Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/e1d6b7-555c-4d9b-afe1-e63ce55370eb/1/kHb3fahBt7lCFbb6wtQaccIVFgE.mft
File: kHb3fahBt7lCFbb6wtQaccIVFgE.mft (raw, json)
Hash identifier: Xp3o473oxG/RljUCkUZjg1hhYb6SxLuockt2a7d5W70=
Subject key identifier: 92:4D:6C:F4:8D:8A:95:BF:77:FA:CB:76:A9:73:A4:69:63:A8:95:06
Authority key identifier: 90:76:F7:7D:A8:41:B7:B9:42:15:B6:FA:C2:D4:1A:71:C2:15:16:01
Certificate issuer: /CN=9076f77da841b7b94215b6fac2d41a71c2151601
Certificate serial: 019D28BB15A7E894BB0B48C80D1892F75DFE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kHb3fahBt7lCFbb6wtQaccIVFgE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/e1d6b7-555c-4d9b-afe1-e63ce55370eb/1/kHb3fahBt7lCFbb6wtQaccIVFgE.mft
Manifest number: 1217
Signing time: Thu 26 Mar 2026 06:00:42 +0000
Manifest this update: Thu 26 Mar 2026 06:00:42 +0000
Manifest next update: Fri 27 Mar 2026 06:00:42 +0000
Files and hashes: 1: G6JTgK9c0CWNOmQ8QvDityy_X10.roa (hash: 9vVxC4L/PjyVKOIEKo3Aptt5+zq+QCcL31nKvvorwHs=)
2: kHb3fahBt7lCFbb6wtQaccIVFgE.crl (hash: z4+wgDkAmwyAIZJ0Yukf1ORVq27TZSMNAGLnPMOniog=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a1/e1d6b7-555c-4d9b-afe1-e63ce55370eb/1/kHb3fahBt7lCFbb6wtQaccIVFgE.crl
rsync://rpki.ripe.net/repository/DEFAULT/a1/e1d6b7-555c-4d9b-afe1-e63ce55370eb/1/kHb3fahBt7lCFbb6wtQaccIVFgE.mft
rsync://rpki.ripe.net/repository/DEFAULT/kHb3fahBt7lCFbb6wtQaccIVFgE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:28:bb:15:a7:e8:94:bb:0b:48:c8:0d:18:92:f7:5d:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9076f77da841b7b94215b6fac2d41a71c2151601
Validity
Not Before: Mar 26 06:00:42 2026 GMT
Not After : Mar 27 06:00:42 2026 GMT
Subject: CN=924d6cf48d8a95bf77facb76a973a46963a89506
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:9f:e8:31:6a:c6:9d:e5:5e:18:41:fb:ea:9b:
a3:9e:ac:ea:92:2c:35:81:bb:8d:70:4d:f2:3a:4c:
72:21:38:a0:af:7b:a5:5a:ee:4c:17:81:06:14:51:
09:72:f7:c0:88:30:5b:71:76:56:14:ab:09:15:53:
4a:f4:17:61:e4:f7:21:8e:a2:32:13:9a:53:c1:a0:
0b:0d:34:81:60:28:33:b7:90:a5:e9:a4:7d:cb:3e:
16:34:1d:41:b8:01:e6:ef:e6:a1:47:b8:67:3c:37:
51:31:33:f9:e3:ca:fb:02:26:4d:1c:fe:f5:84:54:
84:f2:d7:11:55:cd:c4:87:d5:46:bc:21:f4:e3:bc:
e6:29:20:5d:77:43:b0:a8:2c:45:4e:b2:58:1b:cc:
ca:a0:d6:fc:ff:34:98:01:31:81:1f:e0:55:b4:f1:
62:c6:3d:e6:81:db:bc:35:d5:aa:c6:13:90:5a:c3:
e5:29:7a:91:d6:e8:7d:dd:b7:48:8a:08:e7:c5:b0:
3b:bf:f1:ff:a6:70:b9:1f:45:87:04:32:ef:72:5d:
b6:d1:b9:b0:28:5c:41:a9:eb:0a:31:9b:0d:ec:05:
c7:73:1d:98:13:47:8c:06:06:2b:31:17:16:fd:3b:
8e:30:c2:67:6d:01:a2:60:1e:52:28:21:9e:3c:a8:
9d:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:4D:6C:F4:8D:8A:95:BF:77:FA:CB:76:A9:73:A4:69:63:A8:95:06
X509v3 Authority Key Identifier:
keyid:90:76:F7:7D:A8:41:B7:B9:42:15:B6:FA:C2:D4:1A:71:C2:15:16:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kHb3fahBt7lCFbb6wtQaccIVFgE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/e1d6b7-555c-4d9b-afe1-e63ce55370eb/1/kHb3fahBt7lCFbb6wtQaccIVFgE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/e1d6b7-555c-4d9b-afe1-e63ce55370eb/1/kHb3fahBt7lCFbb6wtQaccIVFgE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
ba:96:00:2d:2c:bf:05:61:13:49:1b:cd:f4:c4:9b:ea:35:1f:
db:5f:46:99:ba:96:9f:af:83:37:15:d1:68:c4:79:d3:8b:18:
e5:af:e4:1f:15:60:e4:6a:54:f3:3f:b6:db:4a:95:bf:04:83:
c5:25:b7:d9:0c:22:87:3b:5f:c5:b7:f9:62:c2:9d:5b:5d:e7:
53:dc:25:7a:d9:98:14:0c:ef:31:42:67:14:11:ba:33:68:49:
31:58:b7:0f:1a:88:19:bb:8a:18:f9:71:03:1c:47:c5:07:07:
4a:f3:d3:31:35:f6:04:da:9c:05:25:28:08:94:66:57:ed:44:
4c:82:d8:fd:ef:51:05:fa:86:5a:c6:dd:68:34:f2:ec:44:25:
79:ae:f5:a1:3b:88:87:eb:6d:fe:71:ed:a3:6e:d5:11:56:14:
e0:8c:39:92:1d:39:b7:4f:3b:25:7a:a5:f8:11:2a:2e:7a:2e:
a7:32:f9:32:c7:18:62:09:98:f9:46:6b:50:0b:26:14:3e:b0:
d6:8c:b4:df:fe:f0:67:6c:cd:2b:2e:a7:bb:7a:c3:40:0f:94:
0a:b9:95:70:c0:54:61:b4:cf:49:f5:eb:fe:03:5a:59:5b:52:
e1:ca:96:3d:33:d5:78:09:d2:0d:b5:30:84:a5:b5:c2:5d:49:
9c:39:7e:d7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ouxWn6JS7C0jIDRiS913+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwNzZmNzdkYTg0MWI3Yjk0MjE1YjZmYWMyZDQxYTcxYzIx
NTE2MDEwHhcNMjYwMzI2MDYwMDQyWhcNMjYwMzI3MDYwMDQyWjAzMTEwLwYDVQQD
Eyg5MjRkNmNmNDhkOGE5NWJmNzdmYWNiNzZhOTczYTQ2OTYzYTg5NTA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoZ/oMWrGneVeGEH76pujnqzqkiw1
gbuNcE3yOkxyITigr3ulWu5MF4EGFFEJcvfAiDBbcXZWFKsJFVNK9Bdh5PchjqIy
E5pTwaALDTSBYCgzt5Cl6aR9yz4WNB1BuAHm7+ahR7hnPDdRMTP548r7AiZNHP71
hFSE8tcRVc3Eh9VGvCH047zmKSBdd0OwqCxFTrJYG8zKoNb8/zSYATGBH+BVtPFi
xj3mgdu8NdWqxhOQWsPlKXqR1uh93bdIigjnxbA7v/H/pnC5H0WHBDLvcl220bmw
KFxBqesKMZsN7AXHcx2YE0eMBgYrMRcW/TuOMMJnbQGiYB5SKCGePKidNwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJJNbPSNipW/d/rLdqlzpGljqJUGMB8GA1UdIwQY
MBaAFJB2932oQbe5QhW2+sLUGnHCFRYBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0hiM2ZhaEJ0N2xDRmJiNnd0UWFjY0lWRmdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS9lMWQ2YjctNTU1Yy00ZDliLWFmZTEt
ZTYzY2U1NTM3MGViLzEva0hiM2ZhaEJ0N2xDRmJiNnd0UWFjY0lWRmdFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS9lMWQ2YjctNTU1Yy00ZDliLWFmZTEtZTYzY2U1NTM3MGVi
LzEva0hiM2ZhaEJ0N2xDRmJiNnd0UWFjY0lWRmdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAupYALSy/
BWETSRvN9MSb6jUf219GmbqWn6+DNxXRaMR504sY5a/kHxVg5GpU8z+220qVvwSD
xSW32Qwihztfxbf5YsKdW13nU9wletmYFAzvMUJnFBG6M2hJMVi3DxqIGbuKGPlx
AxxHxQcHSvPTMTX2BNqcBSUoCJRmV+1ETILY/e9RBfqGWsbdaDTy7EQlea71oTuI
h+tt/nHto27VEVYU4Iw5kh05t087JXql+BEqLnoupzL5MscYYgmY+UZrUAsmFD6w
1oy03/7wZ2zNKy6nu3rDQA+UCrmVcMBUYbTPSfXr/gNaWVtS4cqWPTPVeAnSDbUw
hKW1wl1JnDl+1w==
-----END CERTIFICATE-----
Generated at Thu Mar 26 09:47:05 2026 by rpki-client