Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/01db82-4172-4405-ab55-0086d02385d6/1/KkRyM2ydAqSIzdd1NNZfsUZewJo.mft
File: KkRyM2ydAqSIzdd1NNZfsUZewJo.mft (raw, json)
Hash identifier: 4eGRudDpS2kD1rW9fukIYPR5BbG5NHiGM1XS3DwbIow=
Subject key identifier: 49:FB:1E:16:C7:F7:C5:45:59:CB:7D:0A:56:39:DB:C2:CB:ED:76:86
Authority key identifier: 2A:44:72:33:6C:9D:02:A4:88:CD:D7:75:34:D6:5F:B1:46:5E:C0:9A
Certificate issuer: /CN=2a4472336c9d02a488cdd77534d65fb1465ec09a
Certificate serial: 019E31856D0C30BBA4CD30ABFC1A7536B8AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KkRyM2ydAqSIzdd1NNZfsUZewJo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/01db82-4172-4405-ab55-0086d02385d6/1/KkRyM2ydAqSIzdd1NNZfsUZewJo.mft
Manifest number: 1911
Signing time: Sat 16 May 2026 16:01:28 +0000
Manifest this update: Sat 16 May 2026 16:01:28 +0000
Manifest next update: Sun 17 May 2026 16:01:28 +0000
Files and hashes: 1: KkRyM2ydAqSIzdd1NNZfsUZewJo.crl (hash: T28m3eXugWlzubUX6kRMxjiUMi7AGSw/Y1Nb6MbIyxQ=)
2: PHk_vBlGAMsxS-MnrekIlyqTI-4.roa (hash: DfXZCDYGxK8xf8JFedzWYQFF9T3pi36VwRR9xAmGXEk=)
3: weNArfvB6aIBhliGWgRmku9NM4k.roa (hash: 5cqXzpfVcXD0jTHKSY2NMKnFRtchriM7ulhLtiSinGQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a5/01db82-4172-4405-ab55-0086d02385d6/1/KkRyM2ydAqSIzdd1NNZfsUZewJo.crl
rsync://rpki.ripe.net/repository/DEFAULT/a5/01db82-4172-4405-ab55-0086d02385d6/1/KkRyM2ydAqSIzdd1NNZfsUZewJo.mft
rsync://rpki.ripe.net/repository/DEFAULT/KkRyM2ydAqSIzdd1NNZfsUZewJo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 17 May 2026 12:40:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:31:85:6d:0c:30:bb:a4:cd:30:ab:fc:1a:75:36:b8:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a4472336c9d02a488cdd77534d65fb1465ec09a
Validity
Not Before: May 16 16:01:28 2026 GMT
Not After : May 17 16:01:28 2026 GMT
Subject: CN=49fb1e16c7f7c54559cb7d0a5639dbc2cbed7686
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:df:10:b4:96:88:2e:88:76:ad:7c:c3:3e:18:
2a:41:c9:ec:bc:8d:e5:f3:1b:de:e3:de:fb:07:96:
2a:17:40:e6:0f:18:23:5b:34:06:1e:ec:98:93:c7:
7c:ac:9e:0f:b2:28:09:ea:f1:21:dc:d2:62:55:c4:
68:fc:56:1a:e2:3f:06:7d:5f:5d:30:8d:53:3e:81:
31:7e:59:90:31:d0:4c:06:05:98:b1:66:6e:f1:2f:
23:ff:80:7f:24:05:65:50:fc:18:fa:7d:dd:70:3b:
8d:25:b1:e2:94:a9:9f:12:af:b7:a5:0a:d9:33:97:
36:08:0e:ae:13:68:70:d4:5c:75:60:b1:cf:c3:f5:
6f:ca:80:b5:63:13:f8:85:2c:ad:58:c0:3a:be:84:
5d:2f:1d:5e:07:3c:c8:e5:c3:fe:47:62:87:cf:a6:
38:cd:7d:29:e2:b3:aa:3a:2c:16:09:1c:af:e8:37:
9c:59:69:06:09:0a:2c:6c:86:fa:dc:2b:4e:63:9d:
eb:aa:52:ca:d4:b4:a2:52:41:e9:80:f1:3e:32:46:
46:8f:1f:ef:58:2f:57:29:4f:54:f3:59:cd:f8:cc:
c1:9c:39:9e:c0:ef:af:97:85:ff:ca:9a:8d:bd:09:
4d:e4:76:52:f4:96:82:40:90:06:3b:b5:a8:5c:13:
17:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:FB:1E:16:C7:F7:C5:45:59:CB:7D:0A:56:39:DB:C2:CB:ED:76:86
X509v3 Authority Key Identifier:
keyid:2A:44:72:33:6C:9D:02:A4:88:CD:D7:75:34:D6:5F:B1:46:5E:C0:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KkRyM2ydAqSIzdd1NNZfsUZewJo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/01db82-4172-4405-ab55-0086d02385d6/1/KkRyM2ydAqSIzdd1NNZfsUZewJo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/01db82-4172-4405-ab55-0086d02385d6/1/KkRyM2ydAqSIzdd1NNZfsUZewJo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9f:52:16:ca:cf:53:9c:05:6c:21:05:86:f2:26:c1:b3:41:0e:
1d:02:b1:d6:b9:ae:fd:7f:e1:61:98:ca:31:e1:4b:73:9c:d8:
92:40:76:58:d6:50:db:1d:8d:26:1a:9b:d8:96:36:81:cf:42:
11:f2:78:e9:a8:87:40:45:94:80:d4:46:b6:fb:f5:13:19:c6:
f8:1c:50:9c:d0:2a:f2:ac:f3:7b:cd:2c:88:2c:36:9b:40:9f:
e0:f6:38:6f:a3:a1:1a:77:c6:3d:48:cb:82:e9:9f:e9:58:9c:
09:d9:21:f7:14:64:88:cc:62:88:da:c2:a6:7f:c0:ae:cd:6b:
c7:38:14:b4:09:52:3c:66:1a:82:3d:39:fb:71:f3:f3:77:27:
b6:51:5c:ab:41:f9:aa:c5:1a:57:8a:31:a3:52:47:26:94:69:
0b:dd:cb:57:71:86:5f:5f:6b:f8:b5:41:7f:4a:97:e5:9c:c7:
06:15:86:e1:b8:47:0b:83:63:fc:fe:6a:1f:2d:5e:58:9f:bf:
97:e0:32:75:d6:bb:94:cf:d3:28:53:fd:46:a8:3a:8b:e8:9e:
13:f3:d9:fc:45:4a:f0:d5:6b:93:f4:cc:d4:45:de:7f:04:13:
01:22:91:58:39:6a:c4:0f:80:59:00:3c:32:75:30:1e:ca:28:
82:36:3b:59
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4xhW0MMLukzTCr/Bp1NriqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhNDQ3MjMzNmM5ZDAyYTQ4OGNkZDc3NTM0ZDY1ZmIxNDY1
ZWMwOWEwHhcNMjYwNTE2MTYwMTI4WhcNMjYwNTE3MTYwMTI4WjAzMTEwLwYDVQQD
Eyg0OWZiMWUxNmM3ZjdjNTQ1NTljYjdkMGE1NjM5ZGJjMmNiZWQ3Njg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAid8QtJaILoh2rXzDPhgqQcnsvI3l
8xve4977B5YqF0DmDxgjWzQGHuyYk8d8rJ4PsigJ6vEh3NJiVcRo/FYa4j8GfV9d
MI1TPoExflmQMdBMBgWYsWZu8S8j/4B/JAVlUPwY+n3dcDuNJbHilKmfEq+3pQrZ
M5c2CA6uE2hw1Fx1YLHPw/VvyoC1YxP4hSytWMA6voRdLx1eBzzI5cP+R2KHz6Y4
zX0p4rOqOiwWCRyv6DecWWkGCQosbIb63CtOY53rqlLK1LSiUkHpgPE+MkZGjx/v
WC9XKU9U81nN+MzBnDmewO+vl4X/ypqNvQlN5HZS9JaCQJAGO7WoXBMXHQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEn7HhbH98VFWct9ClY528LL7XaGMB8GA1UdIwQY
MBaAFCpEcjNsnQKkiM3XdTTWX7FGXsCaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2tSeU0yeWRBcVNJemRkMU5OWmZzVVpld0pvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS8wMWRiODItNDE3Mi00NDA1LWFiNTUt
MDA4NmQwMjM4NWQ2LzEvS2tSeU0yeWRBcVNJemRkMU5OWmZzVVpld0pvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS8wMWRiODItNDE3Mi00NDA1LWFiNTUtMDA4NmQwMjM4NWQ2
LzEvS2tSeU0yeWRBcVNJemRkMU5OWmZzVVpld0pvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAn1IWys9T
nAVsIQWG8ibBs0EOHQKx1rmu/X/hYZjKMeFLc5zYkkB2WNZQ2x2NJhqb2JY2gc9C
EfJ46aiHQEWUgNRGtvv1ExnG+BxQnNAq8qzze80siCw2m0Cf4PY4b6OhGnfGPUjL
gumf6VicCdkh9xRkiMxiiNrCpn/Ars1rxzgUtAlSPGYagj05+3Hz83cntlFcq0H5
qsUaV4oxo1JHJpRpC93LV3GGX19r+LVBf0qX5ZzHBhWG4bhHC4Nj/P5qHy1eWJ+/
l+Aydda7lM/TKFP9Rqg6i+ieE/PZ/EVK8NVrk/TM1EXefwQTASKRWDlqxA+AWQA8
MnUwHsoogjY7WQ==
-----END CERTIFICATE-----
Generated at Sat May 16 21:14:44 2026 by rpki-client