Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/49c3e1-1f7f-4e58-b02b-88592043026f/1/KMID1l3y1lvbzzyINELdq1WjvN4.mft
File: KMID1l3y1lvbzzyINELdq1WjvN4.mft (raw, json)
Hash identifier: hk1oA8EGV8NthmwbDtXgbwe7PRyrFsfLua4pMUNVYKk=
Subject key identifier: 65:EB:CE:60:4A:95:A5:5D:23:01:33:2B:C3:25:F2:F4:D7:D3:70:BF
Authority key identifier: 28:C2:03:D6:5D:F2:D6:5B:DB:CF:3C:88:34:42:DD:AB:55:A3:BC:DE
Certificate issuer: /CN=28c203d65df2d65bdbcf3c883442ddab55a3bcde
Certificate serial: 019D2816EC2E4AF5849B7AAFEF9CADBDC013
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KMID1l3y1lvbzzyINELdq1WjvN4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/49c3e1-1f7f-4e58-b02b-88592043026f/1/KMID1l3y1lvbzzyINELdq1WjvN4.mft
Manifest number: 0E75
Signing time: Thu 26 Mar 2026 03:01:24 +0000
Manifest this update: Thu 26 Mar 2026 03:01:24 +0000
Manifest next update: Fri 27 Mar 2026 03:01:24 +0000
Files and hashes: 1: 4Okejz2k1ubGfI-GRgB_ARKBmuk.roa (hash: wHN9epTREmpbGi1iOO1PMq2WQBeGFf6WjNTcLZ9jeLg=)
2: KMID1l3y1lvbzzyINELdq1WjvN4.crl (hash: OP5sjKE83tp2LV1GFogHidEjOt/+WfcGew1bVXmsnqc=)
3: PcKBEnG4Fc83PTLXnIgOvRcy3V4.roa (hash: dksZAzhosBbHaXLsuDmV40VTdGY6aq3NK9xY13PmQvE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f5/49c3e1-1f7f-4e58-b02b-88592043026f/1/KMID1l3y1lvbzzyINELdq1WjvN4.crl
rsync://rpki.ripe.net/repository/DEFAULT/f5/49c3e1-1f7f-4e58-b02b-88592043026f/1/KMID1l3y1lvbzzyINELdq1WjvN4.mft
rsync://rpki.ripe.net/repository/DEFAULT/KMID1l3y1lvbzzyINELdq1WjvN4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:28:16:ec:2e:4a:f5:84:9b:7a:af:ef:9c:ad:bd:c0:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28c203d65df2d65bdbcf3c883442ddab55a3bcde
Validity
Not Before: Mar 26 03:01:24 2026 GMT
Not After : Mar 27 03:01:24 2026 GMT
Subject: CN=65ebce604a95a55d2301332bc325f2f4d7d370bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:ad:20:5e:2b:7e:96:55:58:4a:b5:77:34:1e:
9a:a9:3d:5a:26:4e:c7:09:2d:b7:5b:b7:9b:78:49:
cf:9f:ae:2b:26:1d:50:25:3e:ff:45:ab:bc:d1:17:
ff:03:3c:22:61:2e:e1:b7:d8:57:84:91:73:a0:45:
79:7e:79:22:8d:04:44:57:b6:2a:fe:6f:68:bb:38:
d2:ba:30:62:91:9d:cd:e6:c7:bd:3f:60:d5:f8:47:
17:4e:1b:ff:54:35:9e:1a:9b:e0:fa:7e:a4:86:9b:
44:c2:af:03:2a:e2:d3:10:d9:1e:af:81:f2:fd:c2:
4d:58:bb:d2:11:12:e4:b5:4e:95:9b:01:a8:06:d0:
a2:f7:a9:a8:27:f2:04:25:bc:75:5f:07:e0:89:ab:
f4:9f:ee:a4:70:9f:17:15:27:ce:d1:2f:b2:f2:09:
2e:62:f5:93:65:4b:89:4e:19:dd:0d:17:d9:da:de:
c8:82:ef:63:e6:f1:fc:6a:9e:52:93:da:67:bf:bf:
f3:3a:bf:b5:a5:d8:d4:e6:44:f9:53:4a:27:33:5e:
f5:1a:94:40:0d:74:3b:28:56:06:71:e7:e3:a3:00:
fb:b1:14:36:3a:59:e9:be:a0:b4:4f:f6:fd:41:a7:
e3:c4:46:60:84:34:7f:1f:cb:1e:54:e4:22:09:bd:
10:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:EB:CE:60:4A:95:A5:5D:23:01:33:2B:C3:25:F2:F4:D7:D3:70:BF
X509v3 Authority Key Identifier:
keyid:28:C2:03:D6:5D:F2:D6:5B:DB:CF:3C:88:34:42:DD:AB:55:A3:BC:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KMID1l3y1lvbzzyINELdq1WjvN4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/49c3e1-1f7f-4e58-b02b-88592043026f/1/KMID1l3y1lvbzzyINELdq1WjvN4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/49c3e1-1f7f-4e58-b02b-88592043026f/1/KMID1l3y1lvbzzyINELdq1WjvN4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
77:40:09:8c:9e:3a:0e:3a:9f:2c:ee:47:6e:9c:94:a7:08:f9:
fa:dd:75:f4:4d:2c:8a:3c:c8:54:b6:90:9e:c4:9e:56:f3:3b:
51:95:df:88:55:fd:a4:8e:15:5e:51:84:3c:8b:ab:09:63:d4:
fb:b8:91:f8:64:f3:60:a2:35:70:5c:17:28:29:6b:f2:a0:bf:
c9:46:4e:b0:e0:6d:08:ab:15:f3:51:8e:c6:2b:53:a2:81:96:
5f:30:db:0a:db:0f:95:e9:8e:47:37:76:5f:1c:b2:ed:29:62:
f9:6e:3c:b3:d6:25:31:2c:68:82:9e:32:d1:f1:66:35:80:6e:
9b:c2:ef:e6:f7:4e:02:4f:60:3f:ea:83:ba:3f:c5:77:9e:65:
d1:62:dc:ff:6f:68:4b:7e:ab:2e:7b:7c:1d:2a:e2:73:cf:a8:
86:8d:12:dd:40:07:71:62:17:e6:9e:c7:b3:0e:d8:1c:a7:7d:
a3:76:1b:0a:c5:5e:db:ad:db:18:72:d9:9e:23:d6:0e:c6:66:
57:85:61:ad:18:37:11:2b:5e:2a:b5:f6:63:5c:07:ba:67:92:
46:e2:bf:3f:c6:01:94:5f:30:37:53:fa:90:e5:1a:d4:6c:d9:
62:33:ce:33:13:51:cb:e0:88:3d:af:10:e6:41:b7:9f:99:b7:
e0:4b:42:de
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0oFuwuSvWEm3qv75ytvcATMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4YzIwM2Q2NWRmMmQ2NWJkYmNmM2M4ODM0NDJkZGFiNTVh
M2JjZGUwHhcNMjYwMzI2MDMwMTI0WhcNMjYwMzI3MDMwMTI0WjAzMTEwLwYDVQQD
Eyg2NWViY2U2MDRhOTVhNTVkMjMwMTMzMmJjMzI1ZjJmNGQ3ZDM3MGJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk60gXit+llVYSrV3NB6aqT1aJk7H
CS23W7ebeEnPn64rJh1QJT7/Rau80Rf/AzwiYS7ht9hXhJFzoEV5fnkijQREV7Yq
/m9ouzjSujBikZ3N5se9P2DV+EcXThv/VDWeGpvg+n6khptEwq8DKuLTENker4Hy
/cJNWLvSERLktU6VmwGoBtCi96moJ/IEJbx1Xwfgiav0n+6kcJ8XFSfO0S+y8gku
YvWTZUuJThndDRfZ2t7Igu9j5vH8ap5Sk9pnv7/zOr+1pdjU5kT5U0onM171GpRA
DXQ7KFYGcefjowD7sRQ2OlnpvqC0T/b9QafjxEZghDR/H8seVOQiCb0QuwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGXrzmBKlaVdIwEzK8Ml8vTX03C/MB8GA1UdIwQY
MBaAFCjCA9Zd8tZb2888iDRC3atVo7zeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS01JRDFsM3kxbHZienp5SU5FTGRxMVdqdk40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS80OWMzZTEtMWY3Zi00ZTU4LWIwMmIt
ODg1OTIwNDMwMjZmLzEvS01JRDFsM3kxbHZienp5SU5FTGRxMVdqdk40Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS80OWMzZTEtMWY3Zi00ZTU4LWIwMmItODg1OTIwNDMwMjZm
LzEvS01JRDFsM3kxbHZienp5SU5FTGRxMVdqdk40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAd0AJjJ46
DjqfLO5HbpyUpwj5+t119E0sijzIVLaQnsSeVvM7UZXfiFX9pI4VXlGEPIurCWPU
+7iR+GTzYKI1cFwXKClr8qC/yUZOsOBtCKsV81GOxitTooGWXzDbCtsPlemORzd2
Xxyy7Sli+W48s9YlMSxogp4y0fFmNYBum8Lv5vdOAk9gP+qDuj/Fd55l0WLc/29o
S36rLnt8HSric8+oho0S3UAHcWIX5p7Hsw7YHKd9o3YbCsVe263bGHLZniPWDsZm
V4VhrRg3ESteKrX2Y1wHumeSRuK/P8YBlF8wN1P6kOUa1GzZYjPOMxNRy+CIPa8Q
5kG3n5m34EtC3g==
-----END CERTIFICATE-----
Generated at Thu Mar 26 09:12:27 2026 by rpki-client