Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/ee4732-c3ba-4088-a5fa-eb653d3622bb/1/MKNPnR29IKqH-w9ivStsXjDGFKI.mft
File: MKNPnR29IKqH-w9ivStsXjDGFKI.mft (raw, json)
Hash identifier: Q8fkWrOsa3zfwDNgdnIADjIOWU8bnEHhM8ZFXC/mYKQ=
Subject key identifier: 8E:3A:A9:F7:B9:E0:77:C0:22:8E:1F:E7:CE:D2:32:9A:6F:8A:A5:23
Authority key identifier: 30:A3:4F:9D:1D:BD:20:AA:87:FB:0F:62:BD:2B:6C:5E:30:C6:14:A2
Certificate issuer: /CN=30a34f9d1dbd20aa87fb0f62bd2b6c5e30c614a2
Certificate serial: 019DCDF596AD3C03BF57DC6494ED6FF34A95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MKNPnR29IKqH-w9ivStsXjDGFKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/ee4732-c3ba-4088-a5fa-eb653d3622bb/1/MKNPnR29IKqH-w9ivStsXjDGFKI.mft
Manifest number: 099B
Signing time: Mon 27 Apr 2026 08:01:57 +0000
Manifest this update: Mon 27 Apr 2026 08:01:57 +0000
Manifest next update: Tue 28 Apr 2026 08:01:57 +0000
Files and hashes: 1: Cj5p4m8nBSHqFI7cIXQ0jxVaZqs.roa (hash: L+v38GzXEltb5Lhi/QksoQvn5l/DyY6ZKL5vW/SAZU0=)
2: ME0H6FJMomj5qNZa55hYa_mg8BI.roa (hash: 9JjtlUlu4wsnh6OKmL8KpV7lEe7W07be+5Wu0KAr73g=)
3: MKNPnR29IKqH-w9ivStsXjDGFKI.crl (hash: MLCe7hHa6aR9itBbaswzOpebu5MrCZgls39pEsLcYeQ=)
4: mxim8hiMW6KSmM1j_q23upqnj0k.roa (hash: hg33XIuLOCBoWLYKxDMan6DF9gxch5zAkStGQyi0GIM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/ee4732-c3ba-4088-a5fa-eb653d3622bb/1/MKNPnR29IKqH-w9ivStsXjDGFKI.crl
rsync://rpki.ripe.net/repository/DEFAULT/dc/ee4732-c3ba-4088-a5fa-eb653d3622bb/1/MKNPnR29IKqH-w9ivStsXjDGFKI.mft
rsync://rpki.ripe.net/repository/DEFAULT/MKNPnR29IKqH-w9ivStsXjDGFKI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Apr 2026 08:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:cd:f5:96:ad:3c:03:bf:57:dc:64:94:ed:6f:f3:4a:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=30a34f9d1dbd20aa87fb0f62bd2b6c5e30c614a2
Validity
Not Before: Apr 27 08:01:57 2026 GMT
Not After : Apr 28 08:01:57 2026 GMT
Subject: CN=8e3aa9f7b9e077c0228e1fe7ced2329a6f8aa523
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:3b:e2:0b:db:9b:30:98:32:81:79:44:12:4c:
72:0e:75:a4:9c:d1:46:2e:f7:87:5c:1d:a0:d1:df:
88:ed:8c:c3:80:cd:d7:38:18:fe:81:50:73:53:a6:
d2:ce:2d:8e:d5:af:02:f0:17:6b:ca:85:d3:d7:a7:
20:58:64:7d:d3:1b:7d:af:3b:c2:8b:8d:93:e7:69:
8f:ef:93:3a:1d:f5:bd:96:0c:18:52:25:1d:42:5c:
83:76:96:6b:25:d5:1a:d0:c8:cd:c9:f6:b4:99:af:
d9:d8:e8:47:bc:ee:cb:1d:c9:ac:36:fb:ab:6a:4f:
b3:2d:9c:86:7c:88:8e:94:a1:ac:7c:08:b1:8f:14:
01:66:2e:07:b1:22:e8:84:0e:70:25:32:15:b7:4b:
a0:dd:5e:dd:28:cd:37:40:52:14:37:22:79:41:fa:
77:56:15:d4:0a:7a:a8:08:d4:41:a9:28:3f:e5:e8:
a9:a9:38:9f:55:81:8d:28:5a:c5:e1:b2:fb:77:3c:
7b:40:56:95:80:db:5f:8f:cf:86:89:75:52:46:70:
6e:f2:35:54:0a:56:e1:b8:7e:28:d0:33:eb:51:d7:
21:06:a2:8a:61:1e:07:5e:f4:af:e5:f9:53:55:c1:
6e:ea:34:1e:2c:4e:65:0b:36:32:79:f0:8a:79:6c:
31:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:3A:A9:F7:B9:E0:77:C0:22:8E:1F:E7:CE:D2:32:9A:6F:8A:A5:23
