Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/9e81f3-2e02-4857-af49-61be8a06f3af/1/KNX3dyLGFlf4HJ965JznKbWA9ng.mft
File: KNX3dyLGFlf4HJ965JznKbWA9ng.mft (raw, json)
Hash identifier: w/ZylU6OZEaC0kvNIdl80CgndK2R3uGSIJIUbsMAWdM=
Subject key identifier: 0B:E9:4B:CD:14:C0:4D:A0:06:38:40:A2:FD:2B:1C:74:EF:FD:5D:45
Authority key identifier: 28:D5:F7:77:22:C6:16:57:F8:1C:9F:7A:E4:9C:E7:29:B5:80:F6:78
Certificate issuer: /CN=28d5f77722c61657f81c9f7ae49ce729b580f678
Certificate serial: 019D27048F203D92F43CA2EEBE3F5BB15A78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KNX3dyLGFlf4HJ965JznKbWA9ng.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/9e81f3-2e02-4857-af49-61be8a06f3af/1/KNX3dyLGFlf4HJ965JznKbWA9ng.mft
Manifest number: 1883
Signing time: Wed 25 Mar 2026 22:01:43 +0000
Manifest this update: Wed 25 Mar 2026 22:01:43 +0000
Manifest next update: Thu 26 Mar 2026 22:01:43 +0000
Files and hashes: 1: KNX3dyLGFlf4HJ965JznKbWA9ng.crl (hash: IAO67BynU8AE1Xw5mWjJMF7JDCj69hJ/Weu0X6jjgDo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/9e81f3-2e02-4857-af49-61be8a06f3af/1/KNX3dyLGFlf4HJ965JznKbWA9ng.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/9e81f3-2e02-4857-af49-61be8a06f3af/1/KNX3dyLGFlf4HJ965JznKbWA9ng.mft
rsync://rpki.ripe.net/repository/DEFAULT/KNX3dyLGFlf4HJ965JznKbWA9ng.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:27:04:8f:20:3d:92:f4:3c:a2:ee:be:3f:5b:b1:5a:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28d5f77722c61657f81c9f7ae49ce729b580f678
Validity
Not Before: Mar 25 22:01:43 2026 GMT
Not After : Mar 26 22:01:43 2026 GMT
Subject: CN=0be94bcd14c04da0063840a2fd2b1c74effd5d45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:61:61:e2:a0:9e:a8:4a:24:6a:21:03:ef:7a:
02:d7:dc:81:94:ff:c6:d3:c1:d6:ba:c2:97:54:9a:
0a:49:02:5c:17:c6:7f:db:31:4f:ff:c6:9b:da:cd:
d6:99:ae:04:f3:22:17:ed:f9:ce:8e:99:34:21:4f:
b4:e1:d9:29:2b:9a:a9:60:96:00:a5:d6:03:7b:1b:
bc:41:a9:bf:11:1d:b9:53:32:78:cb:e2:ec:69:ee:
0c:b8:7d:b9:68:00:87:96:06:a1:de:51:fe:b6:c6:
c1:00:b1:95:4b:fa:bc:82:86:97:ef:a0:61:1e:3d:
8a:0c:37:95:f3:1d:6e:ef:e0:8b:0a:78:3c:2f:ee:
73:93:b8:69:9e:01:cc:35:e0:f0:b2:8c:0f:3a:b3:
ac:73:41:63:87:be:ee:a8:a4:ed:a2:54:23:5f:e0:
ad:16:09:e4:de:b2:84:4a:d0:62:d2:b9:21:68:b9:
4c:a6:18:e9:01:b9:35:ec:b8:a3:a0:88:8e:22:c4:
40:8a:b1:4f:71:64:bf:ad:0b:44:74:1e:61:91:65:
dc:2a:a5:63:27:ea:c3:09:49:b9:79:2c:e1:8c:45:
2f:d0:ac:7f:dd:ee:97:74:9f:8f:93:44:40:6d:c0:
66:e9:72:02:d3:e2:2c:dc:a6:0d:87:43:1c:a9:15:
48:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:E9:4B:CD:14:C0:4D:A0:06:38:40:A2:FD:2B:1C:74:EF:FD:5D:45
X509v3 Authority Key Identifier:
