Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/KbOnF2ZaETfpncj60i4-f5jbiXM.mft
File: KbOnF2ZaETfpncj60i4-f5jbiXM.mft (raw, json)
Hash identifier: /gcNfzPT0n37a/zYCkKZ8jAEwYzAF2/AGsNWfgFfKOM=
Subject key identifier: AD:EA:26:E8:49:48:3A:D4:E2:EC:FB:35:FC:1E:E9:61:DA:51:DA:EB
Authority key identifier: 29:B3:A7:17:66:5A:11:37:E9:9D:C8:FA:D2:2E:3E:7F:98:DB:89:73
Certificate issuer: /CN=29b3a717665a1137e99dc8fad22e3e7f98db8973
Certificate serial: 019CAC4690B12E9EC06D5381F853B67529AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KbOnF2ZaETfpncj60i4-f5jbiXM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/KbOnF2ZaETfpncj60i4-f5jbiXM.mft
Manifest number: 184C
Signing time: Mon 02 Mar 2026 02:00:31 +0000
Manifest this update: Mon 02 Mar 2026 02:00:31 +0000
Manifest next update: Tue 03 Mar 2026 02:00:31 +0000
Files and hashes: 1: KbOnF2ZaETfpncj60i4-f5jbiXM.crl (hash: XOLkkvVaQL2uN/4SqAWJzydxgjP7av9SlBBhUBLjpgg=)
2: Ty9RnsnK3EDnysBvDikYp04oggo.roa (hash: oWmmAPgiMnRBuVQF4Wy8CU51nd17TmIJOxZ3k8HDTIo=)
3: VmNdh6laZxyVCC_g82mHnoN0sjg.roa (hash: fCIZoEHtubiL+1CEYbmHMAzOgcDhgRWMLUT6hfUtnUM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/KbOnF2ZaETfpncj60i4-f5jbiXM.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/KbOnF2ZaETfpncj60i4-f5jbiXM.mft
rsync://rpki.ripe.net/repository/DEFAULT/KbOnF2ZaETfpncj60i4-f5jbiXM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ac:46:90:b1:2e:9e:c0:6d:53:81:f8:53:b6:75:29:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29b3a717665a1137e99dc8fad22e3e7f98db8973
Validity
Not Before: Mar 2 02:00:31 2026 GMT
Not After : Mar 3 02:00:31 2026 GMT
Subject: CN=adea26e849483ad4e2ecfb35fc1ee961da51daeb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:6a:dc:71:d0:0b:43:8d:1b:9f:50:e9:9b:30:
a8:fb:74:e9:e3:93:91:9a:95:53:c4:28:e4:94:2e:
c0:14:79:52:13:fb:3b:28:05:d8:71:50:cc:7f:de:
d4:98:07:d5:34:99:c1:cb:84:54:23:90:27:a5:eb:
db:d4:10:f8:0c:95:35:53:9e:52:21:a9:33:ac:1d:
48:aa:0c:50:21:ce:98:41:9e:00:25:1e:a2:df:d9:
9a:b3:2b:4f:6d:28:16:b1:3c:d3:16:70:4d:70:ec:
dc:82:42:62:87:fb:c2:86:9d:75:82:61:c5:9b:af:
a0:6c:1b:cc:7b:f3:14:4a:d9:47:01:61:5d:2b:dd:
7f:bb:f7:6c:4b:e9:30:4c:a8:ab:37:ec:ed:f0:d3:
7c:56:2e:9c:fc:2b:7c:cc:55:37:b1:1e:bb:d8:4e:
88:6a:c7:b0:43:a3:d1:20:c6:be:82:cc:30:f3:6e:
91:76:c4:0f:32:83:5d:33:a1:11:65:6d:f6:28:40:
c5:c1:4a:cb:48:86:09:49:10:b2:97:e2:2a:7c:b1:
95:71:58:72:0d:19:f4:67:b4:fd:82:ed:ea:92:85:
a1:0a:bb:84:51:46:08:a3:81:83:d2:f7:8a:a7:96:
6b:d5:58:2f:dd:3a:ba:b0:73:94:3d:f4:a0:13:b7:
19:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:EA:26:E8:49:48:3A:D4:E2:EC:FB:35:FC:1E:E9:61:DA:51:DA:EB
X509v3 Authority Key Identifier:
