Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/11477c-8452-4abb-9147-f0b09c0c90c7/1/KRKNnU8aVulw-HRtaCesESD5Jmc.mft
File: KRKNnU8aVulw-HRtaCesESD5Jmc.mft (raw, json)
Hash identifier: oGfvJjBgU9MqG8jZ1TMcF47RTipHAK9daXRDyJzQ0ag=
Subject key identifier: 61:DC:2A:A9:6C:A3:87:8D:09:00:E6:CB:64:1D:91:E3:57:CA:1C:38
Authority key identifier: 29:12:8D:9D:4F:1A:56:E9:70:F8:74:6D:68:27:AC:11:20:F9:26:67
Certificate issuer: /CN=29128d9d4f1a56e970f8746d6827ac1120f92667
Certificate serial: 019D29CE8E6EF5D8FE6EEDFAA28E8ADB8645
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KRKNnU8aVulw-HRtaCesESD5Jmc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/11477c-8452-4abb-9147-f0b09c0c90c7/1/KRKNnU8aVulw-HRtaCesESD5Jmc.mft
Manifest number: 038D
Signing time: Thu 26 Mar 2026 11:01:35 +0000
Manifest this update: Thu 26 Mar 2026 11:01:35 +0000
Manifest next update: Fri 27 Mar 2026 11:01:35 +0000
Files and hashes: 1: 8KaJwIuZexyBoZjYRmZrjQf9lJQ.roa (hash: LrRg49gpH/+ELMxEyexBUIqT8W2t/5VIfE4dXyblhxM=)
2: KRKNnU8aVulw-HRtaCesESD5Jmc.crl (hash: i+jTSpAXVIGBUGDRkY09hVVrBxx7+gFCal6p7H0XJ4c=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cb/11477c-8452-4abb-9147-f0b09c0c90c7/1/KRKNnU8aVulw-HRtaCesESD5Jmc.crl
rsync://rpki.ripe.net/repository/DEFAULT/cb/11477c-8452-4abb-9147-f0b09c0c90c7/1/KRKNnU8aVulw-HRtaCesESD5Jmc.mft
rsync://rpki.ripe.net/repository/DEFAULT/KRKNnU8aVulw-HRtaCesESD5Jmc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:29:ce:8e:6e:f5:d8:fe:6e:ed:fa:a2:8e:8a:db:86:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29128d9d4f1a56e970f8746d6827ac1120f92667
Validity
Not Before: Mar 26 11:01:35 2026 GMT
Not After : Mar 27 11:01:35 2026 GMT
Subject: CN=61dc2aa96ca3878d0900e6cb641d91e357ca1c38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:34:2c:db:d8:d7:28:6d:75:fe:e7:7d:cc:4e:
f4:f2:f4:15:03:de:58:9b:a5:d1:94:1c:5b:2d:03:
74:ce:e7:44:f6:af:3f:d5:eb:fd:0e:01:9c:fb:68:
0a:61:64:ad:68:73:dd:42:73:b9:e2:1a:f1:0f:87:
70:fc:1b:07:ca:19:e8:e5:5a:09:70:b1:ca:88:a9:
06:7a:76:e9:1e:7d:3d:0b:f9:70:e8:0a:da:a1:89:
27:a3:70:d7:5d:56:03:21:42:2f:2e:87:58:d5:c5:
6d:aa:d1:38:93:3f:d0:2e:7c:60:c8:bd:e6:a8:dc:
51:a2:4e:68:43:30:b2:e4:ac:7f:95:64:77:d3:d5:
f9:72:7c:9e:4f:f9:8b:49:2c:06:4d:97:f2:cf:db:
41:ec:a1:76:30:55:6c:60:53:0b:9c:dc:04:d8:30:
1e:32:f8:d1:74:16:00:06:1a:35:2e:1b:69:b8:4d:
e9:f0:93:f2:08:02:2c:1c:36:00:09:9b:25:f4:2e:
a5:b8:92:5f:37:70:bb:d3:85:4a:82:f3:25:e4:71:
33:27:12:ed:79:e5:a3:84:b2:c0:82:1c:7f:fa:7c:
ee:f3:4e:03:ae:12:a5:c3:62:7b:ad:60:9e:d6:70:
bb:ce:77:f2:22:32:8d:94:06:02:43:17:9b:83:2a:
9b:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:DC:2A:A9:6C:A3:87:8D:09:00:E6:CB:64:1D:91:E3:57:CA:1C:38
X509v3 Authority Key Identifier:
keyid:29:12:8D:9D:4F:1A:56:E9:70:F8:74:6D:68:27:AC:11:20:F9:26:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KRKNnU8aVulw-HRtaCesESD5Jmc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/11477c-8452-4abb-9147-f0b09c0c90c7/1/KRKNnU8aVulw-HRtaCesESD5Jmc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/11477c-8452-4abb-9147-f0b09c0c90c7/1/KRKNnU8aVulw-HRtaCesESD5Jmc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7b:4c:62:31:52:fa:d6:b3:3b:8b:fe:85:c1:39:59:30:e2:d9:
0b:5c:88:5e:94:80:66:ca:73:19:63:5a:47:ea:0e:9c:8a:57:
37:5a:93:8a:f6:7f:71:53:4d:16:d5:b7:97:20:c5:76:b6:86:
37:07:2f:fb:2b:df:73:88:d5:44:62:be:19:b3:e5:c5:5d:37:
cf:f3:8d:96:5b:65:b3:a0:25:9d:ea:91:bd:f5:a9:69:2c:34:
58:43:7a:ca:86:b7:7c:11:87:14:2c:1f:6c:a2:de:44:0d:6d:
d1:b8:69:b5:38:ea:39:2d:bd:9f:4b:f8:e6:46:20:1e:65:22:
7c:b1:88:2a:32:4b:e6:8d:33:ad:7d:a6:23:f6:2d:1e:41:cf:
0e:45:e3:62:f1:22:a5:d5:15:a2:0e:92:fd:fe:48:54:9c:3d:
86:c7:29:a7:0c:54:ce:bb:56:a4:33:ca:53:34:37:07:fc:5f:
25:60:89:2b:6c:c9:0a:58:a6:d5:e5:39:3b:85:bb:11:9d:ee:
d6:6b:38:12:73:52:1a:82:07:d5:78:36:67:f8:5f:3d:34:20:
b1:c1:75:ae:46:b0:e8:40:fc:17:f4:77:69:98:f8:1b:e7:b1:
dd:4b:89:5e:2c:55:bb:38:37:b3:6b:19:5a:e1:42:52:20:17:
51:71:6f:f9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pzo5u9dj+bu36oo6K24ZFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MTI4ZDlkNGYxYTU2ZTk3MGY4NzQ2ZDY4MjdhYzExMjBm
OTI2NjcwHhcNMjYwMzI2MTEwMTM1WhcNMjYwMzI3MTEwMTM1WjAzMTEwLwYDVQQD
Eyg2MWRjMmFhOTZjYTM4NzhkMDkwMGU2Y2I2NDFkOTFlMzU3Y2ExYzM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApzQs29jXKG11/ud9zE708vQVA95Y
m6XRlBxbLQN0zudE9q8/1ev9DgGc+2gKYWStaHPdQnO54hrxD4dw/BsHyhno5VoJ
cLHKiKkGenbpHn09C/lw6AraoYkno3DXXVYDIUIvLodY1cVtqtE4kz/QLnxgyL3m
qNxRok5oQzCy5Kx/lWR309X5cnyeT/mLSSwGTZfyz9tB7KF2MFVsYFMLnNwE2DAe
MvjRdBYABho1LhtpuE3p8JPyCAIsHDYACZsl9C6luJJfN3C704VKgvMl5HEzJxLt
eeWjhLLAghx/+nzu804DrhKlw2J7rWCe1nC7znfyIjKNlAYCQxebgyqbMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGHcKqlso4eNCQDmy2QdkeNXyhw4MB8GA1UdIwQY
MBaAFCkSjZ1PGlbpcPh0bWgnrBEg+SZnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1JLTm5VOGFWdWx3LUhSdGFDZXNFU0Q1Sm1jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi8xMTQ3N2MtODQ1Mi00YWJiLTkxNDct
ZjBiMDljMGM5MGM3LzEvS1JLTm5VOGFWdWx3LUhSdGFDZXNFU0Q1Sm1jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi8xMTQ3N2MtODQ1Mi00YWJiLTkxNDctZjBiMDljMGM5MGM3
LzEvS1JLTm5VOGFWdWx3LUhSdGFDZXNFU0Q1Sm1jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAe0xiMVL6
1rM7i/6FwTlZMOLZC1yIXpSAZspzGWNaR+oOnIpXN1qTivZ/cVNNFtW3lyDFdraG
Nwcv+yvfc4jVRGK+GbPlxV03z/ONlltls6AlneqRvfWpaSw0WEN6yoa3fBGHFCwf
bKLeRA1t0bhptTjqOS29n0v45kYgHmUifLGIKjJL5o0zrX2mI/YtHkHPDkXjYvEi
pdUVog6S/f5IVJw9hscppwxUzrtWpDPKUzQ3B/xfJWCJK2zJClim1eU5O4W7EZ3u
1ms4EnNSGoIH1Xg2Z/hfPTQgscF1rkaw6ED8F/R3aZj4G+ex3UuJXixVuzg3s2sZ
WuFCUiAXUXFv+Q==
-----END CERTIFICATE-----
Generated at Thu Mar 26 18:21:33 2026 by rpki-client