Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/31a20a-77d0-4ac8-a09f-04a6cd816a03/1/kPWSjHUq2aCM_rG4j0Y8PA3S6F0.mft
File: kPWSjHUq2aCM_rG4j0Y8PA3S6F0.mft (raw, json)
Hash identifier: N2cMd3rAiJow8RRgUUUwRvpikdXLW+mt9tua8kxoGQc=
Subject key identifier: 78:D9:AC:E4:52:A2:8F:41:BF:4F:F6:80:72:2E:9C:A4:0F:6F:EA:5C
Authority key identifier: 90:F5:92:8C:75:2A:D9:A0:8C:FE:B1:B8:8F:46:3C:3C:0D:D2:E8:5D
Certificate issuer: /CN=90f5928c752ad9a08cfeb1b88f463c3c0dd2e85d
Certificate serial: 019D38656CADF377600B73B1629C4C574B92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kPWSjHUq2aCM_rG4j0Y8PA3S6F0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/31a20a-77d0-4ac8-a09f-04a6cd816a03/1/kPWSjHUq2aCM_rG4j0Y8PA3S6F0.mft
Manifest number: 09DF
Signing time: Sun 29 Mar 2026 07:01:04 +0000
Manifest this update: Sun 29 Mar 2026 07:01:04 +0000
Manifest next update: Mon 30 Mar 2026 07:01:04 +0000
Files and hashes: 1: kPWSjHUq2aCM_rG4j0Y8PA3S6F0.crl (hash: 0evAIFuSpThioaJ0AlFYTx/Iy060aFFNYFuA/ozK96k=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/31a20a-77d0-4ac8-a09f-04a6cd816a03/1/kPWSjHUq2aCM_rG4j0Y8PA3S6F0.crl
rsync://rpki.ripe.net/repository/DEFAULT/f8/31a20a-77d0-4ac8-a09f-04a6cd816a03/1/kPWSjHUq2aCM_rG4j0Y8PA3S6F0.mft
rsync://rpki.ripe.net/repository/DEFAULT/kPWSjHUq2aCM_rG4j0Y8PA3S6F0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:65:6c:ad:f3:77:60:0b:73:b1:62:9c:4c:57:4b:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90f5928c752ad9a08cfeb1b88f463c3c0dd2e85d
Validity
Not Before: Mar 29 07:01:04 2026 GMT
Not After : Mar 30 07:01:04 2026 GMT
Subject: CN=78d9ace452a28f41bf4ff680722e9ca40f6fea5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:99:88:6e:a0:0d:0e:e8:9f:eb:8e:c7:07:4a:
dc:33:6e:26:14:7f:4c:d9:1f:82:d1:77:5d:64:40:
33:b5:eb:40:6c:01:90:a2:f7:64:03:67:d8:50:99:
f2:fc:c2:0a:6d:60:0a:d2:e7:64:b6:cc:c2:f9:85:
aa:f6:85:d8:c8:83:0a:02:aa:9d:6d:1f:b2:ac:9c:
bd:64:95:08:d8:53:76:5c:89:ee:79:73:5f:2f:79:
59:b9:7f:7a:d7:7f:93:72:f5:33:fe:3e:65:ed:6c:
00:d9:e0:83:29:68:a9:00:52:47:8f:6c:b3:c3:64:
11:df:06:ca:4c:dc:db:23:af:3a:73:f7:bb:32:74:
5f:cc:53:15:e9:2d:b4:78:bc:ef:63:33:fa:87:d7:
26:fa:9c:6b:ca:a4:f9:d1:b3:2a:71:7a:e9:a0:85:
07:9e:dc:32:75:a3:a4:c3:b1:44:8e:e7:b2:1b:91:
9c:60:1c:45:55:86:92:d1:ee:28:95:a4:51:49:80:
34:0c:62:81:0c:59:2d:f0:d4:96:04:1b:f7:da:82:
6c:6c:fe:a3:7b:61:0c:70:0b:35:b6:0a:0d:20:71:
53:33:c9:56:95:29:b0:10:ab:eb:c2:a4:f6:d0:e2:
83:90:e9:4c:2e:b8:31:50:75:72:c0:c8:43:66:20:
c0:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:D9:AC:E4:52:A2:8F:41:BF:4F:F6:80:72:2E:9C:A4:0F:6F:EA:5C
X509v3 Authority Key Identifier:
keyid:90:F5:92:8C:75:2A:D9:A0:8C:FE:B1:B8:8F:46:3C:3C:0D:D2:E8:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kPWSjHUq2aCM_rG4j0Y8PA3S6F0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/31a20a-77d0-4ac8-a09f-04a6cd816a03/1/kPWSjHUq2aCM_rG4j0Y8PA3S6F0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/31a20a-77d0-4ac8-a09f-04a6cd816a03/1/kPWSjHUq2aCM_rG4j0Y8PA3S6F0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
23:ad:76:24:c6:d4:c9:2a:14:84:c8:2c:db:d4:88:65:e3:4c:
17:36:ff:d5:1a:b7:53:02:64:58:66:81:3a:ca:0e:0e:c3:04:
80:21:31:a9:2d:13:d9:8f:d3:6e:e1:9d:24:e9:a4:7c:57:7c:
0e:61:9f:9f:c6:1e:4e:6e:be:30:22:7d:f6:4d:ae:7b:42:fb:
b3:46:ec:15:2c:79:2d:cf:3d:1b:3e:b0:a1:3e:a1:4e:13:82:
38:6d:81:bd:27:49:ae:1a:29:f5:c4:80:9a:f0:89:23:43:2e:
30:e3:05:03:cf:a4:11:fa:ed:12:15:f3:2b:67:09:a4:5b:ea:
9a:0f:30:8e:8b:04:22:7e:0f:dc:e6:2e:81:b6:57:88:e0:1f:
71:cd:6a:76:fb:ae:d9:88:07:23:b4:fb:27:a0:c1:6f:d7:cc:
6f:35:a9:53:37:7e:56:ef:53:f2:54:d9:e5:41:0e:72:12:c0:
5c:28:e6:eb:e2:1e:ef:f9:e5:9b:63:90:47:ac:d5:18:f2:72:
68:e4:d8:4e:90:5e:fb:bd:b6:0a:e2:09:a6:95:c9:27:df:b3:
0d:f8:fc:41:4a:03:d0:8c:97:d2:0c:23:f8:56:19:d8:ef:fa:
24:e5:6c:d8:92:e8:8d:62:97:5e:10:fe:4d:b2:88:41:d7:67:
b6:b1:90:8e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZWyt83dgC3OxYpxMV0uSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwZjU5MjhjNzUyYWQ5YTA4Y2ZlYjFiODhmNDYzYzNjMGRk
MmU4NWQwHhcNMjYwMzI5MDcwMTA0WhcNMjYwMzMwMDcwMTA0WjAzMTEwLwYDVQQD
Eyg3OGQ5YWNlNDUyYTI4ZjQxYmY0ZmY2ODA3MjJlOWNhNDBmNmZlYTVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqZmIbqANDuif647HB0rcM24mFH9M
2R+C0XddZEAztetAbAGQovdkA2fYUJny/MIKbWAK0udktszC+YWq9oXYyIMKAqqd
bR+yrJy9ZJUI2FN2XInueXNfL3lZuX9613+TcvUz/j5l7WwA2eCDKWipAFJHj2yz
w2QR3wbKTNzbI686c/e7MnRfzFMV6S20eLzvYzP6h9cm+pxryqT50bMqcXrpoIUH
ntwydaOkw7FEjueyG5GcYBxFVYaS0e4olaRRSYA0DGKBDFkt8NSWBBv32oJsbP6j
e2EMcAs1tgoNIHFTM8lWlSmwEKvrwqT20OKDkOlMLrgxUHVywMhDZiDAKwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHjZrORSoo9Bv0/2gHIunKQPb+pcMB8GA1UdIwQY
MBaAFJD1kox1KtmgjP6xuI9GPDwN0uhdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1BXU2pIVXEyYUNNX3JHNGowWThQQTNTNkYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC8zMWEyMGEtNzdkMC00YWM4LWEwOWYt
MDRhNmNkODE2YTAzLzEva1BXU2pIVXEyYUNNX3JHNGowWThQQTNTNkYwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC8zMWEyMGEtNzdkMC00YWM4LWEwOWYtMDRhNmNkODE2YTAz
LzEva1BXU2pIVXEyYUNNX3JHNGowWThQQTNTNkYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAI612JMbU
ySoUhMgs29SIZeNMFzb/1Rq3UwJkWGaBOsoODsMEgCExqS0T2Y/TbuGdJOmkfFd8
DmGfn8YeTm6+MCJ99k2ue0L7s0bsFSx5Lc89Gz6woT6hThOCOG2BvSdJrhop9cSA
mvCJI0MuMOMFA8+kEfrtEhXzK2cJpFvqmg8wjosEIn4P3OYugbZXiOAfcc1qdvuu
2YgHI7T7J6DBb9fMbzWpUzd+Vu9T8lTZ5UEOchLAXCjm6+Ie7/nlm2OQR6zVGPJy
aOTYTpBe+722CuIJppXJJ9+zDfj8QUoD0IyX0gwj+FYZ2O/6JOVs2JLojWKXXhD+
TbKIQddntrGQjg==
-----END CERTIFICATE-----
Generated at Sun Mar 29 15:03:10 2026 by rpki-client