Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/a54eb1-33de-401f-935a-f349284509b7/1/kpbYTmTVXsgSR2-4BvD-daCL-ys.mft
File: kpbYTmTVXsgSR2-4BvD-daCL-ys.mft (raw, json)
Hash identifier: TQa08WbIVNCoqKpjfbbmi8xxVLFJ+JMCn77uUmgT8+Q=
Subject key identifier: 06:10:DB:F6:8C:47:F1:A7:47:53:A5:2B:C7:D8:4B:63:36:30:0F:EB
Authority key identifier: 92:96:D8:4E:64:D5:5E:C8:12:47:6F:B8:06:F0:FE:75:A0:8B:FB:2B
Certificate issuer: /CN=9296d84e64d55ec812476fb806f0fe75a08bfb2b
Certificate serial: 019D29CE9A6FEFCA9DD5E052F7E30795910B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kpbYTmTVXsgSR2-4BvD-daCL-ys.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/a54eb1-33de-401f-935a-f349284509b7/1/kpbYTmTVXsgSR2-4BvD-daCL-ys.mft
Manifest number: 1889
Signing time: Thu 26 Mar 2026 11:01:38 +0000
Manifest this update: Thu 26 Mar 2026 11:01:38 +0000
Manifest next update: Fri 27 Mar 2026 11:01:38 +0000
Files and hashes: 1: WMTxNqy5dxe24um7JtSXmDnNRnM.roa (hash: TxZKxHcS8Fj+JFe1cwBosTBaRiZeeZ2HacumzoOW+L8=)
2: kpbYTmTVXsgSR2-4BvD-daCL-ys.crl (hash: zDzD0+m7EKgY4Yg04vuQrzgGqyCTp0YDPl+9Q2fDgRc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/a54eb1-33de-401f-935a-f349284509b7/1/kpbYTmTVXsgSR2-4BvD-daCL-ys.crl
rsync://rpki.ripe.net/repository/DEFAULT/53/a54eb1-33de-401f-935a-f349284509b7/1/kpbYTmTVXsgSR2-4BvD-daCL-ys.mft
rsync://rpki.ripe.net/repository/DEFAULT/kpbYTmTVXsgSR2-4BvD-daCL-ys.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:29:ce:9a:6f:ef:ca:9d:d5:e0:52:f7:e3:07:95:91:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9296d84e64d55ec812476fb806f0fe75a08bfb2b
Validity
Not Before: Mar 26 11:01:38 2026 GMT
Not After : Mar 27 11:01:38 2026 GMT
Subject: CN=0610dbf68c47f1a74753a52bc7d84b6336300feb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:6b:5b:fb:af:1f:b5:8e:b0:4b:1a:39:ed:5b:
b4:2e:76:b6:72:8b:89:3a:cd:83:6f:fb:18:7b:cc:
53:f9:d2:88:d6:f3:2c:bc:ee:f1:e3:ba:48:39:65:
95:b1:aa:d1:a7:57:53:75:2c:b3:b5:41:53:04:ac:
a5:f8:dc:69:20:6c:71:0c:33:d2:a4:90:1e:89:2f:
bc:1f:52:5d:94:14:79:80:ad:6d:1b:5b:73:2a:42:
dc:96:5b:15:af:8f:72:a4:05:08:97:5f:7c:37:f0:
96:fc:51:45:62:d6:fa:48:bf:b8:72:6a:db:09:9e:
da:69:7f:e7:d0:09:2b:f7:d3:f0:91:9c:b3:b0:c1:
1e:af:22:c3:35:21:d2:78:03:cd:54:bc:d0:77:06:
a7:d2:b7:8e:d0:4f:7d:5a:dd:48:63:56:11:48:ca:
2a:f4:b6:53:44:90:7a:1e:d4:f6:20:6d:b9:37:6a:
a5:58:c1:a0:df:55:5d:c9:c0:8a:04:32:09:f9:a9:
42:b3:97:b0:71:c7:89:eb:73:38:cd:5f:ab:ee:3b:
27:81:52:c5:b1:2b:26:e1:31:19:0d:11:ad:14:4d:
7b:52:a2:d9:fa:6f:76:7c:d2:18:9a:27:f9:70:80:
ed:21:2a:bc:ab:b8:39:23:20:41:da:f1:1b:f4:2f:
d4:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:10:DB:F6:8C:47:F1:A7:47:53:A5:2B:C7:D8:4B:63:36:30:0F:EB
X509v3 Authority Key Identifier:
