Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/375522-b695-431b-8d49-66b434fdf9ae/1/KAK1sCXPTqEzlfxXtaTWiY5zMs8.mft
File: KAK1sCXPTqEzlfxXtaTWiY5zMs8.mft (raw, json)
Hash identifier: TLHXQ6CkQhNnRE0WU4t+hVM4mtZg6aSfcRrVabeqDIM=
Subject key identifier: 5A:2F:CD:67:CC:86:B5:C1:78:C0:42:61:97:81:5F:73:6B:5B:84:4C
Authority key identifier: 28:02:B5:B0:25:CF:4E:A1:33:95:FC:57:B5:A4:D6:89:8E:73:32:CF
Certificate issuer: /CN=2802b5b025cf4ea13395fc57b5a4d6898e7332cf
Certificate serial: 019D29296179F362ADF7DAD3E8162BD89108
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KAK1sCXPTqEzlfxXtaTWiY5zMs8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/375522-b695-431b-8d49-66b434fdf9ae/1/KAK1sCXPTqEzlfxXtaTWiY5zMs8.mft
Manifest number: 1804
Signing time: Thu 26 Mar 2026 08:01:10 +0000
Manifest this update: Thu 26 Mar 2026 08:01:10 +0000
Manifest next update: Fri 27 Mar 2026 08:01:10 +0000
Files and hashes: 1: KAK1sCXPTqEzlfxXtaTWiY5zMs8.crl (hash: OUru/BoggdWbXmE22X8iw7tGHB8Y3s3u12X3i7JBH8Y=)
2: ubLK8V8AN7yzYWZ8GjbAC2BzmVk.roa (hash: soBVeg6Yikd3nUzcvoeLHOcCe6rQjh4SHsU1xYr91hM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/73/375522-b695-431b-8d49-66b434fdf9ae/1/KAK1sCXPTqEzlfxXtaTWiY5zMs8.crl
rsync://rpki.ripe.net/repository/DEFAULT/73/375522-b695-431b-8d49-66b434fdf9ae/1/KAK1sCXPTqEzlfxXtaTWiY5zMs8.mft
rsync://rpki.ripe.net/repository/DEFAULT/KAK1sCXPTqEzlfxXtaTWiY5zMs8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 08:01:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:29:29:61:79:f3:62:ad:f7:da:d3:e8:16:2b:d8:91:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2802b5b025cf4ea13395fc57b5a4d6898e7332cf
Validity
Not Before: Mar 26 08:01:10 2026 GMT
Not After : Mar 27 08:01:10 2026 GMT
Subject: CN=5a2fcd67cc86b5c178c0426197815f736b5b844c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:f2:76:fc:f0:96:b9:35:bd:a8:e3:78:cd:4c:
13:29:0a:8e:06:96:a1:1a:4e:ff:05:21:54:1e:51:
4a:f2:5a:1a:84:f0:42:c0:94:a8:82:20:3d:65:16:
74:dc:ab:0e:61:e7:b6:a4:07:db:a9:a9:e3:33:28:
53:65:29:7c:35:a2:1d:25:c4:a6:4a:4f:72:68:b2:
ec:95:86:ed:9a:45:79:33:c3:00:92:49:bc:38:29:
31:15:ec:6a:9a:63:94:f9:95:e4:0c:f8:d3:72:45:
c7:30:0e:55:53:40:b2:d8:32:dc:89:d7:29:bb:57:
62:dc:fb:59:2a:c6:09:c6:1d:87:2f:36:93:25:2e:
e6:a2:58:ff:51:d7:c8:bb:67:58:d0:91:3f:5c:d5:
a6:8d:af:d3:98:b1:09:d4:82:85:d1:a5:af:7a:9c:
66:ef:9c:8f:4f:fe:32:5b:9c:1f:13:40:5e:2f:c7:
02:7b:13:b0:2b:79:d0:99:f2:7e:97:48:6f:e3:4b:
81:d0:ba:a7:12:ac:e5:f4:29:10:9e:64:b6:fb:df:
7d:80:79:f5:d8:fd:c9:4d:97:8f:2b:09:59:8b:92:
56:6e:b2:ec:d7:f9:e0:a4:c8:38:76:b0:bb:5c:24:
02:c9:bf:95:d9:92:53:48:0a:9c:bf:94:c4:fd:cb:
c9:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:2F:CD:67:CC:86:B5:C1:78:C0:42:61:97:81:5F:73:6B:5B:84:4C
X509v3 Authority Key Identifier:
keyid:28:02:B5:B0:25:CF:4E:A1:33:95:FC:57:B5:A4:D6:89:8E:73:32:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KAK1sCXPTqEzlfxXtaTWiY5zMs8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/375522-b695-431b-8d49-66b434fdf9ae/1/KAK1sCXPTqEzlfxXtaTWiY5zMs8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/375522-b695-431b-8d49-66b434fdf9ae/1/KAK1sCXPTqEzlfxXtaTWiY5zMs8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0b:1e:13:48:f4:43:6c:2c:33:65:44:f1:54:e0:ef:0d:b4:26:
e5:5c:3e:5a:a5:cd:e7:58:a7:08:08:34:c4:dc:8b:6f:2c:fa:
71:17:7c:75:ad:88:0e:f3:b9:d7:40:96:e8:a4:12:a9:86:fa:
6a:8f:e3:7f:ab:e9:eb:b4:f6:99:ad:e5:d3:34:76:1a:4d:27:
14:81:db:4f:60:d6:ac:05:6d:28:96:b2:d1:c7:ce:bc:23:83:
b5:a4:94:38:71:04:fa:38:69:09:05:88:5b:40:ad:0c:33:7b:
a3:d4:36:0a:73:ea:23:13:81:cf:66:8c:69:3d:5c:14:9b:d9:
58:85:f4:0f:45:d9:67:29:08:a0:6d:0d:93:71:43:26:22:7f:
4f:a2:80:e9:84:28:c4:ea:80:4f:9c:d4:7a:4e:c8:d3:fb:75:
80:58:97:2a:bf:73:4d:03:4a:79:e8:3a:ba:94:f0:59:40:6b:
32:9b:06:b4:46:eb:52:9a:2e:de:88:cc:3f:fd:23:f0:12:ec:
14:9c:c0:47:d1:7b:24:16:8c:09:e9:83:c9:c5:7e:dd:3c:1a:
c3:b0:a0:5c:7a:63:42:8a:40:56:4c:f9:84:27:8b:e7:ee:b4:
8e:88:c5:ce:9b:50:1b:96:bb:27:9a:69:de:33:f1:ea:49:ce:
a3:6c:f5:27
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pKWF582Kt99rT6BYr2JEIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4MDJiNWIwMjVjZjRlYTEzMzk1ZmM1N2I1YTRkNjg5OGU3
MzMyY2YwHhcNMjYwMzI2MDgwMTEwWhcNMjYwMzI3MDgwMTEwWjAzMTEwLwYDVQQD
Eyg1YTJmY2Q2N2NjODZiNWMxNzhjMDQyNjE5NzgxNWY3MzZiNWI4NDRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsvJ2/PCWuTW9qON4zUwTKQqOBpah
Gk7/BSFUHlFK8loahPBCwJSogiA9ZRZ03KsOYee2pAfbqanjMyhTZSl8NaIdJcSm
Sk9yaLLslYbtmkV5M8MAkkm8OCkxFexqmmOU+ZXkDPjTckXHMA5VU0Cy2DLcidcp
u1di3PtZKsYJxh2HLzaTJS7molj/UdfIu2dY0JE/XNWmja/TmLEJ1IKF0aWvepxm
75yPT/4yW5wfE0BeL8cCexOwK3nQmfJ+l0hv40uB0LqnEqzl9CkQnmS2+999gHn1
2P3JTZePKwlZi5JWbrLs1/ngpMg4drC7XCQCyb+V2ZJTSAqcv5TE/cvJYQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFovzWfMhrXBeMBCYZeBX3NrW4RMMB8GA1UdIwQY
MBaAFCgCtbAlz06hM5X8V7Wk1omOczLPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0FLMXNDWFBUcUV6bGZ4WHRhVFdpWTV6TXM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My8zNzU1MjItYjY5NS00MzFiLThkNDkt
NjZiNDM0ZmRmOWFlLzEvS0FLMXNDWFBUcUV6bGZ4WHRhVFdpWTV6TXM4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My8zNzU1MjItYjY5NS00MzFiLThkNDktNjZiNDM0ZmRmOWFl
LzEvS0FLMXNDWFBUcUV6bGZ4WHRhVFdpWTV6TXM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACx4TSPRD
bCwzZUTxVODvDbQm5Vw+WqXN51inCAg0xNyLbyz6cRd8da2IDvO510CW6KQSqYb6
ao/jf6vp67T2ma3l0zR2Gk0nFIHbT2DWrAVtKJay0cfOvCODtaSUOHEE+jhpCQWI
W0CtDDN7o9Q2CnPqIxOBz2aMaT1cFJvZWIX0D0XZZykIoG0Nk3FDJiJ/T6KA6YQo
xOqAT5zUek7I0/t1gFiXKr9zTQNKeeg6upTwWUBrMpsGtEbrUpou3ojMP/0j8BLs
FJzAR9F7JBaMCemDycV+3Twaw7CgXHpjQopAVkz5hCeL5+60jojFzptQG5a7J5pp
3jPx6knOo2z1Jw==
-----END CERTIFICATE-----
Generated at Thu Mar 26 15:44:44 2026 by rpki-client