Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/9b76e3-e4f1-41a2-9f0e-937e00d0732f/1/KANYk6JXplTz-FSVxBaevobeGNE.mft
File: KANYk6JXplTz-FSVxBaevobeGNE.mft (raw, json)
Hash identifier: bBLr8mzKCatLnVqNxirXuvS9FrtYZwfkyYCuSmOnW5o=
Subject key identifier: 2D:C4:E5:E0:01:1B:6F:0A:28:66:58:FD:47:4A:5B:6C:F8:58:9B:00
Authority key identifier: 28:03:58:93:A2:57:A6:54:F3:F8:54:95:C4:16:9E:BE:86:DE:18:D1
Certificate issuer: /CN=28035893a257a654f3f85495c4169ebe86de18d1
Certificate serial: 019D2816FCF89989E125633043991A44CA6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KANYk6JXplTz-FSVxBaevobeGNE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/9b76e3-e4f1-41a2-9f0e-937e00d0732f/1/KANYk6JXplTz-FSVxBaevobeGNE.mft
Manifest number: 0DC4
Signing time: Thu 26 Mar 2026 03:01:28 +0000
Manifest this update: Thu 26 Mar 2026 03:01:28 +0000
Manifest next update: Fri 27 Mar 2026 03:01:28 +0000
Files and hashes: 1: KANYk6JXplTz-FSVxBaevobeGNE.crl (hash: /bdbu2K6FKr+UBroNHbhOpW2XdLYckg0lS4IZpsnk3w=)
2: Uwq4fgrazLwEGWvCfkhNBfYlPZA.roa (hash: vwAFLTe2SVcS4DhCcFTz3AjD8TipO0c+U4k+Iwqqzxk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f9/9b76e3-e4f1-41a2-9f0e-937e00d0732f/1/KANYk6JXplTz-FSVxBaevobeGNE.crl
rsync://rpki.ripe.net/repository/DEFAULT/f9/9b76e3-e4f1-41a2-9f0e-937e00d0732f/1/KANYk6JXplTz-FSVxBaevobeGNE.mft
rsync://rpki.ripe.net/repository/DEFAULT/KANYk6JXplTz-FSVxBaevobeGNE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:28:16:fc:f8:99:89:e1:25:63:30:43:99:1a:44:ca:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28035893a257a654f3f85495c4169ebe86de18d1
Validity
Not Before: Mar 26 03:01:28 2026 GMT
Not After : Mar 27 03:01:28 2026 GMT
Subject: CN=2dc4e5e0011b6f0a286658fd474a5b6cf8589b00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:5d:bb:97:ed:79:89:4e:1c:5c:99:c2:71:40:
9e:7e:f1:09:0e:94:be:75:56:2a:00:ed:3b:1a:53:
41:eb:b0:75:ce:63:ec:d9:21:7e:0a:55:ce:8e:3d:
bd:f9:4c:61:a4:88:8e:9d:a3:27:76:6a:d7:4d:ee:
7a:71:c8:e1:fb:b0:9b:ee:a6:5d:35:96:a8:80:85:
f4:51:b2:a3:45:37:3c:5f:85:cc:3b:22:f6:5b:84:
36:9d:fe:09:f5:3a:58:67:97:32:0a:65:ef:28:9e:
43:dd:f0:13:54:55:f4:69:04:b1:63:13:59:fa:c2:
1f:ee:fa:9b:99:74:e7:e5:3f:7d:6e:02:f9:d8:5b:
3b:dc:d1:60:25:3b:78:b9:47:45:7b:87:5b:c2:3c:
5d:bd:5c:ea:9a:e0:d9:74:8a:bf:a2:69:cc:76:c0:
06:e6:ab:84:49:90:cf:4a:a1:e6:04:e1:34:cf:0e:
3d:2f:5c:45:4f:3c:b4:17:98:79:b3:89:b7:68:a2:
72:c5:80:7e:4e:8e:82:89:bf:32:88:50:b9:1c:fa:
4b:31:4c:a2:8c:b9:04:a9:9e:a4:ab:c8:7f:35:fa:
21:26:d4:43:2b:66:3c:71:34:52:14:46:c2:3b:5d:
e7:59:20:77:fd:5c:69:a6:b9:a4:8e:d7:46:22:7f:
fb:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:C4:E5:E0:01:1B:6F:0A:28:66:58:FD:47:4A:5B:6C:F8:58:9B:00
X509v3 Authority Key Identifier:
keyid:28:03:58:93:A2:57:A6:54:F3:F8:54:95:C4:16:9E:BE:86:DE:18:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KANYk6JXplTz-FSVxBaevobeGNE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/9b76e3-e4f1-41a2-9f0e-937e00d0732f/1/KANYk6JXplTz-FSVxBaevobeGNE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/9b76e3-e4f1-41a2-9f0e-937e00d0732f/1/KANYk6JXplTz-FSVxBaevobeGNE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5c:52:7b:ab:33:26:8a:bc:d8:9d:f6:33:02:df:df:06:2a:e4:
69:45:8d:9c:d1:ee:56:20:60:82:04:8b:76:b9:9e:79:54:d6:
c6:56:c5:9c:1e:a8:bb:fe:7b:43:75:32:41:16:83:bc:a7:cd:
c2:0f:e7:68:c1:61:ee:7e:f2:04:fd:c7:b4:9f:73:41:47:da:
e7:f7:a6:dc:e5:0c:ec:59:0b:ea:20:38:ef:88:46:3b:fc:76:
6f:24:f2:be:38:bd:08:ea:e1:3b:66:86:34:af:fd:01:cf:df:
ce:72:e9:53:de:9c:67:cc:c1:55:12:c3:7f:f8:b3:eb:43:28:
88:48:b3:e5:a8:57:2e:c9:1b:3b:f2:f4:34:0c:fc:7e:1f:0b:
90:8d:0d:3a:7f:f9:45:7e:9c:8d:b5:cb:84:4a:e5:cf:3b:10:
93:e5:15:1e:55:9a:42:68:b8:15:22:3f:d0:d5:1f:44:1e:03:
67:f0:dd:30:6b:c4:24:c8:37:e7:f3:bb:26:a3:59:8d:15:fa:
36:50:53:5d:8d:6e:86:f4:a9:d0:bf:51:a1:45:95:30:bd:38:
82:dc:4c:f8:d8:ec:e7:6a:11:e7:3f:68:0b:fa:91:6b:c9:89:
fd:1b:e1:51:78:92:7b:1a:e7:9b:67:95:6b:63:0b:6f:5d:8d:
78:47:5f:52
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0oFvz4mYnhJWMwQ5kaRMptMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4MDM1ODkzYTI1N2E2NTRmM2Y4NTQ5NWM0MTY5ZWJlODZk
ZTE4ZDEwHhcNMjYwMzI2MDMwMTI4WhcNMjYwMzI3MDMwMTI4WjAzMTEwLwYDVQQD
EygyZGM0ZTVlMDAxMWI2ZjBhMjg2NjU4ZmQ0NzRhNWI2Y2Y4NTg5YjAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvl27l+15iU4cXJnCcUCefvEJDpS+
dVYqAO07GlNB67B1zmPs2SF+ClXOjj29+UxhpIiOnaMndmrXTe56ccjh+7Cb7qZd
NZaogIX0UbKjRTc8X4XMOyL2W4Q2nf4J9TpYZ5cyCmXvKJ5D3fATVFX0aQSxYxNZ
+sIf7vqbmXTn5T99bgL52Fs73NFgJTt4uUdFe4dbwjxdvVzqmuDZdIq/omnMdsAG
5quESZDPSqHmBOE0zw49L1xFTzy0F5h5s4m3aKJyxYB+To6Cib8yiFC5HPpLMUyi
jLkEqZ6kq8h/NfohJtRDK2Y8cTRSFEbCO13nWSB3/VxpprmkjtdGIn/74QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC3E5eABG28KKGZY/UdKW2z4WJsAMB8GA1UdIwQY
MBaAFCgDWJOiV6ZU8/hUlcQWnr6G3hjRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0FOWWs2SlhwbFR6LUZTVnhCYWV2b2JlR05FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS85Yjc2ZTMtZTRmMS00MWEyLTlmMGUt
OTM3ZTAwZDA3MzJmLzEvS0FOWWs2SlhwbFR6LUZTVnhCYWV2b2JlR05FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS85Yjc2ZTMtZTRmMS00MWEyLTlmMGUtOTM3ZTAwZDA3MzJm
LzEvS0FOWWs2SlhwbFR6LUZTVnhCYWV2b2JlR05FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXFJ7qzMm
irzYnfYzAt/fBirkaUWNnNHuViBgggSLdrmeeVTWxlbFnB6ou/57Q3UyQRaDvKfN
wg/naMFh7n7yBP3HtJ9zQUfa5/em3OUM7FkL6iA474hGO/x2byTyvji9COrhO2aG
NK/9Ac/fznLpU96cZ8zBVRLDf/iz60MoiEiz5ahXLskbO/L0NAz8fh8LkI0NOn/5
RX6cjbXLhErlzzsQk+UVHlWaQmi4FSI/0NUfRB4DZ/DdMGvEJMg35/O7JqNZjRX6
NlBTXY1uhvSp0L9RoUWVML04gtxM+Njs52oR5z9oC/qRa8mJ/RvhUXiSexrnm2eV
a2MLb12NeEdfUg==
-----END CERTIFICATE-----
Generated at Thu Mar 26 06:44:02 2026 by rpki-client