Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/67caee-4c11-4a6f-bf63-5518b0e86566/1/KpTH34VXtlNEfD4G-0s3LVEgoiI.mft
File: KpTH34VXtlNEfD4G-0s3LVEgoiI.mft (raw, json)
Hash identifier: yZIoQoKpfjr1qyAQhZ0zRpUGB8o5qgbfHdabkuxIW8g=
Subject key identifier: 84:9B:D0:86:7A:40:C3:F1:0C:4E:76:3F:2D:2C:B3:95:A8:16:18:71
Authority key identifier: 2A:94:C7:DF:85:57:B6:53:44:7C:3E:06:FB:4B:37:2D:51:20:A2:22
Certificate issuer: /CN=2a94c7df8557b653447c3e06fb4b372d5120a222
Certificate serial: 019D2A7250FF5236A18524A6F497C2A81303
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KpTH34VXtlNEfD4G-0s3LVEgoiI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/67caee-4c11-4a6f-bf63-5518b0e86566/1/KpTH34VXtlNEfD4G-0s3LVEgoiI.mft
Manifest number: 1888
Signing time: Thu 26 Mar 2026 14:00:27 +0000
Manifest this update: Thu 26 Mar 2026 14:00:27 +0000
Manifest next update: Fri 27 Mar 2026 14:00:27 +0000
Files and hashes: 1: KpTH34VXtlNEfD4G-0s3LVEgoiI.crl (hash: zPA5NRIszNwSlTwSaEyBGYzp98N7/TQiC/yp8Ej8o/s=)
2: zZyI4xvkwJixdxg_pCLk7a1BUdw.roa (hash: zpCoEd9p2O+8DPIDxhP2gPNS4VcEBvo6F6BavOxBd5Q=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/67caee-4c11-4a6f-bf63-5518b0e86566/1/KpTH34VXtlNEfD4G-0s3LVEgoiI.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/67caee-4c11-4a6f-bf63-5518b0e86566/1/KpTH34VXtlNEfD4G-0s3LVEgoiI.mft
rsync://rpki.ripe.net/repository/DEFAULT/KpTH34VXtlNEfD4G-0s3LVEgoiI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:2a:72:50:ff:52:36:a1:85:24:a6:f4:97:c2:a8:13:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94c7df8557b653447c3e06fb4b372d5120a222
Validity
Not Before: Mar 26 14:00:27 2026 GMT
Not After : Mar 27 14:00:27 2026 GMT
Subject: CN=849bd0867a40c3f10c4e763f2d2cb395a8161871
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:35:4b:47:a8:29:a6:7a:04:c6:82:53:6e:90:
73:08:c0:08:26:72:68:f9:99:08:3c:86:0f:c2:bf:
5f:ac:5f:cf:8c:13:41:b2:5b:aa:fc:98:55:f7:59:
bf:a9:06:6c:37:51:5e:a1:70:fb:73:4d:96:23:63:
a7:64:27:be:0f:21:82:67:2e:8f:92:d9:12:fa:8f:
68:ea:9a:f4:28:9f:3b:8e:18:fc:e7:2f:0e:d7:e6:
e3:28:d0:c2:7b:f6:cc:ca:a2:9a:98:8f:28:94:49:
96:20:07:3d:66:4f:99:a6:9e:7e:06:7e:dd:51:61:
10:dc:f9:8c:44:77:67:a9:41:e7:9f:58:92:63:26:
ca:d2:80:82:8a:3b:81:5e:91:4a:e3:f2:7b:34:71:
26:82:b7:d8:f9:71:06:0a:f4:56:c2:ea:17:3a:3b:
bf:1d:d4:fe:d9:fd:53:0b:c7:ca:3a:22:e2:c5:35:
72:94:f4:b0:b8:9a:73:83:03:83:c8:e5:71:00:0d:
2b:fc:1e:d2:d5:78:af:65:67:c0:60:e5:97:35:f5:
2f:40:38:6f:0e:0e:cf:67:8f:ee:b6:a8:95:cb:1f:
0a:3a:e7:22:65:4e:95:2a:6b:a3:25:7f:e4:5e:52:
41:27:2c:4e:14:16:a9:50:53:16:d5:bd:a4:5c:5b:
ff:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:9B:D0:86:7A:40:C3:F1:0C:4E:76:3F:2D:2C:B3:95:A8:16:18:71
X509v3 Authority Key Identifier:
