Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/6541b4-7424-4758-bd32-5e4041d93008/1/KxlTcbTPcLiOdz4bgHyyORYyOFs.mft
File: KxlTcbTPcLiOdz4bgHyyORYyOFs.mft (raw, json)
Hash identifier: vlWDjvLWJWXcU3F/yhEm/sIPmt8/MLHj1CfP29+W8rA=
Subject key identifier: 13:9F:46:0C:41:8B:56:FD:82:A1:86:F0:A0:AC:30:DB:8A:27:25:8A
Authority key identifier: 2B:19:53:71:B4:CF:70:B8:8E:77:3E:1B:80:7C:B2:39:16:32:38:5B
Certificate issuer: /CN=2b195371b4cf70b88e773e1b807cb2391632385b
Certificate serial: 019DCF753E7992B1D9FAC3E29848E1ADDC31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KxlTcbTPcLiOdz4bgHyyORYyOFs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/6541b4-7424-4758-bd32-5e4041d93008/1/KxlTcbTPcLiOdz4bgHyyORYyOFs.mft
Manifest number: 01BF
Signing time: Mon 27 Apr 2026 15:01:00 +0000
Manifest this update: Mon 27 Apr 2026 15:01:00 +0000
Manifest next update: Tue 28 Apr 2026 15:01:00 +0000
Files and hashes: 1: KxlTcbTPcLiOdz4bgHyyORYyOFs.crl (hash: Eksn7Icjes5tZMdEfgklP5b/XTNPqdbyJcmWlMqMMSM=)
2: zoysAnJ75pvxhA2S0m-6Zp0HLpE.roa (hash: kFXM7sahaxaI4pXMltbaQts/ViuuZYbtivX7x0d9V2A=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/6541b4-7424-4758-bd32-5e4041d93008/1/KxlTcbTPcLiOdz4bgHyyORYyOFs.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/6541b4-7424-4758-bd32-5e4041d93008/1/KxlTcbTPcLiOdz4bgHyyORYyOFs.mft
rsync://rpki.ripe.net/repository/DEFAULT/KxlTcbTPcLiOdz4bgHyyORYyOFs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Apr 2026 15:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:cf:75:3e:79:92:b1:d9:fa:c3:e2:98:48:e1:ad:dc:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b195371b4cf70b88e773e1b807cb2391632385b
Validity
Not Before: Apr 27 15:01:00 2026 GMT
Not After : Apr 28 15:01:00 2026 GMT
Subject: CN=139f460c418b56fd82a186f0a0ac30db8a27258a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:df:75:ac:2f:47:bf:4b:25:bf:69:9b:56:a6:
4a:2b:33:a6:95:2d:7d:8e:b1:1e:b7:c6:5e:2d:f6:
17:12:86:a6:ca:0f:7c:aa:34:fb:2e:08:a4:de:c5:
e7:2a:aa:5b:a2:43:8a:d6:f7:19:b4:af:71:e5:ed:
15:2a:fc:c8:96:e7:15:d3:65:17:10:8b:95:f9:11:
02:70:2f:7a:c1:97:54:db:d4:6e:72:8f:3b:39:96:
24:28:b9:3a:22:e2:8d:01:be:c0:da:11:14:91:61:
36:f1:a7:91:1c:c8:ab:39:a7:21:9d:03:ad:e3:d6:
e0:d0:5b:2e:68:6d:e8:b0:0f:f5:31:e3:39:b9:12:
85:bb:c7:52:e1:50:db:91:c1:b5:ec:bf:91:bc:a7:
01:31:9f:42:63:f7:14:43:37:31:cc:41:a0:55:92:
fb:f3:9c:7e:3a:77:1f:e7:87:27:23:00:5d:9c:57:
eb:2e:87:c1:aa:b7:72:2d:c4:aa:37:3a:19:31:e9:
46:07:57:b2:d8:03:20:5c:2c:06:07:18:13:49:90:
3b:ea:4d:be:86:44:2f:49:02:b3:ad:f6:70:dd:4c:
c9:aa:09:97:ee:5e:4f:86:e9:2b:4c:82:a0:93:6f:
86:89:51:91:ac:0e:cb:3a:67:38:e6:8b:07:cb:b3:
4c:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:9F:46:0C:41:8B:56:FD:82:A1:86:F0:A0:AC:30:DB:8A:27:25:8A
X509v3 Authority Key Identifier:
keyid:2B:19:53:71:B4:CF:70:B8:8E:77:3E:1B:80:7C:B2:39:16:32:38:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KxlTcbTPcLiOdz4bgHyyORYyOFs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/6541b4-7424-4758-bd32-5e4041d93008/1/KxlTcbTPcLiOdz4bgHyyORYyOFs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/6541b4-7424-4758-bd32-5e4041d93008/1/KxlTcbTPcLiOdz4bgHyyORYyOFs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3e:ac:d1:9b:60:0f:5d:b5:ca:44:54:4d:68:ae:e9:0e:37:d3:
ae:0f:56:15:3e:d6:3f:43:4f:28:ab:40:7d:56:de:a6:bd:78:
c2:65:cb:c5:36:bf:0e:f9:70:b4:69:7a:49:6c:0a:76:b6:7a:
80:50:cf:21:bf:13:6d:85:0c:21:1a:af:5d:09:ec:2f:d6:d5:
0a:04:5f:7c:1c:01:23:18:1f:77:19:43:30:88:69:63:15:73:
3f:1c:c2:02:9b:fb:f5:d9:b1:a2:68:fa:4d:0d:1e:84:ae:2c:
db:99:e0:8c:16:5c:f4:db:83:f3:73:60:6b:18:8f:41:61:29:
a5:6b:e1:06:d0:39:7c:83:7e:f6:11:eb:c6:70:9e:fe:4a:4c:
5c:fe:a9:93:3f:87:67:07:06:5c:8e:1c:a1:e5:fc:d9:25:1b:
e4:ab:ac:2f:62:dc:22:84:da:d0:62:13:f1:de:1e:7b:f8:62:
3b:d3:c5:a8:20:d3:b7:fa:6f:87:cf:58:04:80:b7:ca:17:70:
aa:c7:7d:a5:42:b6:ac:f3:64:37:9e:ab:58:8e:7b:dd:ad:09:
38:f9:25:eb:7c:c8:11:d4:6c:e4:fd:71:b2:2b:63:7f:b2:5d:
62:eb:cc:c0:0a:39:9b:b4:b8:b6:92:a8:e4:4f:ac:d5:6f:fe:
13:64:bb:a1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ3PdT55krHZ+sPimEjhrdwxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiMTk1MzcxYjRjZjcwYjg4ZTc3M2UxYjgwN2NiMjM5MTYz
MjM4NWIwHhcNMjYwNDI3MTUwMTAwWhcNMjYwNDI4MTUwMTAwWjAzMTEwLwYDVQQD
EygxMzlmNDYwYzQxOGI1NmZkODJhMTg2ZjBhMGFjMzBkYjhhMjcyNThhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAod91rC9Hv0slv2mbVqZKKzOmlS19
jrEet8ZeLfYXEoamyg98qjT7Lgik3sXnKqpbokOK1vcZtK9x5e0VKvzIlucV02UX
EIuV+RECcC96wZdU29Ruco87OZYkKLk6IuKNAb7A2hEUkWE28aeRHMirOachnQOt
49bg0FsuaG3osA/1MeM5uRKFu8dS4VDbkcG17L+RvKcBMZ9CY/cUQzcxzEGgVZL7
85x+Oncf54cnIwBdnFfrLofBqrdyLcSqNzoZMelGB1ey2AMgXCwGBxgTSZA76k2+
hkQvSQKzrfZw3UzJqgmX7l5PhukrTIKgk2+GiVGRrA7LOmc45osHy7NMAwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBOfRgxBi1b9gqGG8KCsMNuKJyWKMB8GA1UdIwQY
MBaAFCsZU3G0z3C4jnc+G4B8sjkWMjhbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3hsVGNiVFBjTGlPZHo0YmdIeXlPUll5T0ZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS82NTQxYjQtNzQyNC00NzU4LWJkMzIt
NWU0MDQxZDkzMDA4LzEvS3hsVGNiVFBjTGlPZHo0YmdIeXlPUll5T0ZzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS82NTQxYjQtNzQyNC00NzU4LWJkMzItNWU0MDQxZDkzMDA4
LzEvS3hsVGNiVFBjTGlPZHo0YmdIeXlPUll5T0ZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPqzRm2AP
XbXKRFRNaK7pDjfTrg9WFT7WP0NPKKtAfVbepr14wmXLxTa/DvlwtGl6SWwKdrZ6
gFDPIb8TbYUMIRqvXQnsL9bVCgRffBwBIxgfdxlDMIhpYxVzPxzCApv79dmxomj6
TQ0ehK4s25ngjBZc9NuD83NgaxiPQWEppWvhBtA5fIN+9hHrxnCe/kpMXP6pkz+H
ZwcGXI4coeX82SUb5KusL2LcIoTa0GIT8d4ee/hiO9PFqCDTt/pvh89YBIC3yhdw
qsd9pUK2rPNkN56rWI573a0JOPkl63zIEdRs5P1xsitjf7JdYuvMwAo5m7S4tpKo
5E+s1W/+E2S7oQ==
-----END CERTIFICATE-----
Generated at Mon Apr 27 19:47:53 2026 by rpki-client