Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/9d56a3-4417-4940-baa2-9e962cd9dd82/1/kb1Yg8gq7SX-8bGNcNAhWwf3J9g.mft
File: kb1Yg8gq7SX-8bGNcNAhWwf3J9g.mft (raw, json)
Hash identifier: Ne5NQsU2IXBR2IyNBslJ0BF76m1toC5jsUIRwdXjoQw=
Subject key identifier: 89:09:D9:53:9A:C5:61:4A:3F:1D:9B:D0:E9:84:9D:8E:49:CF:31:D6
Authority key identifier: 91:BD:58:83:C8:2A:ED:25:FE:F1:B1:8D:70:D0:21:5B:07:F7:27:D8
Certificate issuer: /CN=91bd5883c82aed25fef1b18d70d0215b07f727d8
Certificate serial: 019D28BB78A20B339B6DF296E7B1380083C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kb1Yg8gq7SX-8bGNcNAhWwf3J9g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/9d56a3-4417-4940-baa2-9e962cd9dd82/1/kb1Yg8gq7SX-8bGNcNAhWwf3J9g.mft
Manifest number: 03AF
Signing time: Thu 26 Mar 2026 06:01:07 +0000
Manifest this update: Thu 26 Mar 2026 06:01:07 +0000
Manifest next update: Fri 27 Mar 2026 06:01:07 +0000
Files and hashes: 1: kb1Yg8gq7SX-8bGNcNAhWwf3J9g.crl (hash: 3i3dIK/aWViJGcW0iqOBJF1Gfw0yzKT+AVdBGLbzH7c=)
2: ocMdVynF_p0Tq2OwiTH-YQD2ORA.roa (hash: T9hZOtlKL+lVEzPwoFtr/gTJ5gMSoiMOJ0rZtmiDZzY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/9d56a3-4417-4940-baa2-9e962cd9dd82/1/kb1Yg8gq7SX-8bGNcNAhWwf3J9g.crl
rsync://rpki.ripe.net/repository/DEFAULT/dd/9d56a3-4417-4940-baa2-9e962cd9dd82/1/kb1Yg8gq7SX-8bGNcNAhWwf3J9g.mft
rsync://rpki.ripe.net/repository/DEFAULT/kb1Yg8gq7SX-8bGNcNAhWwf3J9g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:28:bb:78:a2:0b:33:9b:6d:f2:96:e7:b1:38:00:83:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91bd5883c82aed25fef1b18d70d0215b07f727d8
Validity
Not Before: Mar 26 06:01:07 2026 GMT
Not After : Mar 27 06:01:07 2026 GMT
Subject: CN=8909d9539ac5614a3f1d9bd0e9849d8e49cf31d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:04:9c:d2:50:de:85:3a:73:25:71:43:ae:bd:
67:c6:f4:f8:b9:42:18:a3:17:a8:da:51:5f:b7:8b:
8f:4d:98:98:64:3f:b5:2a:1e:1a:4d:00:6f:a6:ca:
d6:52:38:f9:1b:c0:00:10:58:1b:0d:3e:75:f8:f8:
b2:9f:bc:ea:20:db:b3:8a:cb:67:21:4d:aa:7a:ab:
4f:32:c8:98:31:65:21:86:d9:36:94:9b:c5:3a:5a:
ec:bf:aa:cf:61:1a:24:38:1f:99:67:62:73:ab:04:
4f:7a:67:a1:a9:1a:a0:9d:69:27:26:dc:fa:cd:59:
8a:bd:07:40:2a:e4:90:69:9e:a5:f4:3b:3a:c3:fc:
e9:74:bb:3b:c2:6b:54:34:49:e6:93:9e:1d:78:70:
28:1b:36:9b:a0:f7:e4:a5:8d:dd:ce:5a:17:54:41:
2f:9d:ab:7d:e9:2b:e7:6d:a7:05:4a:39:6f:b1:57:
50:27:6b:75:c9:f7:de:f7:2a:f7:ae:08:f0:98:49:
6d:c3:8f:ad:36:c4:ef:13:2c:1f:2c:ba:0e:c5:82:
f9:46:fc:ca:7b:37:64:0a:78:27:3e:60:13:0c:42:
4a:7d:00:27:f9:58:ca:60:6d:53:a8:d8:45:19:27:
df:9e:03:33:49:2c:1b:fb:f9:49:27:10:b9:bd:77:
40:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:09:D9:53:9A:C5:61:4A:3F:1D:9B:D0:E9:84:9D:8E:49:CF:31:D6
X509v3 Authority Key Identifier:
keyid:91:BD:58:83:C8:2A:ED:25:FE:F1:B1:8D:70:D0:21:5B:07:F7:27:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kb1Yg8gq7SX-8bGNcNAhWwf3J9g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9d56a3-4417-4940-baa2-9e962cd9dd82/1/kb1Yg8gq7SX-8bGNcNAhWwf3J9g.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9d56a3-4417-4940-baa2-9e962cd9dd82/1/kb1Yg8gq7SX-8bGNcNAhWwf3J9g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6f:a7:75:b7:c8:a8:fd:4c:74:73:89:87:e5:37:16:ef:c6:01:
4a:88:9b:d5:ba:16:e3:44:a9:b9:9f:8b:44:87:5f:e6:5e:79:
23:dc:ff:b9:07:bc:cb:28:0f:c5:2e:97:a1:9b:5f:06:8a:ba:
3b:0e:ec:8c:69:59:fb:97:a7:42:8c:7d:a4:26:07:a5:86:fe:
6b:48:b8:65:ad:4e:63:25:8a:96:1e:f3:ce:dd:c6:1a:47:e6:
9f:65:3d:91:2f:ac:91:fc:ec:fb:b1:5f:1e:ec:35:11:15:2f:
cc:9d:d2:17:25:bb:70:2c:c0:e8:9f:9b:72:9d:91:36:8e:a3:
21:79:87:b5:db:04:07:df:33:5b:ab:10:07:7e:42:cf:7d:d1:
e6:61:e8:eb:14:5a:ab:62:ac:6d:7d:e1:75:5f:47:83:f1:e6:
1b:9d:b5:7a:b2:5c:1e:ed:99:11:04:bb:28:8a:95:d2:89:89:
f6:dd:30:8e:ea:53:aa:40:53:83:95:2a:57:eb:0a:c1:68:f8:
43:62:ba:a8:8f:4d:f8:8f:81:8f:d4:2d:d2:04:38:a9:68:08:
49:ca:df:84:e8:5b:ba:1f:d7:72:bc:fb:28:62:00:84:16:5e:
39:41:6d:e0:bd:3e:2f:93:21:88:f0:3d:aa:61:9b:2a:8d:ea:
c0:43:7a:4f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ou3iiCzObbfKW57E4AIPDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxYmQ1ODgzYzgyYWVkMjVmZWYxYjE4ZDcwZDAyMTViMDdm
NzI3ZDgwHhcNMjYwMzI2MDYwMTA3WhcNMjYwMzI3MDYwMTA3WjAzMTEwLwYDVQQD
Eyg4OTA5ZDk1MzlhYzU2MTRhM2YxZDliZDBlOTg0OWQ4ZTQ5Y2YzMWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxgSc0lDehTpzJXFDrr1nxvT4uUIY
oxeo2lFft4uPTZiYZD+1Kh4aTQBvpsrWUjj5G8AAEFgbDT51+Piyn7zqINuzistn
IU2qeqtPMsiYMWUhhtk2lJvFOlrsv6rPYRokOB+ZZ2JzqwRPemehqRqgnWknJtz6
zVmKvQdAKuSQaZ6l9Ds6w/zpdLs7wmtUNEnmk54deHAoGzaboPfkpY3dzloXVEEv
nat96SvnbacFSjlvsVdQJ2t1yffe9yr3rgjwmEltw4+tNsTvEywfLLoOxYL5RvzK
ezdkCngnPmATDEJKfQAn+VjKYG1TqNhFGSffngMzSSwb+/lJJxC5vXdAoQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIkJ2VOaxWFKPx2b0OmEnY5JzzHWMB8GA1UdIwQY
MBaAFJG9WIPIKu0l/vGxjXDQIVsH9yfYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2IxWWc4Z3E3U1gtOGJHTmNOQWhXd2YzSjlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC85ZDU2YTMtNDQxNy00OTQwLWJhYTIt
OWU5NjJjZDlkZDgyLzEva2IxWWc4Z3E3U1gtOGJHTmNOQWhXd2YzSjlnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC85ZDU2YTMtNDQxNy00OTQwLWJhYTItOWU5NjJjZDlkZDgy
LzEva2IxWWc4Z3E3U1gtOGJHTmNOQWhXd2YzSjlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAb6d1t8io
/Ux0c4mH5TcW78YBSoib1boW40SpuZ+LRIdf5l55I9z/uQe8yygPxS6XoZtfBoq6
Ow7sjGlZ+5enQox9pCYHpYb+a0i4Za1OYyWKlh7zzt3GGkfmn2U9kS+skfzs+7Ff
Huw1ERUvzJ3SFyW7cCzA6J+bcp2RNo6jIXmHtdsEB98zW6sQB35Cz33R5mHo6xRa
q2KsbX3hdV9Hg/HmG521erJcHu2ZEQS7KIqV0omJ9t0wjupTqkBTg5UqV+sKwWj4
Q2K6qI9N+I+Bj9Qt0gQ4qWgIScrfhOhbuh/Xcrz7KGIAhBZeOUFt4L0+L5MhiPA9
qmGbKo3qwEN6Tw==
-----END CERTIFICATE-----
Generated at Thu Mar 26 09:58:36 2026 by rpki-client