Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/KbOnF2ZaETfpncj60i4-f5jbiXM.mft
File: KbOnF2ZaETfpncj60i4-f5jbiXM.mft (raw, json)
Hash identifier: QDnktPcFuxmOJYb/YD1bxuEzIAg5mSQLFUALjWLjhXM=
Subject key identifier: 09:15:0C:C3:A9:43:36:1B:37:0A:A6:27:A8:9F:33:3B:33:D5:92:C9
Authority key identifier: 29:B3:A7:17:66:5A:11:37:E9:9D:C8:FA:D2:2E:3E:7F:98:DB:89:73
Certificate issuer: /CN=29b3a717665a1137e99dc8fad22e3e7f98db8973
Certificate serial: 019D99D01645D0DB07315D80819A19A61DB8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KbOnF2ZaETfpncj60i4-f5jbiXM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/KbOnF2ZaETfpncj60i4-f5jbiXM.mft
Manifest number: 18C7
Signing time: Fri 17 Apr 2026 05:00:44 +0000
Manifest this update: Fri 17 Apr 2026 05:00:44 +0000
Manifest next update: Sat 18 Apr 2026 05:00:44 +0000
Files and hashes: 1: KbOnF2ZaETfpncj60i4-f5jbiXM.crl (hash: oeN1JcFM/4zGLQj9gIFvdk5qkl1jA4lYRQVA8SO7mfo=)
2: Ty9RnsnK3EDnysBvDikYp04oggo.roa (hash: oWmmAPgiMnRBuVQF4Wy8CU51nd17TmIJOxZ3k8HDTIo=)
3: VmNdh6laZxyVCC_g82mHnoN0sjg.roa (hash: fCIZoEHtubiL+1CEYbmHMAzOgcDhgRWMLUT6hfUtnUM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/KbOnF2ZaETfpncj60i4-f5jbiXM.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/KbOnF2ZaETfpncj60i4-f5jbiXM.mft
rsync://rpki.ripe.net/repository/DEFAULT/KbOnF2ZaETfpncj60i4-f5jbiXM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 05:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:99:d0:16:45:d0:db:07:31:5d:80:81:9a:19:a6:1d:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29b3a717665a1137e99dc8fad22e3e7f98db8973
Validity
Not Before: Apr 17 05:00:44 2026 GMT
Not After : Apr 18 05:00:44 2026 GMT
Subject: CN=09150cc3a943361b370aa627a89f333b33d592c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:61:51:ef:0f:64:00:d2:94:5a:6b:f6:55:9b:
53:84:f7:f6:ed:08:73:17:e2:3b:3c:14:44:b3:26:
ca:2b:f7:b7:37:30:50:f7:9e:d6:92:78:d8:be:36:
7c:da:e5:6d:ae:a0:4d:89:13:74:0d:45:20:63:c8:
fb:62:85:1d:83:ce:47:7f:93:58:97:1b:4c:66:62:
17:73:77:2c:51:c9:97:2e:87:d9:23:45:89:d4:2e:
db:e9:08:ae:5c:06:bd:d8:2a:e4:bf:46:52:66:74:
e4:c1:81:32:81:03:65:a7:a1:65:31:05:9d:b1:f1:
e8:b0:b7:e9:9d:5f:02:c9:41:2d:31:6b:ed:dc:9d:
0a:5c:3a:5f:b9:63:54:60:83:6b:4f:23:eb:a2:8a:
24:23:95:e4:0b:88:26:26:bf:51:b1:4c:f7:d3:f8:
5e:d9:16:f0:76:65:41:09:85:65:87:3d:0f:a7:0c:
7f:74:a3:40:79:de:f5:70:49:1a:af:49:8b:de:1b:
0d:a3:10:99:e2:ce:89:57:ad:a5:42:9f:83:cd:a2:
e5:ec:a7:5e:06:fe:cf:aa:cb:d4:64:ef:7c:9a:dc:
52:7a:73:b8:8d:dd:79:20:b9:4b:2c:9a:2a:b5:8d:
82:b2:86:ca:8e:7e:70:0e:b4:90:4e:41:68:44:96:
b0:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:15:0C:C3:A9:43:36:1B:37:0A:A6:27:A8:9F:33:3B:33:D5:92:C9
X509v3 Authority Key Identifier:
