Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/83cd41-7256-4d66-942f-72ecba131af8/1/KZbNaFMYR-Owvg2TxlzB-2Ts0ho.mft
File: KZbNaFMYR-Owvg2TxlzB-2Ts0ho.mft (raw, json)
Hash identifier: 5G8mxhwev9N70MUPTKBEX47QfVxxCejvs8nHyB435Fc=
Subject key identifier: 61:66:3E:6F:0B:1D:75:78:02:AE:49:F1:5B:BB:6A:93:1A:60:5F:9E
Authority key identifier: 29:96:CD:68:53:18:47:E3:B0:BE:0D:93:C6:5C:C1:FB:64:EC:D2:1A
Certificate issuer: /CN=2996cd68531847e3b0be0d93c65cc1fb64ecd21a
Certificate serial: 019D386580660AE0A8AEAA8C7690AFE4DF3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KZbNaFMYR-Owvg2TxlzB-2Ts0ho.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/83cd41-7256-4d66-942f-72ecba131af8/1/KZbNaFMYR-Owvg2TxlzB-2Ts0ho.mft
Manifest number: 0465
Signing time: Sun 29 Mar 2026 07:01:09 +0000
Manifest this update: Sun 29 Mar 2026 07:01:09 +0000
Manifest next update: Mon 30 Mar 2026 07:01:09 +0000
Files and hashes: 1: 77Whh77iKwt1yOOYU4DtYorlBOk.roa (hash: tO7vF8xusHO1O0mKViJ8yyoCaEKBRB4DR9BPRK3Lwnc=)
2: KZbNaFMYR-Owvg2TxlzB-2Ts0ho.crl (hash: reMVtk2zpaCbXLfl2nC++7HYPLBnsFcB6EvkoVceTT0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/83cd41-7256-4d66-942f-72ecba131af8/1/KZbNaFMYR-Owvg2TxlzB-2Ts0ho.crl
rsync://rpki.ripe.net/repository/DEFAULT/f0/83cd41-7256-4d66-942f-72ecba131af8/1/KZbNaFMYR-Owvg2TxlzB-2Ts0ho.mft
rsync://rpki.ripe.net/repository/DEFAULT/KZbNaFMYR-Owvg2TxlzB-2Ts0ho.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:65:80:66:0a:e0:a8:ae:aa:8c:76:90:af:e4:df:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2996cd68531847e3b0be0d93c65cc1fb64ecd21a
Validity
Not Before: Mar 29 07:01:09 2026 GMT
Not After : Mar 30 07:01:09 2026 GMT
Subject: CN=61663e6f0b1d757802ae49f15bbb6a931a605f9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:7d:1c:e7:f2:ef:8e:08:d1:33:5e:d7:a4:e5:
11:ff:22:7d:68:1d:ad:79:f9:98:49:0c:03:22:47:
ab:92:af:21:60:12:20:27:d4:a1:fb:0b:dd:f5:54:
dc:64:81:9f:dd:44:03:d9:7c:60:f4:ff:c3:08:07:
02:f6:0c:39:f3:da:36:bb:b1:0e:d4:55:5f:01:de:
6a:a4:46:4c:2f:9f:37:31:e7:59:a6:aa:ee:13:19:
d9:7e:29:ed:22:11:0c:6b:8d:3f:94:25:4b:c1:07:
75:2a:24:ec:d5:0b:7e:7f:af:36:39:18:82:7a:85:
94:1c:07:62:21:50:49:13:21:86:87:56:61:c3:57:
7b:c7:ed:fa:9a:4a:0d:77:8d:a2:4c:e4:5e:7e:67:
af:68:26:b6:96:af:63:4c:d4:35:5a:a3:a9:49:1b:
19:2c:57:51:3a:84:66:ec:f6:ed:5b:37:ef:bf:24:
72:86:f8:b1:b0:8d:6e:a8:e8:9f:84:b4:ee:35:7d:
2f:24:11:14:b2:81:86:f7:19:5e:e6:c6:cc:e7:0c:
82:7d:ad:f6:18:c8:12:fd:f2:2e:f5:96:cb:6a:42:
d2:3e:1b:27:23:9e:2e:9d:7e:4c:97:f2:23:aa:68:
26:db:b4:e5:0d:5c:d5:96:b3:86:e9:77:6e:48:76:
10:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:66:3E:6F:0B:1D:75:78:02:AE:49:F1:5B:BB:6A:93:1A:60:5F:9E
X509v3 Authority Key Identifier:
