Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/a00c61-2d87-4620-913f-0e464ca39e75/1/KbEhDskQXHF9CY-fDQDZ3qIyJTk.mft
File: KbEhDskQXHF9CY-fDQDZ3qIyJTk.mft (raw, json)
Hash identifier: as8FvOJRp6uSUtB7jWiRd2f2nr89aIgxkrzfXdtxWu4=
Subject key identifier: 24:68:FD:1F:9E:63:97:4F:76:EB:C5:21:19:AE:B2:8C:CF:54:6D:7F
Authority key identifier: 29:B1:21:0E:C9:10:5C:71:7D:09:8F:9F:0D:00:D9:DE:A2:32:25:39
Certificate issuer: /CN=29b1210ec9105c717d098f9f0d00d9dea2322539
Certificate serial: 019D33078CE4FAEF331E5621241C7D955C88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KbEhDskQXHF9CY-fDQDZ3qIyJTk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/a00c61-2d87-4620-913f-0e464ca39e75/1/KbEhDskQXHF9CY-fDQDZ3qIyJTk.mft
Manifest number: 155E
Signing time: Sat 28 Mar 2026 06:00:25 +0000
Manifest this update: Sat 28 Mar 2026 06:00:25 +0000
Manifest next update: Sun 29 Mar 2026 06:00:25 +0000
Files and hashes: 1: KbEhDskQXHF9CY-fDQDZ3qIyJTk.crl (hash: OlUAFvANSdMVhHelJyKhsvN9L9ZIgis696vegVcV6mM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/07/a00c61-2d87-4620-913f-0e464ca39e75/1/KbEhDskQXHF9CY-fDQDZ3qIyJTk.crl
rsync://rpki.ripe.net/repository/DEFAULT/07/a00c61-2d87-4620-913f-0e464ca39e75/1/KbEhDskQXHF9CY-fDQDZ3qIyJTk.mft
rsync://rpki.ripe.net/repository/DEFAULT/KbEhDskQXHF9CY-fDQDZ3qIyJTk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Mar 2026 04:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:33:07:8c:e4:fa:ef:33:1e:56:21:24:1c:7d:95:5c:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29b1210ec9105c717d098f9f0d00d9dea2322539
Validity
Not Before: Mar 28 06:00:25 2026 GMT
Not After : Mar 29 06:00:25 2026 GMT
Subject: CN=2468fd1f9e63974f76ebc52119aeb28ccf546d7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:9a:9c:40:5e:55:46:fd:7d:44:b8:dc:ec:21:
c5:f3:27:c2:a8:28:4f:44:f1:52:8d:75:ef:51:0b:
3b:f2:5e:96:68:25:7e:1e:06:73:07:ba:9a:3a:4f:
11:30:e9:5f:6d:64:49:1a:13:cf:e2:93:bf:b6:b8:
77:40:a8:0a:6a:75:24:dc:b2:e4:4a:f2:17:81:4b:
51:1e:4b:78:42:bd:28:02:0d:c0:b8:2d:32:37:f9:
7d:19:79:f9:32:35:17:47:31:60:e4:a1:8f:77:da:
1b:a8:9b:ea:0e:97:96:d0:c1:87:46:d3:91:31:f3:
8c:10:e0:53:50:69:70:e8:7c:21:40:c1:c2:77:af:
09:4a:a0:ad:df:86:de:1d:4d:b8:06:04:8a:d3:38:
19:47:23:6e:4e:2a:6a:e4:7b:4b:c1:16:4b:27:16:
b5:85:40:10:5d:3e:c2:d8:11:ab:64:ae:09:2c:2c:
54:b0:f1:a6:8a:89:4d:a5:94:9c:24:5b:ba:e7:ff:
7a:db:27:07:68:b8:dc:a7:d0:aa:9d:e1:52:b1:e1:
9e:ed:7b:09:86:54:03:f7:f3:98:e1:de:b5:1a:ca:
95:c7:47:8c:fd:87:96:33:25:5f:78:06:6c:e4:00:
b9:7a:c5:fa:cc:f0:09:48:1d:6f:9d:23:db:50:b0:
de:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:68:FD:1F:9E:63:97:4F:76:EB:C5:21:19:AE:B2:8C:CF:54:6D:7F
X509v3 Authority Key Identifier:
keyid:29:B1:21:0E:C9:10:5C:71:7D:09:8F:9F:0D:00:D9:DE:A2:32:25:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KbEhDskQXHF9CY-fDQDZ3qIyJTk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/a00c61-2d87-4620-913f-0e464ca39e75/1/KbEhDskQXHF9CY-fDQDZ3qIyJTk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/a00c61-2d87-4620-913f-0e464ca39e75/1/KbEhDskQXHF9CY-fDQDZ3qIyJTk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8d:3f:6c:2f:db:4b:72:c2:ac:76:fb:14:8f:1f:9f:8f:c2:ba:
26:ea:ea:d6:e5:f1:d4:d9:20:98:da:30:e6:1d:da:b8:7d:a5:
1d:b1:d7:ed:d1:c1:14:c4:7f:13:5b:be:2f:ae:67:aa:57:b8:
29:c1:d5:47:6d:29:d3:2c:5a:2a:8d:f9:3b:0b:8e:e3:8a:06:
d0:48:88:67:be:3a:ab:58:08:ae:2f:ee:58:61:a5:1a:67:02:
8c:ce:67:f4:1a:a6:a7:16:d5:df:3c:84:41:8a:ff:59:84:56:
6f:d6:be:2d:20:59:c7:20:6c:fc:34:26:89:7d:39:cf:c9:3b:
dd:82:c8:81:2f:75:b3:1a:0d:85:50:0a:e9:0a:25:0a:09:83:
69:73:23:7d:de:c1:bd:64:59:52:1a:27:d0:db:a8:06:e0:94:
05:26:cb:2b:ae:6b:80:b3:08:db:b3:f0:20:19:b4:f2:fd:c8:
db:25:c4:01:e8:bb:de:a6:9b:d5:26:4a:29:6c:7d:86:6a:23:
1e:aa:0b:c8:6b:3d:cf:29:bd:f7:2b:06:7b:ce:9f:81:b2:fb:
5c:b9:d5:82:c6:f9:c1:6a:73:2b:04:08:6b:c8:d3:88:3f:8f:
8a:b4:c0:f9:f4:01:ce:1c:2f:54:68:a2:ed:3d:34:ca:10:25:
a4:f2:1d:a3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0zB4zk+u8zHlYhJBx9lVyIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5YjEyMTBlYzkxMDVjNzE3ZDA5OGY5ZjBkMDBkOWRlYTIz
MjI1MzkwHhcNMjYwMzI4MDYwMDI1WhcNMjYwMzI5MDYwMDI1WjAzMTEwLwYDVQQD
EygyNDY4ZmQxZjllNjM5NzRmNzZlYmM1MjExOWFlYjI4Y2NmNTQ2ZDdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA55qcQF5VRv19RLjc7CHF8yfCqChP
RPFSjXXvUQs78l6WaCV+HgZzB7qaOk8RMOlfbWRJGhPP4pO/trh3QKgKanUk3LLk
SvIXgUtRHkt4Qr0oAg3AuC0yN/l9GXn5MjUXRzFg5KGPd9obqJvqDpeW0MGHRtOR
MfOMEOBTUGlw6HwhQMHCd68JSqCt34beHU24BgSK0zgZRyNuTipq5HtLwRZLJxa1
hUAQXT7C2BGrZK4JLCxUsPGmiolNpZScJFu65/962ycHaLjcp9CqneFSseGe7XsJ
hlQD9/OY4d61GsqVx0eM/YeWMyVfeAZs5AC5esX6zPAJSB1vnSPbULDe5wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCRo/R+eY5dPduvFIRmusozPVG1/MB8GA1UdIwQY
MBaAFCmxIQ7JEFxxfQmPnw0A2d6iMiU5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2JFaERza1FYSEY5Q1ktZkRRRFozcUl5SlRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9hMDBjNjEtMmQ4Ny00NjIwLTkxM2Yt
MGU0NjRjYTM5ZTc1LzEvS2JFaERza1FYSEY5Q1ktZkRRRFozcUl5SlRrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9hMDBjNjEtMmQ4Ny00NjIwLTkxM2YtMGU0NjRjYTM5ZTc1
LzEvS2JFaERza1FYSEY5Q1ktZkRRRFozcUl5SlRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjT9sL9tL
csKsdvsUjx+fj8K6Jurq1uXx1NkgmNow5h3auH2lHbHX7dHBFMR/E1u+L65nqle4
KcHVR20p0yxaKo35OwuO44oG0EiIZ746q1gIri/uWGGlGmcCjM5n9BqmpxbV3zyE
QYr/WYRWb9a+LSBZxyBs/DQmiX05z8k73YLIgS91sxoNhVAK6QolCgmDaXMjfd7B
vWRZUhon0NuoBuCUBSbLK65rgLMI27PwIBm08v3I2yXEAei73qab1SZKKWx9hmoj
HqoLyGs9zym99ysGe86fgbL7XLnVgsb5wWpzKwQIa8jTiD+PirTA+fQBzhwvVGii
7T00yhAlpPIdow==
-----END CERTIFICATE-----
Generated at Sat Mar 28 12:21:10 2026 by rpki-client