Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/f3fef4-45da-4b43-98c2-4df8840efb17/1/KYXMQ9gGohtjMwIZ62OLsbpJroA.mft
File: KYXMQ9gGohtjMwIZ62OLsbpJroA.mft (raw, json)
Hash identifier: PzDYsqES6oxKwvCzbvXz/4X5G4YIEQ/6Fl7vE3i1oC0=
Subject key identifier: E2:0D:51:4C:8D:81:6C:F9:C6:EA:2F:6E:0A:34:0A:B6:5A:0C:D6:8F
Authority key identifier: 29:85:CC:43:D8:06:A2:1B:63:33:02:19:EB:63:8B:B1:BA:49:AE:80
Certificate issuer: /CN=2985cc43d806a21b63330219eb638bb1ba49ae80
Certificate serial: 019CACEBD1ADF30647D0A883A05470501F04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KYXMQ9gGohtjMwIZ62OLsbpJroA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/f3fef4-45da-4b43-98c2-4df8840efb17/1/KYXMQ9gGohtjMwIZ62OLsbpJroA.mft
Manifest number: 0631
Signing time: Mon 02 Mar 2026 05:01:01 +0000
Manifest this update: Mon 02 Mar 2026 05:01:01 +0000
Manifest next update: Tue 03 Mar 2026 05:01:01 +0000
Files and hashes: 1: KYXMQ9gGohtjMwIZ62OLsbpJroA.crl (hash: 1DvaW6tajQriUfG4OrvTVTEGcjU+QSQlJ2RUyjNHikI=)
2: ZS3grquCf_l1OKXIoqEGRKP0J6M.roa (hash: 2PBPag/zPM22x9IohJ6q0TulDZRbeQTFCvgCnuCjnz0=)
3: vUdfXnwcRDPW7e3X7ofFMJYqkDk.roa (hash: 4hcskGjMuomfYGEOrtlmJrd0tV2p1HAsJ5FOV+HnCFs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/f3fef4-45da-4b43-98c2-4df8840efb17/1/KYXMQ9gGohtjMwIZ62OLsbpJroA.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/f3fef4-45da-4b43-98c2-4df8840efb17/1/KYXMQ9gGohtjMwIZ62OLsbpJroA.mft
rsync://rpki.ripe.net/repository/DEFAULT/KYXMQ9gGohtjMwIZ62OLsbpJroA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ac:eb:d1:ad:f3:06:47:d0:a8:83:a0:54:70:50:1f:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2985cc43d806a21b63330219eb638bb1ba49ae80
Validity
Not Before: Mar 2 05:01:01 2026 GMT
Not After : Mar 3 05:01:01 2026 GMT
Subject: CN=e20d514c8d816cf9c6ea2f6e0a340ab65a0cd68f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:c8:c6:d7:05:9b:a6:0a:ad:bc:9b:27:3e:40:
3a:8a:c1:85:11:82:6d:c1:f0:68:06:3d:39:a6:9d:
8e:bc:50:d9:cf:b0:1a:ac:11:17:62:d9:2a:0e:52:
ea:95:f4:22:cb:93:ea:0a:63:e4:1b:c1:56:13:5f:
ac:82:ae:83:18:5d:ab:26:f5:83:95:ab:56:7e:4c:
51:60:38:b6:42:df:81:f7:bc:a4:2e:b3:9c:68:f6:
c4:df:f0:ea:51:c3:14:de:f9:15:60:8e:99:c5:89:
15:67:5a:91:d0:59:bb:8c:9d:75:01:23:f0:a1:a4:
08:63:75:ff:0d:71:b6:72:4f:e3:f8:89:c5:2e:e5:
13:06:ca:c7:1e:74:45:01:2f:11:7b:90:bf:1e:34:
4f:88:52:f6:d0:d3:d9:12:27:a6:41:a2:59:15:c5:
67:91:a9:58:af:73:48:0b:11:c6:fe:9b:37:ec:f4:
79:9d:74:e4:5c:63:44:37:ca:3c:03:86:07:c4:46:
f4:5b:e0:0c:09:82:ea:7b:4a:66:69:d3:70:02:ea:
3f:d7:01:2f:6e:f0:65:08:ad:fc:59:57:f7:d7:26:
9b:8a:ca:cb:d0:d3:ec:5f:84:a4:28:b6:13:67:2b:
8b:19:d8:8f:3f:a5:88:52:74:77:45:49:e6:38:ab:
e2:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:0D:51:4C:8D:81:6C:F9:C6:EA:2F:6E:0A:34:0A:B6:5A:0C:D6:8F
X509v3 Authority Key Identifier:
keyid:29:85:CC:43:D8:06:A2:1B:63:33:02:19:EB:63:8B:B1:BA:49:AE:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KYXMQ9gGohtjMwIZ62OLsbpJroA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/f3fef4-45da-4b43-98c2-4df8840efb17/1/KYXMQ9gGohtjMwIZ62OLsbpJroA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/f3fef4-45da-4b43-98c2-4df8840efb17/1/KYXMQ9gGohtjMwIZ62OLsbpJroA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a0:6e:5d:74:bc:b0:e4:7a:09:af:89:a0:27:90:80:52:96:24:
f9:1f:cc:06:91:5d:02:6d:15:23:c8:e0:59:56:bc:4f:a4:08:
63:44:6e:6a:99:69:26:46:40:07:bd:d6:0b:38:e8:cf:0c:09:
02:63:86:f0:c2:e8:9a:7d:b2:7f:84:db:ec:41:26:a3:c2:ee:
14:c2:9d:39:47:af:cf:2e:2b:8a:b3:ad:d2:d2:ce:ea:ec:eb:
27:01:52:8b:04:10:f0:63:38:b8:37:6c:96:3b:a1:18:92:ea:
3c:bf:fc:ad:2f:8f:0b:cb:6d:b8:24:b8:59:1b:2e:93:5e:35:
4e:b4:ef:14:24:a1:a2:d6:9d:93:b4:2d:5a:9d:aa:ac:8f:7b:
22:5e:fa:0f:24:90:92:cb:f6:5d:8d:1a:49:9c:52:0a:65:29:
47:72:60:ef:be:d5:85:ec:c5:c2:9a:14:4d:13:19:f5:ec:d4:
bc:9c:d4:3c:16:95:f9:02:be:42:fe:a3:3f:2a:9a:ba:dc:ed:
1b:28:db:14:13:d8:1a:ba:bf:60:7d:66:2e:38:9c:8a:0d:9e:
28:c8:82:51:e2:97:21:ff:79:91:03:8f:54:32:86:ee:ee:e3:
5d:08:44:d2:7d:2e:d7:35:01:09:cf:df:2a:df:c1:f1:98:bf:
b4:c3:bf:e8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZys69Gt8wZH0KiDoFRwUB8EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ODVjYzQzZDgwNmEyMWI2MzMzMDIxOWViNjM4YmIxYmE0
OWFlODAwHhcNMjYwMzAyMDUwMTAxWhcNMjYwMzAzMDUwMTAxWjAzMTEwLwYDVQQD
EyhlMjBkNTE0YzhkODE2Y2Y5YzZlYTJmNmUwYTM0MGFiNjVhMGNkNjhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtcjG1wWbpgqtvJsnPkA6isGFEYJt
wfBoBj05pp2OvFDZz7AarBEXYtkqDlLqlfQiy5PqCmPkG8FWE1+sgq6DGF2rJvWD
latWfkxRYDi2Qt+B97ykLrOcaPbE3/DqUcMU3vkVYI6ZxYkVZ1qR0Fm7jJ11ASPw
oaQIY3X/DXG2ck/j+InFLuUTBsrHHnRFAS8Re5C/HjRPiFL20NPZEiemQaJZFcVn
kalYr3NICxHG/ps37PR5nXTkXGNEN8o8A4YHxEb0W+AMCYLqe0pmadNwAuo/1wEv
bvBlCK38WVf31yabisrL0NPsX4SkKLYTZyuLGdiPP6WIUnR3RUnmOKviJQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOINUUyNgWz5xuovbgo0CrZaDNaPMB8GA1UdIwQY
MBaAFCmFzEPYBqIbYzMCGetji7G6Sa6AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1lYTVE5Z0dvaHRqTXdJWjYyT0xzYnBKcm9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny9mM2ZlZjQtNDVkYS00YjQzLTk4YzIt
NGRmODg0MGVmYjE3LzEvS1lYTVE5Z0dvaHRqTXdJWjYyT0xzYnBKcm9BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny9mM2ZlZjQtNDVkYS00YjQzLTk4YzItNGRmODg0MGVmYjE3
LzEvS1lYTVE5Z0dvaHRqTXdJWjYyT0xzYnBKcm9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoG5ddLyw
5HoJr4mgJ5CAUpYk+R/MBpFdAm0VI8jgWVa8T6QIY0RuaplpJkZAB73WCzjozwwJ
AmOG8MLomn2yf4Tb7EEmo8LuFMKdOUevzy4rirOt0tLO6uzrJwFSiwQQ8GM4uDds
ljuhGJLqPL/8rS+PC8ttuCS4WRsuk141TrTvFCShotadk7QtWp2qrI97Il76DySQ
ksv2XY0aSZxSCmUpR3Jg777VhezFwpoUTRMZ9ezUvJzUPBaV+QK+Qv6jPyqautzt
GyjbFBPYGrq/YH1mLjicig2eKMiCUeKXIf95kQOPVDKG7u7jXQhE0n0u1zUBCc/f
Kt/B8Zi/tMO/6A==
-----END CERTIFICATE-----
Generated at Mon Mar 2 07:43:58 2026 by rpki-client