Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/0347d3-e54c-44c0-8f7a-4514374e6ffa/1/kcHIW_XFNHGpl--fqZnQwWvoVEQ.mft
File: kcHIW_XFNHGpl--fqZnQwWvoVEQ.mft (raw, json)
Hash identifier: DRyLpQeYCcUiA5oDjshhELyPfspwukjwrTX5Te2V70s=
Subject key identifier: CA:CD:DD:96:CC:E7:9E:53:DC:51:57:04:43:29:0B:0D:B9:DD:7B:C3
Authority key identifier: 91:C1:C8:5B:F5:C5:34:71:A9:97:EF:9F:A9:99:D0:C1:6B:E8:54:44
Certificate issuer: /CN=91c1c85bf5c53471a997ef9fa999d0c16be85444
Certificate serial: 019D999998CE3826181A2CC8865D01B83729
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kcHIW_XFNHGpl--fqZnQwWvoVEQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/0347d3-e54c-44c0-8f7a-4514374e6ffa/1/kcHIW_XFNHGpl--fqZnQwWvoVEQ.mft
Manifest number: 18CE
Signing time: Fri 17 Apr 2026 04:01:13 +0000
Manifest this update: Fri 17 Apr 2026 04:01:13 +0000
Manifest next update: Sat 18 Apr 2026 04:01:13 +0000
Files and hashes: 1: kcHIW_XFNHGpl--fqZnQwWvoVEQ.crl (hash: vA89JrRxWymx3K2F85KrnHzsK3DnUcKqOy7X4NsMXOg=)
2: oPGWWYaAX9Sd9i7DrFXYN9EHrLY.roa (hash: gWn6/oluANX78L0hnctxoTZX7zawfsnjM4XEj/gL06s=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/0347d3-e54c-44c0-8f7a-4514374e6ffa/1/kcHIW_XFNHGpl--fqZnQwWvoVEQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/40/0347d3-e54c-44c0-8f7a-4514374e6ffa/1/kcHIW_XFNHGpl--fqZnQwWvoVEQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/kcHIW_XFNHGpl--fqZnQwWvoVEQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 04:01:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:99:99:98:ce:38:26:18:1a:2c:c8:86:5d:01:b8:37:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91c1c85bf5c53471a997ef9fa999d0c16be85444
Validity
Not Before: Apr 17 04:01:13 2026 GMT
Not After : Apr 18 04:01:13 2026 GMT
Subject: CN=cacddd96cce79e53dc51570443290b0db9dd7bc3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:8d:21:60:78:69:26:a8:d8:44:08:3e:3a:1c:
fb:ae:4a:7e:76:c3:72:4a:45:dc:51:50:a9:2c:e2:
d8:fa:11:6f:5d:54:b3:bb:e1:46:39:3d:9b:df:98:
43:ae:54:96:0c:6b:6a:b5:81:7a:1e:55:de:af:16:
4a:45:bf:c3:56:aa:1b:39:ec:1e:2d:d0:18:b2:34:
8b:83:7e:60:7f:6f:52:b5:f8:33:7e:1c:53:4e:24:
9e:79:44:52:f3:ed:66:e1:18:0a:b8:02:96:28:15:
c0:ec:dc:85:04:b8:65:18:77:3d:8f:8b:3a:9f:02:
b8:eb:56:a6:a3:00:20:42:79:58:14:40:51:ef:86:
de:20:2c:76:4b:e3:92:ad:34:a4:c4:f3:1d:60:5e:
bd:bb:29:88:30:b4:53:c4:92:da:75:cd:3d:b4:fd:
c0:25:61:d4:c3:e1:8f:8a:88:c6:30:2a:1a:c4:96:
ab:c6:69:37:c0:85:e4:8b:85:b9:8b:d1:7b:94:b1:
3f:f4:14:2b:c0:c8:5a:91:c0:82:fe:d0:9d:1e:e0:
77:dc:8c:6b:8c:eb:44:99:61:7a:b4:20:c9:6a:4a:
cc:04:1c:c6:f9:22:f3:e5:74:96:24:72:83:77:ed:
54:90:5d:d4:56:11:f0:3a:88:c3:0e:6f:67:63:df:
d3:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:CD:DD:96:CC:E7:9E:53:DC:51:57:04:43:29:0B:0D:B9:DD:7B:C3
X509v3 Authority Key Identifier:
keyid:91:C1:C8:5B:F5:C5:34:71:A9:97:EF:9F:A9:99:D0:C1:6B:E8:54:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kcHIW_XFNHGpl--fqZnQwWvoVEQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/0347d3-e54c-44c0-8f7a-4514374e6ffa/1/kcHIW_XFNHGpl--fqZnQwWvoVEQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/0347d3-e54c-44c0-8f7a-4514374e6ffa/1/kcHIW_XFNHGpl--fqZnQwWvoVEQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
63:3b:56:f1:56:1c:e3:d7:d5:85:cd:f3:b4:c9:0b:c6:88:1a:
dc:8b:77:d6:b1:52:92:32:b0:ab:f4:2b:68:c5:a3:29:b6:06:
54:f2:c0:ae:fd:b9:59:a8:b6:4b:ed:db:32:c4:7b:23:f4:b3:
dc:ce:3c:76:06:b5:c9:a2:2b:c5:2b:03:03:da:59:ee:93:77:
4c:0e:a2:aa:4f:76:bc:ef:e7:e0:e6:d9:de:91:0d:cd:56:76:
7a:10:6b:58:59:97:28:6e:68:93:68:5d:08:4b:b2:30:ec:b2:
29:b2:57:9c:3c:43:0e:d3:57:85:19:99:16:bb:e3:d3:57:6f:
a9:fc:dd:cc:5c:41:ce:46:26:4c:4c:ab:9f:26:28:8d:8a:7c:
54:0e:fd:5d:ef:00:4c:68:d1:16:f5:0b:9f:13:67:f1:26:66:
26:c0:07:bb:9d:f9:15:46:b2:cf:4b:8c:90:f8:84:d7:93:5f:
71:4e:4f:e2:41:4f:8e:e2:0a:64:bf:05:6e:f2:23:b1:19:38:
ea:e2:fb:83:92:9c:3f:20:7f:cc:b3:af:cd:25:dd:e6:f6:85:
0d:20:48:82:8d:cf:ab:c7:ec:5c:cc:d4:7f:7f:cb:4e:e7:a4:
22:1e:76:07:37:2d:b8:37:1f:f3:bc:cf:e2:a9:69:e5:a7:97:
d3:c1:81:2e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2ZmZjOOCYYGizIhl0BuDcpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxYzFjODViZjVjNTM0NzFhOTk3ZWY5ZmE5OTlkMGMxNmJl
ODU0NDQwHhcNMjYwNDE3MDQwMTEzWhcNMjYwNDE4MDQwMTEzWjAzMTEwLwYDVQQD
EyhjYWNkZGQ5NmNjZTc5ZTUzZGM1MTU3MDQ0MzI5MGIwZGI5ZGQ3YmMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9Y0hYHhpJqjYRAg+Ohz7rkp+dsNy
SkXcUVCpLOLY+hFvXVSzu+FGOT2b35hDrlSWDGtqtYF6HlXerxZKRb/DVqobOewe
LdAYsjSLg35gf29StfgzfhxTTiSeeURS8+1m4RgKuAKWKBXA7NyFBLhlGHc9j4s6
nwK461amowAgQnlYFEBR74beICx2S+OSrTSkxPMdYF69uymIMLRTxJLadc09tP3A
JWHUw+GPiojGMCoaxJarxmk3wIXki4W5i9F7lLE/9BQrwMhakcCC/tCdHuB33Ixr
jOtEmWF6tCDJakrMBBzG+SLz5XSWJHKDd+1UkF3UVhHwOojDDm9nY9/T+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMrN3ZbM555T3FFXBEMpCw253XvDMB8GA1UdIwQY
MBaAFJHByFv1xTRxqZfvn6mZ0MFr6FREMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2NISVdfWEZOSEdwbC0tZnFablF3V3ZvVkVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8wMzQ3ZDMtZTU0Yy00NGMwLThmN2Et
NDUxNDM3NGU2ZmZhLzEva2NISVdfWEZOSEdwbC0tZnFablF3V3ZvVkVRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8wMzQ3ZDMtZTU0Yy00NGMwLThmN2EtNDUxNDM3NGU2ZmZh
LzEva2NISVdfWEZOSEdwbC0tZnFablF3V3ZvVkVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYztW8VYc
49fVhc3ztMkLxoga3It31rFSkjKwq/QraMWjKbYGVPLArv25Wai2S+3bMsR7I/Sz
3M48dga1yaIrxSsDA9pZ7pN3TA6iqk92vO/n4ObZ3pENzVZ2ehBrWFmXKG5ok2hd
CEuyMOyyKbJXnDxDDtNXhRmZFrvj01dvqfzdzFxBzkYmTEyrnyYojYp8VA79Xe8A
TGjRFvULnxNn8SZmJsAHu535FUayz0uMkPiE15NfcU5P4kFPjuIKZL8FbvIjsRk4
6uL7g5KcPyB/zLOvzSXd5vaFDSBIgo3Pq8fsXMzUf3/LTuekIh52BzctuDcf87zP
4qlp5aeX08GBLg==
-----END CERTIFICATE-----
Generated at Fri Apr 17 11:06:12 2026 by rpki-client