Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/95535b-e630-457f-8a01-aeae5bbc3920/1/KBZKV1f91XJaYIRPKufvc7EHpMA.mft
File: KBZKV1f91XJaYIRPKufvc7EHpMA.mft (raw, json)
Hash identifier: qVZzEj7ewNiSDlWN2c8r4GGHVjQGXmmngSMzQGTVJ9o=
Subject key identifier: 32:7E:18:33:78:82:F3:56:CB:FE:8E:72:67:39:7D:24:15:8A:50:DC
Authority key identifier: 28:16:4A:57:57:FD:D5:72:5A:60:84:4F:2A:E7:EF:73:B1:07:A4:C0
Certificate issuer: /CN=28164a5757fdd5725a60844f2ae7ef73b107a4c0
Certificate serial: 019CAAC6B9C8B7ADF7AD7186A7DF0295BA82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KBZKV1f91XJaYIRPKufvc7EHpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/95535b-e630-457f-8a01-aeae5bbc3920/1/KBZKV1f91XJaYIRPKufvc7EHpMA.mft
Manifest number: 1844
Signing time: Sun 01 Mar 2026 19:01:16 +0000
Manifest this update: Sun 01 Mar 2026 19:01:16 +0000
Manifest next update: Mon 02 Mar 2026 19:01:16 +0000
Files and hashes: 1: 744IgXzHRA7i_KaZPXPHUM0eSxg.roa (hash: eqDQW7MUEHWcKNovBhhfViXrkME1qg3sj67Td6hUu3A=)
2: KBZKV1f91XJaYIRPKufvc7EHpMA.crl (hash: Me7SbnDiPXjLx5etnePs6oIBkxcRPC9QEPgQFCg5p8I=)
3: Q9Hzj6xYvSgvTk1AgA8SSFlzHjw.roa (hash: zRP8z6fqTAhTFBNH4EqdLJ2KR4AhqadHe/YBKRqTMqA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/95535b-e630-457f-8a01-aeae5bbc3920/1/KBZKV1f91XJaYIRPKufvc7EHpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/38/95535b-e630-457f-8a01-aeae5bbc3920/1/KBZKV1f91XJaYIRPKufvc7EHpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/KBZKV1f91XJaYIRPKufvc7EHpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:aa:c6:b9:c8:b7:ad:f7:ad:71:86:a7:df:02:95:ba:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28164a5757fdd5725a60844f2ae7ef73b107a4c0
Validity
Not Before: Mar 1 19:01:16 2026 GMT
Not After : Mar 2 19:01:16 2026 GMT
Subject: CN=327e18337882f356cbfe8e7267397d24158a50dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:4f:06:71:eb:3c:be:b6:fc:a1:58:fd:6c:e9:
52:ed:eb:cb:16:0d:88:d4:fa:b3:f6:cd:e5:7c:38:
e1:14:39:f3:44:3e:d6:3b:b8:3e:cf:09:79:f8:c6:
24:8b:09:03:d9:6f:b0:70:1e:58:12:e2:a2:e3:bd:
d8:b6:05:65:4e:0d:55:cd:29:0a:00:4f:7c:e8:4b:
70:25:7d:6b:e9:df:8d:eb:23:ae:30:78:d9:4d:6d:
8c:49:ee:a9:ad:36:d4:51:ff:a2:70:0e:51:f6:a7:
01:a5:47:47:f4:f5:c6:09:92:97:d0:90:fb:41:40:
4f:ff:4d:90:99:c8:93:52:8a:6c:f4:0f:32:6b:e9:
02:a9:84:73:17:59:b9:2a:fc:cf:9d:7f:ee:83:da:
65:11:ca:05:2c:ea:d4:a5:bb:7b:82:c9:d7:e9:54:
f0:25:ba:4d:b2:66:5f:e5:8f:7b:4c:3a:33:4e:b4:
6f:6a:fe:c2:be:8a:d7:19:f6:ff:ee:f8:5a:76:84:
b6:e3:e5:81:4e:6f:fb:44:08:c5:09:0e:61:ff:78:
88:bf:73:e8:f0:e0:af:69:f3:d0:ed:60:2c:81:de:
c2:93:b5:8a:2e:f1:84:a7:a0:7d:42:93:4c:0f:b5:
ad:28:a6:07:9b:8c:a8:44:8b:04:63:5c:ce:7d:0a:
a5:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:7E:18:33:78:82:F3:56:CB:FE:8E:72:67:39:7D:24:15:8A:50:DC
X509v3 Authority Key Identifier:
keyid:28:16:4A:57:57:FD:D5:72:5A:60:84:4F:2A:E7:EF:73:B1:07:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KBZKV1f91XJaYIRPKufvc7EHpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/95535b-e630-457f-8a01-aeae5bbc3920/1/KBZKV1f91XJaYIRPKufvc7EHpMA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/95535b-e630-457f-8a01-aeae5bbc3920/1/KBZKV1f91XJaYIRPKufvc7EHpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
82:84:4e:8f:23:21:d8:c0:9f:b9:c0:5c:61:08:dc:46:b9:df:
a0:e1:38:af:45:29:17:54:92:31:80:43:c4:31:41:fe:d5:03:
ae:2b:79:df:08:a9:2c:ef:22:a9:20:f7:8b:16:f6:51:99:7a:
60:b2:e5:b1:26:a0:74:ec:ba:57:58:f3:bb:55:90:ec:03:04:
71:ab:09:34:57:f4:26:07:54:5e:82:0f:2a:3a:b8:4f:eb:89:
05:9e:d1:a4:07:6f:6d:31:b2:02:0c:38:cf:9f:c9:f6:64:86:
2b:c4:12:9e:46:27:0b:ad:d4:1c:05:b5:87:bc:91:72:65:8f:
7d:11:60:9f:81:2c:77:77:fa:1c:f3:92:f3:82:c1:f0:ee:cd:
d8:29:cc:8b:55:16:c3:e3:29:c9:76:fb:55:a7:08:93:9a:8d:
b0:fe:71:ea:4d:3c:07:a9:13:eb:a5:7f:c1:80:63:7e:1c:bb:
36:70:22:e5:e1:a7:e8:71:7d:4d:aa:53:ba:68:7b:01:5a:c2:
dc:6e:56:f5:94:d7:c2:a6:48:63:c7:dc:70:31:31:f6:d9:3d:
d0:20:30:e8:92:25:27:e4:6c:45:4e:40:1f:fd:c1:73:a5:ee:
cc:58:d6:23:2f:b0:22:25:ad:ae:6d:69:c1:dc:87:1e:fa:cd:
9e:3f:e9:05
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqxrnIt633rXGGp98ClbqCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4MTY0YTU3NTdmZGQ1NzI1YTYwODQ0ZjJhZTdlZjczYjEw
N2E0YzAwHhcNMjYwMzAxMTkwMTE2WhcNMjYwMzAyMTkwMTE2WjAzMTEwLwYDVQQD
EygzMjdlMTgzMzc4ODJmMzU2Y2JmZThlNzI2NzM5N2QyNDE1OGE1MGRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxE8Gces8vrb8oVj9bOlS7evLFg2I
1Pqz9s3lfDjhFDnzRD7WO7g+zwl5+MYkiwkD2W+wcB5YEuKi473YtgVlTg1VzSkK
AE986EtwJX1r6d+N6yOuMHjZTW2MSe6prTbUUf+icA5R9qcBpUdH9PXGCZKX0JD7
QUBP/02QmciTUops9A8ya+kCqYRzF1m5KvzPnX/ug9plEcoFLOrUpbt7gsnX6VTw
JbpNsmZf5Y97TDozTrRvav7CvorXGfb/7vhadoS24+WBTm/7RAjFCQ5h/3iIv3Po
8OCvafPQ7WAsgd7Ck7WKLvGEp6B9QpNMD7WtKKYHm4yoRIsEY1zOfQqlYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDJ+GDN4gvNWy/6Ocmc5fSQVilDcMB8GA1UdIwQY
MBaAFCgWSldX/dVyWmCETyrn73OxB6TAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0JaS1YxZjkxWEphWUlSUEt1ZnZjN0VIcE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC85NTUzNWItZTYzMC00NTdmLThhMDEt
YWVhZTViYmMzOTIwLzEvS0JaS1YxZjkxWEphWUlSUEt1ZnZjN0VIcE1BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC85NTUzNWItZTYzMC00NTdmLThhMDEtYWVhZTViYmMzOTIw
LzEvS0JaS1YxZjkxWEphWUlSUEt1ZnZjN0VIcE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgoROjyMh
2MCfucBcYQjcRrnfoOE4r0UpF1SSMYBDxDFB/tUDrit53wipLO8iqSD3ixb2UZl6
YLLlsSagdOy6V1jzu1WQ7AMEcasJNFf0JgdUXoIPKjq4T+uJBZ7RpAdvbTGyAgw4
z5/J9mSGK8QSnkYnC63UHAW1h7yRcmWPfRFgn4Esd3f6HPOS84LB8O7N2CnMi1UW
w+MpyXb7VacIk5qNsP5x6k08B6kT66V/wYBjfhy7NnAi5eGn6HF9TapTumh7AVrC
3G5W9ZTXwqZIY8fccDEx9tk90CAw6JIlJ+RsRU5AH/3Bc6XuzFjWIy+wIiWtrm1p
wdyHHvrNnj/pBQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:58:51 2026 by rpki-client