Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/d2ff5b-0008-4572-9380-976c04bdf18f/1/KeoL3n9pK8X9wLFoumFKAnLy5k0.mft
File: KeoL3n9pK8X9wLFoumFKAnLy5k0.mft (raw, json)
Hash identifier: +V7LcsglTGiJEzdNodOz1JKf1YnE/zPFNGE2/S13laI=
Subject key identifier: 63:CA:5F:A3:54:4D:F2:E6:3E:1D:A3:AC:D8:DE:A1:A9:9C:36:99:37
Authority key identifier: 29:EA:0B:DE:7F:69:2B:C5:FD:C0:B1:68:BA:61:4A:02:72:F2:E6:4D
Certificate issuer: /CN=29ea0bde7f692bc5fdc0b168ba614a0272f2e64d
Certificate serial: 019DCED0383494026A3926E639F493D605AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KeoL3n9pK8X9wLFoumFKAnLy5k0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/d2ff5b-0008-4572-9380-976c04bdf18f/1/KeoL3n9pK8X9wLFoumFKAnLy5k0.mft
Manifest number: 0F48
Signing time: Mon 27 Apr 2026 12:00:45 +0000
Manifest this update: Mon 27 Apr 2026 12:00:45 +0000
Manifest next update: Tue 28 Apr 2026 12:00:45 +0000
Files and hashes: 1: AoiLP-aKiV68_RegC3FR8BLmoTY.roa (hash: cAZegRRMeuO3/yO4SqdfyQYoOuuZTcc84vu6Tr6LRDs=)
2: KeoL3n9pK8X9wLFoumFKAnLy5k0.crl (hash: UyqJc+hPTd7KQlmUOHaZ3yL69gxB8OFs7aqhLjujPDM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/d2ff5b-0008-4572-9380-976c04bdf18f/1/KeoL3n9pK8X9wLFoumFKAnLy5k0.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/d2ff5b-0008-4572-9380-976c04bdf18f/1/KeoL3n9pK8X9wLFoumFKAnLy5k0.mft
rsync://rpki.ripe.net/repository/DEFAULT/KeoL3n9pK8X9wLFoumFKAnLy5k0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Apr 2026 12:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:ce:d0:38:34:94:02:6a:39:26:e6:39:f4:93:d6:05:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29ea0bde7f692bc5fdc0b168ba614a0272f2e64d
Validity
Not Before: Apr 27 12:00:45 2026 GMT
Not After : Apr 28 12:00:45 2026 GMT
Subject: CN=63ca5fa3544df2e63e1da3acd8dea1a99c369937
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:45:c9:0a:a0:68:a6:8c:41:0c:c7:2c:90:72:
df:6c:48:1f:d8:f4:fc:3a:f2:d0:0e:c8:06:1b:a2:
8a:fb:0f:c9:ed:1f:cb:c8:54:06:23:fe:01:89:01:
65:05:d4:c7:c2:16:bc:a6:e7:ed:3e:b7:50:37:70:
d4:18:db:ca:98:76:25:4a:9c:1c:a8:ee:1d:55:07:
85:b5:fd:0d:c8:aa:cb:6c:98:64:1a:cb:c8:8a:f1:
1a:9c:19:27:0c:41:06:97:23:3b:90:8f:5a:02:5d:
e4:a6:23:9a:17:58:4a:0a:29:12:5a:51:ac:8b:d3:
9f:37:42:4b:e8:da:9b:a5:3e:af:7b:5e:b7:80:9b:
d9:51:34:a7:7d:40:d4:de:d4:d9:69:7b:c1:82:44:
7c:18:63:c2:dc:33:d3:d2:b0:20:cf:4a:55:d1:0c:
26:4d:2a:7d:8a:ba:b2:63:b1:9e:bb:83:e0:ff:5b:
e3:db:a1:6d:ce:a4:3e:83:e4:83:4f:d8:67:77:1f:
eb:67:3f:dc:07:a0:ed:dc:da:ad:5c:66:59:b6:1a:
32:46:2d:74:1f:10:ba:58:a5:1f:93:fe:31:2f:05:
3c:f8:2a:ca:8a:2b:84:aa:5d:2b:67:14:60:26:4b:
8b:93:2e:63:12:3b:aa:26:1e:83:66:b7:02:66:bb:
f7:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:CA:5F:A3:54:4D:F2:E6:3E:1D:A3:AC:D8:DE:A1:A9:9C:36:99:37
X509v3 Authority Key Identifier:
keyid:29:EA:0B:DE:7F:69:2B:C5:FD:C0:B1:68:BA:61:4A:02:72:F2:E6:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KeoL3n9pK8X9wLFoumFKAnLy5k0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/d2ff5b-0008-4572-9380-976c04bdf18f/1/KeoL3n9pK8X9wLFoumFKAnLy5k0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/d2ff5b-0008-4572-9380-976c04bdf18f/1/KeoL3n9pK8X9wLFoumFKAnLy5k0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3d:58:68:76:e2:c7:f4:2f:72:37:9a:9b:e0:02:4b:84:fe:f1:
3f:ee:ef:0a:b1:be:6b:f9:a0:e3:ba:da:24:b9:32:8d:38:39:
43:e7:54:fb:0a:5e:e2:17:c8:f2:ec:ba:de:b1:4b:23:31:40:
67:d5:45:4c:f4:89:e5:df:d7:b2:79:f4:b0:21:36:27:f5:6e:
3e:ed:a2:67:f5:bc:cf:f0:9e:ac:f4:88:64:5b:09:06:fa:4f:
9a:21:7e:ad:fc:6d:89:65:31:f6:4e:5b:85:10:78:06:09:0f:
fa:c5:56:f6:66:08:e0:c2:a4:ac:f7:f2:ee:79:1d:09:9a:43:
10:cd:df:3e:9f:a7:c2:ae:31:8a:35:e1:f6:96:2b:27:09:25:
42:7e:7a:11:c8:8e:6d:da:4c:4d:ce:28:54:b5:ee:8c:ab:4c:
3c:e7:78:56:7c:00:0b:e2:2c:6a:5e:59:0a:27:1c:f1:4a:fd:
24:f9:55:7f:70:a4:f2:f4:5b:a3:63:f0:de:9b:c3:5e:d4:f5:
8b:7a:0c:22:21:db:ea:23:85:25:ed:14:d9:52:70:bf:ce:4a:
ae:d2:45:39:eb:46:fd:99:9c:46:c0:ea:53:2d:8a:de:ab:24:
1f:ef:25:f8:6d:d5:50:4b:e0:97:cb:e2:3e:70:76:ae:9c:b5:
a3:42:80:9d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ3O0Dg0lAJqOSbmOfST1gWtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZWEwYmRlN2Y2OTJiYzVmZGMwYjE2OGJhNjE0YTAyNzJm
MmU2NGQwHhcNMjYwNDI3MTIwMDQ1WhcNMjYwNDI4MTIwMDQ1WjAzMTEwLwYDVQQD
Eyg2M2NhNWZhMzU0NGRmMmU2M2UxZGEzYWNkOGRlYTFhOTljMzY5OTM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxUXJCqBopoxBDMcskHLfbEgf2PT8
OvLQDsgGG6KK+w/J7R/LyFQGI/4BiQFlBdTHwha8puftPrdQN3DUGNvKmHYlSpwc
qO4dVQeFtf0NyKrLbJhkGsvIivEanBknDEEGlyM7kI9aAl3kpiOaF1hKCikSWlGs
i9OfN0JL6NqbpT6ve163gJvZUTSnfUDU3tTZaXvBgkR8GGPC3DPT0rAgz0pV0Qwm
TSp9irqyY7Geu4Pg/1vj26FtzqQ+g+SDT9hndx/rZz/cB6Dt3NqtXGZZthoyRi10
HxC6WKUfk/4xLwU8+CrKiiuEql0rZxRgJkuLky5jEjuqJh6DZrcCZrv3/QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGPKX6NUTfLmPh2jrNjeoamcNpk3MB8GA1UdIwQY
MBaAFCnqC95/aSvF/cCxaLphSgJy8uZNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2VvTDNuOXBLOFg5d0xGb3VtRktBbkx5NWswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC9kMmZmNWItMDAwOC00NTcyLTkzODAt
OTc2YzA0YmRmMThmLzEvS2VvTDNuOXBLOFg5d0xGb3VtRktBbkx5NWswLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC9kMmZmNWItMDAwOC00NTcyLTkzODAtOTc2YzA0YmRmMThm
LzEvS2VvTDNuOXBLOFg5d0xGb3VtRktBbkx5NWswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPVhoduLH
9C9yN5qb4AJLhP7xP+7vCrG+a/mg47raJLkyjTg5Q+dU+wpe4hfI8uy63rFLIzFA
Z9VFTPSJ5d/Xsnn0sCE2J/VuPu2iZ/W8z/CerPSIZFsJBvpPmiF+rfxtiWUx9k5b
hRB4BgkP+sVW9mYI4MKkrPfy7nkdCZpDEM3fPp+nwq4xijXh9pYrJwklQn56EciO
bdpMTc4oVLXujKtMPOd4VnwAC+Isal5ZCicc8Ur9JPlVf3Ck8vRbo2Pw3pvDXtT1
i3oMIiHb6iOFJe0U2VJwv85KrtJFOetG/ZmcRsDqUy2K3qskH+8l+G3VUEvgl8vi
PnB2rpy1o0KAnQ==
-----END CERTIFICATE-----
Generated at Mon Apr 27 19:47:52 2026 by rpki-client