Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/31d6c1-1146-4588-838d-147177b837de/1/kRiMpkxGcKbrVrQqUKEFiK2WR-4.mft
File: kRiMpkxGcKbrVrQqUKEFiK2WR-4.mft (raw, json)
Hash identifier: rHOKsMKPstkbUg2HeScgbjedLPXIOVqfp+6rJWBoQFQ=
Subject key identifier: F1:7C:F7:A0:10:0D:09:61:7C:24:03:D0:6A:7A:DA:63:39:E7:20:99
Authority key identifier: 91:18:8C:A6:4C:46:70:A6:EB:56:B4:2A:50:A1:05:88:AD:96:47:EE
Certificate issuer: /CN=91188ca64c4670a6eb56b42a50a10588ad9647ee
Certificate serial: 019D39408C80706C0E8EDA3D2ED8720CF70E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kRiMpkxGcKbrVrQqUKEFiK2WR-4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/31d6c1-1146-4588-838d-147177b837de/1/kRiMpkxGcKbrVrQqUKEFiK2WR-4.mft
Manifest number: 0D24
Signing time: Sun 29 Mar 2026 11:00:24 +0000
Manifest this update: Sun 29 Mar 2026 11:00:24 +0000
Manifest next update: Mon 30 Mar 2026 11:00:24 +0000
Files and hashes: 1: bChcbGdFNJLxkL6cWvlOuiphISs.roa (hash: +dNUc4mkY1Ks/wJrUAYjbgs9Kw+RWtpPfvShsAp4TVY=)
2: kRiMpkxGcKbrVrQqUKEFiK2WR-4.crl (hash: c0LDkQyE8svkS2NHxqVXHZbJaWR86aFJqci3tsLZtew=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/eb/31d6c1-1146-4588-838d-147177b837de/1/kRiMpkxGcKbrVrQqUKEFiK2WR-4.crl
rsync://rpki.ripe.net/repository/DEFAULT/eb/31d6c1-1146-4588-838d-147177b837de/1/kRiMpkxGcKbrVrQqUKEFiK2WR-4.mft
rsync://rpki.ripe.net/repository/DEFAULT/kRiMpkxGcKbrVrQqUKEFiK2WR-4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 08:48:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:40:8c:80:70:6c:0e:8e:da:3d:2e:d8:72:0c:f7:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91188ca64c4670a6eb56b42a50a10588ad9647ee
Validity
Not Before: Mar 29 11:00:24 2026 GMT
Not After : Mar 30 11:00:24 2026 GMT
Subject: CN=f17cf7a0100d09617c2403d06a7ada6339e72099
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:c9:db:d7:49:2b:77:96:c7:4c:7d:1b:6c:14:
3d:92:7e:32:58:6e:c6:65:82:5a:0a:fe:03:58:19:
de:17:cb:63:d0:44:fd:40:41:e2:b9:d3:90:93:3b:
34:98:05:b1:dc:78:67:fd:2c:ba:68:c3:2c:83:7e:
0b:94:40:fc:54:dc:ca:ec:55:7e:64:0b:8f:7b:ee:
2f:38:18:9c:9f:97:1d:0a:b6:9c:c1:a2:3e:d2:fe:
c4:a1:e2:57:2e:0a:fc:b9:41:ea:34:88:5b:e5:5a:
fa:ad:97:4d:6d:40:a8:94:d5:de:fc:d0:87:25:a8:
7b:fc:f9:08:9c:a1:8f:17:4d:b5:e4:de:f5:7c:d5:
80:65:f6:8e:93:3f:32:f9:b0:89:2d:a5:a5:29:5d:
24:eb:46:cb:f9:b2:c2:bd:de:dd:e4:58:46:6a:3d:
c7:b3:17:c5:57:c0:9d:22:fe:35:a6:9b:87:82:05:
e7:37:a2:65:80:cc:52:d2:81:cc:86:1a:0b:cf:0b:
19:2c:b4:12:4d:e3:e4:eb:c1:cd:ba:e3:a6:41:81:
fd:68:84:31:18:7e:15:14:e2:93:8f:25:b9:22:54:
55:20:0b:e9:5b:7d:c4:eb:37:56:41:71:fc:12:82:
1e:df:56:1f:83:0f:d9:cf:37:11:41:2c:d4:fe:d0:
f9:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:7C:F7:A0:10:0D:09:61:7C:24:03:D0:6A:7A:DA:63:39:E7:20:99
X509v3 Authority Key Identifier:
keyid:91:18:8C:A6:4C:46:70:A6:EB:56:B4:2A:50:A1:05:88:AD:96:47:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kRiMpkxGcKbrVrQqUKEFiK2WR-4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/31d6c1-1146-4588-838d-147177b837de/1/kRiMpkxGcKbrVrQqUKEFiK2WR-4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/31d6c1-1146-4588-838d-147177b837de/1/kRiMpkxGcKbrVrQqUKEFiK2WR-4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
25:ba:ba:a4:c1:1d:42:b9:76:ae:dc:84:18:4c:8f:50:3f:6a:
58:65:ab:d2:fa:ff:26:e7:f1:c8:18:9d:da:f1:f1:aa:3a:0e:
7d:b9:cd:b3:d9:8e:e4:67:6f:12:b2:23:ce:bf:e1:f0:a1:dc:
1e:1d:97:b0:92:68:a1:02:61:d8:a9:23:01:b2:ba:e9:42:a2:
68:99:15:cd:9b:3e:f6:97:ae:dd:7d:25:7d:13:29:b6:82:04:
72:21:9c:8f:cb:b4:f4:f4:a6:1e:88:ce:87:b8:c2:3a:8e:e6:
13:f3:ce:d7:27:f9:79:d3:82:74:5e:86:c4:49:cc:a9:19:d8:
53:70:97:f2:be:f8:02:62:15:13:08:f1:9e:ef:1a:ab:48:77:
63:4d:b4:7d:4b:22:57:bd:8d:0d:85:58:95:01:e6:d8:41:8e:
1a:84:b8:36:df:df:14:9f:b8:c8:ed:95:0c:7a:4a:0d:d5:3a:
17:3a:d2:56:67:85:87:8c:69:62:92:ed:9f:60:40:55:38:78:
4f:47:64:68:f5:d6:4a:35:8b:e5:43:e3:eb:41:bf:4b:aa:e3:
5f:40:10:d1:e3:63:64:b2:b0:2f:3d:eb:de:8c:af:17:d6:4e:
08:9a:55:dd:6d:c3:e6:c6:34:f2:f2:0f:57:10:19:d3:39:70:
5b:76:ac:da
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05QIyAcGwOjto9LthyDPcOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxMTg4Y2E2NGM0NjcwYTZlYjU2YjQyYTUwYTEwNTg4YWQ5
NjQ3ZWUwHhcNMjYwMzI5MTEwMDI0WhcNMjYwMzMwMTEwMDI0WjAzMTEwLwYDVQQD
EyhmMTdjZjdhMDEwMGQwOTYxN2MyNDAzZDA2YTdhZGE2MzM5ZTcyMDk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh8nb10krd5bHTH0bbBQ9kn4yWG7G
ZYJaCv4DWBneF8tj0ET9QEHiudOQkzs0mAWx3Hhn/Sy6aMMsg34LlED8VNzK7FV+
ZAuPe+4vOBicn5cdCracwaI+0v7EoeJXLgr8uUHqNIhb5Vr6rZdNbUColNXe/NCH
Jah7/PkInKGPF0215N71fNWAZfaOkz8y+bCJLaWlKV0k60bL+bLCvd7d5FhGaj3H
sxfFV8CdIv41ppuHggXnN6JlgMxS0oHMhhoLzwsZLLQSTePk68HNuuOmQYH9aIQx
GH4VFOKTjyW5IlRVIAvpW33E6zdWQXH8EoIe31Yfgw/ZzzcRQSzU/tD5mQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPF896AQDQlhfCQD0Gp62mM55yCZMB8GA1UdIwQY
MBaAFJEYjKZMRnCm61a0KlChBYitlkfuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1JpTXBreEdjS2JyVnJRcVVLRUZpSzJXUi00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8zMWQ2YzEtMTE0Ni00NTg4LTgzOGQt
MTQ3MTc3YjgzN2RlLzEva1JpTXBreEdjS2JyVnJRcVVLRUZpSzJXUi00Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8zMWQ2YzEtMTE0Ni00NTg4LTgzOGQtMTQ3MTc3YjgzN2Rl
LzEva1JpTXBreEdjS2JyVnJRcVVLRUZpSzJXUi00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJbq6pMEd
Qrl2rtyEGEyPUD9qWGWr0vr/JufxyBid2vHxqjoOfbnNs9mO5GdvErIjzr/h8KHc
Hh2XsJJooQJh2KkjAbK66UKiaJkVzZs+9peu3X0lfRMptoIEciGcj8u09PSmHojO
h7jCOo7mE/PO1yf5edOCdF6GxEnMqRnYU3CX8r74AmIVEwjxnu8aq0h3Y020fUsi
V72NDYVYlQHm2EGOGoS4Nt/fFJ+4yO2VDHpKDdU6FzrSVmeFh4xpYpLtn2BAVTh4
T0dkaPXWSjWL5UPj60G/S6rjX0AQ0eNjZLKwLz3r3oyvF9ZOCJpV3W3D5sY08vIP
VxAZ0zlwW3as2g==
-----END CERTIFICATE-----
Generated at Sun Mar 29 18:38:15 2026 by rpki-client