keyid:29:96:CD:68:53:18:47:E3:B0:BE:0D:93:C6:5C:C1:FB:64:EC:D2:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KZbNaFMYR-Owvg2TxlzB-2Ts0ho.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/83cd41-7256-4d66-942f-72ecba131af8/1/KZbNaFMYR-Owvg2TxlzB-2Ts0ho.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/83cd41-7256-4d66-942f-72ecba131af8/1/KZbNaFMYR-Owvg2TxlzB-2Ts0ho.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
cc:fa:94:50:6c:f3:e3:f1:e2:f2:e2:8e:1d:b1:b0:fd:2e:10:
d9:7e:21:2e:d2:de:41:2b:62:e1:19:f9:cb:dd:e0:eb:77:04:
9a:d4:16:33:25:d6:2f:84:d0:88:ef:c0:9a:2b:ac:98:ab:5a:
9c:7d:5a:a6:e0:a6:d9:cf:0c:77:9e:2d:6d:23:9c:fc:ca:b7:
da:2f:bd:74:ba:ed:fb:84:b9:85:35:21:be:8a:a7:fa:a8:3e:
eb:0f:60:8f:82:72:4a:02:cb:ed:5d:ec:2c:7f:4d:6f:17:63:
a9:3b:c0:1b:9b:76:b3:3b:06:a2:ca:10:9b:10:13:b5:da:5d:
47:57:47:10:fb:47:99:ef:e7:80:2c:fa:dc:93:41:a7:a1:c8:
0c:ce:11:f2:66:d5:69:15:26:58:97:b1:17:c5:a6:1b:3d:90:
c1:4a:12:ca:26:fb:bf:88:89:28:c2:1b:df:80:e2:0c:7c:21:
fb:ad:6c:d3:74:25:74:df:62:2e:88:d0:89:6e:aa:54:c9:80:
a0:e7:59:d0:2f:66:82:29:08:9e:fb:70:78:8c:9d:59:41:56:
a8:bb:9c:13:e7:36:06:2c:87:e5:cb:29:73:47:e4:b8:aa:a4:
f2:b4:a3:76:ea:4d:06:04:7f:7e:8b:8b:ea:a6:55:72:83:4a:
ba:d4:ec:22
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZYBmCuCorqqMdpCv5N89MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5OTZjZDY4NTMxODQ3ZTNiMGJlMGQ5M2M2NWNjMWZiNjRl
Y2QyMWEwHhcNMjYwMzI5MDcwMTA5WhcNMjYwMzMwMDcwMTA5WjAzMTEwLwYDVQQD
Eyg2MTY2M2U2ZjBiMWQ3NTc4MDJhZTQ5ZjE1YmJiNmE5MzFhNjA1ZjllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuX0c5/LvjgjRM17XpOUR/yJ9aB2t
efmYSQwDIkerkq8hYBIgJ9Sh+wvd9VTcZIGf3UQD2Xxg9P/DCAcC9gw589o2u7EO
1FVfAd5qpEZML583MedZpqruExnZfintIhEMa40/lCVLwQd1KiTs1Qt+f682ORiC
eoWUHAdiIVBJEyGGh1Zhw1d7x+36mkoNd42iTORefmevaCa2lq9jTNQ1WqOpSRsZ
LFdROoRm7PbtWzfvvyRyhvixsI1uqOifhLTuNX0vJBEUsoGG9xle5sbM5wyCfa32
GMgS/fIu9ZbLakLSPhsnI54unX5Ml/Ijqmgm27TlDVzVlrOG6XduSHYQTQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGFmPm8LHXV4Aq5J8Vu7apMaYF+eMB8GA1UdIwQY
MBaAFCmWzWhTGEfjsL4Nk8Zcwftk7NIaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1piTmFGTVlSLU93dmcyVHhsekItMlRzMGhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC84M2NkNDEtNzI1Ni00ZDY2LTk0MmYt
NzJlY2JhMTMxYWY4LzEvS1piTmFGTVlSLU93dmcyVHhsekItMlRzMGhvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC84M2NkNDEtNzI1Ni00ZDY2LTk0MmYtNzJlY2JhMTMxYWY4
LzEvS1piTmFGTVlSLU93dmcyVHhsekItMlRzMGhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAzPqUUGzz
4/Hi8uKOHbGw/S4Q2X4hLtLeQSti4Rn5y93g63cEmtQWMyXWL4TQiO/AmiusmKta
nH1apuCm2c8Md54tbSOc/Mq32i+9dLrt+4S5hTUhvoqn+qg+6w9gj4JySgLL7V3s
LH9NbxdjqTvAG5t2szsGosoQmxATtdpdR1dHEPtHme/ngCz63JNBp6HIDM4R8mbV
aRUmWJexF8WmGz2QwUoSyib7v4iJKMIb34DiDHwh+61s03QldN9iLojQiW6qVMmA
oOdZ0C9mgikInvtweIydWUFWqLucE+c2BiyH5cspc0fkuKqk8rSjdupNBgR/fouL
6qZVcoNKutTsIg==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:39:08 2026 by rpki-client