5ZT3JcPH4.roa (hash: ajlsAWqEGjBF2s25AsAbzW/nKPdDq6JxNB0eWlyY3OU=)
2: 6lmykGrjWlxTI-Qm8cv1Wru-ZUM.roa (hash: 3/8y+29k2Z9zB5VeslI5T+W11/MyhEBGlF4ugyZh+nA=)
3: FcXUetsC0-6bv54Z1lmHoqKMdxM.roa (hash: dFkWAsnbwOvbQKILV1fPns+xMo4goiFme2jYhULRvHk=)
4: Y4x7zeztB7lrOx01OBJN1UiLyT0.roa (hash: gs7Dc5as7DJ7oLTov6hgPGgK6t+t5Pe4B5kRBUgM7WI=)
5: _SAMOxgv34T8ZP2BEt3dVFweldA.roa (hash: bU6RDLC/fFMgRKk4b1P2ryi1ytEL97qHkSA7liSJFY0=)
6: kziECSasc-rVthh5GeiPEAMimco.crl (hash: UWZTbxLkf03YuAg67+TwmE9s7cP2Y/HMm8EP+cDvFxk=)
7: nKQXbT6FciiHVvddJS0_5sOh1ms.asa (hash: 7BE1jfl/pKiooWczO/8pMkQZmIL4Zuvts1Z6qAFpwl4=)
8: nf63dpM5Md5RBRi4P-HwEK-eN_E.roa (hash: 9d7TgxCegK25CmqdbC1sGXI3mJJK7sBKT2RoRfBWFdw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/79/0bd4d3-d46c-483f-956e-ea7ae72bd32d/1/kziECSasc-rVthh5GeiPEAMimco.crl
rsync://rpki.ripe.net/repository/DEFAULT/79/0bd4d3-d46c-483f-956e-ea7ae72bd32d/1/kziECSasc-rVthh5GeiPEAMimco.mft
rsync://rpki.ripe.net/repository/DEFAULT/kziECSasc-rVthh5GeiPEAMimco.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Apr 2026 06:01:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:cd:87:7b:1e:8f:36:9b:ca:b2:e3:e9:7a:9e:72:d7:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9338840926ac73ead5b6187919e88f10032299ca
Validity
Not Before: Apr 27 06:01:41 2026 GMT
Not After : Apr 28 06:01:41 2026 GMT
Subject: CN=a95f1951c4cab62e62a3ed6948c86ac70abf115a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:bc:e6:4d:5c:8d:da:13:96:1d:44:c0:fb:fc:
75:97:4a:c2:7f:2d:14:50:87:e2:45:5c:ee:83:70:
2e:c3:06:2e:c2:1d:fa:be:81:a5:60:ee:15:8a:09:
6d:91:b4:92:09:a8:c3:a0:06:20:2c:36:f0:aa:7d:
f9:63:13:45:a7:4b:5c:d6:86:da:62:ac:1f:96:b1:
ef:3a:0c:29:42:a3:23:e1:a4:38:44:22:ba:32:f5:
27:55:81:e9:fa:46:16:ea:9d:b0:a4:e2:92:0d:90:
ee:1a:71:2c:ae:2e:1b:6e:82:8d:55:3d:1f:f9:08:
81:74:75:5e:17:9d:9b:40:d0:2d:8f:52:8a:92:1a:
8d:46:8d:e3:fe:cd:06:c5:9d:5e:f5:25:24:96:ad:
1a:ca:75:c5:4b:c2:a6:c8:c8:af:97:6a:e6:f1:12:
60:5f:e7:b9:d0:2a:60:53:40:54:82:06:00:b0:72:
b6:3f:5a:ff:fb:0a:50:d4:de:0a:3d:00:f1:02:75:
ba:a9:bc:30:d3:af:ea:27:82:15:46:4a:d9:e5:30:
69:ee:80:27:ea:a4:29:04:c9:c0:6b:a2:88:04:67:
31:2e:a2:7c:10:01:ba:f9:cf:ff:3e:ff:45:de:45:
ee:69:53:06:a5:56:da:6c:f7:8d:f7:55:f6:ea:f3:
5a:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:5F:19:51:C4:CA:B6:2E:62:A3:ED:69:48:C8:6A:C7:0A:BF:11:5A
X509v3 Authority Key Identifier:
keyid:93:38:84:09:26:AC:73:EA:D5:B6:18:79:19:E8:8F:10:03:22:99:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kziECSasc-rVthh5GeiPEAMimco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/0bd4d3-d46c-483f-956e-ea7ae72bd32d/1/kziECSasc-rVthh5GeiPEAMimco.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/0bd4d3-d46c-483f-956e-ea7ae72bd32d/1/kziECSasc-rVthh5GeiPEAMimco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4b:87:e5:fc:e9:2b:27:b6:30:59:d4:2d:ec:c1:b4:35:20:f3:
17:ca:ed:7c:84:27:40:71:8f:c3:c0:ad:d0:22:20:ce:20:dd:
05:95:00:4f:02:85:f5:99:ac:79:a8:5b:97:2a:4d:dd:86:76:
3f:b0:95:a3:56:e7:2c:de:2d:d2:cc:0d:e6:32:3a:36:96:4e:
13:81:0b:b9:e3:f5:21:bb:ef:be:22:35:9b:44:f8:a4:37:52:
35:0a:4d:f5:2c:66:db:6e:f3:7b:41:c9:fd:68:7c:3a:7b:e0:
72:03:45:2b:c4:54:dc:f0:b1:03:58:23:69:34:24:b9:bc:bf:
ef:24:78:c0:1a:72:1f:6d:66:ba:dc:63:26:77:0d:b0:bf:a8:
5b:17:67:ec:41:21:3a:1a:ba:59:43:10:02:81:73:7c:d9:3a:
0f:2b:b8:93:af:96:1a:68:84:0a:45:bb:df:41:dd:8b:15:0a:
12:0a:f6:b6:05:75:ff:99:14:cb:9f:07:b8:aa:c7:d6:d9:32:
0e:c6:c3:df:4a:53:f9:cf:d3:40:1a:cd:c6:82:64:8a:29:9b:
15:18:b6:7c:49:1a:44:55:12:cb:18:47:48:55:f4:0f:f6:c1:
c4:2a:2e:24:db:ae:ec:b2:b7:0a:a1:8a:c4:94:7b:ad:c4:52:
a3:86:c0:f9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ3Nh3sejzabyrLj6XqectcDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzMzg4NDA5MjZhYzczZWFkNWI2MTg3OTE5ZTg4ZjEwMDMy
Mjk5Y2EwHhcNMjYwNDI3MDYwMTQxWhcNMjYwNDI4MDYwMTQxWjAzMTEwLwYDVQQD
EyhhOTVmMTk1MWM0Y2FiNjJlNjJhM2VkNjk0OGM4NmFjNzBhYmYxMTVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApLzmTVyN2hOWHUTA+/x1l0rCfy0U
UIfiRVzug3AuwwYuwh36voGlYO4VigltkbSSCajDoAYgLDbwqn35YxNFp0tc1oba
YqwflrHvOgwpQqMj4aQ4RCK6MvUnVYHp+kYW6p2wpOKSDZDuGnEsri4bboKNVT0f
+QiBdHVeF52bQNAtj1KKkhqNRo3j/s0GxZ1e9SUklq0aynXFS8KmyMivl2rm8RJg
X+e50CpgU0BUggYAsHK2P1r/+wpQ1N4KPQDxAnW6qbww06/qJ4IVRkrZ5TBp7oAn
6qQpBMnAa6KIBGcxLqJ8EAG6+c//Pv9F3kXuaVMGpVbabPeN91X26vNaRQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKlfGVHEyrYuYqPtaUjIascKvxFaMB8GA1UdIwQY
MBaAFJM4hAkmrHPq1bYYeRnojxADIpnKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3ppRUNTYXNjLXJWdGhoNUdlaVBFQU1pbWNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS8wYmQ0ZDMtZDQ2Yy00ODNmLTk1NmUt
ZWE3YWU3MmJkMzJkLzEva3ppRUNTYXNjLXJWdGhoNUdlaVBFQU1pbWNvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS8wYmQ0ZDMtZDQ2Yy00ODNmLTk1NmUtZWE3YWU3MmJkMzJk
LzEva3ppRUNTYXNjLXJWdGhoNUdlaVBFQU1pbWNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAS4fl/Okr
J7YwWdQt7MG0NSDzF8rtfIQnQHGPw8Ct0CIgziDdBZUATwKF9ZmseahblypN3YZ2
P7CVo1bnLN4t0swN5jI6NpZOE4ELueP1IbvvviI1m0T4pDdSNQpN9Sxm227ze0HJ
/Wh8OnvgcgNFK8RU3PCxA1gjaTQkuby/7yR4wBpyH21mutxjJncNsL+oWxdn7EEh
Ohq6WUMQAoFzfNk6Dyu4k6+WGmiECkW730HdixUKEgr2tgV1/5kUy58HuKrH1tky
DsbD30pT+c/TQBrNxoJkiimbFRi2fEkaRFUSyxhHSFX0D/bBxCouJNuu7LK3CqGK
xJR7rcRSo4bA+Q==
-----END CERTIFICATE-----
Generated at Mon Apr 27 09:54:12 2026 by rpki-client