Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/a54eb1-33de-401f-935a-f349284509b7/1/kpbYTmTVXsgSR2-4BvD-daCL-ys.mft
File: kpbYTmTVXsgSR2-4BvD-daCL-ys.mft (raw, json)
Hash identifier: kPfS02KvywBiCDo2JMSU5A8wKuYApdHrlOYofLGaWqM=
Subject key identifier: 3D:6B:E0:76:B4:6A:D4:72:97:65:1F:91:A5:55:B2:8A:73:CB:DB:88
Authority key identifier: 92:96:D8:4E:64:D5:5E:C8:12:47:6F:B8:06:F0:FE:75:A0:8B:FB:2B
Certificate issuer: /CN=9296d84e64d55ec812476fb806f0fe75a08bfb2b
Certificate serial: 019CAC470BF76813F7B075792A07F4959DBE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kpbYTmTVXsgSR2-4BvD-daCL-ys.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/a54eb1-33de-401f-935a-f349284509b7/1/kpbYTmTVXsgSR2-4BvD-daCL-ys.mft
Manifest number: 1848
Signing time: Mon 02 Mar 2026 02:01:03 +0000
Manifest this update: Mon 02 Mar 2026 02:01:03 +0000
Manifest next update: Tue 03 Mar 2026 02:01:03 +0000
Files and hashes: 1: WMTxNqy5dxe24um7JtSXmDnNRnM.roa (hash: TxZKxHcS8Fj+JFe1cwBosTBaRiZeeZ2HacumzoOW+L8=)
2: kpbYTmTVXsgSR2-4BvD-daCL-ys.crl (hash: 8LfZoc/gI8gWPKIseJlj+d+GM7oENnFSbzQvXYZIm9Q=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/a54eb1-33de-401f-935a-f349284509b7/1/kpbYTmTVXsgSR2-4BvD-daCL-ys.crl
rsync://rpki.ripe.net/repository/DEFAULT/53/a54eb1-33de-401f-935a-f349284509b7/1/kpbYTmTVXsgSR2-4BvD-daCL-ys.mft
rsync://rpki.ripe.net/repository/DEFAULT/kpbYTmTVXsgSR2-4BvD-daCL-ys.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 02:01:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ac:47:0b:f7:68:13:f7:b0:75:79:2a:07:f4:95:9d:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9296d84e64d55ec812476fb806f0fe75a08bfb2b
Validity
Not Before: Mar 2 02:01:03 2026 GMT
Not After : Mar 3 02:01:03 2026 GMT
Subject: CN=3d6be076b46ad47297651f91a555b28a73cbdb88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:24:ec:b2:a8:90:59:ec:6a:8e:ef:f4:07:09:
f6:ff:8d:40:60:71:7a:dd:2f:43:30:9a:f4:8c:54:
4e:7a:cb:fb:1a:82:72:9f:de:4b:90:ab:3c:29:8b:
bb:ae:3e:31:44:43:ad:31:57:f2:ef:b9:8f:79:0f:
79:52:52:56:0e:44:96:7b:ef:01:ec:be:dc:d4:8e:
0f:c6:c9:d6:18:fe:c8:0e:f1:d9:ea:7d:c5:82:e5:
f5:4a:b9:0f:26:30:7a:f5:1a:d0:d9:94:57:81:95:
98:e9:aa:5a:a2:b4:c1:00:fa:70:2d:63:f9:2f:80:
81:6f:a0:3d:ec:4b:17:31:52:f8:c5:11:4c:ad:80:
61:96:77:08:4e:5b:43:ca:75:b1:79:33:12:72:f5:
6c:d3:8a:c9:98:2a:7b:11:97:87:29:c7:3c:fe:c7:
ba:6e:0d:42:6c:2b:7c:33:f5:f2:4e:41:f6:4d:0a:
49:2d:c3:a0:69:83:45:07:fd:ba:6b:4d:a7:06:81:
24:9c:70:c5:72:60:23:ea:3d:18:39:1d:55:ba:df:
39:c4:6c:06:b6:02:62:12:1c:56:3c:f4:ca:69:6d:
a1:c4:c5:e4:4a:3e:c8:83:32:29:4e:d3:fa:6a:1b:
17:56:82:56:2b:3c:a6:20:23:f4:61:92:8d:c6:72:
84:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:6B:E0:76:B4:6A:D4:72:97:65:1F:91:A5:55:B2:8A:73:CB:DB:88
X509v3 Authority Key Identifier:
keyid:92:96:D8:4E:64:D5:5E:C8:12:47:6F:B8:06:F0:FE:75:A0:8B:FB:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kpbYTmTVXsgSR2-4BvD-daCL-ys.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/a54eb1-33de-401f-935a-f349284509b7/1/kpbYTmTVXsgSR2-4BvD-daCL-ys.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/a54eb1-33de-401f-935a-f349284509b7/1/kpbYTmTVXsgSR2-4BvD-daCL-ys.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7a:20:b4:ca:ee:68:fa:f7:7f:0d:4c:45:dd:44:b6:63:b1:f7:
6c:15:fe:29:61:6f:0f:b0:b5:d5:67:d8:7a:2e:07:d8:9f:ab:
a1:22:6f:29:c5:e6:ac:80:7d:33:57:32:72:6c:2f:36:7c:fb:
cf:7e:a1:d2:3e:39:66:42:94:70:d1:77:89:9f:f5:66:ff:f8:
52:db:3d:94:30:7f:08:7f:20:e1:ad:17:ca:70:63:3d:04:1b:
9f:00:fe:c3:1b:48:6c:1d:90:07:96:c9:a2:96:47:b0:5d:f1:
04:b5:99:80:cc:f3:89:b9:15:7d:d1:34:02:cb:6c:3d:82:64:
55:a5:67:c1:a4:43:4d:49:c8:7e:9a:c7:7b:73:fe:f2:a3:db:
1c:55:64:78:0a:84:32:2f:20:95:f7:82:1c:f8:53:f7:25:49:
c9:f6:6a:86:d6:3d:24:74:cf:74:44:72:65:95:21:cf:c0:a0:
47:dd:04:c2:3e:2f:cd:e0:86:10:48:cc:8d:70:09:45:df:80:
b2:a9:ab:fb:6a:71:f2:0f:91:13:2b:59:d2:aa:4b:b2:c7:e6:
1a:f9:8e:bd:b6:19:3d:25:7c:37:00:3b:a1:c7:05:7a:d8:38:
a9:af:b2:a4:8b:c4:c4:ab:68:e6:c4:eb:1a:92:94:8a:34:19:
10:3b:ef:c4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZysRwv3aBP3sHV5Kgf0lZ2+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyOTZkODRlNjRkNTVlYzgxMjQ3NmZiODA2ZjBmZTc1YTA4
YmZiMmIwHhcNMjYwMzAyMDIwMTAzWhcNMjYwMzAzMDIwMTAzWjAzMTEwLwYDVQQD
EygzZDZiZTA3NmI0NmFkNDcyOTc2NTFmOTFhNTU1YjI4YTczY2JkYjg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxyTssqiQWexqju/0Bwn2/41AYHF6
3S9DMJr0jFROesv7GoJyn95LkKs8KYu7rj4xREOtMVfy77mPeQ95UlJWDkSWe+8B
7L7c1I4PxsnWGP7IDvHZ6n3FguX1SrkPJjB69RrQ2ZRXgZWY6apaorTBAPpwLWP5
L4CBb6A97EsXMVL4xRFMrYBhlncITltDynWxeTMScvVs04rJmCp7EZeHKcc8/se6
bg1CbCt8M/XyTkH2TQpJLcOgaYNFB/26a02nBoEknHDFcmAj6j0YOR1Vut85xGwG
tgJiEhxWPPTKaW2hxMXkSj7IgzIpTtP6ahsXVoJWKzymICP0YZKNxnKE/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD1r4Ha0atRyl2UfkaVVsopzy9uIMB8GA1UdIwQY
MBaAFJKW2E5k1V7IEkdvuAbw/nWgi/srMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3BiWVRtVFZYc2dTUjItNEJ2RC1kYUNMLXlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My9hNTRlYjEtMzNkZS00MDFmLTkzNWEt
ZjM0OTI4NDUwOWI3LzEva3BiWVRtVFZYc2dTUjItNEJ2RC1kYUNMLXlzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My9hNTRlYjEtMzNkZS00MDFmLTkzNWEtZjM0OTI4NDUwOWI3
LzEva3BiWVRtVFZYc2dTUjItNEJ2RC1kYUNMLXlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeiC0yu5o
+vd/DUxF3US2Y7H3bBX+KWFvD7C11WfYei4H2J+roSJvKcXmrIB9M1cycmwvNnz7
z36h0j45ZkKUcNF3iZ/1Zv/4Uts9lDB/CH8g4a0XynBjPQQbnwD+wxtIbB2QB5bJ
opZHsF3xBLWZgMzzibkVfdE0AstsPYJkVaVnwaRDTUnIfprHe3P+8qPbHFVkeAqE
Mi8glfeCHPhT9yVJyfZqhtY9JHTPdERyZZUhz8CgR90Ewj4vzeCGEEjMjXAJRd+A
sqmr+2px8g+REytZ0qpLssfmGvmOvbYZPSV8NwA7occFetg4qa+ypIvExKto5sTr
GpKUijQZEDvvxA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 13:25:27 2026 by rpki-client