Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/60c724-a005-46d7-8452-16ce339016a0/1/KDYkAH9E3K9WjDcOf3H5UMsZQO8.mft
File: KDYkAH9E3K9WjDcOf3H5UMsZQO8.mft (raw, json)
Hash identifier: MuUfn4R0hfE11DDgWWGwRryivR3Z2xEfUskSnNtLV4E=
Subject key identifier: 4A:3B:F4:4A:69:30:0A:F5:3D:01:35:8F:B7:E5:2A:0D:73:10:F2:A1
Authority key identifier: 28:36:24:00:7F:44:DC:AF:56:8C:37:0E:7F:71:F9:50:CB:19:40:EF
Certificate issuer: /CN=283624007f44dcaf568c370e7f71f950cb1940ef
Certificate serial: 019CABD908B39A24438379D5B16BA2223415
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KDYkAH9E3K9WjDcOf3H5UMsZQO8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/60c724-a005-46d7-8452-16ce339016a0/1/KDYkAH9E3K9WjDcOf3H5UMsZQO8.mft
Manifest number: 09C2
Signing time: Mon 02 Mar 2026 00:00:53 +0000
Manifest this update: Mon 02 Mar 2026 00:00:53 +0000
Manifest next update: Tue 03 Mar 2026 00:00:53 +0000
Files and hashes: 1: KDYkAH9E3K9WjDcOf3H5UMsZQO8.crl (hash: Gs4biARLDoJThYqDO5XmIKVTtzas86kL/EuG9XUgawg=)
2: wyIJp-MtwD9wUV37AIQAnQ5KD5g.roa (hash: 27rqphnZqec6wo9U62eKve93o5VP/+kmAfxs2ybJPtU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/60c724-a005-46d7-8452-16ce339016a0/1/KDYkAH9E3K9WjDcOf3H5UMsZQO8.crl
rsync://rpki.ripe.net/repository/DEFAULT/21/60c724-a005-46d7-8452-16ce339016a0/1/KDYkAH9E3K9WjDcOf3H5UMsZQO8.mft
rsync://rpki.ripe.net/repository/DEFAULT/KDYkAH9E3K9WjDcOf3H5UMsZQO8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ab:d9:08:b3:9a:24:43:83:79:d5:b1:6b:a2:22:34:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=283624007f44dcaf568c370e7f71f950cb1940ef
Validity
Not Before: Mar 2 00:00:53 2026 GMT
Not After : Mar 3 00:00:53 2026 GMT
Subject: CN=4a3bf44a69300af53d01358fb7e52a0d7310f2a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:50:73:ca:f3:bb:21:59:39:03:ae:db:62:fa:
1a:6c:7d:d8:94:04:92:ee:68:6e:22:fe:c0:ce:ab:
71:7c:ed:8b:96:71:e6:e7:57:e2:12:48:64:f0:61:
b7:d1:7d:f9:1d:a5:fe:ae:af:ae:e8:02:53:11:b5:
86:3d:7c:40:d4:e5:81:4d:93:08:80:cf:c5:a9:b0:
81:76:f7:63:af:77:31:1c:58:4e:fb:2b:49:98:5e:
6a:b2:1b:5a:2b:f4:7b:38:78:3a:bc:e2:41:bc:b7:
ad:78:5b:39:f4:12:ed:57:59:19:51:13:a8:3c:eb:
82:55:d9:fb:97:2c:d4:7d:9c:56:6e:0f:eb:34:fb:
24:f8:1a:05:a1:89:ef:0a:82:12:b7:9b:f3:76:13:
d7:fc:e4:6c:f7:44:4b:f2:6e:ee:38:52:93:c9:65:
a4:f0:f8:9c:2c:03:a8:93:59:e3:86:73:e5:eb:ec:
f5:2f:a2:3d:65:27:75:0f:31:b3:55:95:30:82:16:
89:34:3f:f8:74:48:cb:cc:94:2e:5b:5d:8e:3f:11:
25:54:b0:08:30:86:26:a5:b8:55:af:ff:75:a9:86:
19:c2:25:d8:1c:ee:1f:aa:e0:e5:45:27:47:ba:dc:
06:46:71:dd:c4:6f:c8:11:85:71:96:a2:cf:94:d3:
11:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:3B:F4:4A:69:30:0A:F5:3D:01:35:8F:B7:E5:2A:0D:73:10:F2:A1
X509v3 Authority Key Identifier:
keyid:28:36:24:00:7F:44:DC:AF:56:8C:37:0E:7F:71:F9:50:CB:19:40:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KDYkAH9E3K9WjDcOf3H5UMsZQO8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/60c724-a005-46d7-8452-16ce339016a0/1/KDYkAH9E3K9WjDcOf3H5UMsZQO8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/60c724-a005-46d7-8452-16ce339016a0/1/KDYkAH9E3K9WjDcOf3H5UMsZQO8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4d:97:c3:a0:e0:66:9c:96:a3:ba:40:a9:2c:df:c8:2e:a2:80:
c8:f7:96:e1:63:b8:f2:05:8d:87:3d:62:bb:7f:b6:e8:11:33:
b5:fb:da:02:56:b7:78:2f:5f:3c:68:48:f4:86:a8:07:9b:77:
df:92:80:35:cc:b8:f9:36:23:49:9a:3a:b4:2e:9e:f7:b2:5f:
9a:a1:96:84:26:4b:a1:fb:63:9f:05:5e:5b:ff:a6:66:05:0b:
11:02:96:2d:1f:09:8e:ff:d1:f3:c0:0d:d7:c6:80:68:48:1e:
78:d1:a9:86:9b:1c:63:16:6a:91:c8:18:60:d3:e2:6c:88:a0:
79:13:7f:97:72:fd:09:da:52:51:01:89:15:f2:6a:34:d2:a8:
cd:a3:88:d7:15:7c:22:b2:49:80:f4:93:b3:a8:4a:30:7c:64:
85:7d:d9:c3:48:6c:ab:52:6d:a0:86:58:a1:4c:78:5b:a9:94:
8b:8a:64:7e:72:8f:22:d4:ef:c2:5f:3f:b6:7a:a6:c7:a0:23:
f2:8c:27:e4:64:c5:c0:70:85:a3:0d:aa:6f:32:88:fa:ca:8f:
74:fb:d5:c5:11:09:1f:58:4b:e7:b3:c2:45:58:b0:9f:58:6d:
3b:3a:16:4c:e4:56:3f:12:ca:0e:c5:1a:54:b8:2a:7d:b9:c5:
e5:2c:d2:f9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyr2QizmiRDg3nVsWuiIjQVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4MzYyNDAwN2Y0NGRjYWY1NjhjMzcwZTdmNzFmOTUwY2Ix
OTQwZWYwHhcNMjYwMzAyMDAwMDUzWhcNMjYwMzAzMDAwMDUzWjAzMTEwLwYDVQQD
Eyg0YTNiZjQ0YTY5MzAwYWY1M2QwMTM1OGZiN2U1MmEwZDczMTBmMmExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArVBzyvO7IVk5A67bYvoabH3YlASS
7mhuIv7AzqtxfO2LlnHm51fiEkhk8GG30X35HaX+rq+u6AJTEbWGPXxA1OWBTZMI
gM/FqbCBdvdjr3cxHFhO+ytJmF5qshtaK/R7OHg6vOJBvLeteFs59BLtV1kZUROo
POuCVdn7lyzUfZxWbg/rNPsk+BoFoYnvCoISt5vzdhPX/ORs90RL8m7uOFKTyWWk
8PicLAOok1njhnPl6+z1L6I9ZSd1DzGzVZUwghaJND/4dEjLzJQuW12OPxElVLAI
MIYmpbhVr/91qYYZwiXYHO4fquDlRSdHutwGRnHdxG/IEYVxlqLPlNMR2QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEo79EppMAr1PQE1j7flKg1zEPKhMB8GA1UdIwQY
MBaAFCg2JAB/RNyvVow3Dn9x+VDLGUDvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0RZa0FIOUUzSzlXakRjT2YzSDVVTXNaUU84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS82MGM3MjQtYTAwNS00NmQ3LTg0NTIt
MTZjZTMzOTAxNmEwLzEvS0RZa0FIOUUzSzlXakRjT2YzSDVVTXNaUU84Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS82MGM3MjQtYTAwNS00NmQ3LTg0NTItMTZjZTMzOTAxNmEw
LzEvS0RZa0FIOUUzSzlXakRjT2YzSDVVTXNaUU84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATZfDoOBm
nJajukCpLN/ILqKAyPeW4WO48gWNhz1iu3+26BEztfvaAla3eC9fPGhI9IaoB5t3
35KANcy4+TYjSZo6tC6e97JfmqGWhCZLoftjnwVeW/+mZgULEQKWLR8Jjv/R88AN
18aAaEgeeNGphpscYxZqkcgYYNPibIigeRN/l3L9CdpSUQGJFfJqNNKozaOI1xV8
IrJJgPSTs6hKMHxkhX3Zw0hsq1JtoIZYoUx4W6mUi4pkfnKPItTvwl8/tnqmx6Aj
8own5GTFwHCFow2qbzKI+sqPdPvVxREJH1hL57PCRViwn1htOzoWTORWPxLKDsUa
VLgqfbnF5SzS+Q==
-----END CERTIFICATE-----
Generated at Mon Mar 2 04:36:55 2026 by rpki-client