Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/31d6c1-1146-4588-838d-147177b837de/1/kRiMpkxGcKbrVrQqUKEFiK2WR-4.mft
File: kRiMpkxGcKbrVrQqUKEFiK2WR-4.mft (raw, json)
Hash identifier: R951jj2NfWETJRCgavWeaLxorY2ywczEdaVtE5PPwmA=
Subject key identifier: EA:50:64:46:9E:30:D2:B1:5D:48:F7:8D:AE:93:54:56:BF:2B:FF:20
Authority key identifier: 91:18:8C:A6:4C:46:70:A6:EB:56:B4:2A:50:A1:05:88:AD:96:47:EE
Certificate issuer: /CN=91188ca64c4670a6eb56b42a50a10588ad9647ee
Certificate serial: 019EB7A08E13254616BD1B9147D2329902CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kRiMpkxGcKbrVrQqUKEFiK2WR-4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/31d6c1-1146-4588-838d-147177b837de/1/kRiMpkxGcKbrVrQqUKEFiK2WR-4.mft
Manifest number: 0DEA
Signing time: Thu 11 Jun 2026 17:00:13 +0000
Manifest this update: Thu 11 Jun 2026 17:00:13 +0000
Manifest next update: Fri 12 Jun 2026 17:00:13 +0000
Files and hashes: 1: bChcbGdFNJLxkL6cWvlOuiphISs.roa (hash: +dNUc4mkY1Ks/wJrUAYjbgs9Kw+RWtpPfvShsAp4TVY=)
2: kRiMpkxGcKbrVrQqUKEFiK2WR-4.crl (hash: eUgu0rAK8Lq8CZOlYROTvadw4yTa3UsqwkFh+owbzGo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/eb/31d6c1-1146-4588-838d-147177b837de/1/kRiMpkxGcKbrVrQqUKEFiK2WR-4.crl
rsync://rpki.ripe.net/repository/DEFAULT/eb/31d6c1-1146-4588-838d-147177b837de/1/kRiMpkxGcKbrVrQqUKEFiK2WR-4.mft
rsync://rpki.ripe.net/repository/DEFAULT/kRiMpkxGcKbrVrQqUKEFiK2WR-4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 17:00:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:b7:a0:8e:13:25:46:16:bd:1b:91:47:d2:32:99:02:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91188ca64c4670a6eb56b42a50a10588ad9647ee
Validity
Not Before: Jun 11 17:00:13 2026 GMT
Not After : Jun 12 17:00:13 2026 GMT
Subject: CN=ea5064469e30d2b15d48f78dae935456bf2bff20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:ff:f3:80:87:ed:cd:5c:65:0a:f6:48:53:c7:
15:3e:29:95:57:d0:b7:ed:15:d8:4b:8b:f4:0c:62:
f8:df:db:6e:0b:c4:3a:a6:95:72:0b:56:49:fd:7e:
a3:7a:c0:a8:1e:38:dc:02:3c:4c:ef:4a:31:dd:9d:
83:7c:9b:d6:22:b7:be:32:0c:11:09:29:1f:5c:37:
b3:84:85:8e:09:78:be:50:ce:2e:7d:e8:12:34:b9:
35:a1:c3:f8:a9:ea:86:50:d1:fd:cb:55:3c:d5:6f:
90:94:38:c8:f0:69:19:56:d3:9d:e6:aa:98:96:52:
11:fd:da:5c:b6:eb:bd:10:16:7b:72:14:69:4a:1d:
77:e8:bd:78:ea:1c:46:5b:80:f8:88:25:9e:a2:2b:
3a:5d:10:ed:4f:11:5d:bb:c8:9f:0a:e2:9a:ec:01:
54:a7:e5:f6:16:34:69:b8:f2:06:fd:7b:21:17:2e:
22:4d:55:24:52:bd:69:ae:69:d1:7a:e9:a5:22:17:
81:e9:09:b5:87:70:fe:1b:18:13:4e:2a:85:15:eb:
d9:66:1e:9d:6d:fa:1a:fc:f0:1e:01:ab:5a:b5:70:
43:d9:af:a9:92:54:5f:fb:83:f2:e0:93:a4:5f:fc:
ed:84:a8:ed:bf:f1:9f:93:3c:f0:44:90:52:57:a2:
2f:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:50:64:46:9E:30:D2:B1:5D:48:F7:8D:AE:93:54:56:BF:2B:FF:20
X509v3 Authority Key Identifier:
keyid:91:18:8C:A6:4C:46:70:A6:EB:56:B4:2A:50:A1:05:88:AD:96:47:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kRiMpkxGcKbrVrQqUKEFiK2WR-4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/31d6c1-1146-4588-838d-147177b837de/1/kRiMpkxGcKbrVrQqUKEFiK2WR-4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/31d6c1-1146-4588-838d-147177b837de/1/kRiMpkxGcKbrVrQqUKEFiK2WR-4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
82:6a:ea:3b:13:54:b3:2e:3c:90:2b:3d:3a:52:db:6c:f2:68:
69:0c:3b:8d:15:de:60:4a:95:ec:84:53:4c:ce:b3:5e:46:80:
47:ee:dc:32:ad:ac:59:37:6c:91:5b:06:c4:16:77:c5:61:b0:
97:07:5f:e0:d2:a1:87:4d:06:33:c2:07:54:69:ab:a0:81:46:
ac:0e:bc:67:58:e2:0b:7a:aa:1e:fd:38:32:50:6e:75:6b:74:
9f:2f:26:ee:46:e3:36:86:13:96:6b:10:19:2c:99:13:fe:d9:
15:17:03:d3:0e:29:f9:ae:7a:96:bf:fd:18:d0:dd:84:c1:04:
36:0e:36:e9:f2:dd:ee:4f:22:2d:62:df:62:fe:5f:86:5d:a8:
14:84:8d:37:00:f4:d3:38:cd:20:73:55:e1:d5:72:4b:7b:9a:
0e:07:dd:a6:c1:9d:91:b3:07:6c:fe:19:41:d4:f4:e4:ef:17:
03:de:02:00:4d:ea:b7:3d:f2:18:38:4c:62:e4:de:a8:cb:6d:
60:57:57:07:e0:03:eb:ce:f8:b3:9f:3a:66:2d:c8:2b:b4:53:
fb:cc:0a:5c:d0:d1:d0:eb:89:79:ee:17:24:d7:c6:3a:82:79:
71:c3:37:86:17:f0:eb:f2:3a:7e:f9:2f:73:cd:d5:bf:8a:b2:
60:91:fe:d9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ63oI4TJUYWvRuRR9IymQLOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxMTg4Y2E2NGM0NjcwYTZlYjU2YjQyYTUwYTEwNTg4YWQ5
NjQ3ZWUwHhcNMjYwNjExMTcwMDEzWhcNMjYwNjEyMTcwMDEzWjAzMTEwLwYDVQQD
EyhlYTUwNjQ0NjllMzBkMmIxNWQ0OGY3OGRhZTkzNTQ1NmJmMmJmZjIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjP/zgIftzVxlCvZIU8cVPimVV9C3
7RXYS4v0DGL439tuC8Q6ppVyC1ZJ/X6jesCoHjjcAjxM70ox3Z2DfJvWIre+MgwR
CSkfXDezhIWOCXi+UM4ufegSNLk1ocP4qeqGUNH9y1U81W+QlDjI8GkZVtOd5qqY
llIR/dpctuu9EBZ7chRpSh136L146hxGW4D4iCWeois6XRDtTxFdu8ifCuKa7AFU
p+X2FjRpuPIG/XshFy4iTVUkUr1prmnReumlIheB6Qm1h3D+GxgTTiqFFevZZh6d
bfoa/PAeAatatXBD2a+pklRf+4Py4JOkX/zthKjtv/GfkzzwRJBSV6IvPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOpQZEaeMNKxXUj3ja6TVFa/K/8gMB8GA1UdIwQY
MBaAFJEYjKZMRnCm61a0KlChBYitlkfuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1JpTXBreEdjS2JyVnJRcVVLRUZpSzJXUi00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8zMWQ2YzEtMTE0Ni00NTg4LTgzOGQt
MTQ3MTc3YjgzN2RlLzEva1JpTXBreEdjS2JyVnJRcVVLRUZpSzJXUi00Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8zMWQ2YzEtMTE0Ni00NTg4LTgzOGQtMTQ3MTc3YjgzN2Rl
LzEva1JpTXBreEdjS2JyVnJRcVVLRUZpSzJXUi00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgmrqOxNU
sy48kCs9OlLbbPJoaQw7jRXeYEqV7IRTTM6zXkaAR+7cMq2sWTdskVsGxBZ3xWGw
lwdf4NKhh00GM8IHVGmroIFGrA68Z1jiC3qqHv04MlBudWt0ny8m7kbjNoYTlmsQ
GSyZE/7ZFRcD0w4p+a56lr/9GNDdhMEENg426fLd7k8iLWLfYv5fhl2oFISNNwD0
0zjNIHNV4dVyS3uaDgfdpsGdkbMHbP4ZQdT05O8XA94CAE3qtz3yGDhMYuTeqMtt
YFdXB+AD6874s586Zi3IK7RT+8wKXNDR0OuJee4XJNfGOoJ5ccM3hhfw6/I6fvkv
c83Vv4qyYJH+2Q==
-----END CERTIFICATE-----
Generated at Thu Jun 11 23:41:11 2026 by rpki-client