keyid:29:B3:A7:17:66:5A:11:37:E9:9D:C8:FA:D2:2E:3E:7F:98:DB:89:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KbOnF2ZaETfpncj60i4-f5jbiXM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/KbOnF2ZaETfpncj60i4-f5jbiXM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/KbOnF2ZaETfpncj60i4-f5jbiXM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
73:f2:9b:99:c1:da:f1:40:c1:93:cb:d0:62:30:e2:ec:cf:34:
a7:69:ab:42:d8:58:23:50:fc:e6:9d:6f:d5:9f:c4:58:bd:0d:
05:30:75:ac:68:6c:71:f0:9a:36:c0:ff:18:5d:f6:c9:04:4b:
b5:6a:2b:a4:d7:67:f4:60:53:93:c1:60:27:0c:25:f2:6d:61:
76:e6:1e:97:f9:65:dd:30:ec:a5:cd:82:08:92:2c:60:58:25:
f2:01:7a:19:78:3a:ce:bf:39:b5:7d:c4:27:cb:ab:d8:94:c0:
53:1f:e9:bc:24:9c:cc:c4:08:cc:74:59:e4:2a:e9:5f:95:bc:
92:da:39:0f:b9:cb:47:c1:c4:b2:af:13:9a:e5:77:8f:bc:c3:
fa:db:a4:d2:84:9f:9d:ce:f7:93:2a:b5:f7:91:bf:9f:1c:75:
97:e8:b7:70:81:cd:19:8a:a1:67:93:5f:3a:a2:85:08:ee:34:
c9:bd:3e:2c:5a:a1:d3:3e:70:b5:2a:bb:eb:2d:4b:a4:25:c6:
c7:62:7f:57:2f:98:70:63:ba:a7:4b:fe:37:e0:26:8d:30:8f:
a9:14:04:ff:ae:31:3f:62:98:7c:23:3a:f0:22:79:42:7b:41:
dc:4a:69:13:e1:41:9a:34:7e:c8:1e:71:d1:a5:14:ff:58:be:
20:1a:65:80
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Z0BZF0NsHMV2AgZoZph24MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5YjNhNzE3NjY1YTExMzdlOTlkYzhmYWQyMmUzZTdmOThk
Yjg5NzMwHhcNMjYwNDE3MDUwMDQ0WhcNMjYwNDE4MDUwMDQ0WjAzMTEwLwYDVQQD
EygwOTE1MGNjM2E5NDMzNjFiMzcwYWE2MjdhODlmMzMzYjMzZDU5MmM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6WFR7w9kANKUWmv2VZtThPf27Qhz
F+I7PBREsybKK/e3NzBQ957WknjYvjZ82uVtrqBNiRN0DUUgY8j7YoUdg85Hf5NY
lxtMZmIXc3csUcmXLofZI0WJ1C7b6QiuXAa92Crkv0ZSZnTkwYEygQNlp6FlMQWd
sfHosLfpnV8CyUEtMWvt3J0KXDpfuWNUYINrTyProookI5XkC4gmJr9RsUz30/he
2RbwdmVBCYVlhz0Ppwx/dKNAed71cEkar0mL3hsNoxCZ4s6JV62lQp+DzaLl7Kde
Bv7PqsvUZO98mtxSenO4jd15ILlLLJoqtY2CsobKjn5wDrSQTkFoRJawmwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAkVDMOpQzYbNwqmJ6ifMzsz1ZLJMB8GA1UdIwQY
MBaAFCmzpxdmWhE36Z3I+tIuPn+Y24lzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2JPbkYyWmFFVGZwbmNqNjBpNC1mNWpiaVhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hY2QyOGUtNTJhZS00YWM5LWIwMjgt
NjY5ZjdhNzYxNjMxLzEvS2JPbkYyWmFFVGZwbmNqNjBpNC1mNWpiaVhNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hY2QyOGUtNTJhZS00YWM5LWIwMjgtNjY5ZjdhNzYxNjMx
LzEvS2JPbkYyWmFFVGZwbmNqNjBpNC1mNWpiaVhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAc/KbmcHa
8UDBk8vQYjDi7M80p2mrQthYI1D85p1v1Z/EWL0NBTB1rGhscfCaNsD/GF32yQRL
tWorpNdn9GBTk8FgJwwl8m1hduYel/ll3TDspc2CCJIsYFgl8gF6GXg6zr85tX3E
J8ur2JTAUx/pvCSczMQIzHRZ5CrpX5W8kto5D7nLR8HEsq8TmuV3j7zD+tuk0oSf
nc73kyq195G/nxx1l+i3cIHNGYqhZ5NfOqKFCO40yb0+LFqh0z5wtSq76y1LpCXG
x2J/Vy+YcGO6p0v+N+AmjTCPqRQE/64xP2KYfCM68CJ5QntB3EppE+FBmjR+yB5x
0aUU/1i+IBplgA==
-----END CERTIFICATE-----
Generated at Fri Apr 17 10:00:22 2026 by rpki-client