Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/01db82-4172-4405-ab55-0086d02385d6/1/KkRyM2ydAqSIzdd1NNZfsUZewJo.mft
File: KkRyM2ydAqSIzdd1NNZfsUZewJo.mft (raw, json)
Hash identifier: C4U1d4XATSfoqEUwPDo4cP/c98Wn+ooA2Ji0AXw8dZ0=
Subject key identifier: 42:C6:F0:F3:36:BA:5E:A3:60:D2:D4:41:1D:EF:66:2A:38:83:16:A0
Authority key identifier: 2A:44:72:33:6C:9D:02:A4:88:CD:D7:75:34:D6:5F:B1:46:5E:C0:9A
Certificate issuer: /CN=2a4472336c9d02a488cdd77534d65fb1465ec09a
Certificate serial: 019D386613616B12554A2157E80C34B64873
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KkRyM2ydAqSIzdd1NNZfsUZewJo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/01db82-4172-4405-ab55-0086d02385d6/1/KkRyM2ydAqSIzdd1NNZfsUZewJo.mft
Manifest number: 1890
Signing time: Sun 29 Mar 2026 07:01:46 +0000
Manifest this update: Sun 29 Mar 2026 07:01:46 +0000
Manifest next update: Mon 30 Mar 2026 07:01:46 +0000
Files and hashes: 1: KkRyM2ydAqSIzdd1NNZfsUZewJo.crl (hash: JzWDnFUFWIkiaUNSIQlPBQhLGLKhAMEulzJQsxAT+ok=)
2: PHk_vBlGAMsxS-MnrekIlyqTI-4.roa (hash: DfXZCDYGxK8xf8JFedzWYQFF9T3pi36VwRR9xAmGXEk=)
3: weNArfvB6aIBhliGWgRmku9NM4k.roa (hash: 5cqXzpfVcXD0jTHKSY2NMKnFRtchriM7ulhLtiSinGQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a5/01db82-4172-4405-ab55-0086d02385d6/1/KkRyM2ydAqSIzdd1NNZfsUZewJo.crl
rsync://rpki.ripe.net/repository/DEFAULT/a5/01db82-4172-4405-ab55-0086d02385d6/1/KkRyM2ydAqSIzdd1NNZfsUZewJo.mft
rsync://rpki.ripe.net/repository/DEFAULT/KkRyM2ydAqSIzdd1NNZfsUZewJo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:66:13:61:6b:12:55:4a:21:57:e8:0c:34:b6:48:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a4472336c9d02a488cdd77534d65fb1465ec09a
Validity
Not Before: Mar 29 07:01:46 2026 GMT
Not After : Mar 30 07:01:46 2026 GMT
Subject: CN=42c6f0f336ba5ea360d2d4411def662a388316a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:fc:09:c1:96:6b:01:84:24:8c:f3:71:c0:0d:
7b:a8:fa:b2:32:21:85:67:d2:2e:c2:74:dd:79:4b:
06:b3:eb:8e:f8:c9:8c:5f:77:d0:69:a8:e4:5e:68:
7f:48:8d:7e:f0:2f:bf:30:dd:8e:ad:93:9e:27:fe:
f5:c5:da:d7:2c:ac:9f:58:ac:ab:8c:18:73:be:ea:
5d:c7:3b:bb:25:d6:59:71:a2:ff:af:45:7a:56:8c:
4f:5c:a1:17:97:15:28:2c:7f:3c:5a:bf:79:20:29:
c4:59:0e:81:8e:db:10:3f:83:ce:44:cf:8c:99:36:
67:e9:c3:85:dc:39:34:67:b5:cf:a4:af:65:6f:ba:
10:b1:5c:a2:c2:0b:2a:b4:a7:4b:dd:c0:af:4c:31:
fc:1a:6f:d4:05:db:fc:0a:1c:5c:29:92:46:dd:a2:
24:0c:6b:f7:56:6b:2c:a7:4d:aa:4e:80:64:12:47:
cb:49:a4:3f:29:6e:74:01:ae:4a:c7:29:18:f2:a8:
90:9d:bc:84:b8:57:d1:ec:b9:ed:71:ec:33:ff:e2:
f2:ce:99:3a:f4:73:b8:35:3b:82:1d:30:b9:3f:64:
90:7d:9c:e9:25:6c:03:f0:9e:b9:46:2a:55:76:08:
0a:b5:21:da:75:7c:14:ef:e6:c4:a5:79:97:91:ac:
61:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:C6:F0:F3:36:BA:5E:A3:60:D2:D4:41:1D:EF:66:2A:38:83:16:A0
X509v3 Authority Key Identifier:
keyid:2A:44:72:33:6C:9D:02:A4:88:CD:D7:75:34:D6:5F:B1:46:5E:C0:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KkRyM2ydAqSIzdd1NNZfsUZewJo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/01db82-4172-4405-ab55-0086d02385d6/1/KkRyM2ydAqSIzdd1NNZfsUZewJo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/01db82-4172-4405-ab55-0086d02385d6/1/KkRyM2ydAqSIzdd1NNZfsUZewJo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
aa:8b:98:76:c1:48:8a:fd:33:16:22:77:ad:d1:4a:66:5d:25:
de:aa:99:39:6c:b3:d8:4c:5a:b3:62:b7:30:f4:0a:4a:20:21:
50:90:02:84:13:5b:8a:eb:6a:e7:ce:66:47:98:43:91:aa:e8:
51:1c:61:62:16:d9:39:7d:ca:8a:8d:6f:8f:6d:c3:c1:a3:60:
bc:63:5f:2b:b2:67:27:66:a6:ab:54:85:a7:a4:e7:06:fe:f3:
8d:42:c8:94:1b:5f:fc:ee:35:96:2b:08:f3:0b:73:4e:6d:32:
3b:c8:ab:31:c6:dd:71:29:66:97:96:89:97:72:3d:df:47:54:
7d:c3:de:b1:84:51:7a:e5:2c:48:5e:5c:b0:02:6f:32:29:4c:
c0:0e:35:52:bc:13:35:a9:d7:ff:40:fd:9c:bf:33:c5:55:85:
6c:3c:55:0c:d4:96:ce:71:ba:c0:37:e3:fe:03:c5:96:48:fa:
72:8e:c4:ff:48:ae:d2:1e:03:f6:9d:c3:9b:14:7c:8d:77:bd:
8d:a9:28:38:8f:74:09:fd:00:b7:f3:05:63:5a:27:bb:b8:ab:
95:59:a3:c0:68:3a:18:d2:8c:a6:76:5e:75:f3:5f:7f:d0:9f:
29:93:81:05:a5:7c:6d:db:ef:be:47:01:f4:e2:87:c5:3a:42:
16:27:64:2b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZhNhaxJVSiFX6Aw0tkhzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhNDQ3MjMzNmM5ZDAyYTQ4OGNkZDc3NTM0ZDY1ZmIxNDY1
ZWMwOWEwHhcNMjYwMzI5MDcwMTQ2WhcNMjYwMzMwMDcwMTQ2WjAzMTEwLwYDVQQD
Eyg0MmM2ZjBmMzM2YmE1ZWEzNjBkMmQ0NDExZGVmNjYyYTM4ODMxNmEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtPwJwZZrAYQkjPNxwA17qPqyMiGF
Z9IuwnTdeUsGs+uO+MmMX3fQaajkXmh/SI1+8C+/MN2OrZOeJ/71xdrXLKyfWKyr
jBhzvupdxzu7JdZZcaL/r0V6VoxPXKEXlxUoLH88Wr95ICnEWQ6BjtsQP4PORM+M
mTZn6cOF3Dk0Z7XPpK9lb7oQsVyiwgsqtKdL3cCvTDH8Gm/UBdv8ChxcKZJG3aIk
DGv3Vmssp02qToBkEkfLSaQ/KW50Aa5KxykY8qiQnbyEuFfR7Lntcewz/+Lyzpk6
9HO4NTuCHTC5P2SQfZzpJWwD8J65RipVdggKtSHadXwU7+bEpXmXkaxhMQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFELG8PM2ul6jYNLUQR3vZio4gxagMB8GA1UdIwQY
MBaAFCpEcjNsnQKkiM3XdTTWX7FGXsCaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2tSeU0yeWRBcVNJemRkMU5OWmZzVVpld0pvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS8wMWRiODItNDE3Mi00NDA1LWFiNTUt
MDA4NmQwMjM4NWQ2LzEvS2tSeU0yeWRBcVNJemRkMU5OWmZzVVpld0pvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS8wMWRiODItNDE3Mi00NDA1LWFiNTUtMDA4NmQwMjM4NWQ2
LzEvS2tSeU0yeWRBcVNJemRkMU5OWmZzVVpld0pvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqouYdsFI
iv0zFiJ3rdFKZl0l3qqZOWyz2Exas2K3MPQKSiAhUJAChBNbiutq585mR5hDkaro
URxhYhbZOX3Kio1vj23DwaNgvGNfK7JnJ2amq1SFp6TnBv7zjULIlBtf/O41lisI
8wtzTm0yO8irMcbdcSlml5aJl3I930dUfcPesYRReuUsSF5csAJvMilMwA41UrwT
NanX/0D9nL8zxVWFbDxVDNSWznG6wDfj/gPFlkj6co7E/0iu0h4D9p3DmxR8jXe9
jakoOI90Cf0At/MFY1onu7irlVmjwGg6GNKMpnZedfNff9CfKZOBBaV8bdvvvkcB
9OKHxTpCFidkKw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 15:27:52 2026 by rpki-client