keyid:92:96:D8:4E:64:D5:5E:C8:12:47:6F:B8:06:F0:FE:75:A0:8B:FB:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kpbYTmTVXsgSR2-4BvD-daCL-ys.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/a54eb1-33de-401f-935a-f349284509b7/1/kpbYTmTVXsgSR2-4BvD-daCL-ys.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/a54eb1-33de-401f-935a-f349284509b7/1/kpbYTmTVXsgSR2-4BvD-daCL-ys.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
01:f4:a7:96:1d:47:4e:e4:bd:bc:dc:90:1a:19:bc:97:24:d8:
c9:d5:cb:7a:20:21:7f:a5:0f:4e:4a:3e:e7:af:40:ee:3e:e5:
1a:da:9d:99:c7:b6:74:e4:3f:2e:e7:6b:51:30:76:77:1c:d8:
ea:8d:e7:5f:95:3d:4d:9b:4e:39:be:74:01:33:e5:95:f3:93:
7b:92:ba:fe:19:49:cb:8f:f4:d0:78:65:6b:bc:63:f6:95:f2:
1d:22:62:45:66:4f:9a:cc:08:49:49:2f:1b:42:4b:93:64:09:
e2:81:8d:6a:96:4f:de:40:84:71:ce:40:b3:ce:c0:81:aa:df:
05:6b:ea:6f:c1:f6:75:1c:4e:58:eb:4c:d8:82:d7:7d:27:b2:
06:c1:3b:ea:91:f4:2d:cf:42:11:da:81:92:bd:83:f8:8f:dd:
db:17:a0:3e:5d:7b:ac:58:e9:9a:20:48:df:65:ca:94:e1:a2:
d8:bb:a9:5a:07:ba:a4:89:b0:e3:4a:54:30:d7:7e:e4:bb:be:
aa:a6:9a:9a:4b:a1:46:bc:b6:10:b0:75:d2:ce:3f:eb:39:b4:
83:b2:61:b2:9c:1c:ba:75:c8:f2:d4:3c:7d:80:5c:72:33:39:
db:2d:ea:4a:e8:61:c3:d6:89:85:6c:d1:ae:36:75:f8:0a:69:
25:ca:e1:bf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pzppv78qd1eBS9+MHlZELMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyOTZkODRlNjRkNTVlYzgxMjQ3NmZiODA2ZjBmZTc1YTA4
YmZiMmIwHhcNMjYwMzI2MTEwMTM4WhcNMjYwMzI3MTEwMTM4WjAzMTEwLwYDVQQD
EygwNjEwZGJmNjhjNDdmMWE3NDc1M2E1MmJjN2Q4NGI2MzM2MzAwZmViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk2tb+68ftY6wSxo57Vu0Lna2couJ
Os2Db/sYe8xT+dKI1vMsvO7x47pIOWWVsarRp1dTdSyztUFTBKyl+NxpIGxxDDPS
pJAeiS+8H1JdlBR5gK1tG1tzKkLcllsVr49ypAUIl198N/CW/FFFYtb6SL+4cmrb
CZ7aaX/n0Akr99PwkZyzsMEeryLDNSHSeAPNVLzQdwan0reO0E99Wt1IY1YRSMoq
9LZTRJB6HtT2IG25N2qlWMGg31VdycCKBDIJ+alCs5ewcceJ63M4zV+r7jsngVLF
sSsm4TEZDRGtFE17UqLZ+m92fNIYmif5cIDtISq8q7g5IyBB2vEb9C/URwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAYQ2/aMR/GnR1OlK8fYS2M2MA/rMB8GA1UdIwQY
MBaAFJKW2E5k1V7IEkdvuAbw/nWgi/srMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3BiWVRtVFZYc2dTUjItNEJ2RC1kYUNMLXlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My9hNTRlYjEtMzNkZS00MDFmLTkzNWEt
ZjM0OTI4NDUwOWI3LzEva3BiWVRtVFZYc2dTUjItNEJ2RC1kYUNMLXlzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My9hNTRlYjEtMzNkZS00MDFmLTkzNWEtZjM0OTI4NDUwOWI3
LzEva3BiWVRtVFZYc2dTUjItNEJ2RC1kYUNMLXlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAfSnlh1H
TuS9vNyQGhm8lyTYydXLeiAhf6UPTko+569A7j7lGtqdmce2dOQ/LudrUTB2dxzY
6o3nX5U9TZtOOb50ATPllfOTe5K6/hlJy4/00Hhla7xj9pXyHSJiRWZPmswISUkv
G0JLk2QJ4oGNapZP3kCEcc5As87AgarfBWvqb8H2dRxOWOtM2ILXfSeyBsE76pH0
Lc9CEdqBkr2D+I/d2xegPl17rFjpmiBI32XKlOGi2LupWge6pImw40pUMNd+5Lu+
qqaamkuhRry2ELB10s4/6zm0g7JhspwcunXI8tQ8fYBccjM52y3qSuhhw9aJhWzR
rjZ1+AppJcrhvw==
-----END CERTIFICATE-----
Generated at Thu Mar 26 17:08:16 2026 by rpki-client