Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/11477c-8452-4abb-9147-f0b09c0c90c7/1/KRKNnU8aVulw-HRtaCesESD5Jmc.mft
File: KRKNnU8aVulw-HRtaCesESD5Jmc.mft (raw, json)
Hash identifier: 2YqPhg36jnhviVrx5YIU0kYtHWRcvpd0DWPPnqWkIDA=
Subject key identifier: 8E:11:76:14:D7:9D:A8:FE:2B:54:69:5B:34:13:25:05:14:4F:6D:F7
Authority key identifier: 29:12:8D:9D:4F:1A:56:E9:70:F8:74:6D:68:27:AC:11:20:F9:26:67
Certificate issuer: /CN=29128d9d4f1a56e970f8746d6827ac1120f92667
Certificate serial: 019E20FF4F1E4223FFB5F6515B7F6B69E663
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KRKNnU8aVulw-HRtaCesESD5Jmc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/11477c-8452-4abb-9147-f0b09c0c90c7/1/KRKNnU8aVulw-HRtaCesESD5Jmc.mft
Manifest number: 040D
Signing time: Wed 13 May 2026 11:01:03 +0000
Manifest this update: Wed 13 May 2026 11:01:03 +0000
Manifest next update: Thu 14 May 2026 11:01:03 +0000
Files and hashes: 1: 8KaJwIuZexyBoZjYRmZrjQf9lJQ.roa (hash: LrRg49gpH/+ELMxEyexBUIqT8W2t/5VIfE4dXyblhxM=)
2: KRKNnU8aVulw-HRtaCesESD5Jmc.crl (hash: MwHEc1Q59WYFUffj8iBCyCNCcyPKCTQgVX1vL7XlPnc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cb/11477c-8452-4abb-9147-f0b09c0c90c7/1/KRKNnU8aVulw-HRtaCesESD5Jmc.crl
rsync://rpki.ripe.net/repository/DEFAULT/cb/11477c-8452-4abb-9147-f0b09c0c90c7/1/KRKNnU8aVulw-HRtaCesESD5Jmc.mft
rsync://rpki.ripe.net/repository/DEFAULT/KRKNnU8aVulw-HRtaCesESD5Jmc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 14 May 2026 11:01:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:20:ff:4f:1e:42:23:ff:b5:f6:51:5b:7f:6b:69:e6:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29128d9d4f1a56e970f8746d6827ac1120f92667
Validity
Not Before: May 13 11:01:03 2026 GMT
Not After : May 14 11:01:03 2026 GMT
Subject: CN=8e117614d79da8fe2b54695b34132505144f6df7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:94:3e:df:34:cb:b1:f8:94:18:96:6a:9f:bd:
d4:63:47:fe:db:7b:ce:0e:d7:9c:87:16:da:f4:2d:
1a:17:d7:40:e3:dc:8c:c6:63:55:44:2f:29:05:d3:
6c:eb:b1:ad:1d:8a:23:3f:a6:bf:e2:d0:1d:5f:d8:
6b:d8:a3:fb:65:76:b8:86:11:51:05:58:10:ca:42:
d7:ae:82:5b:97:6f:07:d6:a7:b5:f8:13:68:ee:6b:
7a:fd:85:04:90:d6:20:68:43:b5:d1:1a:14:b9:38:
69:06:40:ec:4f:ee:3c:92:92:51:d9:a3:07:47:34:
49:87:28:b8:d9:b3:cb:87:4b:e1:91:00:9b:17:24:
02:a3:a1:15:21:e3:d5:87:c1:e3:de:de:fe:df:c2:
65:b0:c5:90:44:5b:34:49:73:4d:b4:a9:23:14:d0:
e3:c0:ca:71:af:86:a9:35:c4:38:9c:77:57:e0:6a:
e2:69:af:2e:af:0c:6f:84:4b:5a:49:ed:ed:9c:52:
ab:1e:8c:78:3d:3c:dc:d4:94:c7:e2:e7:70:ef:ee:
50:67:4c:57:e0:b4:c8:0e:4d:3e:41:02:62:b3:d3:
f7:51:7a:fa:ed:e5:e2:2c:77:9a:86:d5:fd:00:9d:
14:b7:93:83:2b:73:d9:31:e2:f1:e0:d2:b8:a6:ef:
5a:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:11:76:14:D7:9D:A8:FE:2B:54:69:5B:34:13:25:05:14:4F:6D:F7
X509v3 Authority Key Identifier:
keyid:29:12:8D:9D:4F:1A:56:E9:70:F8:74:6D:68:27:AC:11:20:F9:26:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KRKNnU8aVulw-HRtaCesESD5Jmc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/11477c-8452-4abb-9147-f0b09c0c90c7/1/KRKNnU8aVulw-HRtaCesESD5Jmc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/11477c-8452-4abb-9147-f0b09c0c90c7/1/KRKNnU8aVulw-HRtaCesESD5Jmc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2f:00:30:62:d5:a0:1b:18:b6:58:5a:3e:98:89:65:b6:31:03:
d7:8a:8b:68:dc:82:6a:d0:6e:71:ed:22:22:66:27:28:87:07:
a9:42:78:a3:a8:64:fa:86:d8:d9:e7:a5:5d:e1:c4:1e:67:9d:
be:2e:c7:b0:58:a6:37:6b:92:18:62:95:35:ec:e1:8e:16:27:
e0:ac:97:16:fe:61:cd:6c:71:a8:2b:93:80:d0:72:c4:d3:de:
ac:f1:56:d9:8a:dc:4f:6b:cd:e1:f6:24:ae:a2:c0:e0:00:5e:
54:51:65:b1:b4:41:e9:68:24:e9:64:71:92:aa:74:59:4d:16:
ab:20:2a:bb:3c:71:66:ab:e2:29:c5:42:e8:05:3f:70:07:de:
e7:f2:7c:05:69:b9:7a:5e:1a:65:bc:00:54:34:63:b1:fe:23:
de:0a:5a:45:da:4d:23:bc:6d:24:63:5a:f7:84:0f:15:43:59:
6d:85:ed:e3:11:f2:82:21:47:dc:b8:40:8a:33:33:fd:cd:05:
7a:d0:87:57:a5:e1:48:8e:84:6b:cd:8e:0a:9e:90:73:39:27:
20:f6:04:ca:2d:a4:f9:b2:a2:ba:12:7a:57:88:74:6e:e5:5b:
65:73:6f:7b:ac:4a:50:36:af:b9:7a:9f:3c:1d:f2:18:9b:f9:
64:e6:77:50
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4g/08eQiP/tfZRW39raeZjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MTI4ZDlkNGYxYTU2ZTk3MGY4NzQ2ZDY4MjdhYzExMjBm
OTI2NjcwHhcNMjYwNTEzMTEwMTAzWhcNMjYwNTE0MTEwMTAzWjAzMTEwLwYDVQQD
Eyg4ZTExNzYxNGQ3OWRhOGZlMmI1NDY5NWIzNDEzMjUwNTE0NGY2ZGY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmpQ+3zTLsfiUGJZqn73UY0f+23vO
Dtechxba9C0aF9dA49yMxmNVRC8pBdNs67GtHYojP6a/4tAdX9hr2KP7ZXa4hhFR
BVgQykLXroJbl28H1qe1+BNo7mt6/YUEkNYgaEO10RoUuThpBkDsT+48kpJR2aMH
RzRJhyi42bPLh0vhkQCbFyQCo6EVIePVh8Hj3t7+38JlsMWQRFs0SXNNtKkjFNDj
wMpxr4apNcQ4nHdX4Griaa8urwxvhEtaSe3tnFKrHox4PTzc1JTH4udw7+5QZ0xX
4LTIDk0+QQJis9P3UXr67eXiLHeahtX9AJ0Ut5ODK3PZMeLx4NK4pu9apwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI4RdhTXnaj+K1RpWzQTJQUUT233MB8GA1UdIwQY
MBaAFCkSjZ1PGlbpcPh0bWgnrBEg+SZnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1JLTm5VOGFWdWx3LUhSdGFDZXNFU0Q1Sm1jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi8xMTQ3N2MtODQ1Mi00YWJiLTkxNDct
ZjBiMDljMGM5MGM3LzEvS1JLTm5VOGFWdWx3LUhSdGFDZXNFU0Q1Sm1jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi8xMTQ3N2MtODQ1Mi00YWJiLTkxNDctZjBiMDljMGM5MGM3
LzEvS1JLTm5VOGFWdWx3LUhSdGFDZXNFU0Q1Sm1jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALwAwYtWg
Gxi2WFo+mIlltjED14qLaNyCatBuce0iImYnKIcHqUJ4o6hk+obY2eelXeHEHmed
vi7HsFimN2uSGGKVNezhjhYn4KyXFv5hzWxxqCuTgNByxNPerPFW2YrcT2vN4fYk
rqLA4ABeVFFlsbRB6Wgk6WRxkqp0WU0WqyAquzxxZqviKcVC6AU/cAfe5/J8BWm5
el4aZbwAVDRjsf4j3gpaRdpNI7xtJGNa94QPFUNZbYXt4xHygiFH3LhAijMz/c0F
etCHV6XhSI6Ea82OCp6QczknIPYEyi2k+bKiuhJ6V4h0buVbZXNve6xKUDavuXqf
PB3yGJv5ZOZ3UA==
-----END CERTIFICATE-----
Generated at Wed May 13 18:23:01 2026 by rpki-client