Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/b0fc0c-c537-40b4-9b5b-56b006ef0d3b/1/kdAcR_AOZPNcx1LQOzSnG3FAaz8.mft
File: kdAcR_AOZPNcx1LQOzSnG3FAaz8.mft (raw, json)
Hash identifier: 9P0RyceP5dTaxUCtFXB6Cz6CWGNKkLPPMLuyDkWODV8=
Subject key identifier: F2:9A:E1:2D:1F:E0:D1:78:DA:45:D5:49:B7:35:9B:17:6F:94:A5:BF
Authority key identifier: 91:D0:1C:47:F0:0E:64:F3:5C:C7:52:D0:3B:34:A7:1B:71:40:6B:3F
Certificate issuer: /CN=91d01c47f00e64f35cc752d03b34a71b71406b3f
Certificate serial: 019D37F6E30758535935782A864F21C71668
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kdAcR_AOZPNcx1LQOzSnG3FAaz8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/b0fc0c-c537-40b4-9b5b-56b006ef0d3b/1/kdAcR_AOZPNcx1LQOzSnG3FAaz8.mft
Manifest number: 17BE
Signing time: Sun 29 Mar 2026 05:00:19 +0000
Manifest this update: Sun 29 Mar 2026 05:00:19 +0000
Manifest next update: Mon 30 Mar 2026 05:00:19 +0000
Files and hashes: 1: 5QmOeOcUdY7PgR2mhomMmURmuqs.roa (hash: nAdOMEid1C3Yq0ETT9B3VCzoGTlapbIXU3Ku/VQ6Zh4=)
2: eyf8XzSbncmCJU29RuqgmWhSNro.roa (hash: mUIcsYMRdVByHfVcrIRSb1EWADuJM/ORhSKfGGlrQmI=)
3: kdAcR_AOZPNcx1LQOzSnG3FAaz8.crl (hash: 1flfEsa+5juUz88SPkJfQPNdvfcBz8F01L5hbFn6lVg=)
4: vlBm4myZdQP1ohfAJP8Wn0CKhfM.roa (hash: A7mI2HH8XjzLQexitcPz+d6p5dC+aDvH0ocwPRoRwa0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/b0fc0c-c537-40b4-9b5b-56b006ef0d3b/1/kdAcR_AOZPNcx1LQOzSnG3FAaz8.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/b0fc0c-c537-40b4-9b5b-56b006ef0d3b/1/kdAcR_AOZPNcx1LQOzSnG3FAaz8.mft
rsync://rpki.ripe.net/repository/DEFAULT/kdAcR_AOZPNcx1LQOzSnG3FAaz8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 05:00:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:f6:e3:07:58:53:59:35:78:2a:86:4f:21:c7:16:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91d01c47f00e64f35cc752d03b34a71b71406b3f
Validity
Not Before: Mar 29 05:00:19 2026 GMT
Not After : Mar 30 05:00:19 2026 GMT
Subject: CN=f29ae12d1fe0d178da45d549b7359b176f94a5bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:9a:4e:db:cd:43:7f:0a:f9:8d:e8:a4:d2:93:
86:0c:a6:dd:28:2a:ec:e5:7b:a8:eb:25:76:8f:8c:
64:d5:57:83:3f:57:f9:f6:a5:7e:c9:a9:bd:fb:66:
a9:75:55:9c:26:6a:7e:ba:88:8e:32:4d:4a:df:25:
0e:71:e7:1d:8b:f5:86:61:fe:d5:b2:a0:b7:4e:33:
b4:56:cf:d4:17:92:24:59:17:41:57:0a:3e:7f:76:
03:3f:e9:54:0b:ac:d5:9c:04:df:10:31:ed:bf:1d:
c8:8c:27:13:83:9e:f3:ab:21:29:f3:33:8a:f2:03:
bd:bd:ac:b9:00:c8:33:f6:60:32:4e:5d:62:05:48:
fb:75:63:7d:fc:46:93:6b:d8:d5:69:91:c9:64:96:
65:f5:6f:6a:06:8d:49:fe:8e:64:82:ed:73:d3:20:
ed:58:ab:6d:4d:9e:a7:75:00:9a:c8:9d:a3:4e:fb:
dc:f1:4f:72:c9:b1:a3:3d:68:08:53:e6:80:bb:6b:
41:5b:12:80:40:24:1e:05:a4:05:5a:4a:bf:cf:88:
49:bc:69:20:9a:2a:7b:f8:a7:9d:f1:db:09:2c:42:
56:b6:ad:49:07:8e:2a:73:2a:df:25:e1:9a:53:26:
23:9e:ba:e6:1d:03:cd:c6:7d:66:80:7a:d1:39:23:
a6:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:9A:E1:2D:1F:E0:D1:78:DA:45:D5:49:B7:35:9B:17:6F:94:A5:BF
