Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/95535b-e630-457f-8a01-aeae5bbc3920/1/KBZKV1f91XJaYIRPKufvc7EHpMA.mft
File: KBZKV1f91XJaYIRPKufvc7EHpMA.mft (raw, json)
Hash identifier: bJktkClM1kn4cY/6Uxi5+gtOyhY14uZLrY2hSUzgiwo=
Subject key identifier: AB:1D:74:2B:50:37:6F:05:17:63:74:41:C1:AB:23:44:D7:2F:22:8D
Authority key identifier: 28:16:4A:57:57:FD:D5:72:5A:60:84:4F:2A:E7:EF:73:B1:07:A4:C0
Certificate issuer: /CN=28164a5757fdd5725a60844f2ae7ef73b107a4c0
Certificate serial: 019EC3A5BD8B3E58EF120C902736A538A6D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KBZKV1f91XJaYIRPKufvc7EHpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/95535b-e630-457f-8a01-aeae5bbc3920/1/KBZKV1f91XJaYIRPKufvc7EHpMA.mft
Manifest number: 195A
Signing time: Sun 14 Jun 2026 01:01:19 +0000
Manifest this update: Sun 14 Jun 2026 01:01:19 +0000
Manifest next update: Mon 15 Jun 2026 01:01:19 +0000
Files and hashes: 1: 744IgXzHRA7i_KaZPXPHUM0eSxg.roa (hash: eqDQW7MUEHWcKNovBhhfViXrkME1qg3sj67Td6hUu3A=)
2: KBZKV1f91XJaYIRPKufvc7EHpMA.crl (hash: dIGhYzu2PHw7/j2jjjUDDkQW/zm0yn4stX14N0SfPZA=)
3: Q9Hzj6xYvSgvTk1AgA8SSFlzHjw.roa (hash: zRP8z6fqTAhTFBNH4EqdLJ2KR4AhqadHe/YBKRqTMqA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/95535b-e630-457f-8a01-aeae5bbc3920/1/KBZKV1f91XJaYIRPKufvc7EHpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/38/95535b-e630-457f-8a01-aeae5bbc3920/1/KBZKV1f91XJaYIRPKufvc7EHpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/KBZKV1f91XJaYIRPKufvc7EHpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 19:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:c3:a5:bd:8b:3e:58:ef:12:0c:90:27:36:a5:38:a6:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28164a5757fdd5725a60844f2ae7ef73b107a4c0
Validity
Not Before: Jun 14 01:01:19 2026 GMT
Not After : Jun 15 01:01:19 2026 GMT
Subject: CN=ab1d742b50376f0517637441c1ab2344d72f228d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:67:43:a9:6b:1a:57:a5:07:07:cc:eb:94:4d:
5b:58:85:c5:94:1b:d4:91:e0:82:fa:f4:ce:0e:2d:
48:5c:61:c6:e6:19:8e:d0:b3:ed:8e:77:7c:bf:83:
22:1a:21:5b:3d:34:05:c7:aa:ed:55:25:40:ae:ea:
1c:e3:4a:2d:04:bd:92:7b:2d:44:41:3e:65:5e:63:
39:2f:7e:23:5b:01:3a:78:8b:ae:e2:30:38:6e:62:
71:a7:57:16:08:f5:e9:c5:2f:6f:91:ca:8a:d7:b8:
ea:34:13:fd:3b:c1:bf:04:1f:85:63:dc:40:4a:4c:
87:7c:df:f3:41:03:66:2f:21:1a:80:92:0e:79:b3:
78:1e:96:1d:0a:20:44:24:1f:3c:b7:1a:dd:0e:a4:
23:92:7d:08:55:37:00:a5:82:f7:53:7a:82:d7:4e:
aa:dd:31:58:78:fb:b4:bd:a3:f6:33:91:15:a1:fd:
3a:19:4c:f9:2a:00:70:4e:4b:02:82:2d:57:01:be:
a7:f8:82:c9:25:8b:9b:a8:75:2d:3d:ab:7e:97:69:
07:a2:7b:d5:1c:3f:11:a2:07:ac:cb:48:f5:19:6b:
32:ec:66:44:7d:8f:3a:a7:1e:ad:3f:b9:e7:9d:10:
64:11:95:f5:40:34:23:4a:b1:9b:25:f6:46:c1:f7:
54:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:1D:74:2B:50:37:6F:05:17:63:74:41:C1:AB:23:44:D7:2F:22:8D
X509v3 Authority Key Identifier:
keyid:28:16:4A:57:57:FD:D5:72:5A:60:84:4F:2A:E7:EF:73:B1:07:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KBZKV1f91XJaYIRPKufvc7EHpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/95535b-e630-457f-8a01-aeae5bbc3920/1/KBZKV1f91XJaYIRPKufvc7EHpMA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/95535b-e630-457f-8a01-aeae5bbc3920/1/KBZKV1f91XJaYIRPKufvc7EHpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5f:4a:43:f8:48:51:e4:29:0b:41:f0:ac:65:79:1a:09:fc:85:
03:be:07:41:95:1f:dc:90:de:da:3e:ce:b1:27:dc:2d:f9:1a:
d5:d4:9c:79:68:6a:3d:81:17:1e:ef:82:a1:bf:34:eb:12:03:
61:fc:a2:4c:b3:5a:8b:65:6b:b3:9a:9a:68:77:6a:e5:16:2e:
dc:3e:92:2e:9f:6d:91:f7:e8:69:42:60:88:e4:09:3e:c0:3c:
36:04:42:d4:75:26:29:36:33:57:97:1e:b4:d6:b2:d7:93:c0:
27:82:97:a6:ed:61:01:d3:aa:d6:76:94:2d:4c:f8:25:5f:18:
34:97:da:cc:7b:a0:be:b3:f1:0b:4b:21:ad:c0:84:6b:56:01:
30:c5:80:73:d0:4d:be:ff:bf:86:1a:fa:aa:33:a7:3b:e6:9b:
81:98:49:8d:15:09:ae:8a:2e:8f:0b:fa:a9:5e:5a:83:98:21:
77:a2:b7:bf:ff:e3:d5:7c:8a:e4:47:c4:a1:93:5f:2f:9e:ee:
a9:d7:aa:56:fd:0e:86:6a:df:fe:98:2b:a5:ac:3e:eb:61:ea:
21:39:16:c0:a6:14:da:db:1a:2a:63:cc:f8:5d:cc:bb:67:d9:
b7:45:2c:9e:ed:d8:26:bb:ea:21:ac:ec:ef:b1:dc:3a:89:7c:
93:d4:05:8a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ7Dpb2LPljvEgyQJzalOKbXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4MTY0YTU3NTdmZGQ1NzI1YTYwODQ0ZjJhZTdlZjczYjEw
N2E0YzAwHhcNMjYwNjE0MDEwMTE5WhcNMjYwNjE1MDEwMTE5WjAzMTEwLwYDVQQD
EyhhYjFkNzQyYjUwMzc2ZjA1MTc2Mzc0NDFjMWFiMjM0NGQ3MmYyMjhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyGdDqWsaV6UHB8zrlE1bWIXFlBvU
keCC+vTODi1IXGHG5hmO0LPtjnd8v4MiGiFbPTQFx6rtVSVAruoc40otBL2Sey1E
QT5lXmM5L34jWwE6eIuu4jA4bmJxp1cWCPXpxS9vkcqK17jqNBP9O8G/BB+FY9xA
SkyHfN/zQQNmLyEagJIOebN4HpYdCiBEJB88txrdDqQjkn0IVTcApYL3U3qC106q
3TFYePu0vaP2M5EVof06GUz5KgBwTksCgi1XAb6n+ILJJYubqHUtPat+l2kHonvV
HD8Rogesy0j1GWsy7GZEfY86px6tP7nnnRBkEZX1QDQjSrGbJfZGwfdUJwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKsddCtQN28FF2N0QcGrI0TXLyKNMB8GA1UdIwQY
MBaAFCgWSldX/dVyWmCETyrn73OxB6TAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0JaS1YxZjkxWEphWUlSUEt1ZnZjN0VIcE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC85NTUzNWItZTYzMC00NTdmLThhMDEt
YWVhZTViYmMzOTIwLzEvS0JaS1YxZjkxWEphWUlSUEt1ZnZjN0VIcE1BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC85NTUzNWItZTYzMC00NTdmLThhMDEtYWVhZTViYmMzOTIw
LzEvS0JaS1YxZjkxWEphWUlSUEt1ZnZjN0VIcE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAX0pD+EhR
5CkLQfCsZXkaCfyFA74HQZUf3JDe2j7OsSfcLfka1dSceWhqPYEXHu+Cob806xID
YfyiTLNai2Vrs5qaaHdq5RYu3D6SLp9tkffoaUJgiOQJPsA8NgRC1HUmKTYzV5ce
tNay15PAJ4KXpu1hAdOq1naULUz4JV8YNJfazHugvrPxC0shrcCEa1YBMMWAc9BN
vv+/hhr6qjOnO+abgZhJjRUJrooujwv6qV5ag5ghd6K3v//j1XyK5EfEoZNfL57u
qdeqVv0Ohmrf/pgrpaw+62HqITkWwKYU2tsaKmPM+F3Mu2fZt0Usnu3YJrvqIazs
77HcOol8k9QFig==
-----END CERTIFICATE-----
Generated at Sun Jun 14 05:44:13 2026 by rpki-client