Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/fe7296-ec8c-4163-a554-78c017762f9f/1/KLu1TjeCbAOQsEN5J5-OBs_zojQ.mft
File: KLu1TjeCbAOQsEN5J5-OBs_zojQ.mft (raw, json)
Hash identifier: 4jO1CyQNYBxhY50UoXqFuyll/c59U8IegugywZcMmQM=
Subject key identifier: 1A:82:72:9F:D5:7D:F3:EB:74:08:D7:3D:8B:86:C7:8C:EC:EF:96:E8
Authority key identifier: 28:BB:B5:4E:37:82:6C:03:90:B0:43:79:27:9F:8E:06:CF:F3:A2:34
Certificate issuer: /CN=28bbb54e37826c0390b04379279f8e06cff3a234
Certificate serial: 019D3789D19FFBC3DD05B1A1DC18164FFB2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KLu1TjeCbAOQsEN5J5-OBs_zojQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/fe7296-ec8c-4163-a554-78c017762f9f/1/KLu1TjeCbAOQsEN5J5-OBs_zojQ.mft
Manifest number: 07A8
Signing time: Sun 29 Mar 2026 03:01:11 +0000
Manifest this update: Sun 29 Mar 2026 03:01:11 +0000
Manifest next update: Mon 30 Mar 2026 03:01:11 +0000
Files and hashes: 1: KLu1TjeCbAOQsEN5J5-OBs_zojQ.crl (hash: nA9zKj9n9l0DheZX/5x+PRLwevIVOTTUKdl95vZGVhw=)
2: xeHWs-7RIUG_PFunqf-5HW5QAFk.roa (hash: 4aUlYayA4jhd2ohdWDMeKTCA9ihSHArzD+F2fg4MdEs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c4/fe7296-ec8c-4163-a554-78c017762f9f/1/KLu1TjeCbAOQsEN5J5-OBs_zojQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/c4/fe7296-ec8c-4163-a554-78c017762f9f/1/KLu1TjeCbAOQsEN5J5-OBs_zojQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/KLu1TjeCbAOQsEN5J5-OBs_zojQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 03:01:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:89:d1:9f:fb:c3:dd:05:b1:a1:dc:18:16:4f:fb:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28bbb54e37826c0390b04379279f8e06cff3a234
Validity
Not Before: Mar 29 03:01:11 2026 GMT
Not After : Mar 30 03:01:11 2026 GMT
Subject: CN=1a82729fd57df3eb7408d73d8b86c78cecef96e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:6f:62:df:73:bf:89:1a:91:aa:fd:ee:2f:a2:
41:0e:bc:b5:95:6e:5c:80:2c:c1:22:b5:45:26:ab:
74:0f:44:56:73:96:a9:7c:10:45:48:5a:79:a2:28:
42:d2:4e:ae:93:4f:87:35:79:2c:0f:84:d8:f6:79:
36:c5:1a:30:0b:39:4e:f4:77:01:16:cb:64:69:d9:
8e:43:8c:47:9e:a5:5c:3f:82:73:83:6f:db:ef:7d:
79:8b:fd:c4:30:20:8f:83:5d:b5:db:66:9b:be:3f:
91:31:18:6a:b5:23:04:e4:2e:57:f3:c9:ed:75:24:
ea:f2:c3:38:fa:1e:43:54:56:7b:b9:3a:57:ab:46:
eb:45:fb:0e:e0:b9:91:a4:41:21:fc:21:87:5a:19:
9d:de:7b:07:51:a3:ce:1e:c7:70:46:a4:07:06:59:
08:32:46:50:2e:ca:4f:4b:84:7b:98:d1:73:7e:95:
3d:b4:d2:58:ce:56:6c:75:d1:6b:82:7f:10:21:40:
2c:a8:fe:7b:2c:5a:0b:c5:6b:3a:c8:cc:ec:04:2a:
18:85:2e:21:dd:92:33:a3:b8:3d:a5:5a:02:a6:50:
2e:e2:34:bb:0a:16:34:4e:ec:69:7e:6b:c5:a0:ab:
f4:45:c3:94:a0:f9:c7:19:fc:da:e0:e6:37:77:d0:
bb:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:82:72:9F:D5:7D:F3:EB:74:08:D7:3D:8B:86:C7:8C:EC:EF:96:E8
X509v3 Authority Key Identifier:
