Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/f08170-8d92-4cfa-b733-fbdbe514df5a/1/KYm1iRINOeoU_1OWO_IxV9Mkleo.mft
File: KYm1iRINOeoU_1OWO_IxV9Mkleo.mft (raw, json)
Hash identifier: fkH6aKs324RpcJY7tK4OsxDg2yyGgmeQoupWKlVbyXY=
Subject key identifier: 9F:EC:10:F0:54:B8:9C:77:BA:39:FB:E6:C5:57:13:49:E8:C5:23:D2
Authority key identifier: 29:89:B5:89:12:0D:39:EA:14:FF:53:96:3B:F2:31:57:D3:24:95:EA
Certificate issuer: /CN=2989b589120d39ea14ff53963bf23157d32495ea
Certificate serial: 019D2A72E4D5765D30835215675A95DE67A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KYm1iRINOeoU_1OWO_IxV9Mkleo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/f08170-8d92-4cfa-b733-fbdbe514df5a/1/KYm1iRINOeoU_1OWO_IxV9Mkleo.mft
Manifest number: 1886
Signing time: Thu 26 Mar 2026 14:01:05 +0000
Manifest this update: Thu 26 Mar 2026 14:01:05 +0000
Manifest next update: Fri 27 Mar 2026 14:01:05 +0000
Files and hashes: 1: KYm1iRINOeoU_1OWO_IxV9Mkleo.crl (hash: jSoiuBWsOVsQfkXn5tRJQOehUtXVvHvUMwJknhcOmGM=)
2: Np8PkRIzq2H-mfEgyXXHLw4xA2o.roa (hash: kCme1YTSTXAyOTkajeANzDG66nwpOp5PNkNgd2m+u9c=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/f08170-8d92-4cfa-b733-fbdbe514df5a/1/KYm1iRINOeoU_1OWO_IxV9Mkleo.crl
rsync://rpki.ripe.net/repository/DEFAULT/7a/f08170-8d92-4cfa-b733-fbdbe514df5a/1/KYm1iRINOeoU_1OWO_IxV9Mkleo.mft
rsync://rpki.ripe.net/repository/DEFAULT/KYm1iRINOeoU_1OWO_IxV9Mkleo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 14:01:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:2a:72:e4:d5:76:5d:30:83:52:15:67:5a:95:de:67:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2989b589120d39ea14ff53963bf23157d32495ea
Validity
Not Before: Mar 26 14:01:05 2026 GMT
Not After : Mar 27 14:01:05 2026 GMT
Subject: CN=9fec10f054b89c77ba39fbe6c5571349e8c523d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:e1:45:21:a3:af:76:e6:98:26:54:82:d7:49:
7a:36:fe:21:df:fd:83:29:39:80:e8:f2:cb:ac:43:
15:ff:74:f7:78:77:4e:dd:55:6f:f5:5b:56:18:0a:
4a:93:e0:74:47:f5:ff:e1:58:bf:76:dd:76:cf:43:
de:38:f0:46:51:63:6d:98:d8:60:b1:5c:43:fd:a0:
59:47:2a:65:a1:c5:5c:4e:5d:5e:52:77:8a:58:eb:
bc:f0:62:d9:eb:f2:35:95:ea:19:94:0b:8d:01:82:
90:3a:95:7c:fa:fd:19:33:09:a8:dd:e6:a4:94:31:
b9:25:9a:62:8e:ff:0b:ab:40:84:3f:f6:48:02:b1:
33:58:7e:88:3d:6f:c1:20:11:f8:e1:9f:33:ff:1f:
3c:37:87:86:51:ed:63:8d:c5:1a:85:23:5b:98:35:
e1:07:dc:92:f6:c0:2d:87:ed:e6:31:85:49:99:29:
c5:e6:97:90:f5:7f:c3:ab:2e:8b:cc:55:0d:bd:86:
fd:69:9b:c9:2c:8d:c5:84:ce:c3:d5:da:03:41:53:
90:3f:d5:00:be:f7:6a:bf:48:c7:b6:48:02:c1:1e:
8e:2e:91:94:04:b8:9f:68:4e:cf:a4:b9:52:5b:33:
7c:71:a6:c1:05:7c:d6:c4:6c:1a:b5:a2:a7:2f:52:
b8:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:EC:10:F0:54:B8:9C:77:BA:39:FB:E6:C5:57:13:49:E8:C5:23:D2
X509v3 Authority Key Identifier:
keyid:29:89:B5:89:12:0D:39:EA:14:FF:53:96:3B:F2:31:57:D3:24:95:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KYm1iRINOeoU_1OWO_IxV9Mkleo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/f08170-8d92-4cfa-b733-fbdbe514df5a/1/KYm1iRINOeoU_1OWO_IxV9Mkleo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/f08170-8d92-4cfa-b733-fbdbe514df5a/1/KYm1iRINOeoU_1OWO_IxV9Mkleo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
71:19:2a:63:51:11:4d:41:9f:64:2b:ef:f7:6b:53:c2:4b:d4:
b4:e2:21:dd:f8:2d:e7:87:75:91:e0:5f:87:54:4a:11:f5:99:
1f:0f:1c:db:82:3d:98:30:62:90:ed:cb:d8:99:55:e0:d3:ac:
df:99:03:97:0e:38:0e:ff:e5:e0:c7:bb:07:23:df:98:a5:fb:
e2:c0:e3:14:a2:20:5f:80:0b:51:e2:33:57:91:8b:95:40:fb:
9e:74:f2:cd:cc:5f:60:4d:73:94:9c:06:ff:17:00:ff:22:1f:
84:e5:94:f6:0a:b3:ec:9a:da:aa:36:66:f7:c0:2f:41:1a:1e:
1b:7d:2b:b6:ba:34:95:4c:bc:6f:23:d5:33:44:24:34:86:d9:
1e:ce:f8:cc:7b:4a:cd:92:5d:ed:4d:0a:4c:e3:fa:f3:90:59:
22:e6:0f:a9:6e:f3:4a:7b:62:31:86:8c:16:66:73:5b:f4:6f:
3a:07:b2:37:9c:09:95:79:d1:0e:b7:4a:17:1f:e5:91:8f:1d:
63:16:3b:f9:49:a8:4d:d7:aa:24:6e:30:c8:be:ab:cd:b2:f8:
db:10:fb:1d:c9:75:80:a8:f4:0e:54:b0:6a:78:66:76:29:ba:
ff:a9:00:a5:f9:23:1a:d6:5a:a5:00:f6:b3:90:34:16:b1:e3:
5b:1a:2c:dc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0qcuTVdl0wg1IVZ1qV3menMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ODliNTg5MTIwZDM5ZWExNGZmNTM5NjNiZjIzMTU3ZDMy
NDk1ZWEwHhcNMjYwMzI2MTQwMTA1WhcNMjYwMzI3MTQwMTA1WjAzMTEwLwYDVQQD
Eyg5ZmVjMTBmMDU0Yjg5Yzc3YmEzOWZiZTZjNTU3MTM0OWU4YzUyM2QyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn+FFIaOvduaYJlSC10l6Nv4h3/2D
KTmA6PLLrEMV/3T3eHdO3VVv9VtWGApKk+B0R/X/4Vi/dt12z0PeOPBGUWNtmNhg
sVxD/aBZRyplocVcTl1eUneKWOu88GLZ6/I1leoZlAuNAYKQOpV8+v0ZMwmo3eak
lDG5JZpijv8Lq0CEP/ZIArEzWH6IPW/BIBH44Z8z/x88N4eGUe1jjcUahSNbmDXh
B9yS9sAth+3mMYVJmSnF5peQ9X/Dqy6LzFUNvYb9aZvJLI3FhM7D1doDQVOQP9UA
vvdqv0jHtkgCwR6OLpGUBLifaE7PpLlSWzN8cabBBXzWxGwataKnL1K4ywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ/sEPBUuJx3ujn75sVXE0noxSPSMB8GA1UdIwQY
MBaAFCmJtYkSDTnqFP9TljvyMVfTJJXqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1ltMWlSSU5PZW9VXzFPV09fSXhWOU1rbGVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS9mMDgxNzAtOGQ5Mi00Y2ZhLWI3MzMt
ZmJkYmU1MTRkZjVhLzEvS1ltMWlSSU5PZW9VXzFPV09fSXhWOU1rbGVvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS9mMDgxNzAtOGQ5Mi00Y2ZhLWI3MzMtZmJkYmU1MTRkZjVh
LzEvS1ltMWlSSU5PZW9VXzFPV09fSXhWOU1rbGVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcRkqY1ER
TUGfZCvv92tTwkvUtOIh3fgt54d1keBfh1RKEfWZHw8c24I9mDBikO3L2JlV4NOs
35kDlw44Dv/l4Me7ByPfmKX74sDjFKIgX4ALUeIzV5GLlUD7nnTyzcxfYE1zlJwG
/xcA/yIfhOWU9gqz7JraqjZm98AvQRoeG30rtro0lUy8byPVM0QkNIbZHs74zHtK
zZJd7U0KTOP685BZIuYPqW7zSntiMYaMFmZzW/RvOgeyN5wJlXnRDrdKFx/lkY8d
YxY7+UmoTdeqJG4wyL6rzbL42xD7Hcl1gKj0DlSwanhmdim6/6kApfkjGtZapQD2
s5A0FrHjWxos3A==
-----END CERTIFICATE-----
Generated at Thu Mar 26 22:03:47 2026 by rpki-client