keyid:2A:94:C7:DF:85:57:B6:53:44:7C:3E:06:FB:4B:37:2D:51:20:A2:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KpTH34VXtlNEfD4G-0s3LVEgoiI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/67caee-4c11-4a6f-bf63-5518b0e86566/1/KpTH34VXtlNEfD4G-0s3LVEgoiI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/67caee-4c11-4a6f-bf63-5518b0e86566/1/KpTH34VXtlNEfD4G-0s3LVEgoiI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
92:ad:e2:ca:2a:50:20:54:df:ed:aa:5e:5a:d7:ca:31:12:03:
18:35:ce:e2:c2:b2:5b:76:74:68:82:06:42:f8:77:c5:c8:7b:
d0:fb:a7:a3:31:b7:95:1d:e4:01:cd:ad:5a:0e:26:3b:ad:a1:
02:d7:5a:b9:16:b4:5f:28:a9:98:39:8d:4f:f3:43:6f:50:22:
ec:fb:f8:5b:ec:cf:54:d6:6d:86:b3:37:40:ad:62:d5:62:2f:
07:0f:c1:4b:bd:17:b6:f2:a1:07:96:c9:f0:50:4b:47:47:a6:
16:2e:fd:67:bd:5e:fc:e4:2f:df:15:cc:ad:95:a2:6f:cb:7d:
d8:49:86:14:b8:6f:5d:9b:44:f4:31:23:f7:06:46:72:2f:da:
f7:e4:c7:ad:c1:ca:39:f2:46:8e:db:2b:ae:1a:d7:95:e5:5b:
63:17:88:c7:17:03:1c:fe:b4:79:4c:2e:c0:08:21:7d:ce:7a:
31:0f:40:01:98:be:33:a7:77:2f:56:7d:9d:89:b4:a5:1d:0a:
22:d8:d9:6c:09:a6:4d:c8:1a:90:02:f0:b7:d7:71:de:65:25:
b9:2d:9e:6c:98:b4:03:ea:bd:f4:bf:2c:f0:f1:17:af:18:09:
b4:8c:63:7c:7e:e4:43:7a:d8:b8:cf:14:9e:59:43:f0:23:9d:
a9:d7:6d:39
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0qclD/UjahhSSm9JfCqBMDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRjN2RmODU1N2I2NTM0NDdjM2UwNmZiNGIzNzJkNTEy
MGEyMjIwHhcNMjYwMzI2MTQwMDI3WhcNMjYwMzI3MTQwMDI3WjAzMTEwLwYDVQQD
Eyg4NDliZDA4NjdhNDBjM2YxMGM0ZTc2M2YyZDJjYjM5NWE4MTYxODcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxzVLR6gppnoExoJTbpBzCMAIJnJo
+ZkIPIYPwr9frF/PjBNBsluq/JhV91m/qQZsN1FeoXD7c02WI2OnZCe+DyGCZy6P
ktkS+o9o6pr0KJ87jhj85y8O1+bjKNDCe/bMyqKamI8olEmWIAc9Zk+Zpp5+Bn7d
UWEQ3PmMRHdnqUHnn1iSYybK0oCCijuBXpFK4/J7NHEmgrfY+XEGCvRWwuoXOju/
HdT+2f1TC8fKOiLixTVylPSwuJpzgwODyOVxAA0r/B7S1XivZWfAYOWXNfUvQDhv
Dg7PZ4/utqiVyx8KOuciZU6VKmujJX/kXlJBJyxOFBapUFMW1b2kXFv/dQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFISb0IZ6QMPxDE52Py0ss5WoFhhxMB8GA1UdIwQY
MBaAFCqUx9+FV7ZTRHw+BvtLNy1RIKIiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3BUSDM0Vlh0bE5FZkQ0Ry0wczNMVkVnb2lJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC82N2NhZWUtNGMxMS00YTZmLWJmNjMt
NTUxOGIwZTg2NTY2LzEvS3BUSDM0Vlh0bE5FZkQ0Ry0wczNMVkVnb2lJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC82N2NhZWUtNGMxMS00YTZmLWJmNjMtNTUxOGIwZTg2NTY2
LzEvS3BUSDM0Vlh0bE5FZkQ0Ry0wczNMVkVnb2lJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkq3iyipQ
IFTf7apeWtfKMRIDGDXO4sKyW3Z0aIIGQvh3xch70PunozG3lR3kAc2tWg4mO62h
AtdauRa0XyipmDmNT/NDb1Ai7Pv4W+zPVNZthrM3QK1i1WIvBw/BS70XtvKhB5bJ
8FBLR0emFi79Z71e/OQv3xXMrZWib8t92EmGFLhvXZtE9DEj9wZGci/a9+THrcHK
OfJGjtsrrhrXleVbYxeIxxcDHP60eUwuwAghfc56MQ9AAZi+M6d3L1Z9nYm0pR0K
ItjZbAmmTcgakALwt9dx3mUluS2ebJi0A+q99L8s8PEXrxgJtIxjfH7kQ3rYuM8U
nllD8COdqddtOQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 18:19:37 2026 by rpki-client