keyid:28:BB:B5:4E:37:82:6C:03:90:B0:43:79:27:9F:8E:06:CF:F3:A2:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KLu1TjeCbAOQsEN5J5-OBs_zojQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/fe7296-ec8c-4163-a554-78c017762f9f/1/KLu1TjeCbAOQsEN5J5-OBs_zojQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/fe7296-ec8c-4163-a554-78c017762f9f/1/KLu1TjeCbAOQsEN5J5-OBs_zojQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3b:3e:25:36:ec:d0:7d:35:ba:e3:bd:b3:cb:84:27:7d:b0:f1:
e8:9c:33:db:3b:58:b6:b3:bc:e9:03:f9:4e:75:55:24:46:24:
0a:52:47:98:21:1f:0f:c7:63:c9:80:d7:d2:3b:f8:4e:30:ac:
76:3a:8e:dc:7b:91:09:3b:35:55:0d:2b:97:2c:46:5c:ef:fc:
89:5b:dd:9a:8c:88:8a:2d:fe:b8:1c:a4:9e:99:15:85:36:32:
e4:2a:aa:a7:63:57:ba:f7:a7:ce:fc:36:75:a1:88:27:bc:37:
c8:3b:73:62:18:e0:c6:ac:90:b8:8e:2b:1c:2b:d8:ab:e5:fa:
22:09:f0:eb:a2:68:e0:14:61:e3:02:55:b9:09:37:5a:bf:2c:
0a:ee:3b:a9:55:d2:b5:5e:1b:59:a8:5e:af:67:6a:8c:27:11:
90:aa:10:b0:63:77:ec:89:0e:41:7a:48:62:3f:62:18:b4:58:
32:7e:53:98:29:08:6b:b7:7c:8c:e0:9e:9a:f2:3a:9b:31:f9:
be:eb:e6:02:70:99:cf:2d:04:72:02:4c:19:92:8b:b5:41:00:
57:fd:b8:cd:9c:86:5d:b6:fd:16:84:45:36:c0:62:2a:42:66:
a4:e8:42:07:8c:23:8a:a7:00:fa:13:e6:f0:3d:ba:cb:49:dc:
51:94:78:f2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03idGf+8PdBbGh3BgWT/stMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4YmJiNTRlMzc4MjZjMDM5MGIwNDM3OTI3OWY4ZTA2Y2Zm
M2EyMzQwHhcNMjYwMzI5MDMwMTExWhcNMjYwMzMwMDMwMTExWjAzMTEwLwYDVQQD
EygxYTgyNzI5ZmQ1N2RmM2ViNzQwOGQ3M2Q4Yjg2Yzc4Y2VjZWY5NmU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2m9i33O/iRqRqv3uL6JBDry1lW5c
gCzBIrVFJqt0D0RWc5apfBBFSFp5oihC0k6uk0+HNXksD4TY9nk2xRowCzlO9HcB
FstkadmOQ4xHnqVcP4Jzg2/b7315i/3EMCCPg12122abvj+RMRhqtSME5C5X88nt
dSTq8sM4+h5DVFZ7uTpXq0brRfsO4LmRpEEh/CGHWhmd3nsHUaPOHsdwRqQHBlkI
MkZQLspPS4R7mNFzfpU9tNJYzlZsddFrgn8QIUAsqP57LFoLxWs6yMzsBCoYhS4h
3ZIzo7g9pVoCplAu4jS7ChY0TuxpfmvFoKv0RcOUoPnHGfza4OY3d9C7ZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBqCcp/VffPrdAjXPYuGx4zs75boMB8GA1UdIwQY
MBaAFCi7tU43gmwDkLBDeSefjgbP86I0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0x1MVRqZUNiQU9Rc0VONUo1LU9Cc196b2pRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC9mZTcyOTYtZWM4Yy00MTYzLWE1NTQt
NzhjMDE3NzYyZjlmLzEvS0x1MVRqZUNiQU9Rc0VONUo1LU9Cc196b2pRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC9mZTcyOTYtZWM4Yy00MTYzLWE1NTQtNzhjMDE3NzYyZjlm
LzEvS0x1MVRqZUNiQU9Rc0VONUo1LU9Cc196b2pRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOz4lNuzQ
fTW6472zy4QnfbDx6Jwz2ztYtrO86QP5TnVVJEYkClJHmCEfD8djyYDX0jv4TjCs
djqO3HuRCTs1VQ0rlyxGXO/8iVvdmoyIii3+uByknpkVhTYy5Cqqp2NXuvenzvw2
daGIJ7w3yDtzYhjgxqyQuI4rHCvYq+X6Ignw66Jo4BRh4wJVuQk3Wr8sCu47qVXS
tV4bWaher2dqjCcRkKoQsGN37IkOQXpIYj9iGLRYMn5TmCkIa7d8jOCemvI6mzH5
vuvmAnCZzy0EcgJMGZKLtUEAV/24zZyGXbb9FoRFNsBiKkJmpOhCB4wjiqcA+hPm
8D26y0ncUZR48g==
-----END CERTIFICATE-----
Generated at Sun Mar 29 13:48:59 2026 by rpki-client