Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/1d72ce-be4c-4498-a823-3aebc9f817ce/1/KXpCKXFPNOKdPZKyX3tZx0jw38Y.mft
File: KXpCKXFPNOKdPZKyX3tZx0jw38Y.mft (raw, json)
Hash identifier: Bb5FCgRKnVWDw0L4+cjnvUFvRvrTZkvjROR9Bes8nz8=
Subject key identifier: 7A:2E:D0:D5:99:93:E9:EB:94:C8:79:1E:B6:F7:ED:60:65:BF:C5:0B
Authority key identifier: 29:7A:42:29:71:4F:34:E2:9D:3D:92:B2:5F:7B:59:C7:48:F0:DF:C6
Certificate issuer: /CN=297a4229714f34e29d3d92b25f7b59c748f0dfc6
Certificate serial: 019D390989255C499FD667F1CF362BC23FDD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KXpCKXFPNOKdPZKyX3tZx0jw38Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/1d72ce-be4c-4498-a823-3aebc9f817ce/1/KXpCKXFPNOKdPZKyX3tZx0jw38Y.mft
Manifest number: 0B1E
Signing time: Sun 29 Mar 2026 10:00:19 +0000
Manifest this update: Sun 29 Mar 2026 10:00:19 +0000
Manifest next update: Mon 30 Mar 2026 10:00:19 +0000
Files and hashes: 1: KXpCKXFPNOKdPZKyX3tZx0jw38Y.crl (hash: 2glAAeBXIxgLJaZlUMiRUdroCopO+5V+u6Fy1/QrbZE=)
2: xzFbm4sk1g_z1hTqJzkSoYGfwII.roa (hash: vGpqbjJ2sbADDdZ1dTIQ9ghtcR849/Jhk0Pb4QG33k4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e4/1d72ce-be4c-4498-a823-3aebc9f817ce/1/KXpCKXFPNOKdPZKyX3tZx0jw38Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/e4/1d72ce-be4c-4498-a823-3aebc9f817ce/1/KXpCKXFPNOKdPZKyX3tZx0jw38Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/KXpCKXFPNOKdPZKyX3tZx0jw38Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:09:89:25:5c:49:9f:d6:67:f1:cf:36:2b:c2:3f:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=297a4229714f34e29d3d92b25f7b59c748f0dfc6
Validity
Not Before: Mar 29 10:00:19 2026 GMT
Not After : Mar 30 10:00:19 2026 GMT
Subject: CN=7a2ed0d59993e9eb94c8791eb6f7ed6065bfc50b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:86:ca:5e:95:0c:98:de:53:95:06:f9:2b:bf:
b1:ea:4e:30:c8:6f:c1:bc:53:70:36:94:2c:49:d5:
c4:57:69:32:06:6b:0b:80:45:0f:a9:26:1f:8b:ce:
78:90:5b:78:4f:09:e9:81:69:ad:a5:ec:0b:7d:1f:
b6:fd:e0:ae:24:db:ba:44:d1:b1:d5:ae:7d:5d:83:
a1:8f:d4:a7:0c:e3:f4:b6:ea:52:88:ea:bd:30:6c:
7e:5c:93:6c:50:bc:2c:cb:c2:eb:03:fd:82:48:62:
c4:d8:bc:1b:35:d3:d3:bb:59:68:32:bd:e4:6c:78:
e3:6e:3b:e9:75:13:46:71:73:08:42:f9:43:50:55:
e8:08:cd:d6:e7:38:d0:68:9b:a3:11:89:f1:02:d6:
6c:14:2c:62:7f:f6:08:4e:42:a2:71:11:66:0b:c0:
14:ad:20:4b:80:6b:dc:ff:8a:07:58:5d:b2:51:54:
97:6a:29:50:d9:cc:e5:5d:c2:35:2e:ee:08:f0:09:
c1:45:bd:ca:f7:9b:d8:8f:e2:cf:10:8e:0e:db:0c:
42:82:fd:0f:92:aa:5c:8e:cb:4b:b4:9b:f7:9d:05:
59:38:c7:44:36:1e:dc:a4:f4:23:a4:e1:44:e9:9a:
3d:2c:a1:55:52:07:fd:ad:50:58:57:a8:4c:40:59:
53:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:2E:D0:D5:99:93:E9:EB:94:C8:79:1E:B6:F7:ED:60:65:BF:C5:0B
X509v3 Authority Key Identifier:
keyid:29:7A:42:29:71:4F:34:E2:9D:3D:92:B2:5F:7B:59:C7:48:F0:DF:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KXpCKXFPNOKdPZKyX3tZx0jw38Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/1d72ce-be4c-4498-a823-3aebc9f817ce/1/KXpCKXFPNOKdPZKyX3tZx0jw38Y.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/1d72ce-be4c-4498-a823-3aebc9f817ce/1/KXpCKXFPNOKdPZKyX3tZx0jw38Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
83:be:2e:58:02:36:a8:5f:e2:59:b6:3e:19:43:08:80:8a:3f:
18:0a:7f:05:15:ec:6a:43:b7:b4:f4:53:a4:d9:3e:79:38:20:
3d:fe:df:8e:80:7f:32:fe:e3:5f:2f:b9:ea:21:c1:8e:98:11:
25:e9:a6:d2:e4:8a:4a:78:37:5f:43:e0:68:59:75:61:ab:fe:
54:32:90:0e:3b:67:f6:87:f7:e6:2e:8c:e9:13:63:5b:74:fb:
06:ef:1a:b7:fb:d2:e6:ea:d6:b0:9e:7c:a6:d8:c8:80:89:6d:
cf:4f:ad:00:43:3f:d1:0d:30:f0:c1:62:c1:04:7e:85:36:93:
56:95:b4:b4:0a:9d:bd:ab:bc:bf:d1:8e:07:e5:2e:b1:34:98:
b8:ac:0e:81:1d:61:5a:c6:71:2a:d7:09:91:d1:40:2c:f8:cb:
27:93:41:50:05:3f:8f:6d:74:60:93:cc:fc:0e:9f:d5:78:10:
a3:9f:ed:ca:d8:b4:a0:50:2a:46:59:6c:97:6e:31:f3:51:a4:
31:ff:28:fe:d8:0e:1e:19:36:a5:7b:4a:8c:d3:58:31:9f:4c:
7e:00:5b:5d:64:4e:72:f0:fb:83:d4:b5:12:e3:ae:76:a9:0e:
57:fa:aa:5b:bc:da:a7:22:05:6f:0e:6a:7b:2c:fc:90:76:72:
3a:d5:3a:72
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05CYklXEmf1mfxzzYrwj/dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5N2E0MjI5NzE0ZjM0ZTI5ZDNkOTJiMjVmN2I1OWM3NDhm
MGRmYzYwHhcNMjYwMzI5MTAwMDE5WhcNMjYwMzMwMTAwMDE5WjAzMTEwLwYDVQQD
Eyg3YTJlZDBkNTk5OTNlOWViOTRjODc5MWViNmY3ZWQ2MDY1YmZjNTBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiIbKXpUMmN5TlQb5K7+x6k4wyG/B
vFNwNpQsSdXEV2kyBmsLgEUPqSYfi854kFt4TwnpgWmtpewLfR+2/eCuJNu6RNGx
1a59XYOhj9SnDOP0tupSiOq9MGx+XJNsULwsy8LrA/2CSGLE2LwbNdPTu1loMr3k
bHjjbjvpdRNGcXMIQvlDUFXoCM3W5zjQaJujEYnxAtZsFCxif/YITkKicRFmC8AU
rSBLgGvc/4oHWF2yUVSXailQ2czlXcI1Lu4I8AnBRb3K95vYj+LPEI4O2wxCgv0P
kqpcjstLtJv3nQVZOMdENh7cpPQjpOFE6Zo9LKFVUgf9rVBYV6hMQFlTywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHou0NWZk+nrlMh5Hrb37WBlv8ULMB8GA1UdIwQY
MBaAFCl6QilxTzTinT2Ssl97WcdI8N/GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1hwQ0tYRlBOT0tkUFpLeVgzdFp4MGp3MzhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC8xZDcyY2UtYmU0Yy00NDk4LWE4MjMt
M2FlYmM5ZjgxN2NlLzEvS1hwQ0tYRlBOT0tkUFpLeVgzdFp4MGp3MzhZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC8xZDcyY2UtYmU0Yy00NDk4LWE4MjMtM2FlYmM5ZjgxN2Nl
LzEvS1hwQ0tYRlBOT0tkUFpLeVgzdFp4MGp3MzhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAg74uWAI2
qF/iWbY+GUMIgIo/GAp/BRXsakO3tPRTpNk+eTggPf7fjoB/Mv7jXy+56iHBjpgR
Jemm0uSKSng3X0PgaFl1Yav+VDKQDjtn9of35i6M6RNjW3T7Bu8at/vS5urWsJ58
ptjIgIltz0+tAEM/0Q0w8MFiwQR+hTaTVpW0tAqdvau8v9GOB+UusTSYuKwOgR1h
WsZxKtcJkdFALPjLJ5NBUAU/j210YJPM/A6f1XgQo5/tyti0oFAqRllsl24x81Gk
Mf8o/tgOHhk2pXtKjNNYMZ9MfgBbXWROcvD7g9S1EuOudqkOV/qqW7zapyIFbw5q
eyz8kHZyOtU6cg==
-----END CERTIFICATE-----
Generated at Sun Mar 29 13:44:41 2026 by rpki-client