X509v3 Authority Key Identifier:
keyid:91:D0:1C:47:F0:0E:64:F3:5C:C7:52:D0:3B:34:A7:1B:71:40:6B:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kdAcR_AOZPNcx1LQOzSnG3FAaz8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/b0fc0c-c537-40b4-9b5b-56b006ef0d3b/1/kdAcR_AOZPNcx1LQOzSnG3FAaz8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/b0fc0c-c537-40b4-9b5b-56b006ef0d3b/1/kdAcR_AOZPNcx1LQOzSnG3FAaz8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6f:4b:3c:f8:90:6c:60:2b:66:b4:44:18:d1:bf:05:bd:0f:8e:
dd:cc:6d:ae:af:4d:70:67:c7:98:95:1a:d9:43:9c:90:86:b1:
b0:a0:24:81:6c:97:63:87:4a:40:a1:93:58:78:94:45:59:2c:
53:6e:06:5d:5a:38:31:fb:d7:a4:ef:1d:5a:a6:36:d9:80:bc:
d1:fa:e2:b4:9d:52:1b:8b:cf:c5:5d:7d:6d:d1:0e:72:9d:85:
fe:44:66:26:20:66:a4:1c:f3:12:df:07:3f:b4:6b:b4:18:be:
c3:e0:a9:23:e1:69:b7:12:7d:ab:0c:71:ae:1d:fb:1f:67:52:
0c:5b:99:38:cb:dd:71:6a:00:25:02:d4:27:96:dc:1f:37:42:
77:04:62:07:12:f3:14:bf:96:a8:d0:fb:4c:9c:32:76:09:8d:
bb:97:e9:fb:25:2d:fd:75:c4:02:56:3f:f4:94:f3:06:2b:db:
12:8e:71:d6:e5:b9:4d:6a:54:5c:81:eb:3a:e4:30:c0:b2:1f:
21:9b:72:41:41:2d:b9:d4:80:49:14:68:53:ba:33:f3:9f:91:
8b:4a:a2:78:db:f0:23:14:d4:b0:c1:43:79:19:85:04:3c:ff:
87:f7:16:14:97:ff:e4:fd:0f:e1:b5:74:2b:24:21:4e:f1:9b:
3f:db:67:5e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ039uMHWFNZNXgqhk8hxxZoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxZDAxYzQ3ZjAwZTY0ZjM1Y2M3NTJkMDNiMzRhNzFiNzE0
MDZiM2YwHhcNMjYwMzI5MDUwMDE5WhcNMjYwMzMwMDUwMDE5WjAzMTEwLwYDVQQD
EyhmMjlhZTEyZDFmZTBkMTc4ZGE0NWQ1NDliNzM1OWIxNzZmOTRhNWJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ZpO281Dfwr5jeik0pOGDKbdKCrs
5Xuo6yV2j4xk1VeDP1f59qV+yam9+2apdVWcJmp+uoiOMk1K3yUOcecdi/WGYf7V
sqC3TjO0Vs/UF5IkWRdBVwo+f3YDP+lUC6zVnATfEDHtvx3IjCcTg57zqyEp8zOK
8gO9vay5AMgz9mAyTl1iBUj7dWN9/EaTa9jVaZHJZJZl9W9qBo1J/o5kgu1z0yDt
WKttTZ6ndQCayJ2jTvvc8U9yybGjPWgIU+aAu2tBWxKAQCQeBaQFWkq/z4hJvGkg
mip7+Ked8dsJLEJWtq1JB44qcyrfJeGaUyYjnrrmHQPNxn1mgHrROSOm8wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPKa4S0f4NF42kXVSbc1mxdvlKW/MB8GA1UdIwQY
MBaAFJHQHEfwDmTzXMdS0Ds0pxtxQGs/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2RBY1JfQU9aUE5jeDFMUU96U25HM0ZBYXo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9iMGZjMGMtYzUzNy00MGI0LTliNWIt
NTZiMDA2ZWYwZDNiLzEva2RBY1JfQU9aUE5jeDFMUU96U25HM0ZBYXo4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9iMGZjMGMtYzUzNy00MGI0LTliNWItNTZiMDA2ZWYwZDNi
LzEva2RBY1JfQU9aUE5jeDFMUU96U25HM0ZBYXo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAb0s8+JBs
YCtmtEQY0b8FvQ+O3cxtrq9NcGfHmJUa2UOckIaxsKAkgWyXY4dKQKGTWHiURVks
U24GXVo4MfvXpO8dWqY22YC80fritJ1SG4vPxV19bdEOcp2F/kRmJiBmpBzzEt8H
P7RrtBi+w+CpI+FptxJ9qwxxrh37H2dSDFuZOMvdcWoAJQLUJ5bcHzdCdwRiBxLz
FL+WqND7TJwydgmNu5fp+yUt/XXEAlY/9JTzBivbEo5x1uW5TWpUXIHrOuQwwLIf
IZtyQUEtudSASRRoU7oz85+Ri0qieNvwIxTUsMFDeRmFBDz/h/cWFJf/5P0P4bV0
KyQhTvGbP9tnXg==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:28:20 2026 by rpki-client