keyid:28:D5:F7:77:22:C6:16:57:F8:1C:9F:7A:E4:9C:E7:29:B5:80:F6:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KNX3dyLGFlf4HJ965JznKbWA9ng.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/9e81f3-2e02-4857-af49-61be8a06f3af/1/KNX3dyLGFlf4HJ965JznKbWA9ng.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/9e81f3-2e02-4857-af49-61be8a06f3af/1/KNX3dyLGFlf4HJ965JznKbWA9ng.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
96:fa:37:5f:da:19:80:6b:ac:35:13:71:13:60:ec:cd:b7:79:
d4:0d:99:22:15:4a:e8:29:d9:a4:5f:b3:e2:b6:1d:d0:c5:c0:
88:bf:7a:b5:42:06:be:dc:a0:f4:35:1c:20:b2:c0:02:52:59:
30:b8:99:c7:47:cb:92:55:f8:38:79:12:ac:6f:5a:fc:a1:2b:
58:fd:9e:4c:08:8f:aa:fc:72:78:6b:4d:85:be:49:a8:68:14:
15:30:48:b6:b1:d7:fb:50:18:be:29:1a:41:6d:d3:2f:c1:47:
a1:16:f2:b7:2c:43:8e:ba:63:53:8b:f6:75:5f:58:0d:2c:a7:
4e:41:c2:e0:37:8e:61:44:d8:2e:23:99:56:4a:78:66:19:4e:
9f:2c:b3:58:e8:42:3e:dc:a3:7f:80:1c:c3:87:90:15:4d:73:
01:06:a3:2d:79:2e:d6:28:2c:67:d7:38:cd:ee:30:39:71:68:
3b:75:e4:91:ff:36:17:b5:c9:5d:6e:1b:32:d7:17:36:a9:58:
a5:f2:a1:40:33:71:74:6e:dc:af:a5:09:82:b5:a9:cb:05:70:
88:8b:61:80:57:7b:60:87:77:5a:dc:85:90:8f:f1:b7:5b:9a:
87:d8:ae:fa:db:62:67:6a:c4:5b:04:24:d9:c2:53:af:12:26:
3e:51:ed:5b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBI8gPZL0PKLuvj9bsVp4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4ZDVmNzc3MjJjNjE2NTdmODFjOWY3YWU0OWNlNzI5YjU4
MGY2NzgwHhcNMjYwMzI1MjIwMTQzWhcNMjYwMzI2MjIwMTQzWjAzMTEwLwYDVQQD
EygwYmU5NGJjZDE0YzA0ZGEwMDYzODQwYTJmZDJiMWM3NGVmZmQ1ZDQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqmFh4qCeqEokaiED73oC19yBlP/G
08HWusKXVJoKSQJcF8Z/2zFP/8ab2s3Wma4E8yIX7fnOjpk0IU+04dkpK5qpYJYA
pdYDexu8Qam/ER25UzJ4y+Lsae4MuH25aACHlgah3lH+tsbBALGVS/q8goaX76Bh
Hj2KDDeV8x1u7+CLCng8L+5zk7hpngHMNeDwsowPOrOsc0Fjh77uqKTtolQjX+Ct
Fgnk3rKEStBi0rkhaLlMphjpAbk17LijoIiOIsRAirFPcWS/rQtEdB5hkWXcKqVj
J+rDCUm5eSzhjEUv0Kx/3e6XdJ+Pk0RAbcBm6XIC0+Is3KYNh0McqRVIfwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAvpS80UwE2gBjhAov0rHHTv/V1FMB8GA1UdIwQY
MBaAFCjV93cixhZX+ByfeuSc5ym1gPZ4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS05YM2R5TEdGbGY0SEo5NjVKem5LYldBOW5nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85ZTgxZjMtMmUwMi00ODU3LWFmNDkt
NjFiZThhMDZmM2FmLzEvS05YM2R5TEdGbGY0SEo5NjVKem5LYldBOW5nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85ZTgxZjMtMmUwMi00ODU3LWFmNDktNjFiZThhMDZmM2Fm
LzEvS05YM2R5TEdGbGY0SEo5NjVKem5LYldBOW5nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlvo3X9oZ
gGusNRNxE2Dszbd51A2ZIhVK6CnZpF+z4rYd0MXAiL96tUIGvtyg9DUcILLAAlJZ
MLiZx0fLklX4OHkSrG9a/KErWP2eTAiPqvxyeGtNhb5JqGgUFTBItrHX+1AYvika
QW3TL8FHoRbytyxDjrpjU4v2dV9YDSynTkHC4DeOYUTYLiOZVkp4ZhlOnyyzWOhC
Ptyjf4Acw4eQFU1zAQajLXku1igsZ9c4ze4wOXFoO3Xkkf82F7XJXW4bMtcXNqlY
pfKhQDNxdG7cr6UJgrWpywVwiIthgFd7YId3WtyFkI/xt1uah9iu+ttiZ2rEWwQk
2cJTrxImPlHtWw==
-----END CERTIFICATE-----
Generated at Thu Mar 26 02:24:01 2026 by rpki-client