Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/a54eb1-33de-401f-935a-f349284509b7/1/kpbYTmTVXsgSR2-4BvD-daCL-ys.mft
File: kpbYTmTVXsgSR2-4BvD-daCL-ys.mft (raw, json)
Hash identifier: tAGnIkfwnguiAxDoVOpq0rKtnGerFxXPeUD7oDUWbPo=
Subject key identifier: BE:79:97:A3:E9:7E:E2:3C:32:76:57:39:A6:AA:49:EE:86:48:0F:44
Authority key identifier: 92:96:D8:4E:64:D5:5E:C8:12:47:6F:B8:06:F0:FE:75:A0:8B:FB:2B
Certificate issuer: /CN=9296d84e64d55ec812476fb806f0fe75a08bfb2b
Certificate serial: 019D9BBE5BF1055538D14BDB757F42E45A29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kpbYTmTVXsgSR2-4BvD-daCL-ys.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/a54eb1-33de-401f-935a-f349284509b7/1/kpbYTmTVXsgSR2-4BvD-daCL-ys.mft
Manifest number: 18C4
Signing time: Fri 17 Apr 2026 14:00:36 +0000
Manifest this update: Fri 17 Apr 2026 14:00:36 +0000
Manifest next update: Sat 18 Apr 2026 14:00:36 +0000
Files and hashes: 1: WMTxNqy5dxe24um7JtSXmDnNRnM.roa (hash: TxZKxHcS8Fj+JFe1cwBosTBaRiZeeZ2HacumzoOW+L8=)
2: kpbYTmTVXsgSR2-4BvD-daCL-ys.crl (hash: 8XxvoU5AZV2gpd1XvRo31s7cYmy/AkSr3vTGjHOZ3dE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/a54eb1-33de-401f-935a-f349284509b7/1/kpbYTmTVXsgSR2-4BvD-daCL-ys.crl
rsync://rpki.ripe.net/repository/DEFAULT/53/a54eb1-33de-401f-935a-f349284509b7/1/kpbYTmTVXsgSR2-4BvD-daCL-ys.mft
rsync://rpki.ripe.net/repository/DEFAULT/kpbYTmTVXsgSR2-4BvD-daCL-ys.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 14:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9b:be:5b:f1:05:55:38:d1:4b:db:75:7f:42:e4:5a:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9296d84e64d55ec812476fb806f0fe75a08bfb2b
Validity
Not Before: Apr 17 14:00:36 2026 GMT
Not After : Apr 18 14:00:36 2026 GMT
Subject: CN=be7997a3e97ee23c32765739a6aa49ee86480f44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:62:11:9a:fe:01:1c:34:ff:3d:53:ba:0f:7b:
85:bb:79:68:67:b9:eb:03:aa:02:74:b3:9d:cf:29:
76:50:34:cb:ad:3c:b7:5d:81:65:74:be:50:57:c2:
39:02:03:f5:ed:cc:1d:1a:ac:82:e2:32:8c:ac:34:
84:b8:ba:50:f2:f3:38:16:13:c0:c7:b8:66:98:c3:
3c:92:fe:3a:e1:d0:37:e4:98:5c:f5:7e:35:6e:9c:
ca:94:22:4d:45:e3:e9:2b:0f:63:ad:7e:5a:42:52:
00:a0:9c:f5:67:01:56:cc:9f:ba:f4:bc:c8:e6:99:
14:1d:5d:ac:b6:b5:61:c8:e9:7a:e1:2a:66:bb:1b:
81:47:c0:b9:ba:cb:77:4c:89:0c:17:db:63:4f:e7:
63:b1:96:33:f8:2e:24:8d:47:0b:ca:15:7b:79:3f:
0a:a1:58:b5:95:d8:f7:5c:53:74:6b:44:b3:7c:62:
83:4d:68:82:20:04:62:54:92:3b:bc:5f:0f:93:df:
c5:f1:a1:2e:fa:64:71:d2:fa:6b:cb:fd:65:9a:77:
af:e3:c5:0a:f9:70:f5:47:8e:3c:4a:87:a3:6d:02:
18:97:36:50:d8:8b:d3:af:18:76:15:cb:95:77:3c:
9f:71:af:4a:f7:40:5d:43:24:64:7f:c4:3b:5e:60:
ea:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:79:97:A3:E9:7E:E2:3C:32:76:57:39:A6:AA:49:EE:86:48:0F:44
X509v3 Authority Key Identifier:
keyid:92:96:D8:4E:64:D5:5E:C8:12:47:6F:B8:06:F0:FE:75:A0:8B:FB:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kpbYTmTVXsgSR2-4BvD-daCL-ys.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/a54eb1-33de-401f-935a-f349284509b7/1/kpbYTmTVXsgSR2-4BvD-daCL-ys.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/a54eb1-33de-401f-935a-f349284509b7/1/kpbYTmTVXsgSR2-4BvD-daCL-ys.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2f:29:5a:9d:63:50:1b:f3:cf:f9:d5:41:98:c7:1c:65:64:67:
e4:4e:c1:d8:b2:e7:a6:bc:9d:fb:dc:f8:73:b9:7f:17:79:44:
f2:b8:64:4e:01:68:e0:3e:02:13:f2:78:8c:cb:d3:66:34:93:
a4:a9:5a:8a:f1:b6:9f:63:25:7f:5c:77:03:aa:dd:01:07:ff:
46:eb:2a:5d:e7:8c:74:2e:7b:05:0a:55:e3:15:52:09:9d:0c:
43:2c:ac:27:27:f7:b5:7f:ca:b3:46:7a:ba:0f:a7:64:8e:f7:
6d:4c:06:a8:52:94:70:28:9f:e3:03:fd:18:dd:39:73:2f:18:
db:78:fe:69:92:c4:34:0e:96:2c:06:d0:51:a9:25:4b:f8:ad:
2b:fd:22:3a:56:c1:ae:a3:3a:08:96:72:07:c7:d3:04:4a:e2:
ae:9a:0c:70:d4:bf:42:47:c3:95:f1:5b:20:71:3f:db:f8:1a:
ad:e6:43:17:df:4b:c3:80:1e:9a:fb:7b:2d:24:25:9e:52:dc:
06:8f:d7:67:38:bc:55:17:04:17:2b:d0:f4:19:00:07:b5:c2:
4a:5b:b1:2e:24:37:d9:c6:5e:a2:d5:3a:d7:d2:55:44:8d:e2:
26:e8:96:c5:61:14:41:ab:a0:ac:c8:0c:98:3e:3d:1f:2e:ca:
9e:5f:8d:98
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2bvlvxBVU40UvbdX9C5FopMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyOTZkODRlNjRkNTVlYzgxMjQ3NmZiODA2ZjBmZTc1YTA4
YmZiMmIwHhcNMjYwNDE3MTQwMDM2WhcNMjYwNDE4MTQwMDM2WjAzMTEwLwYDVQQD
EyhiZTc5OTdhM2U5N2VlMjNjMzI3NjU3MzlhNmFhNDllZTg2NDgwZjQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzGIRmv4BHDT/PVO6D3uFu3loZ7nr
A6oCdLOdzyl2UDTLrTy3XYFldL5QV8I5AgP17cwdGqyC4jKMrDSEuLpQ8vM4FhPA
x7hmmMM8kv464dA35Jhc9X41bpzKlCJNRePpKw9jrX5aQlIAoJz1ZwFWzJ+69LzI
5pkUHV2strVhyOl64SpmuxuBR8C5ust3TIkMF9tjT+djsZYz+C4kjUcLyhV7eT8K
oVi1ldj3XFN0a0SzfGKDTWiCIARiVJI7vF8Pk9/F8aEu+mRx0vpry/1lmnev48UK
+XD1R448SoejbQIYlzZQ2IvTrxh2FcuVdzyfca9K90BdQyRkf8Q7XmDqdwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL55l6PpfuI8MnZXOaaqSe6GSA9EMB8GA1UdIwQY
MBaAFJKW2E5k1V7IEkdvuAbw/nWgi/srMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3BiWVRtVFZYc2dTUjItNEJ2RC1kYUNMLXlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My9hNTRlYjEtMzNkZS00MDFmLTkzNWEt
ZjM0OTI4NDUwOWI3LzEva3BiWVRtVFZYc2dTUjItNEJ2RC1kYUNMLXlzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My9hNTRlYjEtMzNkZS00MDFmLTkzNWEtZjM0OTI4NDUwOWI3
LzEva3BiWVRtVFZYc2dTUjItNEJ2RC1kYUNMLXlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALylanWNQ
G/PP+dVBmMccZWRn5E7B2LLnpryd+9z4c7l/F3lE8rhkTgFo4D4CE/J4jMvTZjST
pKlaivG2n2Mlf1x3A6rdAQf/RusqXeeMdC57BQpV4xVSCZ0MQyysJyf3tX/Ks0Z6
ug+nZI73bUwGqFKUcCif4wP9GN05cy8Y23j+aZLENA6WLAbQUaklS/itK/0iOlbB
rqM6CJZyB8fTBErirpoMcNS/QkfDlfFbIHE/2/gareZDF99Lw4Aemvt7LSQlnlLc
Bo/XZzi8VRcEFyvQ9BkAB7XCSluxLiQ32cZeotU619JVRI3iJuiWxWEUQaugrMgM
mD49Hy7Knl+NmA==
-----END CERTIFICATE-----
Generated at Fri Apr 17 18:46:35 2026 by rpki-client