Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/19877d-3932-472e-9e64-c45e8924c54a/1/sd_KrmUzbQycpCWFpG2Yyawk9eU.mft
File: sd_KrmUzbQycpCWFpG2Yyawk9eU.mft (raw, json)
Hash identifier: B68bN+rVhG6OLzS3wn9e9UZv9iXMY3ORveV0L4kfSnY=
Subject key identifier: 36:61:C9:29:8F:3E:9D:5E:01:F2:B3:9C:4A:C8:25:D8:B3:13:EC:0A
Authority key identifier: B1:DF:CA:AE:65:33:6D:0C:9C:A4:25:85:A4:6D:98:C9:AC:24:F5:E5
Certificate issuer: /CN=b1dfcaae65336d0c9ca42585a46d98c9ac24f5e5
Certificate serial: 019C8D97EA35D859A420A7BE9CE20A8C404C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sd_KrmUzbQycpCWFpG2Yyawk9eU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/19877d-3932-472e-9e64-c45e8924c54a/1/sd_KrmUzbQycpCWFpG2Yyawk9eU.mft
Manifest number: 047D
Signing time: Tue 24 Feb 2026 03:01:09 +0000
Manifest this update: Tue 24 Feb 2026 03:01:09 +0000
Manifest next update: Wed 25 Feb 2026 03:01:09 +0000
Files and hashes: 1: sd_KrmUzbQycpCWFpG2Yyawk9eU.crl (hash: Lqc8Y6CPJzSA+qhEunJvQ90ilerPSsh6Hk2I39jwqKI=)
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:8d:97:ea:35:d8:59:a4:20:a7:be:9c:e2:0a:8c:40:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1dfcaae65336d0c9ca42585a46d98c9ac24f5e5
Validity
Not Before: Feb 24 03:01:09 2026 GMT
Not After : Feb 25 03:01:09 2026 GMT
Subject: CN=3661c9298f3e9d5e01f2b39c4ac825d8b313ec0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:a7:ca:77:31:c2:e8:4c:0e:58:c2:c0:74:6f:
00:b2:e5:40:f9:33:84:37:c3:be:4c:85:17:74:17:
4d:e8:6d:f3:c0:ae:6e:0a:d1:d4:d8:90:b8:4c:f3:
ff:1f:e3:25:7b:94:2d:35:51:0b:27:de:59:ae:de:
f6:88:d4:35:bb:f1:a8:cf:09:66:e6:96:25:6a:cf:
c1:32:3b:5a:6d:a5:da:f8:9f:ad:63:45:1c:74:dc:
fd:bd:43:07:31:5b:31:82:35:2d:f7:ff:7e:b3:7a:
c5:b1:f5:a6:1b:05:b7:2c:84:b9:4e:9c:88:c3:5f:
25:ca:11:f9:fc:35:ff:a1:60:a1:78:0b:1b:d4:c5:
a3:aa:5c:e2:8c:c2:93:58:5f:35:fe:58:8e:e8:81:
b2:6f:9f:49:7e:2e:48:dc:6d:fb:09:55:d3:d9:9b:
12:62:56:78:f5:a1:d6:e4:46:d0:00:12:af:49:b7:
27:aa:a7:66:68:30:51:c9:d8:ff:29:14:f1:cc:02:
5f:ec:86:9b:43:18:a5:32:8b:4c:f6:16:b1:20:57:
ef:62:1c:33:33:cf:d8:bb:20:d8:27:27:ed:78:8d:
75:7c:51:83:f9:e9:02:a2:dc:d4:98:b0:21:87:3c:
e5:71:b3:3b:46:49:fc:ce:a5:93:68:93:5c:d8:18:
b7:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:61:C9:29:8F:3E:9D:5E:01:F2:B3:9C:4A:C8:25:D8:B3:13:EC:0A
X509v3 Authority Key Identifier:
keyid:B1:DF:CA:AE:65:33:6D:0C:9C:A4:25:85:A4:6D:98:C9:AC:24:F5:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sd_KrmUzbQycpCWFpG2Yyawk9eU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/19877d-3932-472e-9e64-c45e8924c54a/1/sd_KrmUzbQycpCWFpG2Yyawk9eU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/19877d-3932-472e-9e64-c45e8924c54a/1/sd_KrmUzbQycpCWFpG2Yyawk9eU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a4:41:c9:ca:06:bc:12:65:ee:bc:be:ba:da:15:e9:64:d4:ea:
e2:73:6e:2e:da:db:f4:9b:9f:c7:e6:87:ca:47:2c:75:d4:27:
96:45:77:ac:11:6d:be:76:e3:50:a5:28:3b:96:4e:9e:61:6e:
38:95:93:f3:a2:10:27:cd:d0:19:de:4e:05:55:0c:84:8f:9e:
bf:db:ba:80:9e:38:be:0b:c6:f2:97:ba:89:33:49:41:72:bc:
81:0c:2d:ac:98:00:7e:56:1d:41:d6:61:d6:59:22:c8:fc:1f:
59:46:70:e6:60:a3:1c:af:a7:e3:ed:2d:5c:c1:44:bd:07:a3:
1e:49:fc:78:7a:ae:c5:85:cf:5c:d9:22:73:dd:e5:36:b4:b5:
f7:01:31:26:34:89:af:c6:e8:f1:23:68:aa:9b:dd:e9:5a:6e:
84:dc:84:10:a2:f8:0c:ad:17:57:a0:33:62:4d:67:5e:50:8d:
a3:57:1d:96:a8:dd:84:71:67:54:a0:59:36:be:f0:04:aa:96:
30:67:4f:46:fd:01:7e:b9:85:eb:d6:06:f0:77:2b:2d:5d:e0:
83:5b:70:8f:9e:f2:a3:94:53:c4:bc:e5:ef:1e:ed:21:db:4f:
34:33:f9:63:e1:39:9a:2c:6a:1c:33:cb:53:1a:f5:89:66:1f:
12:17:a9:ca
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyNl+o12FmkIKe+nOIKjEBMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxZGZjYWFlNjUzMzZkMGM5Y2E0MjU4NWE0NmQ5OGM5YWMy
NGY1ZTUwHhcNMjYwMjI0MDMwMTA5WhcNMjYwMjI1MDMwMTA5WjAzMTEwLwYDVQQD
EygzNjYxYzkyOThmM2U5ZDVlMDFmMmIzOWM0YWM4MjVkOGIzMTNlYzBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKfKdzHC6EwOWMLAdG8AsuVA+TOE
N8O+TIUXdBdN6G3zwK5uCtHU2JC4TPP/H+Mle5QtNVELJ95Zrt72iNQ1u/Gozwlm
5pYlas/BMjtabaXa+J+tY0UcdNz9vUMHMVsxgjUt9/9+s3rFsfWmGwW3LIS5TpyI
w18lyhH5/DX/oWCheAsb1MWjqlzijMKTWF81/liO6IGyb59Jfi5I3G37CVXT2ZsS
YlZ49aHW5EbQABKvSbcnqqdmaDBRydj/KRTxzAJf7IabQxilMotM9haxIFfvYhwz
M8/YuyDYJyfteI11fFGD+ekCotzUmLAhhzzlcbM7Rkn8zqWTaJNc2Bi3KQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDZhySmPPp1eAfKznErIJdizE+wKMB8GA1UdIwQY
MBaAFLHfyq5lM20MnKQlhaRtmMmsJPXlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2RfS3JtVXpiUXljcENXRnBHMll5YXdrOWVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC8xOTg3N2QtMzkzMi00NzJlLTllNjQt
YzQ1ZTg5MjRjNTRhLzEvc2RfS3JtVXpiUXljcENXRnBHMll5YXdrOWVVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC8xOTg3N2QtMzkzMi00NzJlLTllNjQtYzQ1ZTg5MjRjNTRh
LzEvc2RfS3JtVXpiUXljcENXRnBHMll5YXdrOWVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApEHJyga8
EmXuvL662hXpZNTq4nNuLtrb9Jufx+aHykcsddQnlkV3rBFtvnbjUKUoO5ZOnmFu
OJWT86IQJ83QGd5OBVUMhI+ev9u6gJ44vgvG8pe6iTNJQXK8gQwtrJgAflYdQdZh
1lkiyPwfWUZw5mCjHK+n4+0tXMFEvQejHkn8eHquxYXPXNkic93lNrS19wExJjSJ
r8bo8SNoqpvd6VpuhNyEEKL4DK0XV6AzYk1nXlCNo1cdlqjdhHFnVKBZNr7wBKqW
MGdPRv0BfrmF69YG8HcrLV3gg1twj57yo5RTxLzl7x7tIdtPNDP5Y+E5mixqHDPL
Uxr1iWYfEhepyg==
-----END CERTIFICATE-----
Generated at Mon Mar 2 04:03:20 2026 by rpki-client