Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/9b76e3-e4f1-41a2-9f0e-937e00d0732f/1/KANYk6JXplTz-FSVxBaevobeGNE.mft
File: KANYk6JXplTz-FSVxBaevobeGNE.mft (raw, json)
Hash identifier: 4RjN/bWXUDogwSXj9124hUyPXm3CMneBL6uaoPuBQXE=
Subject key identifier: E9:5B:8F:5B:08:3E:37:67:F2:18:D1:E6:DC:0D:D8:8B:C2:3B:B0:DC
Authority key identifier: 28:03:58:93:A2:57:A6:54:F3:F8:54:95:C4:16:9E:BE:86:DE:18:D1
Certificate issuer: /CN=28035893a257a654f3f85495c4169ebe86de18d1
Certificate serial: 019D378977EFDA77760215F051C52F725EFB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KANYk6JXplTz-FSVxBaevobeGNE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/9b76e3-e4f1-41a2-9f0e-937e00d0732f/1/KANYk6JXplTz-FSVxBaevobeGNE.mft
Manifest number: 0DCC
Signing time: Sun 29 Mar 2026 03:00:49 +0000
Manifest this update: Sun 29 Mar 2026 03:00:49 +0000
Manifest next update: Mon 30 Mar 2026 03:00:49 +0000
Files and hashes: 1: KANYk6JXplTz-FSVxBaevobeGNE.crl (hash: RWxEQWE05l/nH8xP1f4WgH4YiKWLuYHVL6qsw0ieX3k=)
2: Uwq4fgrazLwEGWvCfkhNBfYlPZA.roa (hash: vwAFLTe2SVcS4DhCcFTz3AjD8TipO0c+U4k+Iwqqzxk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f9/9b76e3-e4f1-41a2-9f0e-937e00d0732f/1/KANYk6JXplTz-FSVxBaevobeGNE.crl
rsync://rpki.ripe.net/repository/DEFAULT/f9/9b76e3-e4f1-41a2-9f0e-937e00d0732f/1/KANYk6JXplTz-FSVxBaevobeGNE.mft
rsync://rpki.ripe.net/repository/DEFAULT/KANYk6JXplTz-FSVxBaevobeGNE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 03:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:89:77:ef:da:77:76:02:15:f0:51:c5:2f:72:5e:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28035893a257a654f3f85495c4169ebe86de18d1
Validity
Not Before: Mar 29 03:00:49 2026 GMT
Not After : Mar 30 03:00:49 2026 GMT
Subject: CN=e95b8f5b083e3767f218d1e6dc0dd88bc23bb0dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:7f:3b:bc:2c:ed:96:d5:c9:3a:fe:4b:1f:74:
1c:c3:86:6c:b1:9a:d8:a0:1a:fb:6f:21:13:2c:52:
97:96:77:b4:48:d8:7b:24:27:60:88:01:ee:b1:2d:
a8:91:e0:db:1b:47:59:06:bd:7b:c7:3f:53:4f:ea:
f6:e8:90:e8:ab:3b:f4:17:5b:51:6c:e3:cb:56:d5:
a6:b9:16:5c:d1:a5:cd:a8:b6:df:01:f2:81:5b:7f:
5a:a7:c6:3f:43:2d:e8:b6:c3:8e:2e:f5:04:0f:93:
16:09:a4:b9:9f:92:9c:6a:48:79:e7:53:fc:89:da:
6f:87:1f:67:38:77:87:33:73:be:53:0b:d8:ba:dc:
d9:5a:20:8d:53:be:47:bf:ae:7d:74:b8:86:87:38:
86:9e:09:41:2b:c2:19:b8:dd:5e:ce:c6:f3:97:57:
0c:f6:bf:1f:24:b1:a5:89:f8:0f:96:50:29:8c:61:
03:2e:ab:a7:c3:82:23:35:63:81:25:5c:73:4b:f8:
9d:f5:33:67:6a:86:d2:f4:1b:24:ed:40:92:e0:9f:
59:35:b8:ee:cb:2e:60:24:e1:9b:df:32:20:1e:ff:
aa:61:fc:e9:80:80:4f:9c:c3:e2:04:c4:f7:a8:d7:
6c:4b:51:01:0f:85:a1:c9:2a:6e:34:da:09:c9:59:
db:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:5B:8F:5B:08:3E:37:67:F2:18:D1:E6:DC:0D:D8:8B:C2:3B:B0:DC
X509v3 Authority Key Identifier:
keyid:28:03:58:93:A2:57:A6:54:F3:F8:54:95:C4:16:9E:BE:86:DE:18:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KANYk6JXplTz-FSVxBaevobeGNE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/9b76e3-e4f1-41a2-9f0e-937e00d0732f/1/KANYk6JXplTz-FSVxBaevobeGNE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/9b76e3-e4f1-41a2-9f0e-937e00d0732f/1/KANYk6JXplTz-FSVxBaevobeGNE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a6:7e:4d:13:0c:a9:37:0d:8d:e1:ad:98:8f:fe:23:7d:c0:f1:
ef:a5:9d:cf:b9:91:d9:8e:d3:05:2e:fc:cf:3d:93:eb:69:dc:
31:73:d2:10:99:21:7e:61:99:e3:79:ed:fa:1e:ad:90:42:7e:
5f:b2:e1:9d:68:fd:f4:a5:c2:38:8d:e8:b3:1e:23:8a:53:d5:
3a:27:e9:b9:9a:a0:86:e7:01:c7:3a:ee:fd:2e:d0:d5:0e:e2:
54:7f:ba:02:94:08:59:a3:bc:fb:60:d3:26:c1:07:0b:57:74:
3a:b9:ca:72:05:2c:80:e6:34:42:7e:73:4f:f9:b6:d5:d9:4b:
a9:07:77:a3:c5:f8:9c:b6:f8:30:a7:95:79:84:2a:17:c6:ba:
44:b5:ad:c9:51:f2:8d:86:7f:9c:26:c4:d9:24:8e:a2:a2:ac:
0c:e1:7f:d5:32:4d:67:0d:f5:aa:d5:17:79:cd:5e:a1:09:e7:
d6:19:32:ab:51:ad:2c:d4:ad:6a:03:91:03:b1:5c:5c:35:22:
c3:2e:f4:f4:0a:2f:84:55:4c:64:9d:e3:f4:55:89:0b:de:9e:
6d:73:28:65:c7:08:92:5c:de:7b:fb:3e:9b:2e:f3:b1:5a:9a:
5e:d2:89:f2:cc:9b:a9:a4:eb:97:08:35:42:ff:cd:77:86:0c:
1f:56:c2:2a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03iXfv2nd2AhXwUcUvcl77MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4MDM1ODkzYTI1N2E2NTRmM2Y4NTQ5NWM0MTY5ZWJlODZk
ZTE4ZDEwHhcNMjYwMzI5MDMwMDQ5WhcNMjYwMzMwMDMwMDQ5WjAzMTEwLwYDVQQD
EyhlOTViOGY1YjA4M2UzNzY3ZjIxOGQxZTZkYzBkZDg4YmMyM2JiMGRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsH87vCztltXJOv5LH3Qcw4ZssZrY
oBr7byETLFKXlne0SNh7JCdgiAHusS2okeDbG0dZBr17xz9TT+r26JDoqzv0F1tR
bOPLVtWmuRZc0aXNqLbfAfKBW39ap8Y/Qy3otsOOLvUED5MWCaS5n5Kcakh551P8
idpvhx9nOHeHM3O+UwvYutzZWiCNU75Hv659dLiGhziGnglBK8IZuN1ezsbzl1cM
9r8fJLGlifgPllApjGEDLqunw4IjNWOBJVxzS/id9TNnaobS9Bsk7UCS4J9ZNbju
yy5gJOGb3zIgHv+qYfzpgIBPnMPiBMT3qNdsS1EBD4WhySpuNNoJyVnbAQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOlbj1sIPjdn8hjR5twN2IvCO7DcMB8GA1UdIwQY
MBaAFCgDWJOiV6ZU8/hUlcQWnr6G3hjRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0FOWWs2SlhwbFR6LUZTVnhCYWV2b2JlR05FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS85Yjc2ZTMtZTRmMS00MWEyLTlmMGUt
OTM3ZTAwZDA3MzJmLzEvS0FOWWs2SlhwbFR6LUZTVnhCYWV2b2JlR05FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS85Yjc2ZTMtZTRmMS00MWEyLTlmMGUtOTM3ZTAwZDA3MzJm
LzEvS0FOWWs2SlhwbFR6LUZTVnhCYWV2b2JlR05FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApn5NEwyp
Nw2N4a2Yj/4jfcDx76Wdz7mR2Y7TBS78zz2T62ncMXPSEJkhfmGZ43nt+h6tkEJ+
X7LhnWj99KXCOI3osx4jilPVOifpuZqghucBxzru/S7Q1Q7iVH+6ApQIWaO8+2DT
JsEHC1d0OrnKcgUsgOY0Qn5zT/m21dlLqQd3o8X4nLb4MKeVeYQqF8a6RLWtyVHy
jYZ/nCbE2SSOoqKsDOF/1TJNZw31qtUXec1eoQnn1hkyq1GtLNStagORA7FcXDUi
wy709AovhFVMZJ3j9FWJC96ebXMoZccIklzee/s+my7zsVqaXtKJ8sybqaTrlwg1
Qv/Nd4YMH1bCKg==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:30:22 2026 by rpki-client