Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/11477c-8452-4abb-9147-f0b09c0c90c7/1/KRKNnU8aVulw-HRtaCesESD5Jmc.mft
File: KRKNnU8aVulw-HRtaCesESD5Jmc.mft (raw, json)
Hash identifier: zkCOm/ZHRH724J4DcTxZIVBPbvsRRp3QnIUjKI0L97I=
Subject key identifier: 48:2A:A5:A0:C1:3F:BE:3A:A0:2E:E8:E7:DB:BC:C5:FE:3F:98:3D:37
Authority key identifier: 29:12:8D:9D:4F:1A:56:E9:70:F8:74:6D:68:27:AC:11:20:F9:26:67
Certificate issuer: /CN=29128d9d4f1a56e970f8746d6827ac1120f92667
Certificate serial: 019DCDF57720B875C95AC41A558C0D9B4687
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KRKNnU8aVulw-HRtaCesESD5Jmc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/11477c-8452-4abb-9147-f0b09c0c90c7/1/KRKNnU8aVulw-HRtaCesESD5Jmc.mft
Manifest number: 03E2
Signing time: Mon 27 Apr 2026 08:01:49 +0000
Manifest this update: Mon 27 Apr 2026 08:01:49 +0000
Manifest next update: Tue 28 Apr 2026 08:01:49 +0000
Files and hashes: 1: 8KaJwIuZexyBoZjYRmZrjQf9lJQ.roa (hash: LrRg49gpH/+ELMxEyexBUIqT8W2t/5VIfE4dXyblhxM=)
2: KRKNnU8aVulw-HRtaCesESD5Jmc.crl (hash: ZlFOhxH+1oHoerkGPIMuNIE+J3EGezQJt6itmTEJsqg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cb/11477c-8452-4abb-9147-f0b09c0c90c7/1/KRKNnU8aVulw-HRtaCesESD5Jmc.crl
rsync://rpki.ripe.net/repository/DEFAULT/cb/11477c-8452-4abb-9147-f0b09c0c90c7/1/KRKNnU8aVulw-HRtaCesESD5Jmc.mft
rsync://rpki.ripe.net/repository/DEFAULT/KRKNnU8aVulw-HRtaCesESD5Jmc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Apr 2026 08:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:cd:f5:77:20:b8:75:c9:5a:c4:1a:55:8c:0d:9b:46:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29128d9d4f1a56e970f8746d6827ac1120f92667
Validity
Not Before: Apr 27 08:01:49 2026 GMT
Not After : Apr 28 08:01:49 2026 GMT
Subject: CN=482aa5a0c13fbe3aa02ee8e7dbbcc5fe3f983d37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:ad:44:b6:1c:87:b3:80:88:93:0f:c1:cf:1e:
6b:74:c4:35:1f:6f:9c:11:4d:23:a5:d5:88:89:4c:
36:90:6b:bd:44:5b:66:0d:67:e5:a8:fc:8c:9d:8f:
b5:0a:9a:24:09:02:1a:c0:7a:b6:ec:19:4d:32:12:
9b:0d:5f:2a:1e:5c:94:fe:af:26:24:37:10:fb:b6:
fa:e6:8b:db:10:d1:b1:8a:bb:0a:86:3b:7f:6f:d7:
d6:67:54:6a:4a:b2:88:c9:1a:13:66:74:e0:98:ae:
2a:f7:29:37:51:21:52:73:b0:01:43:97:7d:17:11:
5a:9c:49:82:49:11:9e:7c:45:b3:fa:5d:08:fd:97:
eb:a9:f4:6c:0b:0b:e2:f7:5e:3c:8c:92:4b:2a:f4:
a5:70:f9:28:14:46:d6:bd:8a:0d:77:2d:95:e6:d2:
13:a2:d2:e7:d6:d2:b6:5a:36:0e:54:1b:2c:aa:d8:
8b:96:43:ed:cf:78:53:c5:a5:28:8b:d3:9f:b0:14:
69:d1:f2:77:70:84:33:d2:97:56:5d:a4:39:4f:85:
9b:7f:1f:6a:97:4a:d4:8e:52:0f:b9:b6:91:91:83:
f0:75:ec:7d:b5:6a:c7:f3:8e:ec:03:31:f8:29:f2:
cd:3e:70:2a:9a:f7:cf:99:41:e6:a8:54:f3:54:0f:
3b:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:2A:A5:A0:C1:3F:BE:3A:A0:2E:E8:E7:DB:BC:C5:FE:3F:98:3D:37
X509v3 Authority Key Identifier:
keyid:29:12:8D:9D:4F:1A:56:E9:70:F8:74:6D:68:27:AC:11:20:F9:26:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KRKNnU8aVulw-HRtaCesESD5Jmc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/11477c-8452-4abb-9147-f0b09c0c90c7/1/KRKNnU8aVulw-HRtaCesESD5Jmc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/11477c-8452-4abb-9147-f0b09c0c90c7/1/KRKNnU8aVulw-HRtaCesESD5Jmc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
26:5b:9a:cc:08:70:c8:03:74:b0:54:da:83:ad:c4:b0:b2:4b:
a7:48:e8:38:4c:06:11:f5:57:e3:01:a0:26:67:6c:9a:bf:9d:
8c:53:f4:37:e3:ce:ea:cf:9e:13:a8:43:a2:36:73:14:d8:fc:
11:73:73:cb:7d:7d:2c:a7:94:b6:42:2f:06:49:f5:2e:96:08:
da:d0:b0:a0:eb:1e:2a:de:0e:6f:14:ff:e6:b8:d1:c9:41:dc:
4d:98:da:c1:1f:da:c1:a8:24:62:5a:7d:5a:09:d0:31:43:54:
e1:c2:ce:ed:89:ed:ad:89:ff:1f:b7:e5:42:4d:4c:e1:cb:7c:
57:4e:ee:cd:57:52:7a:c8:8d:9f:b7:9c:8c:af:f6:ff:40:e3:
42:4d:8a:78:59:ff:0e:00:9e:e3:79:83:8e:2f:0b:11:38:24:
1e:06:4e:d2:3c:25:5f:dc:4f:e8:8a:b6:70:03:b1:d2:86:66:
40:07:1a:99:f0:29:87:02:3f:d4:a3:20:ad:f9:e6:b5:19:3a:
41:0b:e9:ff:c7:a4:db:40:f7:70:c7:e7:c5:79:3c:4f:b0:e3:
5d:2b:d0:b2:1d:0d:0e:30:41:a6:ca:c6:11:31:2a:78:35:b7:
8f:b7:36:08:f9:74:95:a9:7c:ec:60:09:9e:0e:4b:47:aa:e7:
0d:ed:7f:e9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ3N9XcguHXJWsQaVYwNm0aHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MTI4ZDlkNGYxYTU2ZTk3MGY4NzQ2ZDY4MjdhYzExMjBm
OTI2NjcwHhcNMjYwNDI3MDgwMTQ5WhcNMjYwNDI4MDgwMTQ5WjAzMTEwLwYDVQQD
Eyg0ODJhYTVhMGMxM2ZiZTNhYTAyZWU4ZTdkYmJjYzVmZTNmOTgzZDM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoK1EthyHs4CIkw/Bzx5rdMQ1H2+c
EU0jpdWIiUw2kGu9RFtmDWflqPyMnY+1CpokCQIawHq27BlNMhKbDV8qHlyU/q8m
JDcQ+7b65ovbENGxirsKhjt/b9fWZ1RqSrKIyRoTZnTgmK4q9yk3USFSc7ABQ5d9
FxFanEmCSRGefEWz+l0I/ZfrqfRsCwvi9148jJJLKvSlcPkoFEbWvYoNdy2V5tIT
otLn1tK2WjYOVBssqtiLlkPtz3hTxaUoi9OfsBRp0fJ3cIQz0pdWXaQ5T4Wbfx9q
l0rUjlIPubaRkYPwdex9tWrH847sAzH4KfLNPnAqmvfPmUHmqFTzVA870QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEgqpaDBP746oC7o59u8xf4/mD03MB8GA1UdIwQY
MBaAFCkSjZ1PGlbpcPh0bWgnrBEg+SZnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1JLTm5VOGFWdWx3LUhSdGFDZXNFU0Q1Sm1jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi8xMTQ3N2MtODQ1Mi00YWJiLTkxNDct
ZjBiMDljMGM5MGM3LzEvS1JLTm5VOGFWdWx3LUhSdGFDZXNFU0Q1Sm1jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi8xMTQ3N2MtODQ1Mi00YWJiLTkxNDctZjBiMDljMGM5MGM3
LzEvS1JLTm5VOGFWdWx3LUhSdGFDZXNFU0Q1Sm1jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJluazAhw
yAN0sFTag63EsLJLp0joOEwGEfVX4wGgJmdsmr+djFP0N+PO6s+eE6hDojZzFNj8
EXNzy319LKeUtkIvBkn1LpYI2tCwoOseKt4ObxT/5rjRyUHcTZjawR/awagkYlp9
WgnQMUNU4cLO7YntrYn/H7flQk1M4ct8V07uzVdSesiNn7ecjK/2/0DjQk2KeFn/
DgCe43mDji8LETgkHgZO0jwlX9xP6Iq2cAOx0oZmQAcamfAphwI/1KMgrfnmtRk6
QQvp/8ek20D3cMfnxXk8T7DjXSvQsh0NDjBBpsrGETEqeDW3j7c2CPl0lal87GAJ
ng5LR6rnDe1/6Q==
-----END CERTIFICATE-----
Generated at Mon Apr 27 16:05:54 2026 by rpki-client