Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/60c724-a005-46d7-8452-16ce339016a0/1/KDYkAH9E3K9WjDcOf3H5UMsZQO8.mft
File: KDYkAH9E3K9WjDcOf3H5UMsZQO8.mft (raw, json)
Hash identifier: 9t9rHNttnAD8/hiu+HtqirlWTcVTMC8QAFOx/SSuCR8=
Subject key identifier: BD:E5:1F:1C:1E:AB:30:54:90:81:0E:7F:AF:36:29:A2:0A:F7:B8:CE
Authority key identifier: 28:36:24:00:7F:44:DC:AF:56:8C:37:0E:7F:71:F9:50:CB:19:40:EF
Certificate issuer: /CN=283624007f44dcaf568c370e7f71f950cb1940ef
Certificate serial: 019D2772D9F0E15E123C44485DC882A03FF6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KDYkAH9E3K9WjDcOf3H5UMsZQO8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/60c724-a005-46d7-8452-16ce339016a0/1/KDYkAH9E3K9WjDcOf3H5UMsZQO8.mft
Manifest number: 0A02
Signing time: Thu 26 Mar 2026 00:02:11 +0000
Manifest this update: Thu 26 Mar 2026 00:02:11 +0000
Manifest next update: Fri 27 Mar 2026 00:02:11 +0000
Files and hashes: 1: KDYkAH9E3K9WjDcOf3H5UMsZQO8.crl (hash: NIiKpoTVmLbhwr/eX5szX7W8llrHDIddJ0GJdp9VD+4=)
2: wyIJp-MtwD9wUV37AIQAnQ5KD5g.roa (hash: 27rqphnZqec6wo9U62eKve93o5VP/+kmAfxs2ybJPtU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/60c724-a005-46d7-8452-16ce339016a0/1/KDYkAH9E3K9WjDcOf3H5UMsZQO8.crl
rsync://rpki.ripe.net/repository/DEFAULT/21/60c724-a005-46d7-8452-16ce339016a0/1/KDYkAH9E3K9WjDcOf3H5UMsZQO8.mft
rsync://rpki.ripe.net/repository/DEFAULT/KDYkAH9E3K9WjDcOf3H5UMsZQO8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:27:72:d9:f0:e1:5e:12:3c:44:48:5d:c8:82:a0:3f:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=283624007f44dcaf568c370e7f71f950cb1940ef
Validity
Not Before: Mar 26 00:02:11 2026 GMT
Not After : Mar 27 00:02:11 2026 GMT
Subject: CN=bde51f1c1eab305490810e7faf3629a20af7b8ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:85:9b:a1:ab:b7:2b:8a:26:95:f6:e0:c5:10:
8c:7a:89:f9:b4:cb:6d:18:56:d5:04:4a:70:28:a5:
a5:e3:b2:9a:98:32:02:2b:57:c7:ad:83:55:a7:d8:
b3:59:7f:e0:d4:5e:5d:39:47:8d:d4:7a:8b:7d:0d:
4b:80:c6:d6:89:86:4d:71:03:a8:e4:04:30:af:ca:
86:fc:fc:60:9a:4b:ee:e8:c5:86:7c:a5:ff:9d:7e:
16:5a:6f:d8:58:ed:12:6b:8e:f8:f8:1e:43:58:40:
94:b5:1c:73:cc:4f:51:29:a7:e7:e2:96:43:2d:82:
d0:5e:da:53:ba:f0:d7:d2:6a:0c:80:e5:48:ac:80:
97:9d:e5:a5:d9:84:b9:89:d0:b9:ce:4a:b7:35:46:
d3:25:8b:64:ec:c9:50:07:25:96:ac:f4:70:b8:72:
7f:b8:ab:41:60:df:e1:e1:0c:00:8b:3a:32:ae:49:
14:56:a8:6e:67:dc:61:a8:a5:db:d4:8a:65:7f:03:
77:5c:87:fb:0a:b6:87:18:18:c4:4c:00:93:cc:f6:
10:a5:f5:27:b2:49:09:d7:87:c5:02:4f:cf:52:3d:
73:5b:a0:8e:6a:28:9b:51:04:c2:e3:3b:3a:d6:54:
ce:8b:23:9a:2a:17:02:8e:d1:f4:53:06:bf:f7:6b:
45:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:E5:1F:1C:1E:AB:30:54:90:81:0E:7F:AF:36:29:A2:0A:F7:B8:CE
X509v3 Authority Key Identifier:
keyid:28:36:24:00:7F:44:DC:AF:56:8C:37:0E:7F:71:F9:50:CB:19:40:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KDYkAH9E3K9WjDcOf3H5UMsZQO8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/60c724-a005-46d7-8452-16ce339016a0/1/KDYkAH9E3K9WjDcOf3H5UMsZQO8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/60c724-a005-46d7-8452-16ce339016a0/1/KDYkAH9E3K9WjDcOf3H5UMsZQO8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3d:4a:90:6e:fb:65:76:90:4f:82:ff:e4:18:45:38:40:10:7b:
13:1e:ba:4b:c7:91:9e:ab:05:8b:17:a8:c3:32:d0:09:14:d7:
cb:64:e9:85:38:70:93:7c:74:9e:f7:a3:4e:cc:cc:1d:d6:83:
ab:98:00:bc:de:5f:1f:3a:ef:4b:f0:0e:9f:e8:fc:66:0b:29:
91:82:b1:0f:65:a9:34:23:34:52:1d:33:25:99:16:fe:70:04:
b4:fc:2b:b4:61:49:ca:9c:08:72:66:2a:ed:38:23:32:25:2b:
6c:a9:e4:57:2d:7f:b7:ef:31:7b:26:dd:7a:13:74:48:85:1e:
a5:36:d7:e6:3a:a2:a4:9f:f4:e1:7c:3a:4e:53:5a:0a:10:11:
11:be:50:3d:37:57:c3:1d:11:74:43:93:6e:bd:d9:9c:d7:cd:
da:74:ea:20:de:d1:51:bb:9c:97:48:aa:8d:4e:e7:0f:e4:31:
1a:2f:9e:ba:80:77:90:ab:f3:94:ed:7d:dc:bd:7f:16:89:50:
c8:fa:4d:31:5f:39:10:e0:55:8c:fb:39:61:f2:a1:a6:99:79:
a6:ba:7b:2e:69:5c:ac:c1:b4:39:e6:14:8a:b8:84:73:64:13:
79:a0:59:cb:bc:93:a6:77:14:7a:22:8e:ca:0c:71:10:6e:9f:
b6:32:73:9f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nctnw4V4SPERIXciCoD/2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4MzYyNDAwN2Y0NGRjYWY1NjhjMzcwZTdmNzFmOTUwY2Ix
OTQwZWYwHhcNMjYwMzI2MDAwMjExWhcNMjYwMzI3MDAwMjExWjAzMTEwLwYDVQQD
EyhiZGU1MWYxYzFlYWIzMDU0OTA4MTBlN2ZhZjM2MjlhMjBhZjdiOGNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA34Wboau3K4omlfbgxRCMeon5tMtt
GFbVBEpwKKWl47KamDICK1fHrYNVp9izWX/g1F5dOUeN1HqLfQ1LgMbWiYZNcQOo
5AQwr8qG/Pxgmkvu6MWGfKX/nX4WWm/YWO0Sa474+B5DWECUtRxzzE9RKafn4pZD
LYLQXtpTuvDX0moMgOVIrICXneWl2YS5idC5zkq3NUbTJYtk7MlQByWWrPRwuHJ/
uKtBYN/h4QwAizoyrkkUVqhuZ9xhqKXb1IplfwN3XIf7CraHGBjETACTzPYQpfUn
skkJ14fFAk/PUj1zW6COaiibUQTC4zs61lTOiyOaKhcCjtH0Uwa/92tFbwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL3lHxweqzBUkIEOf682KaIK97jOMB8GA1UdIwQY
MBaAFCg2JAB/RNyvVow3Dn9x+VDLGUDvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0RZa0FIOUUzSzlXakRjT2YzSDVVTXNaUU84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS82MGM3MjQtYTAwNS00NmQ3LTg0NTIt
MTZjZTMzOTAxNmEwLzEvS0RZa0FIOUUzSzlXakRjT2YzSDVVTXNaUU84Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS82MGM3MjQtYTAwNS00NmQ3LTg0NTItMTZjZTMzOTAxNmEw
LzEvS0RZa0FIOUUzSzlXakRjT2YzSDVVTXNaUU84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPUqQbvtl
dpBPgv/kGEU4QBB7Ex66S8eRnqsFixeowzLQCRTXy2TphThwk3x0nvejTszMHdaD
q5gAvN5fHzrvS/AOn+j8ZgspkYKxD2WpNCM0Uh0zJZkW/nAEtPwrtGFJypwIcmYq
7TgjMiUrbKnkVy1/t+8xeybdehN0SIUepTbX5jqipJ/04Xw6TlNaChAREb5QPTdX
wx0RdEOTbr3ZnNfN2nTqIN7RUbucl0iqjU7nD+QxGi+euoB3kKvzlO193L1/FolQ
yPpNMV85EOBVjPs5YfKhppl5prp7LmlcrMG0OeYUiriEc2QTeaBZy7yTpncUeiKO
ygxxEG6ftjJznw==
-----END CERTIFICATE-----
Generated at Thu Mar 26 05:18:50 2026 by rpki-client