Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/KbOnF2ZaETfpncj60i4-f5jbiXM.mft
File: KbOnF2ZaETfpncj60i4-f5jbiXM.mft (raw, json)
Hash identifier: 9ot25NBM4vLlEbUriiubdl3Gh8rUCjIg1R5PQsczzek=
Subject key identifier: 40:C7:4A:85:C8:33:FC:7C:C5:03:71:8A:4F:57:8C:9A:BF:3A:93:5C
Authority key identifier: 29:B3:A7:17:66:5A:11:37:E9:9D:C8:FA:D2:2E:3E:7F:98:DB:89:73
Certificate issuer: /CN=29b3a717665a1137e99dc8fad22e3e7f98db8973
Certificate serial: 019D27DF675EBF1311E5D76EF13125F9BBC6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KbOnF2ZaETfpncj60i4-f5jbiXM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/KbOnF2ZaETfpncj60i4-f5jbiXM.mft
Manifest number: 188C
Signing time: Thu 26 Mar 2026 02:00:45 +0000
Manifest this update: Thu 26 Mar 2026 02:00:45 +0000
Manifest next update: Fri 27 Mar 2026 02:00:45 +0000
Files and hashes: 1: KbOnF2ZaETfpncj60i4-f5jbiXM.crl (hash: 2hcbqN+0+oDwxw7EZUUONSXg91BchtXn0ZNXlaK1ITA=)
2: Ty9RnsnK3EDnysBvDikYp04oggo.roa (hash: oWmmAPgiMnRBuVQF4Wy8CU51nd17TmIJOxZ3k8HDTIo=)
3: VmNdh6laZxyVCC_g82mHnoN0sjg.roa (hash: fCIZoEHtubiL+1CEYbmHMAzOgcDhgRWMLUT6hfUtnUM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/KbOnF2ZaETfpncj60i4-f5jbiXM.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/KbOnF2ZaETfpncj60i4-f5jbiXM.mft
rsync://rpki.ripe.net/repository/DEFAULT/KbOnF2ZaETfpncj60i4-f5jbiXM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:27:df:67:5e:bf:13:11:e5:d7:6e:f1:31:25:f9:bb:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29b3a717665a1137e99dc8fad22e3e7f98db8973
Validity
Not Before: Mar 26 02:00:45 2026 GMT
Not After : Mar 27 02:00:45 2026 GMT
Subject: CN=40c74a85c833fc7cc503718a4f578c9abf3a935c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:eb:5d:44:e4:24:3d:2b:a0:f6:96:c9:30:8a:
3f:f6:8f:b0:f1:60:d4:75:b9:8e:21:79:00:85:b7:
93:ee:12:89:a4:7f:22:72:0a:73:95:a5:27:c9:58:
0b:46:61:09:68:e1:bd:a3:cf:d3:10:26:b5:ca:1c:
b4:56:c7:0f:c2:2c:c6:f1:f3:32:ff:6a:0f:d5:5e:
4d:cb:c4:b5:ce:49:d8:44:17:11:1b:91:aa:77:84:
46:f7:a0:bd:76:6f:cf:47:a5:6b:38:77:a9:85:f5:
54:16:6d:d6:6f:12:1f:2d:74:75:60:68:6d:26:33:
c2:7c:c0:d9:78:09:10:e7:2f:d4:68:4c:05:27:7d:
1f:f4:f9:69:12:61:64:2f:a7:ea:a3:2f:1b:1b:1d:
42:81:f0:84:08:08:e3:4d:0c:73:c0:79:52:02:28:
ef:f4:de:64:bb:ea:7e:61:88:65:5a:54:b7:bf:17:
58:12:95:e2:6f:b4:16:8f:6f:cf:00:d5:4d:6a:34:
ec:75:a8:75:8e:b0:e0:58:fb:0e:2e:87:00:d9:4d:
f5:bb:e3:79:59:da:bd:8d:19:50:86:46:d8:15:bb:
60:d5:c5:4c:8f:17:9f:82:52:eb:5f:48:b2:9a:bd:
9a:cd:2b:3f:74:4e:12:4e:6c:26:f7:07:6d:59:e1:
2b:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:C7:4A:85:C8:33:FC:7C:C5:03:71:8A:4F:57:8C:9A:BF:3A:93:5C
X509v3 Authority Key Identifier:
keyid:29:B3:A7:17:66:5A:11:37:E9:9D:C8:FA:D2:2E:3E:7F:98:DB:89:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KbOnF2ZaETfpncj60i4-f5jbiXM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/KbOnF2ZaETfpncj60i4-f5jbiXM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/KbOnF2ZaETfpncj60i4-f5jbiXM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
96:b5:ed:3c:dc:ce:6e:47:f0:3e:8f:98:db:d8:79:ba:62:3e:
3f:58:d8:f0:ce:67:f9:e8:25:2e:6f:17:59:fa:82:7f:83:d7:
e8:6f:bc:a3:ed:0d:a4:b4:3a:3c:f1:db:76:ed:41:2b:47:c0:
72:da:d2:9a:fd:83:92:18:5e:61:62:7a:b6:05:62:8c:ea:82:
4f:a2:fa:60:94:0d:f6:52:61:46:51:f5:7b:2d:fc:e1:d5:f0:
ad:08:9c:4c:d7:e7:48:a2:35:f3:d1:e0:bb:4a:3d:b2:91:f7:
4d:5a:51:33:e6:d2:53:b7:0b:45:a5:b1:29:2b:ab:d2:76:7d:
a8:c3:48:af:65:a3:00:48:5f:b2:92:01:f6:f8:e2:5e:cb:99:
16:ea:b3:a2:a7:9f:3a:02:4c:c2:bc:46:54:c7:f6:9f:0e:b2:
17:14:a0:47:c8:db:b4:4c:90:e6:9c:b1:3e:26:57:5d:59:89:
29:15:17:6b:a2:8b:36:ce:c7:50:d8:b4:85:e6:a4:f8:ad:14:
63:80:54:e6:af:4b:bf:03:77:e3:58:d1:2c:69:e3:8e:3e:e9:
de:fc:96:77:34:c7:95:11:00:ee:54:46:f5:69:4a:74:48:10:
65:46:7d:7f:70:6c:f6:4d:32:c4:b1:9d:31:a6:0f:eb:39:01:
83:6f:0b:f0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0n32devxMR5ddu8TEl+bvGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5YjNhNzE3NjY1YTExMzdlOTlkYzhmYWQyMmUzZTdmOThk
Yjg5NzMwHhcNMjYwMzI2MDIwMDQ1WhcNMjYwMzI3MDIwMDQ1WjAzMTEwLwYDVQQD
Eyg0MGM3NGE4NWM4MzNmYzdjYzUwMzcxOGE0ZjU3OGM5YWJmM2E5MzVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0utdROQkPSug9pbJMIo/9o+w8WDU
dbmOIXkAhbeT7hKJpH8icgpzlaUnyVgLRmEJaOG9o8/TECa1yhy0VscPwizG8fMy
/2oP1V5Ny8S1zknYRBcRG5Gqd4RG96C9dm/PR6VrOHephfVUFm3WbxIfLXR1YGht
JjPCfMDZeAkQ5y/UaEwFJ30f9PlpEmFkL6fqoy8bGx1CgfCECAjjTQxzwHlSAijv
9N5ku+p+YYhlWlS3vxdYEpXib7QWj2/PANVNajTsdah1jrDgWPsOLocA2U31u+N5
Wdq9jRlQhkbYFbtg1cVMjxefglLrX0iymr2azSs/dE4STmwm9wdtWeErkwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEDHSoXIM/x8xQNxik9XjJq/OpNcMB8GA1UdIwQY
MBaAFCmzpxdmWhE36Z3I+tIuPn+Y24lzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2JPbkYyWmFFVGZwbmNqNjBpNC1mNWpiaVhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hY2QyOGUtNTJhZS00YWM5LWIwMjgt
NjY5ZjdhNzYxNjMxLzEvS2JPbkYyWmFFVGZwbmNqNjBpNC1mNWpiaVhNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hY2QyOGUtNTJhZS00YWM5LWIwMjgtNjY5ZjdhNzYxNjMx
LzEvS2JPbkYyWmFFVGZwbmNqNjBpNC1mNWpiaVhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlrXtPNzO
bkfwPo+Y29h5umI+P1jY8M5n+eglLm8XWfqCf4PX6G+8o+0NpLQ6PPHbdu1BK0fA
ctrSmv2DkhheYWJ6tgVijOqCT6L6YJQN9lJhRlH1ey384dXwrQicTNfnSKI189Hg
u0o9spH3TVpRM+bSU7cLRaWxKSur0nZ9qMNIr2WjAEhfspIB9vjiXsuZFuqzoqef
OgJMwrxGVMf2nw6yFxSgR8jbtEyQ5pyxPiZXXVmJKRUXa6KLNs7HUNi0heak+K0U
Y4BU5q9LvwN341jRLGnjjj7p3vyWdzTHlREA7lRG9WlKdEgQZUZ9f3Bs9k0yxLGd
MaYP6zkBg28L8A==
-----END CERTIFICATE-----
Generated at Thu Mar 26 07:53:23 2026 by rpki-client