Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/382ff4-4fc2-4302-af90-96adffe2e86a/1/KCyT0maFJ4jkmYLZ96Yg222fWI0.mft
File: KCyT0maFJ4jkmYLZ96Yg222fWI0.mft (raw, json)
Hash identifier: TzvOwy/uyHp4o7QYGs0P5nqamUFwW7CSa5FnsqY+haI=
Subject key identifier: F9:90:88:82:A4:F8:18:8C:06:A5:A0:84:74:4D:32:76:CE:26:AB:40
Authority key identifier: 28:2C:93:D2:66:85:27:88:E4:99:82:D9:F7:A6:20:DB:6D:9F:58:8D
Certificate issuer: /CN=282c93d266852788e49982d9f7a620db6d9f588d
Certificate serial: 019D2A72717F242F20B8DE8D63A2F0551FA1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KCyT0maFJ4jkmYLZ96Yg222fWI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/382ff4-4fc2-4302-af90-96adffe2e86a/1/KCyT0maFJ4jkmYLZ96Yg222fWI0.mft
Manifest number: 0DA5
Signing time: Thu 26 Mar 2026 14:00:36 +0000
Manifest this update: Thu 26 Mar 2026 14:00:36 +0000
Manifest next update: Fri 27 Mar 2026 14:00:36 +0000
Files and hashes: 1: 1ObfCdLE7dKk-d-Joasz4Il0A1o.roa (hash: p/QxJngDf+aUBVUX1Y9rupN0VdWFzSbmnVUDpsP2Y34=)
2: KCyT0maFJ4jkmYLZ96Yg222fWI0.crl (hash: 080xtuKtfLeHxbHNIYHqA4lWOvbeRk/lOIVNFL8e2JA=)
3: h28P9psTB0BJCTdOtSuL769CZEY.roa (hash: WnzE0ULZO+Ns9cDIOM8A2gQx3rSBVndAJ664fi5lHZY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/382ff4-4fc2-4302-af90-96adffe2e86a/1/KCyT0maFJ4jkmYLZ96Yg222fWI0.crl
rsync://rpki.ripe.net/repository/DEFAULT/44/382ff4-4fc2-4302-af90-96adffe2e86a/1/KCyT0maFJ4jkmYLZ96Yg222fWI0.mft
rsync://rpki.ripe.net/repository/DEFAULT/KCyT0maFJ4jkmYLZ96Yg222fWI0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:2a:72:71:7f:24:2f:20:b8:de:8d:63:a2:f0:55:1f:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=282c93d266852788e49982d9f7a620db6d9f588d
Validity
Not Before: Mar 26 14:00:36 2026 GMT
Not After : Mar 27 14:00:36 2026 GMT
Subject: CN=f9908882a4f8188c06a5a084744d3276ce26ab40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:06:41:0a:65:c0:cd:2a:70:83:ee:43:e5:39:
da:2c:0c:ed:a9:9e:1e:c2:ce:8d:26:80:10:5e:98:
19:54:d0:c2:9d:94:0b:67:f1:b7:c1:a3:fd:92:0b:
b3:f9:68:f8:59:ff:44:f1:ba:d3:ab:c8:0f:90:eb:
4b:83:5e:df:be:e4:eb:86:b5:b0:54:20:54:f7:9b:
0f:cf:13:8b:cd:36:56:46:99:d6:ae:70:5a:a1:81:
36:0a:53:c1:13:da:10:63:fd:d7:09:80:3d:e0:69:
e4:52:20:48:d9:67:e1:13:59:fe:ca:16:a0:f1:c2:
ae:3f:c9:3d:de:f8:fd:a0:77:57:c3:53:54:77:b6:
71:4f:af:94:91:fb:c3:b6:79:0e:82:e5:95:68:49:
2f:60:5a:46:df:1a:84:d3:6f:4e:a8:9e:80:23:4b:
68:b2:da:e5:92:6e:17:91:4f:5a:0c:02:05:ac:13:
82:41:80:b5:03:08:b6:25:f4:3f:d6:34:ca:50:9d:
c0:3d:09:3a:82:92:12:db:86:4b:0c:52:58:bd:21:
d8:9e:62:97:70:91:32:50:ba:af:f3:1a:44:76:df:
79:4c:c5:e9:5d:16:c2:55:c0:c4:a1:f4:df:49:72:
66:a2:9e:50:a6:bb:e4:e8:99:66:6f:3b:9e:05:2d:
46:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:90:88:82:A4:F8:18:8C:06:A5:A0:84:74:4D:32:76:CE:26:AB:40
X509v3 Authority Key Identifier:
keyid:28:2C:93:D2:66:85:27:88:E4:99:82:D9:F7:A6:20:DB:6D:9F:58:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KCyT0maFJ4jkmYLZ96Yg222fWI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/382ff4-4fc2-4302-af90-96adffe2e86a/1/KCyT0maFJ4jkmYLZ96Yg222fWI0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/382ff4-4fc2-4302-af90-96adffe2e86a/1/KCyT0maFJ4jkmYLZ96Yg222fWI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a6:86:22:ee:8a:a3:aa:7a:da:d4:d9:55:21:3f:07:ed:f1:ec:
b0:6c:fa:2b:c0:5d:fd:69:d4:35:de:48:c7:09:b0:97:dd:0d:
f2:35:d8:4e:93:17:9b:e7:b3:03:e3:4f:d6:1a:d6:21:81:99:
ec:5a:8a:0f:ea:4a:c8:a9:3b:ca:c9:13:a9:2f:78:b2:82:91:
49:6d:10:73:02:d0:74:2d:3d:04:d0:91:29:10:98:cd:4a:74:
89:fe:5f:e5:a2:2d:93:04:10:69:25:af:f2:b6:df:7f:db:8d:
91:1b:23:77:5a:6e:81:4f:38:0c:24:4a:3a:fd:60:fd:c8:c3:
be:c9:29:7f:cd:26:fa:b5:ba:7b:f7:19:1b:65:50:5c:23:48:
d4:1c:c8:58:61:4d:13:b6:dc:04:99:48:59:bc:2f:e3:42:bd:
1a:ec:33:4b:60:22:64:ec:f5:ae:42:d4:fd:85:54:af:c4:23:
86:95:23:19:30:66:4a:5d:36:75:37:2c:b9:24:cd:0d:2b:55:
50:f9:35:d7:27:58:7b:03:c4:a1:f6:5d:63:da:68:48:f3:ad:
08:32:f3:74:16:e9:17:23:1a:c7:96:8f:8e:e0:f5:cf:e5:32:
70:b7:4c:9f:64:0f:93:e3:4d:7f:a5:b8:76:c3:86:f8:76:4b:
d1:d0:f0:aa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0qcnF/JC8guN6NY6LwVR+hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4MmM5M2QyNjY4NTI3ODhlNDk5ODJkOWY3YTYyMGRiNmQ5
ZjU4OGQwHhcNMjYwMzI2MTQwMDM2WhcNMjYwMzI3MTQwMDM2WjAzMTEwLwYDVQQD
EyhmOTkwODg4MmE0ZjgxODhjMDZhNWEwODQ3NDRkMzI3NmNlMjZhYjQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhAZBCmXAzSpwg+5D5TnaLAztqZ4e
ws6NJoAQXpgZVNDCnZQLZ/G3waP9kguz+Wj4Wf9E8brTq8gPkOtLg17fvuTrhrWw
VCBU95sPzxOLzTZWRpnWrnBaoYE2ClPBE9oQY/3XCYA94GnkUiBI2WfhE1n+yhag
8cKuP8k93vj9oHdXw1NUd7ZxT6+UkfvDtnkOguWVaEkvYFpG3xqE029OqJ6AI0to
strlkm4XkU9aDAIFrBOCQYC1Awi2JfQ/1jTKUJ3APQk6gpIS24ZLDFJYvSHYnmKX
cJEyULqv8xpEdt95TMXpXRbCVcDEofTfSXJmop5Qprvk6JlmbzueBS1GzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPmQiIKk+BiMBqWghHRNMnbOJqtAMB8GA1UdIwQY
MBaAFCgsk9JmhSeI5JmC2femINttn1iNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0N5VDBtYUZKNGprbVlMWjk2WWcyMjJmV0kwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC8zODJmZjQtNGZjMi00MzAyLWFmOTAt
OTZhZGZmZTJlODZhLzEvS0N5VDBtYUZKNGprbVlMWjk2WWcyMjJmV0kwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC8zODJmZjQtNGZjMi00MzAyLWFmOTAtOTZhZGZmZTJlODZh
LzEvS0N5VDBtYUZKNGprbVlMWjk2WWcyMjJmV0kwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApoYi7oqj
qnra1NlVIT8H7fHssGz6K8Bd/WnUNd5Ixwmwl90N8jXYTpMXm+ezA+NP1hrWIYGZ
7FqKD+pKyKk7yskTqS94soKRSW0QcwLQdC09BNCRKRCYzUp0if5f5aItkwQQaSWv
8rbff9uNkRsjd1pugU84DCRKOv1g/cjDvskpf80m+rW6e/cZG2VQXCNI1BzIWGFN
E7bcBJlIWbwv40K9GuwzS2AiZOz1rkLU/YVUr8QjhpUjGTBmSl02dTcsuSTNDStV
UPk11ydYewPEofZdY9poSPOtCDLzdBbpFyMax5aPjuD1z+UycLdMn2QPk+NNf6W4
dsOG+HZL0dDwqg==
-----END CERTIFICATE-----
Generated at Thu Mar 26 19:24:54 2026 by rpki-client