Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/c90a34-0afd-49b9-bbd6-a297c1408085/1/KCA97NCL1H2KkWKm4XQvPFPqPHQ.mft
File: KCA97NCL1H2KkWKm4XQvPFPqPHQ.mft (raw, json)
Hash identifier: YiOTRdcCwa9WWt+4e3xaPvzb0FW5DZ6oKHrQSpxo3yo=
Subject key identifier: 05:33:83:64:4B:C8:B1:34:B4:03:76:EC:47:31:EE:2E:38:88:3C:15
Authority key identifier: 28:20:3D:EC:D0:8B:D4:7D:8A:91:62:A6:E1:74:2F:3C:53:EA:3C:74
Certificate issuer: /CN=28203decd08bd47d8a9162a6e1742f3c53ea3c74
Certificate serial: 019D265F5BFA2674E2546677D3A3D42BE620
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KCA97NCL1H2KkWKm4XQvPFPqPHQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/c90a34-0afd-49b9-bbd6-a297c1408085/1/KCA97NCL1H2KkWKm4XQvPFPqPHQ.mft
Manifest number: 0B04
Signing time: Wed 25 Mar 2026 19:01:16 +0000
Manifest this update: Wed 25 Mar 2026 19:01:16 +0000
Manifest next update: Thu 26 Mar 2026 19:01:16 +0000
Files and hashes: 1: 7vJiOOFZVIBu8OTi7uB4Ub56tv0.roa (hash: 4nXeb8eJUJSSZu0hz1s4is8W6GROXevPEkNgkVkf91Y=)
2: KCA97NCL1H2KkWKm4XQvPFPqPHQ.crl (hash: 1Egn0plbLgNTkNn9MAlUVyI6/vYErx9H1t9ttFl/jRE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4e/c90a34-0afd-49b9-bbd6-a297c1408085/1/KCA97NCL1H2KkWKm4XQvPFPqPHQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/4e/c90a34-0afd-49b9-bbd6-a297c1408085/1/KCA97NCL1H2KkWKm4XQvPFPqPHQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/KCA97NCL1H2KkWKm4XQvPFPqPHQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 19:01:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:26:5f:5b:fa:26:74:e2:54:66:77:d3:a3:d4:2b:e6:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28203decd08bd47d8a9162a6e1742f3c53ea3c74
Validity
Not Before: Mar 25 19:01:16 2026 GMT
Not After : Mar 26 19:01:16 2026 GMT
Subject: CN=053383644bc8b134b40376ec4731ee2e38883c15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:7f:eb:b8:aa:fc:97:36:37:76:b9:2e:99:79:
5f:4e:9a:e6:4d:d4:78:87:08:c7:6f:06:61:2d:ed:
f3:75:5a:88:3a:17:e7:8f:69:49:ab:96:9e:4d:9b:
d6:37:0d:2c:b2:a3:24:b0:7b:18:cb:a2:99:59:9c:
13:e4:4e:b5:b7:1a:24:51:63:f4:e8:80:e6:71:a1:
e6:f9:d8:20:7c:55:4a:06:55:5c:ec:80:6d:f1:2e:
6d:dc:bf:4d:01:76:64:e1:24:29:37:fa:b5:ab:9e:
46:65:83:ee:a6:85:e8:a9:0c:bd:ef:d8:5f:fe:70:
aa:5f:5d:31:2f:92:e6:f0:7d:09:24:88:f2:d0:3c:
21:40:72:70:1e:77:51:92:25:2e:dc:fb:d6:18:02:
24:2a:44:16:09:cb:46:e8:56:27:c7:db:2b:ef:0c:
2b:2f:84:37:ff:ab:2d:63:c9:40:d5:ed:c7:b9:f6:
aa:c0:2a:71:c7:62:ad:c5:27:1e:ac:65:36:07:02:
ac:20:1b:7c:f8:ae:5a:74:3c:9c:1c:ae:f1:ff:f7:
1a:6e:b0:48:5e:0f:97:c0:ac:69:dc:62:e8:9c:3c:
c7:e3:88:fe:ed:ba:d2:b2:cf:62:e6:11:5b:52:45:
dd:57:2c:05:13:f7:9e:f8:5b:c9:f9:c0:f9:96:8e:
2a:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:33:83:64:4B:C8:B1:34:B4:03:76:EC:47:31:EE:2E:38:88:3C:15
X509v3 Authority Key Identifier:
keyid:28:20:3D:EC:D0:8B:D4:7D:8A:91:62:A6:E1:74:2F:3C:53:EA:3C:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KCA97NCL1H2KkWKm4XQvPFPqPHQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c90a34-0afd-49b9-bbd6-a297c1408085/1/KCA97NCL1H2KkWKm4XQvPFPqPHQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c90a34-0afd-49b9-bbd6-a297c1408085/1/KCA97NCL1H2KkWKm4XQvPFPqPHQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
70:29:15:78:20:02:aa:75:41:78:93:7b:28:7c:3f:04:d4:73:
a7:19:38:60:a7:e2:81:e2:12:00:4e:43:94:41:b9:79:e0:4c:
a8:f5:08:06:6a:e2:44:1a:c8:2b:29:c6:58:2d:54:68:da:8f:
ed:18:af:83:8e:02:d1:40:46:94:48:e1:f9:d5:1d:2b:b0:65:
c4:15:dc:09:f6:8f:15:67:5b:10:0b:0d:f9:0b:f9:16:b3:ae:
87:46:c1:11:dc:2e:97:54:93:be:c0:0f:b9:85:56:12:74:1c:
e5:42:97:8c:11:05:54:cd:e0:d8:7c:28:c5:4c:0a:5d:87:e8:
fb:e6:a9:e6:46:77:b1:f3:fa:0c:bc:3a:b8:fe:f6:5b:86:37:
f5:2c:04:60:5e:a1:4b:95:fe:16:7c:24:94:00:46:a5:2a:11:
d7:e8:20:bf:45:90:7a:98:c5:a7:99:6b:98:e8:df:31:30:f8:
4e:69:64:39:fd:d2:62:5c:75:a7:8e:4f:49:15:55:6e:b2:36:
d5:ab:1d:97:3b:27:e5:fd:7b:5e:86:76:ba:9f:0e:fa:57:79:
e9:11:28:7b:ca:69:dc:06:3e:05:cb:41:c3:a1:fa:e7:c2:d9:
87:8e:31:4a:ad:ba:53:e0:6c:fb:5a:93:48:ef:25:84:04:79:
8b:99:89:5c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mX1v6JnTiVGZ306PUK+YgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4MjAzZGVjZDA4YmQ0N2Q4YTkxNjJhNmUxNzQyZjNjNTNl
YTNjNzQwHhcNMjYwMzI1MTkwMTE2WhcNMjYwMzI2MTkwMTE2WjAzMTEwLwYDVQQD
EygwNTMzODM2NDRiYzhiMTM0YjQwMzc2ZWM0NzMxZWUyZTM4ODgzYzE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkX/ruKr8lzY3drkumXlfTprmTdR4
hwjHbwZhLe3zdVqIOhfnj2lJq5aeTZvWNw0ssqMksHsYy6KZWZwT5E61txokUWP0
6IDmcaHm+dggfFVKBlVc7IBt8S5t3L9NAXZk4SQpN/q1q55GZYPupoXoqQy979hf
/nCqX10xL5Lm8H0JJIjy0DwhQHJwHndRkiUu3PvWGAIkKkQWCctG6FYnx9sr7wwr
L4Q3/6stY8lA1e3HufaqwCpxx2KtxScerGU2BwKsIBt8+K5adDycHK7x//cabrBI
Xg+XwKxp3GLonDzH44j+7brSss9i5hFbUkXdVywFE/ee+FvJ+cD5lo4qwwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAUzg2RLyLE0tAN27Ecx7i44iDwVMB8GA1UdIwQY
MBaAFCggPezQi9R9ipFipuF0LzxT6jx0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0NBOTdOQ0wxSDJLa1dLbTRYUXZQRlBxUEhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9jOTBhMzQtMGFmZC00OWI5LWJiZDYt
YTI5N2MxNDA4MDg1LzEvS0NBOTdOQ0wxSDJLa1dLbTRYUXZQRlBxUEhRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9jOTBhMzQtMGFmZC00OWI5LWJiZDYtYTI5N2MxNDA4MDg1
LzEvS0NBOTdOQ0wxSDJLa1dLbTRYUXZQRlBxUEhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcCkVeCAC
qnVBeJN7KHw/BNRzpxk4YKfigeISAE5DlEG5eeBMqPUIBmriRBrIKynGWC1UaNqP
7Rivg44C0UBGlEjh+dUdK7BlxBXcCfaPFWdbEAsN+Qv5FrOuh0bBEdwul1STvsAP
uYVWEnQc5UKXjBEFVM3g2HwoxUwKXYfo++ap5kZ3sfP6DLw6uP72W4Y39SwEYF6h
S5X+FnwklABGpSoR1+ggv0WQepjFp5lrmOjfMTD4TmlkOf3SYlx1p45PSRVVbrI2
1asdlzsn5f17XoZ2up8O+ld56REoe8pp3AY+BctBw6H658LZh44xSq26U+Bs+1qT
SO8lhAR5i5mJXA==
-----END CERTIFICATE-----
Generated at Thu Mar 26 03:35:31 2026 by rpki-client