Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/f3fef4-45da-4b43-98c2-4df8840efb17/1/KYXMQ9gGohtjMwIZ62OLsbpJroA.mft
File: KYXMQ9gGohtjMwIZ62OLsbpJroA.mft (raw, json)
Hash identifier: FpZtu3lJ5hbFaPhzfWJkY56MbJM2oYGXWc+soZtkupk=
Subject key identifier: AB:B9:D7:0E:FD:F3:9E:C7:2F:88:31:04:74:47:76:43:22:C5:FF:DC
Authority key identifier: 29:85:CC:43:D8:06:A2:1B:63:33:02:19:EB:63:8B:B1:BA:49:AE:80
Certificate issuer: /CN=2985cc43d806a21b63330219eb638bb1ba49ae80
Certificate serial: 019D2884CA570ADE7E4891B0B46C40148C51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KYXMQ9gGohtjMwIZ62OLsbpJroA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/f3fef4-45da-4b43-98c2-4df8840efb17/1/KYXMQ9gGohtjMwIZ62OLsbpJroA.mft
Manifest number: 0671
Signing time: Thu 26 Mar 2026 05:01:24 +0000
Manifest this update: Thu 26 Mar 2026 05:01:24 +0000
Manifest next update: Fri 27 Mar 2026 05:01:24 +0000
Files and hashes: 1: KYXMQ9gGohtjMwIZ62OLsbpJroA.crl (hash: NUmbN+MVM93BP2KtdQhhfUaGbxuMcr82MQGqh3uHW5E=)
2: ZS3grquCf_l1OKXIoqEGRKP0J6M.roa (hash: 2PBPag/zPM22x9IohJ6q0TulDZRbeQTFCvgCnuCjnz0=)
3: vUdfXnwcRDPW7e3X7ofFMJYqkDk.roa (hash: 4hcskGjMuomfYGEOrtlmJrd0tV2p1HAsJ5FOV+HnCFs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/f3fef4-45da-4b43-98c2-4df8840efb17/1/KYXMQ9gGohtjMwIZ62OLsbpJroA.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/f3fef4-45da-4b43-98c2-4df8840efb17/1/KYXMQ9gGohtjMwIZ62OLsbpJroA.mft
rsync://rpki.ripe.net/repository/DEFAULT/KYXMQ9gGohtjMwIZ62OLsbpJroA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 05:01:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:28:84:ca:57:0a:de:7e:48:91:b0:b4:6c:40:14:8c:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2985cc43d806a21b63330219eb638bb1ba49ae80
Validity
Not Before: Mar 26 05:01:24 2026 GMT
Not After : Mar 27 05:01:24 2026 GMT
Subject: CN=abb9d70efdf39ec72f8831047447764322c5ffdc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:da:3d:e3:ea:3b:5b:1b:ee:be:e4:f3:0c:f2:
98:45:33:c3:2e:25:66:6a:9b:90:70:cc:eb:65:3f:
22:c2:d5:dc:5d:c5:dd:86:1f:b3:7b:32:33:15:84:
a0:06:cf:a1:8d:e9:1e:3b:8d:cf:4c:48:3c:39:d8:
ba:73:4a:ec:74:a0:24:a1:ff:21:04:f4:4a:18:64:
48:8b:82:61:d6:7f:0c:79:35:93:db:1e:4f:c4:39:
a2:00:23:19:2f:8e:3e:a6:4b:81:ca:be:e0:dd:54:
2a:f8:13:27:ea:06:22:ee:a3:2c:b2:63:cd:c8:a1:
67:00:2a:5f:18:d5:dc:bb:31:e9:a4:01:8b:0e:89:
aa:b5:31:a1:95:2c:37:59:8e:e0:c0:70:05:eb:c2:
4d:cb:c0:fb:55:ca:89:cd:78:40:8c:7e:0b:44:1d:
68:81:86:b8:ea:d5:c2:11:8a:4e:39:ed:6d:84:f1:
11:dc:a7:48:19:5b:f8:59:2a:43:bd:b7:44:29:3f:
41:de:bd:3b:d6:c5:00:ee:88:9a:db:4c:c5:69:fe:
7b:29:eb:32:c9:a8:69:68:5d:68:cb:e2:89:fe:53:
a5:41:88:69:b2:d4:13:2c:14:86:84:e2:e6:dc:b2:
61:e2:c6:c0:be:36:12:e1:57:9b:b4:2f:fc:88:10:
b0:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:B9:D7:0E:FD:F3:9E:C7:2F:88:31:04:74:47:76:43:22:C5:FF:DC
X509v3 Authority Key Identifier:
keyid:29:85:CC:43:D8:06:A2:1B:63:33:02:19:EB:63:8B:B1:BA:49:AE:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KYXMQ9gGohtjMwIZ62OLsbpJroA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/f3fef4-45da-4b43-98c2-4df8840efb17/1/KYXMQ9gGohtjMwIZ62OLsbpJroA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/f3fef4-45da-4b43-98c2-4df8840efb17/1/KYXMQ9gGohtjMwIZ62OLsbpJroA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7a:89:47:20:bf:0c:73:4b:7f:77:0b:19:5c:a8:63:38:de:87:
1b:19:8e:fa:4b:25:b0:87:39:56:27:79:70:55:29:25:d2:62:
64:8e:f2:a4:8c:01:48:c7:f8:95:dd:2f:d8:3e:d6:24:86:48:
df:80:3a:73:78:86:53:7d:27:26:30:f2:ea:60:83:5a:28:11:
48:d1:f8:cf:bd:60:1f:e2:cc:8d:c0:aa:b6:e9:37:0a:f8:f7:
b1:cc:4f:94:93:97:48:e0:ea:78:e9:e8:37:40:fa:2c:c0:3d:
0f:7e:31:f9:77:05:d6:28:9e:b7:68:6d:8e:e7:be:f5:f8:b1:
52:3b:9b:59:3a:a0:10:be:75:9a:49:39:f0:9e:e9:ec:53:c9:
50:52:e6:1f:9e:9b:41:c4:1d:eb:b0:e4:23:e5:86:50:ff:32:
77:f5:58:01:42:e0:d7:13:a5:c5:07:11:3d:5c:fc:0d:9d:de:
ef:fb:3a:52:25:b0:b1:28:84:c0:7f:f5:56:bb:b5:3f:f3:d4:
0f:1d:e3:89:7c:e1:49:e0:c2:0c:32:4f:8a:37:45:6b:9b:4f:
c1:6c:56:eb:ce:20:49:4f:7f:c6:b4:45:c0:16:1b:79:2b:38:
ac:6d:a0:7a:dc:ad:ec:bd:9f:38:80:7b:69:46:f3:c2:42:bc:
e3:24:90:22
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ohMpXCt5+SJGwtGxAFIxRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ODVjYzQzZDgwNmEyMWI2MzMzMDIxOWViNjM4YmIxYmE0
OWFlODAwHhcNMjYwMzI2MDUwMTI0WhcNMjYwMzI3MDUwMTI0WjAzMTEwLwYDVQQD
EyhhYmI5ZDcwZWZkZjM5ZWM3MmY4ODMxMDQ3NDQ3NzY0MzIyYzVmZmRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxto94+o7WxvuvuTzDPKYRTPDLiVm
apuQcMzrZT8iwtXcXcXdhh+zezIzFYSgBs+hjekeO43PTEg8Odi6c0rsdKAkof8h
BPRKGGRIi4Jh1n8MeTWT2x5PxDmiACMZL44+pkuByr7g3VQq+BMn6gYi7qMssmPN
yKFnACpfGNXcuzHppAGLDomqtTGhlSw3WY7gwHAF68JNy8D7VcqJzXhAjH4LRB1o
gYa46tXCEYpOOe1thPER3KdIGVv4WSpDvbdEKT9B3r071sUA7oia20zFaf57Kesy
yahpaF1oy+KJ/lOlQYhpstQTLBSGhOLm3LJh4sbAvjYS4VebtC/8iBCwyQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKu51w79857HL4gxBHRHdkMixf/cMB8GA1UdIwQY
MBaAFCmFzEPYBqIbYzMCGetji7G6Sa6AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1lYTVE5Z0dvaHRqTXdJWjYyT0xzYnBKcm9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny9mM2ZlZjQtNDVkYS00YjQzLTk4YzIt
NGRmODg0MGVmYjE3LzEvS1lYTVE5Z0dvaHRqTXdJWjYyT0xzYnBKcm9BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny9mM2ZlZjQtNDVkYS00YjQzLTk4YzItNGRmODg0MGVmYjE3
LzEvS1lYTVE5Z0dvaHRqTXdJWjYyT0xzYnBKcm9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeolHIL8M
c0t/dwsZXKhjON6HGxmO+kslsIc5Vid5cFUpJdJiZI7ypIwBSMf4ld0v2D7WJIZI
34A6c3iGU30nJjDy6mCDWigRSNH4z71gH+LMjcCqtuk3Cvj3scxPlJOXSODqeOno
N0D6LMA9D34x+XcF1iiet2htjue+9fixUjubWTqgEL51mkk58J7p7FPJUFLmH56b
QcQd67DkI+WGUP8yd/VYAULg1xOlxQcRPVz8DZ3e7/s6UiWwsSiEwH/1Vru1P/PU
Dx3jiXzhSeDCDDJPijdFa5tPwWxW684gSU9/xrRFwBYbeSs4rG2getyt7L2fOIB7
aUbzwkK84ySQIg==
-----END CERTIFICATE-----
Generated at Thu Mar 26 15:59:49 2026 by rpki-client