X509v3 Authority Key Identifier:
keyid:30:A3:4F:9D:1D:BD:20:AA:87:FB:0F:62:BD:2B:6C:5E:30:C6:14:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MKNPnR29IKqH-w9ivStsXjDGFKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/ee4732-c3ba-4088-a5fa-eb653d3622bb/1/MKNPnR29IKqH-w9ivStsXjDGFKI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/ee4732-c3ba-4088-a5fa-eb653d3622bb/1/MKNPnR29IKqH-w9ivStsXjDGFKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4d:55:7e:b7:36:fa:18:47:aa:3a:54:9c:8b:1f:f2:1b:63:a3:
f0:50:89:0a:73:0b:68:4b:50:b5:75:4b:a8:eb:80:14:4d:69:
77:e1:bd:a2:dc:bb:2a:67:0b:6a:7d:32:74:0b:de:48:93:6f:
53:15:61:d2:cf:a7:88:16:cd:97:ab:d3:47:50:73:c5:09:7c:
6f:69:30:c5:d4:0a:3b:28:7c:28:4f:80:43:3c:c6:27:c2:49:
48:72:4d:6b:de:86:e8:15:1e:65:a5:fc:3e:76:53:3f:35:23:
25:c6:c2:25:d9:7a:0d:39:02:cf:30:35:94:67:03:13:a0:ed:
4a:9d:53:a7:8a:de:a7:d6:7b:69:e4:fd:68:e3:36:98:11:92:
15:cd:b6:25:c6:95:54:2c:02:bd:f2:b5:79:96:51:c2:d9:5c:
f6:dc:b3:7b:34:52:01:d2:d9:5b:f0:62:36:f2:60:d2:d9:7e:
ef:3e:c7:e8:06:b0:8c:15:de:25:29:10:75:c0:7d:c1:c3:8a:
d2:87:b4:45:19:a6:4e:b3:e4:6f:d9:d8:6e:cd:6e:51:d7:2d:
5c:ae:5f:14:fa:23:41:5f:77:33:5b:a9:74:b8:59:48:36:1b:
66:27:dc:d0:af:fc:ee:c6:d3:f3:e7:38:56:65:81:47:66:f4:
0b:51:0f:ba
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ3N9ZatPAO/V9xklO1v80qVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwYTM0ZjlkMWRiZDIwYWE4N2ZiMGY2MmJkMmI2YzVlMzBj
NjE0YTIwHhcNMjYwNDI3MDgwMTU3WhcNMjYwNDI4MDgwMTU3WjAzMTEwLwYDVQQD
Eyg4ZTNhYTlmN2I5ZTA3N2MwMjI4ZTFmZTdjZWQyMzI5YTZmOGFhNTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyTviC9ubMJgygXlEEkxyDnWknNFG
LveHXB2g0d+I7YzDgM3XOBj+gVBzU6bSzi2O1a8C8BdryoXT16cgWGR90xt9rzvC
i42T52mP75M6HfW9lgwYUiUdQlyDdpZrJdUa0MjNyfa0ma/Z2OhHvO7LHcmsNvur
ak+zLZyGfIiOlKGsfAixjxQBZi4HsSLohA5wJTIVt0ug3V7dKM03QFIUNyJ5Qfp3
VhXUCnqoCNRBqSg/5eipqTifVYGNKFrF4bL7dzx7QFaVgNtfj8+GiXVSRnBu8jVU
ClbhuH4o0DPrUdchBqKKYR4HXvSv5flTVcFu6jQeLE5lCzYyefCKeWwxewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI46qfe54HfAIo4f587SMppviqUjMB8GA1UdIwQY
MBaAFDCjT50dvSCqh/sPYr0rbF4wxhSiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUtOUG5SMjlJS3FILXc5aXZTdHNYakRHRktJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9lZTQ3MzItYzNiYS00MDg4LWE1ZmEt
ZWI2NTNkMzYyMmJiLzEvTUtOUG5SMjlJS3FILXc5aXZTdHNYakRHRktJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9lZTQ3MzItYzNiYS00MDg4LWE1ZmEtZWI2NTNkMzYyMmJi
LzEvTUtOUG5SMjlJS3FILXc5aXZTdHNYakRHRktJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATVV+tzb6
GEeqOlScix/yG2Oj8FCJCnMLaEtQtXVLqOuAFE1pd+G9oty7KmcLan0ydAveSJNv
UxVh0s+niBbNl6vTR1BzxQl8b2kwxdQKOyh8KE+AQzzGJ8JJSHJNa96G6BUeZaX8
PnZTPzUjJcbCJdl6DTkCzzA1lGcDE6DtSp1Tp4rep9Z7aeT9aOM2mBGSFc22JcaV
VCwCvfK1eZZRwtlc9tyzezRSAdLZW/BiNvJg0tl+7z7H6AawjBXeJSkQdcB9wcOK
0oe0RRmmTrPkb9nYbs1uUdctXK5fFPojQV93M1updLhZSDYbZifc0K/87sbT8+c4
VmWBR2b0C1EPug==
-----END CERTIFICATE-----
Generated at Mon Apr 27 15:42:05 2026 by rpki-client