Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/be370e-6729-4df7-aabe-0a525b69db8f/1/kMABN-5t-utOpII7wXPDvAADHfk.mft
File: kMABN-5t-utOpII7wXPDvAADHfk.mft (raw, json)
Hash identifier: QOP3CVHvNP4dJ+EfLGfvaWuOXqbJiKTpArwETkvYwjs=
Subject key identifier: B7:F9:25:D9:DC:6B:F4:C5:F2:6B:55:8B:CE:25:E6:ED:4E:43:5D:03
Authority key identifier: 90:C0:01:37:EE:6D:FA:EB:4E:A4:82:3B:C1:73:C3:BC:00:03:1D:F9
Certificate issuer: /CN=90c00137ee6dfaeb4ea4823bc173c3bc00031df9
Certificate serial: 019CABA1F39AC16191AAA60CD01D0C5A644E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kMABN-5t-utOpII7wXPDvAADHfk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/be370e-6729-4df7-aabe-0a525b69db8f/1/kMABN-5t-utOpII7wXPDvAADHfk.mft
Manifest number: 082C
Signing time: Sun 01 Mar 2026 23:00:43 +0000
Manifest this update: Sun 01 Mar 2026 23:00:43 +0000
Manifest next update: Mon 02 Mar 2026 23:00:43 +0000
Files and hashes: 1: O-5YbSnsrHJq6CYXfN6lS0bXHtU.roa (hash: m5fRexPWtu8YYbrVFGnW8/Uexvsppoei1HeT805HRHA=)
2: kMABN-5t-utOpII7wXPDvAADHfk.crl (hash: 0dQZjCx/D5ip6Xfa5gakQABw3R6NuJEW+pE/Z2lasbA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/be370e-6729-4df7-aabe-0a525b69db8f/1/kMABN-5t-utOpII7wXPDvAADHfk.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/be370e-6729-4df7-aabe-0a525b69db8f/1/kMABN-5t-utOpII7wXPDvAADHfk.mft
rsync://rpki.ripe.net/repository/DEFAULT/kMABN-5t-utOpII7wXPDvAADHfk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 23:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ab:a1:f3:9a:c1:61:91:aa:a6:0c:d0:1d:0c:5a:64:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90c00137ee6dfaeb4ea4823bc173c3bc00031df9
Validity
Not Before: Mar 1 23:00:43 2026 GMT
Not After : Mar 2 23:00:43 2026 GMT
Subject: CN=b7f925d9dc6bf4c5f26b558bce25e6ed4e435d03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:00:5a:46:eb:a5:56:9b:4b:49:68:44:ca:36:
5e:13:4d:ad:e0:0a:ae:97:3d:84:16:c1:ff:77:bd:
4f:97:92:1d:a2:37:81:ae:39:88:26:78:c6:7e:45:
e0:41:30:54:c4:1b:4f:4d:8e:c9:b6:f1:0e:c3:06:
b0:4e:b2:19:eb:92:37:28:e8:f7:c3:ec:ba:1c:08:
39:2a:3f:0d:60:d3:ec:28:af:c9:97:4e:4b:ff:cd:
e4:34:4c:3f:96:13:23:c5:ca:73:1c:9e:1f:b4:2b:
02:e4:48:1a:6c:22:fc:70:60:b9:04:bf:71:6d:61:
34:a2:12:8a:5f:a2:71:1e:6a:46:0e:9a:a0:3f:77:
83:62:17:1b:dd:a9:6a:1a:ae:68:a4:fb:60:20:89:
42:3f:14:74:bf:45:ca:7a:c8:f2:dc:fb:14:38:41:
d2:7a:7a:9d:e5:79:e2:de:b2:d3:17:70:06:f5:bc:
ad:4c:bc:dc:59:4f:89:5e:d4:43:5b:2c:a1:06:8a:
8b:08:fa:18:ed:b3:83:e4:79:33:45:68:fb:c3:d5:
ad:7c:a7:0d:7b:43:cf:0f:98:f9:be:ec:5d:55:60:
b6:8d:1c:c2:fd:f3:51:0a:55:0d:70:40:80:90:bc:
4a:92:6a:36:af:cb:3a:ba:62:3d:82:9d:2c:13:2a:
f2:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:F9:25:D9:DC:6B:F4:C5:F2:6B:55:8B:CE:25:E6:ED:4E:43:5D:03
X509v3 Authority Key Identifier:
keyid:90:C0:01:37:EE:6D:FA:EB:4E:A4:82:3B:C1:73:C3:BC:00:03:1D:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kMABN-5t-utOpII7wXPDvAADHfk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/be370e-6729-4df7-aabe-0a525b69db8f/1/kMABN-5t-utOpII7wXPDvAADHfk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/be370e-6729-4df7-aabe-0a525b69db8f/1/kMABN-5t-utOpII7wXPDvAADHfk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3d:2e:cf:e9:d3:19:0c:8a:f6:cc:3a:dc:ff:f8:53:cd:da:97:
89:56:3e:e3:52:81:8b:88:8a:d7:f4:41:bc:63:e4:db:4b:e6:
15:0b:c5:b8:1d:45:8a:c7:58:83:0e:f5:f9:72:78:45:42:cf:
60:c9:dc:d6:e3:ed:20:16:6c:f7:92:db:3b:95:91:c7:62:eb:
f1:4b:16:60:06:69:ba:60:b2:e2:f2:13:ba:52:0d:a0:7d:ea:
23:32:e0:75:ab:07:9f:f5:c2:0a:93:1b:79:2a:b4:93:f9:4d:
38:ac:04:e1:2b:c8:4e:19:eb:56:95:e3:ea:81:7c:5c:40:7e:
a3:03:77:02:95:b5:f4:e3:a4:99:d3:2f:c2:05:02:5f:13:e0:
6b:92:4a:50:2c:8c:25:b4:af:57:10:b7:7d:7f:f0:32:83:30:
a1:6e:ea:97:cd:58:98:c3:8f:63:f9:32:e0:e7:2e:a4:3a:b0:
d7:30:26:76:f2:c6:4b:a8:fb:94:28:5d:3b:ce:ca:b6:c1:33:
00:96:a9:52:d9:ac:af:a0:41:17:08:c7:f8:1b:28:dc:fb:e7:
58:3f:b3:9e:37:42:f0:4d:8a:a3:bb:f2:7e:ac:1c:8a:89:c8:
77:a3:da:d3:90:fe:21:4a:a1:3d:83:03:e4:46:28:a6:07:a0:
0b:74:42:e8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyrofOawWGRqqYM0B0MWmROMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwYzAwMTM3ZWU2ZGZhZWI0ZWE0ODIzYmMxNzNjM2JjMDAw
MzFkZjkwHhcNMjYwMzAxMjMwMDQzWhcNMjYwMzAyMjMwMDQzWjAzMTEwLwYDVQQD
EyhiN2Y5MjVkOWRjNmJmNGM1ZjI2YjU1OGJjZTI1ZTZlZDRlNDM1ZDAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkQBaRuulVptLSWhEyjZeE02t4Aqu
lz2EFsH/d71Pl5IdojeBrjmIJnjGfkXgQTBUxBtPTY7JtvEOwwawTrIZ65I3KOj3
w+y6HAg5Kj8NYNPsKK/Jl05L/83kNEw/lhMjxcpzHJ4ftCsC5EgabCL8cGC5BL9x
bWE0ohKKX6JxHmpGDpqgP3eDYhcb3alqGq5opPtgIIlCPxR0v0XKesjy3PsUOEHS
enqd5Xni3rLTF3AG9bytTLzcWU+JXtRDWyyhBoqLCPoY7bOD5HkzRWj7w9WtfKcN
e0PPD5j5vuxdVWC2jRzC/fNRClUNcECAkLxKkmo2r8s6umI9gp0sEyry2QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLf5Jdnca/TF8mtVi84l5u1OQ10DMB8GA1UdIwQY
MBaAFJDAATfubfrrTqSCO8Fzw7wAAx35MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva01BQk4tNXQtdXRPcElJN3dYUER2QUFESGZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9iZTM3MGUtNjcyOS00ZGY3LWFhYmUt
MGE1MjViNjlkYjhmLzEva01BQk4tNXQtdXRPcElJN3dYUER2QUFESGZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9iZTM3MGUtNjcyOS00ZGY3LWFhYmUtMGE1MjViNjlkYjhm
LzEva01BQk4tNXQtdXRPcElJN3dYUER2QUFESGZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPS7P6dMZ
DIr2zDrc//hTzdqXiVY+41KBi4iK1/RBvGPk20vmFQvFuB1FisdYgw71+XJ4RULP
YMnc1uPtIBZs95LbO5WRx2Lr8UsWYAZpumCy4vITulINoH3qIzLgdasHn/XCCpMb
eSq0k/lNOKwE4SvIThnrVpXj6oF8XEB+owN3ApW19OOkmdMvwgUCXxPga5JKUCyM
JbSvVxC3fX/wMoMwoW7ql81YmMOPY/ky4OcupDqw1zAmdvLGS6j7lChdO87KtsEz
AJapUtmsr6BBFwjH+Bso3PvnWD+znjdC8E2Ko7vyfqwcionId6Pa05D+IUqhPYMD
5EYopgegC3RC6A==
-----END CERTIFICATE-----
Generated at Mon Mar 2 05:37:38 2026 by rpki-client