Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/d2354a-f3c2-41d5-b292-a9d267acf664/1/KeRudYZejUoIHktd2kbTyUADZ5s.mft
File: KeRudYZejUoIHktd2kbTyUADZ5s.mft (raw, json)
Hash identifier: 4kZhlGWZf4E8kXQcv7kI1w4CwjL49PLepYpGQXdTs8M=
Subject key identifier: 11:E7:0E:52:EF:7E:D9:05:87:DC:80:2A:5B:C2:A1:39:96:2E:DF:3F
Authority key identifier: 29:E4:6E:75:86:5E:8D:4A:08:1E:4B:5D:DA:46:D3:C9:40:03:67:9B
Certificate issuer: /CN=29e46e75865e8d4a081e4b5dda46d3c94003679b
Certificate serial: 019D9B199E8EA09EBC2348E20D3498F59709
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KeRudYZejUoIHktd2kbTyUADZ5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/d2354a-f3c2-41d5-b292-a9d267acf664/1/KeRudYZejUoIHktd2kbTyUADZ5s.mft
Manifest number: 17A1
Signing time: Fri 17 Apr 2026 11:00:40 +0000
Manifest this update: Fri 17 Apr 2026 11:00:40 +0000
Manifest next update: Sat 18 Apr 2026 11:00:40 +0000
Files and hashes: 1: FY64f2n5IZxak83WH5Xr7DjmI48.roa (hash: jtG7O8Fc8btXdN9Jv20DVMBroccgppZEs1H1G7+kiM8=)
2: KeRudYZejUoIHktd2kbTyUADZ5s.crl (hash: W42ZuYWwTlk/Un8pD7gkVWFuJ4Z3fDhK7Q1uMeNUsJU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1b/d2354a-f3c2-41d5-b292-a9d267acf664/1/KeRudYZejUoIHktd2kbTyUADZ5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/1b/d2354a-f3c2-41d5-b292-a9d267acf664/1/KeRudYZejUoIHktd2kbTyUADZ5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/KeRudYZejUoIHktd2kbTyUADZ5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9b:19:9e:8e:a0:9e:bc:23:48:e2:0d:34:98:f5:97:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29e46e75865e8d4a081e4b5dda46d3c94003679b
Validity
Not Before: Apr 17 11:00:40 2026 GMT
Not After : Apr 18 11:00:40 2026 GMT
Subject: CN=11e70e52ef7ed90587dc802a5bc2a139962edf3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:a9:a5:cc:96:03:b0:f5:ef:a5:45:4e:3c:41:
77:93:bb:9b:30:d1:63:67:67:50:12:f7:43:c7:00:
81:9a:fd:10:0b:25:41:0d:e9:20:ac:9e:cc:43:47:
3e:93:71:35:e5:bd:73:bf:92:55:a5:3d:31:c9:00:
7f:51:de:3d:13:f8:37:75:41:63:cc:06:3d:5d:0f:
6c:fe:b1:0a:f3:cc:48:bc:40:80:ff:9a:f1:33:ca:
b4:9b:24:f9:fb:24:26:24:00:c4:c9:60:23:7d:bb:
04:be:4f:0d:7c:9b:c1:46:4e:c5:81:8c:8e:22:b0:
35:72:d4:e4:af:27:77:32:4c:4d:7d:a1:af:47:10:
0a:34:14:a5:4a:28:1c:71:08:3a:b1:b5:45:9f:31:
aa:d2:b8:93:2a:d2:73:ff:36:29:f6:c9:c4:32:e6:
15:15:5b:b0:23:ad:24:31:d9:e3:ab:cc:b4:2c:99:
ab:65:68:0f:20:bd:7e:9f:43:d8:05:38:22:28:32:
47:e7:c3:94:34:15:99:40:63:a0:fc:ba:ab:a1:82:
5a:65:ca:95:91:f5:1f:14:e7:82:b3:d5:03:9e:ce:
36:40:a1:f9:cd:e6:75:95:21:63:e2:d4:ad:1f:c4:
e1:9d:b7:05:c9:a0:d3:71:2c:b1:b9:5b:6f:f1:4e:
4d:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:E7:0E:52:EF:7E:D9:05:87:DC:80:2A:5B:C2:A1:39:96:2E:DF:3F
X509v3 Authority Key Identifier:
keyid:29:E4:6E:75:86:5E:8D:4A:08:1E:4B:5D:DA:46:D3:C9:40:03:67:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KeRudYZejUoIHktd2kbTyUADZ5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/d2354a-f3c2-41d5-b292-a9d267acf664/1/KeRudYZejUoIHktd2kbTyUADZ5s.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/d2354a-f3c2-41d5-b292-a9d267acf664/1/KeRudYZejUoIHktd2kbTyUADZ5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
30:94:30:12:ab:9c:dc:0b:b0:dc:4f:c9:60:cc:1e:ba:1d:a0:
10:4d:de:55:6c:a7:9c:27:a8:d6:2b:87:33:b9:26:9f:64:a1:
a4:b3:ac:3f:7e:2d:3d:5b:8a:f4:7d:e6:be:3c:1b:ba:26:5b:
d6:e4:0c:7b:09:42:97:13:89:8d:68:d6:eb:fe:49:77:53:ec:
da:a1:f7:ff:85:d7:24:bb:2c:8e:70:c5:3d:f7:5b:84:0b:0a:
21:d6:59:df:93:c8:39:20:40:c8:96:0b:e2:86:6b:10:50:e8:
51:2a:79:d6:4a:ab:2e:53:4f:f3:8c:be:6c:8e:6e:18:b2:dd:
38:c9:a4:98:f9:1d:8c:cf:c1:a6:01:69:18:c2:57:4d:ef:83:
a0:ec:da:02:94:60:4d:58:cb:51:46:97:d2:d7:69:c0:c5:c0:
28:d9:ac:c9:7e:12:cd:de:6d:ea:0c:93:88:a8:f1:4d:3f:3c:
66:30:1b:c0:a4:91:7d:c4:63:ab:13:f5:b1:41:85:1e:b4:b1:
8d:bf:46:1d:ab:d6:20:5e:f6:c6:61:b9:57:ff:f8:cf:e6:a5:
ae:ff:72:a3:ef:b0:f2:bc:a0:6b:ef:e1:ea:16:99:db:3a:ba:
88:8b:75:98:ba:fa:96:93:eb:16:fa:fd:4b:49:dc:d1:14:cb:
e8:e8:69:eb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2bGZ6OoJ68I0jiDTSY9ZcJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZTQ2ZTc1ODY1ZThkNGEwODFlNGI1ZGRhNDZkM2M5NDAw
MzY3OWIwHhcNMjYwNDE3MTEwMDQwWhcNMjYwNDE4MTEwMDQwWjAzMTEwLwYDVQQD
EygxMWU3MGU1MmVmN2VkOTA1ODdkYzgwMmE1YmMyYTEzOTk2MmVkZjNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlqmlzJYDsPXvpUVOPEF3k7ubMNFj
Z2dQEvdDxwCBmv0QCyVBDekgrJ7MQ0c+k3E15b1zv5JVpT0xyQB/Ud49E/g3dUFj
zAY9XQ9s/rEK88xIvECA/5rxM8q0myT5+yQmJADEyWAjfbsEvk8NfJvBRk7FgYyO
IrA1ctTkryd3MkxNfaGvRxAKNBSlSigccQg6sbVFnzGq0riTKtJz/zYp9snEMuYV
FVuwI60kMdnjq8y0LJmrZWgPIL1+n0PYBTgiKDJH58OUNBWZQGOg/LqroYJaZcqV
kfUfFOeCs9UDns42QKH5zeZ1lSFj4tStH8ThnbcFyaDTcSyxuVtv8U5NMQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBHnDlLvftkFh9yAKlvCoTmWLt8/MB8GA1UdIwQY
MBaAFCnkbnWGXo1KCB5LXdpG08lAA2ebMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2VSdWRZWmVqVW9JSGt0ZDJrYlR5VUFEWjVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi9kMjM1NGEtZjNjMi00MWQ1LWIyOTIt
YTlkMjY3YWNmNjY0LzEvS2VSdWRZWmVqVW9JSGt0ZDJrYlR5VUFEWjVzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi9kMjM1NGEtZjNjMi00MWQ1LWIyOTItYTlkMjY3YWNmNjY0
LzEvS2VSdWRZWmVqVW9JSGt0ZDJrYlR5VUFEWjVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMJQwEquc
3Auw3E/JYMweuh2gEE3eVWynnCeo1iuHM7kmn2ShpLOsP34tPVuK9H3mvjwbuiZb
1uQMewlClxOJjWjW6/5Jd1Ps2qH3/4XXJLssjnDFPfdbhAsKIdZZ35PIOSBAyJYL
4oZrEFDoUSp51kqrLlNP84y+bI5uGLLdOMmkmPkdjM/BpgFpGMJXTe+DoOzaApRg
TVjLUUaX0tdpwMXAKNmsyX4Szd5t6gyTiKjxTT88ZjAbwKSRfcRjqxP1sUGFHrSx
jb9GHavWIF72xmG5V//4z+alrv9yo++w8ryga+/h6haZ2zq6iIt1mLr6lpPrFvr9
S0nc0RTL6Ohp6w==
-----END CERTIFICATE-----
Generated at Fri Apr 17 14:44:47 2026 by rpki-client