Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/e1d6b7-555c-4d9b-afe1-e63ce55370eb/1/kHb3fahBt7lCFbb6wtQaccIVFgE.mft
File: kHb3fahBt7lCFbb6wtQaccIVFgE.mft (raw, json)
Hash identifier: QfEC99g0K52aGeJ94xyhQmqMIiTouNrlZsXCm3sqMxQ=
Subject key identifier: 56:C1:8B:36:A4:33:E3:39:9B:C5:96:EB:2A:70:47:B1:E0:AE:20:0B
Authority key identifier: 90:76:F7:7D:A8:41:B7:B9:42:15:B6:FA:C2:D4:1A:71:C2:15:16:01
Certificate issuer: /CN=9076f77da841b7b94215b6fac2d41a71c2151601
Certificate serial: 019DCED06E2FAAF2AEFC0896F00926660139
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kHb3fahBt7lCFbb6wtQaccIVFgE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/e1d6b7-555c-4d9b-afe1-e63ce55370eb/1/kHb3fahBt7lCFbb6wtQaccIVFgE.mft
Manifest number: 126D
Signing time: Mon 27 Apr 2026 12:00:59 +0000
Manifest this update: Mon 27 Apr 2026 12:00:59 +0000
Manifest next update: Tue 28 Apr 2026 12:00:59 +0000
Files and hashes: 1: G6JTgK9c0CWNOmQ8QvDityy_X10.roa (hash: 9vVxC4L/PjyVKOIEKo3Aptt5+zq+QCcL31nKvvorwHs=)
2: kHb3fahBt7lCFbb6wtQaccIVFgE.crl (hash: UjGdXf37KQDLs5TzqO72huwXwPgfYdP9x5c8rAaB9tw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a1/e1d6b7-555c-4d9b-afe1-e63ce55370eb/1/kHb3fahBt7lCFbb6wtQaccIVFgE.crl
rsync://rpki.ripe.net/repository/DEFAULT/a1/e1d6b7-555c-4d9b-afe1-e63ce55370eb/1/kHb3fahBt7lCFbb6wtQaccIVFgE.mft
rsync://rpki.ripe.net/repository/DEFAULT/kHb3fahBt7lCFbb6wtQaccIVFgE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Apr 2026 12:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:ce:d0:6e:2f:aa:f2:ae:fc:08:96:f0:09:26:66:01:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9076f77da841b7b94215b6fac2d41a71c2151601
Validity
Not Before: Apr 27 12:00:59 2026 GMT
Not After : Apr 28 12:00:59 2026 GMT
Subject: CN=56c18b36a433e3399bc596eb2a7047b1e0ae200b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:57:da:21:20:55:10:81:1d:ac:93:d9:49:5b:
10:9d:67:4e:95:9a:5f:71:42:54:90:47:79:2e:23:
bb:b2:ea:ba:59:3c:86:9c:46:c1:7a:82:a0:30:93:
cf:e9:99:da:7f:2c:32:1d:b6:3b:6a:8e:3e:f5:0d:
98:a5:7e:43:57:2d:71:6d:b9:4d:95:d0:3e:fd:fb:
76:1f:98:f2:88:f3:34:83:c6:b7:d2:b4:ec:8b:36:
ca:cd:86:89:28:36:62:c6:c6:56:b5:12:32:31:01:
93:e1:65:81:99:a5:03:e8:25:e3:cb:d3:d9:e0:f9:
03:a3:2a:84:1d:25:80:c5:01:8b:55:13:63:c4:2c:
10:df:20:6f:0f:87:4c:46:ac:6c:6d:67:4f:9f:99:
47:da:cf:7e:ea:64:77:73:40:f9:4b:f8:b9:96:6c:
c1:3a:5c:e2:be:e0:84:91:b3:01:63:d5:7b:63:e9:
c2:49:05:f5:4a:af:52:b1:5c:87:81:7d:17:3f:eb:
32:06:f6:c9:a4:df:ec:2c:f2:da:1c:f7:15:81:2f:
b2:b1:55:6d:67:f9:26:a0:f6:c0:2d:17:5d:14:fe:
7c:a4:04:c2:a4:af:39:af:b8:ad:89:26:49:a6:5a:
13:dd:4b:73:88:6c:92:80:20:41:21:82:39:2a:bf:
16:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:C1:8B:36:A4:33:E3:39:9B:C5:96:EB:2A:70:47:B1:E0:AE:20:0B
X509v3 Authority Key Identifier:
keyid:90:76:F7:7D:A8:41:B7:B9:42:15:B6:FA:C2:D4:1A:71:C2:15:16:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kHb3fahBt7lCFbb6wtQaccIVFgE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/e1d6b7-555c-4d9b-afe1-e63ce55370eb/1/kHb3fahBt7lCFbb6wtQaccIVFgE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/e1d6b7-555c-4d9b-afe1-e63ce55370eb/1/kHb3fahBt7lCFbb6wtQaccIVFgE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b3:1c:29:93:94:ec:6c:ab:87:d6:56:9a:35:0a:1c:95:27:36:
ae:28:f5:99:55:5d:8a:dc:d4:05:7f:49:11:b3:59:b1:36:6b:
c8:19:31:6d:92:2c:bd:0c:98:4b:81:7c:34:1b:d1:4f:79:74:
a3:07:d9:c3:d9:88:07:9f:4b:ff:3c:c7:3b:55:dc:b4:4c:c5:
cd:89:67:ff:de:46:0d:80:3b:55:ba:37:3e:b0:ee:95:23:1f:
65:d7:85:36:2e:5b:cb:ff:01:0b:4b:6e:13:35:c2:8a:67:67:
11:94:28:e0:39:df:cf:53:e2:c4:13:f2:ac:5e:94:af:fc:36:
82:86:65:33:2d:a8:fb:09:88:a8:f8:16:85:29:c9:d8:6d:7f:
f2:d9:89:76:72:c8:cf:eb:80:fb:4c:01:0b:77:92:e8:5a:1b:
ca:2f:27:23:7f:2a:e4:f1:3c:10:fe:0a:64:8c:65:f7:52:e6:
ba:a5:30:d4:41:8a:77:9f:0f:6b:09:2b:29:00:6a:57:74:6b:
fd:45:e4:02:6d:02:79:b8:2d:83:81:74:be:35:55:c1:09:b7:
f6:7d:d2:f2:c6:93:43:76:b1:d7:15:4f:02:7b:5f:ea:08:8e:
3c:7a:79:4f:60:24:1b:ab:ce:b2:d6:6c:38:22:5d:d4:61:55:
23:ef:65:5a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ3O0G4vqvKu/AiW8AkmZgE5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwNzZmNzdkYTg0MWI3Yjk0MjE1YjZmYWMyZDQxYTcxYzIx
NTE2MDEwHhcNMjYwNDI3MTIwMDU5WhcNMjYwNDI4MTIwMDU5WjAzMTEwLwYDVQQD
Eyg1NmMxOGIzNmE0MzNlMzM5OWJjNTk2ZWIyYTcwNDdiMWUwYWUyMDBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnlfaISBVEIEdrJPZSVsQnWdOlZpf
cUJUkEd5LiO7suq6WTyGnEbBeoKgMJPP6ZnafywyHbY7ao4+9Q2YpX5DVy1xbblN
ldA+/ft2H5jyiPM0g8a30rTsizbKzYaJKDZixsZWtRIyMQGT4WWBmaUD6CXjy9PZ
4PkDoyqEHSWAxQGLVRNjxCwQ3yBvD4dMRqxsbWdPn5lH2s9+6mR3c0D5S/i5lmzB
OlzivuCEkbMBY9V7Y+nCSQX1Sq9SsVyHgX0XP+syBvbJpN/sLPLaHPcVgS+ysVVt
Z/kmoPbALRddFP58pATCpK85r7itiSZJploT3UtziGySgCBBIYI5Kr8W8wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFbBizakM+M5m8WW6ypwR7HgriALMB8GA1UdIwQY
MBaAFJB2932oQbe5QhW2+sLUGnHCFRYBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0hiM2ZhaEJ0N2xDRmJiNnd0UWFjY0lWRmdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS9lMWQ2YjctNTU1Yy00ZDliLWFmZTEt
ZTYzY2U1NTM3MGViLzEva0hiM2ZhaEJ0N2xDRmJiNnd0UWFjY0lWRmdFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS9lMWQ2YjctNTU1Yy00ZDliLWFmZTEtZTYzY2U1NTM3MGVi
LzEva0hiM2ZhaEJ0N2xDRmJiNnd0UWFjY0lWRmdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsxwpk5Ts
bKuH1laaNQoclSc2rij1mVVditzUBX9JEbNZsTZryBkxbZIsvQyYS4F8NBvRT3l0
owfZw9mIB59L/zzHO1XctEzFzYln/95GDYA7Vbo3PrDulSMfZdeFNi5by/8BC0tu
EzXCimdnEZQo4Dnfz1PixBPyrF6Ur/w2goZlMy2o+wmIqPgWhSnJ2G1/8tmJdnLI
z+uA+0wBC3eS6Fobyi8nI38q5PE8EP4KZIxl91LmuqUw1EGKd58PawkrKQBqV3Rr
/UXkAm0Cebgtg4F0vjVVwQm39n3S8saTQ3ax1xVPAntf6giOPHp5T2AkG6vOstZs
OCJd1GFVI+9lWg==
-----END CERTIFICATE-----
Generated at Mon Apr 27 23:13:39 2026 by rpki-client