Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/cca476-a3c8-4a65-8c0c-f32260e05700/1/kYKD14XMiO-FIIYqwWHye1YwvBQ.mft
File: kYKD14XMiO-FIIYqwWHye1YwvBQ.mft (raw, json)
Hash identifier: SI+S5jepsq+oP/4zRmsCGYNj6Ghp36+zFCEVxjMTky8=
Subject key identifier: A9:BE:16:47:5C:1E:8C:02:98:F5:F1:67:31:4C:36:42:2B:7B:8F:D8
Authority key identifier: 91:82:83:D7:85:CC:88:EF:85:20:86:2A:C1:61:F2:7B:56:30:BC:14
Certificate issuer: /CN=918283d785cc88ef8520862ac161f27b5630bc14
Certificate serial: 019D33AD40C3F41374A95F0F52F0958B97FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kYKD14XMiO-FIIYqwWHye1YwvBQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/cca476-a3c8-4a65-8c0c-f32260e05700/1/kYKD14XMiO-FIIYqwWHye1YwvBQ.mft
Manifest number: 188E
Signing time: Sat 28 Mar 2026 09:01:25 +0000
Manifest this update: Sat 28 Mar 2026 09:01:25 +0000
Manifest next update: Sun 29 Mar 2026 09:01:25 +0000
Files and hashes: 1: Mj7AFWu1EqZHOmVJMKOMm7PDVAc.roa (hash: GRpVbHiFHaOYOCNz4Rrq2ZkYp/ciepwMIDmQKZdm5EU=)
2: kYKD14XMiO-FIIYqwWHye1YwvBQ.crl (hash: l/hTA4Bf8cDCvcWhcEOcGJutuYHI4mi1sJQ/0x84XW4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f6/cca476-a3c8-4a65-8c0c-f32260e05700/1/kYKD14XMiO-FIIYqwWHye1YwvBQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/f6/cca476-a3c8-4a65-8c0c-f32260e05700/1/kYKD14XMiO-FIIYqwWHye1YwvBQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/kYKD14XMiO-FIIYqwWHye1YwvBQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Mar 2026 04:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:33:ad:40:c3:f4:13:74:a9:5f:0f:52:f0:95:8b:97:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=918283d785cc88ef8520862ac161f27b5630bc14
Validity
Not Before: Mar 28 09:01:25 2026 GMT
Not After : Mar 29 09:01:25 2026 GMT
Subject: CN=a9be16475c1e8c0298f5f167314c36422b7b8fd8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:91:7f:90:36:6a:2f:78:b5:49:bb:a2:9b:af:
d6:9c:9a:c1:97:43:7f:78:a1:0f:58:35:be:a6:17:
85:53:aa:d3:f1:7a:2c:52:3d:6d:6e:16:92:12:66:
2d:ac:70:73:73:9a:2e:d4:c0:ca:ea:78:a2:0b:3c:
61:64:63:6b:93:72:11:aa:15:5e:aa:82:25:5c:32:
0b:33:81:e0:d1:39:ae:9c:b9:67:65:32:b0:c6:34:
e2:aa:f7:f5:33:73:42:5f:f6:b1:32:d0:67:f1:cf:
26:48:6d:95:15:89:2a:e2:08:19:34:94:87:9c:f9:
76:f5:37:28:29:8a:1b:fa:e9:60:e7:00:ea:e5:5e:
5c:61:55:fc:bd:1e:3e:9d:b9:79:98:1e:14:d3:3d:
0a:00:35:20:9d:a0:0a:b0:77:12:48:25:be:26:ee:
29:b7:1b:a3:a7:9a:56:a8:69:2a:5e:f8:6a:e3:11:
ff:31:0a:12:ae:24:ec:ef:f9:75:4c:78:a8:51:9b:
06:8b:5e:df:18:da:2b:ff:6f:3c:c1:fd:76:9e:50:
d6:7b:3c:d1:ba:de:54:b4:2b:93:ef:d0:63:c6:c2:
95:6f:d7:5f:d6:9c:d9:13:6b:38:59:ab:1c:d7:3c:
05:4a:33:0a:69:c0:f1:5f:f7:a7:62:1f:bd:17:44:
9c:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:BE:16:47:5C:1E:8C:02:98:F5:F1:67:31:4C:36:42:2B:7B:8F:D8
X509v3 Authority Key Identifier:
keyid:91:82:83:D7:85:CC:88:EF:85:20:86:2A:C1:61:F2:7B:56:30:BC:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kYKD14XMiO-FIIYqwWHye1YwvBQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/cca476-a3c8-4a65-8c0c-f32260e05700/1/kYKD14XMiO-FIIYqwWHye1YwvBQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/cca476-a3c8-4a65-8c0c-f32260e05700/1/kYKD14XMiO-FIIYqwWHye1YwvBQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
43:62:43:23:9d:ad:86:67:ae:17:8b:fa:54:75:4a:6f:25:61:
6a:02:80:6b:83:5b:e6:71:dd:cc:33:81:fb:e7:41:b4:43:24:
52:b7:9f:46:ca:92:70:e3:5b:20:03:09:13:ce:7d:5d:0b:7d:
04:c0:a7:37:c2:90:9a:f1:18:21:fa:92:fb:3c:1d:e4:15:68:
f8:1c:36:46:53:d7:6d:cd:8f:54:96:3d:c2:7b:7d:23:27:af:
c5:95:fd:66:eb:a6:6d:94:bd:7c:e9:b6:65:1d:34:d2:6a:86:
05:c6:ce:75:92:40:dd:3e:77:f7:85:ca:70:52:25:08:4b:23:
4e:25:b6:41:7a:30:52:40:84:02:a4:dd:46:39:26:81:3f:1c:
55:ba:cc:76:e8:77:7d:ad:17:ee:81:12:c3:b8:32:4e:1d:56:
4e:2b:ab:f0:cf:d2:68:cc:18:d1:3b:c2:e6:ff:d3:dd:5a:f0:
95:39:f3:95:66:8e:55:07:f1:0c:b3:3d:7e:79:b7:26:c8:f9:
e4:ae:16:f3:db:61:a4:62:fb:bd:b5:de:02:ad:3d:67:20:63:
58:f6:b3:60:f9:3e:67:d3:01:d5:ea:4f:89:3a:a9:4b:26:64:
70:42:4e:b9:41:0d:c4:f2:d6:e9:80:20:17:8d:32:24:33:d2:
e5:83:2d:c5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0zrUDD9BN0qV8PUvCVi5f6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxODI4M2Q3ODVjYzg4ZWY4NTIwODYyYWMxNjFmMjdiNTYz
MGJjMTQwHhcNMjYwMzI4MDkwMTI1WhcNMjYwMzI5MDkwMTI1WjAzMTEwLwYDVQQD
EyhhOWJlMTY0NzVjMWU4YzAyOThmNWYxNjczMTRjMzY0MjJiN2I4ZmQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi5F/kDZqL3i1Sbuim6/WnJrBl0N/
eKEPWDW+pheFU6rT8XosUj1tbhaSEmYtrHBzc5ou1MDK6niiCzxhZGNrk3IRqhVe
qoIlXDILM4Hg0TmunLlnZTKwxjTiqvf1M3NCX/axMtBn8c8mSG2VFYkq4ggZNJSH
nPl29TcoKYob+ulg5wDq5V5cYVX8vR4+nbl5mB4U0z0KADUgnaAKsHcSSCW+Ju4p
txujp5pWqGkqXvhq4xH/MQoSriTs7/l1THioUZsGi17fGNor/288wf12nlDWezzR
ut5UtCuT79BjxsKVb9df1pzZE2s4Wasc1zwFSjMKacDxX/enYh+9F0ScjQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKm+FkdcHowCmPXxZzFMNkIre4/YMB8GA1UdIwQY
MBaAFJGCg9eFzIjvhSCGKsFh8ntWMLwUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1lLRDE0WE1pTy1GSUlZcXdXSHllMVl3dkJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi9jY2E0NzYtYTNjOC00YTY1LThjMGMt
ZjMyMjYwZTA1NzAwLzEva1lLRDE0WE1pTy1GSUlZcXdXSHllMVl3dkJRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi9jY2E0NzYtYTNjOC00YTY1LThjMGMtZjMyMjYwZTA1NzAw
LzEva1lLRDE0WE1pTy1GSUlZcXdXSHllMVl3dkJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQ2JDI52t
hmeuF4v6VHVKbyVhagKAa4Nb5nHdzDOB++dBtEMkUrefRsqScONbIAMJE859XQt9
BMCnN8KQmvEYIfqS+zwd5BVo+Bw2RlPXbc2PVJY9wnt9IyevxZX9ZuumbZS9fOm2
ZR000mqGBcbOdZJA3T5394XKcFIlCEsjTiW2QXowUkCEAqTdRjkmgT8cVbrMduh3
fa0X7oESw7gyTh1WTiur8M/SaMwY0TvC5v/T3VrwlTnzlWaOVQfxDLM9fnm3Jsj5
5K4W89thpGL7vbXeAq09ZyBjWPazYPk+Z9MB1epPiTqpSyZkcEJOuUENxPLW6YAg
F40yJDPS5YMtxQ==
-----END CERTIFICATE-----
Generated at Sat Mar 28 12:21:08 2026 by rpki-client