keyid:29:B3:A7:17:66:5A:11:37:E9:9D:C8:FA:D2:2E:3E:7F:98:DB:89:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KbOnF2ZaETfpncj60i4-f5jbiXM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/KbOnF2ZaETfpncj60i4-f5jbiXM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/KbOnF2ZaETfpncj60i4-f5jbiXM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7a:17:d2:70:92:45:5d:77:13:4a:5a:17:c7:27:9a:6e:0a:32:
90:59:d1:a6:67:e6:46:da:9d:e3:a8:d0:fc:8a:21:83:9b:87:
33:29:20:29:46:0e:2e:20:bc:a3:70:48:80:62:2d:7c:f7:d6:
bf:30:3b:d1:80:e7:b0:7a:20:54:4e:e3:3c:7e:88:d1:3c:24:
0b:21:99:1e:45:00:30:9f:dd:7f:8e:35:db:c9:de:23:0c:57:
d1:fe:d6:e2:da:a6:24:52:2c:dd:6e:24:a3:fa:2c:8d:13:a4:
25:b4:83:13:a5:10:14:e6:69:7f:13:80:23:06:e8:a9:19:9d:
73:15:f3:82:a2:f8:6e:09:17:4c:4e:b5:63:2e:13:77:9e:79:
53:a6:aa:d1:3d:76:90:7b:22:1c:8e:b9:47:11:63:c7:ff:03:
17:b2:11:e5:7d:2b:a7:10:df:e9:8b:93:ac:a6:ed:4c:36:76:
bd:fb:ba:62:ce:a9:f9:a9:b3:88:7e:63:c5:f0:46:f5:21:b6:
bd:43:57:93:6f:73:40:7f:06:46:7d:7e:6e:8c:64:e6:d4:7f:
2d:3f:2d:1b:0d:28:51:41:56:a2:7c:e3:9a:04:87:9d:d7:8d:
ea:6c:2e:ca:74:f1:70:8e:af:4f:8f:46:8b:54:d2:bd:c9:ad:
84:b4:38:76
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZysRpCxLp7AbVOB+FO2dSmqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5YjNhNzE3NjY1YTExMzdlOTlkYzhmYWQyMmUzZTdmOThk
Yjg5NzMwHhcNMjYwMzAyMDIwMDMxWhcNMjYwMzAzMDIwMDMxWjAzMTEwLwYDVQQD
EyhhZGVhMjZlODQ5NDgzYWQ0ZTJlY2ZiMzVmYzFlZTk2MWRhNTFkYWViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6GrccdALQ40bn1DpmzCo+3Tp45OR
mpVTxCjklC7AFHlSE/s7KAXYcVDMf97UmAfVNJnBy4RUI5Anpevb1BD4DJU1U55S
IakzrB1IqgxQIc6YQZ4AJR6i39masytPbSgWsTzTFnBNcOzcgkJih/vChp11gmHF
m6+gbBvMe/MUStlHAWFdK91/u/dsS+kwTKirN+zt8NN8Vi6c/Ct8zFU3sR672E6I
asewQ6PRIMa+gsww826RdsQPMoNdM6ERZW32KEDFwUrLSIYJSRCyl+IqfLGVcVhy
DRn0Z7T9gu3qkoWhCruEUUYIo4GD0veKp5Zr1Vgv3Tq6sHOUPfSgE7cZ5wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK3qJuhJSDrU4uz7Nfwe6WHaUdrrMB8GA1UdIwQY
MBaAFCmzpxdmWhE36Z3I+tIuPn+Y24lzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2JPbkYyWmFFVGZwbmNqNjBpNC1mNWpiaVhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hY2QyOGUtNTJhZS00YWM5LWIwMjgt
NjY5ZjdhNzYxNjMxLzEvS2JPbkYyWmFFVGZwbmNqNjBpNC1mNWpiaVhNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hY2QyOGUtNTJhZS00YWM5LWIwMjgtNjY5ZjdhNzYxNjMx
LzEvS2JPbkYyWmFFVGZwbmNqNjBpNC1mNWpiaVhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAehfScJJF
XXcTSloXxyeabgoykFnRpmfmRtqd46jQ/Iohg5uHMykgKUYOLiC8o3BIgGItfPfW
vzA70YDnsHogVE7jPH6I0TwkCyGZHkUAMJ/df44128neIwxX0f7W4tqmJFIs3W4k
o/osjROkJbSDE6UQFOZpfxOAIwboqRmdcxXzgqL4bgkXTE61Yy4Td555U6aq0T12
kHsiHI65RxFjx/8DF7IR5X0rpxDf6YuTrKbtTDZ2vfu6Ys6p+amziH5jxfBG9SG2
vUNXk29zQH8GRn1+boxk5tR/LT8tGw0oUUFWonzjmgSHndeN6mwuynTxcI6vT49G
i1TSvcmthLQ4dg==
-----END CERTIFICATE-----
Generated at Mon Mar 2 09:18:45 2026 by rpki-client