Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/f3fef4-45da-4b43-98c2-4df8840efb17/1/KYXMQ9gGohtjMwIZ62OLsbpJroA.mft
File: KYXMQ9gGohtjMwIZ62OLsbpJroA.mft (raw, json)
Hash identifier: 5Qe+MyR0hGtbD8/YU9PLivRw4lqnArTEqn62brKXxm0=
Subject key identifier: 5E:E9:C4:8A:31:01:88:E6:01:B8:97:CE:A3:41:4B:CF:DB:C6:E2:68
Authority key identifier: 29:85:CC:43:D8:06:A2:1B:63:33:02:19:EB:63:8B:B1:BA:49:AE:80
Certificate issuer: /CN=2985cc43d806a21b63330219eb638bb1ba49ae80
Certificate serial: 019D98863A221AF6F764797A5177505C196F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KYXMQ9gGohtjMwIZ62OLsbpJroA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/f3fef4-45da-4b43-98c2-4df8840efb17/1/KYXMQ9gGohtjMwIZ62OLsbpJroA.mft
Manifest number: 06AB
Signing time: Thu 16 Apr 2026 23:00:26 +0000
Manifest this update: Thu 16 Apr 2026 23:00:26 +0000
Manifest next update: Fri 17 Apr 2026 23:00:26 +0000
Files and hashes: 1: KYXMQ9gGohtjMwIZ62OLsbpJroA.crl (hash: O+0Lt3lmomnI5M/w+oAB7ej4bzG+f+AlLCifPm4er0k=)
2: ZS3grquCf_l1OKXIoqEGRKP0J6M.roa (hash: 2PBPag/zPM22x9IohJ6q0TulDZRbeQTFCvgCnuCjnz0=)
3: vUdfXnwcRDPW7e3X7ofFMJYqkDk.roa (hash: 4hcskGjMuomfYGEOrtlmJrd0tV2p1HAsJ5FOV+HnCFs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/f3fef4-45da-4b43-98c2-4df8840efb17/1/KYXMQ9gGohtjMwIZ62OLsbpJroA.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/f3fef4-45da-4b43-98c2-4df8840efb17/1/KYXMQ9gGohtjMwIZ62OLsbpJroA.mft
rsync://rpki.ripe.net/repository/DEFAULT/KYXMQ9gGohtjMwIZ62OLsbpJroA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:98:86:3a:22:1a:f6:f7:64:79:7a:51:77:50:5c:19:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2985cc43d806a21b63330219eb638bb1ba49ae80
Validity
Not Before: Apr 16 23:00:26 2026 GMT
Not After : Apr 17 23:00:26 2026 GMT
Subject: CN=5ee9c48a310188e601b897cea3414bcfdbc6e268
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:96:31:0b:e1:30:25:dc:19:27:af:0c:b0:d4:
53:96:24:68:bc:7c:0b:2e:4d:4b:58:7d:da:13:49:
4d:0c:3a:fd:ed:c1:ae:da:9d:85:e3:3c:03:6f:99:
b5:07:33:46:b1:35:e3:d7:5f:e9:01:bf:5e:bd:e1:
3d:d1:a0:a3:81:d6:10:f2:71:c5:87:b1:6a:cf:ed:
fe:ad:53:30:21:27:99:07:7c:cc:5b:49:af:da:7f:
50:0f:18:20:59:3f:9c:4e:3c:cb:fb:fa:e1:0d:63:
6c:4f:a2:a3:55:a3:73:fe:af:8d:78:20:49:c2:7f:
7b:27:9a:68:51:c2:bc:d6:4f:50:b7:4f:5e:84:34:
96:ea:a7:4a:16:28:3c:bc:1d:4b:fb:df:86:65:cd:
22:24:c3:0c:36:7e:18:1c:4b:ff:3e:2f:18:97:24:
f6:2b:c6:9f:9e:9b:8d:9b:05:84:0f:91:ce:4d:ec:
4c:2d:d1:69:bd:4a:3d:ba:5f:ea:ad:4e:fc:b5:ab:
40:98:42:8d:6e:31:47:7d:1d:74:ff:9c:0d:94:3e:
4d:ae:de:e4:f2:32:1c:b9:42:be:31:37:7e:9b:00:
0a:d1:3b:09:46:1d:4e:9c:f2:de:ec:1e:d4:1c:f4:
49:9c:ad:ab:f3:7b:38:fd:6f:cd:b9:88:5c:7f:42:
f5:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:E9:C4:8A:31:01:88:E6:01:B8:97:CE:A3:41:4B:CF:DB:C6:E2:68
X509v3 Authority Key Identifier:
keyid:29:85:CC:43:D8:06:A2:1B:63:33:02:19:EB:63:8B:B1:BA:49:AE:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KYXMQ9gGohtjMwIZ62OLsbpJroA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/f3fef4-45da-4b43-98c2-4df8840efb17/1/KYXMQ9gGohtjMwIZ62OLsbpJroA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/f3fef4-45da-4b43-98c2-4df8840efb17/1/KYXMQ9gGohtjMwIZ62OLsbpJroA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6f:4d:5b:5a:29:9d:69:64:a8:14:6f:9e:e5:65:15:6c:75:21:
cf:94:bc:60:68:72:bc:e7:dc:7f:51:96:49:00:02:23:c4:95:
8c:89:2b:dd:ee:91:95:ad:2e:0c:78:6b:12:08:26:c1:b6:30:
23:58:45:27:c3:46:38:45:f3:b6:b2:34:63:19:c8:eb:b9:bd:
3c:32:fd:c5:e1:9a:65:22:e5:90:a7:4c:da:59:09:01:31:df:
10:05:3b:42:b0:d3:0a:b6:f4:cd:fd:c6:a3:8d:82:fc:51:55:
9b:5b:10:52:2d:9f:e7:8c:b6:d7:3a:f8:ae:2e:29:1e:1c:c2:
bc:f3:a6:26:4f:4e:f2:05:45:dc:41:0e:67:8f:a1:c9:2e:0e:
ed:db:63:7e:5d:60:d3:d1:52:83:1c:04:19:f8:45:87:9d:f1:
4d:8f:f8:df:e8:11:65:0c:6b:b2:59:83:7b:e7:74:e0:20:dd:
19:69:e0:dd:1e:bd:8b:e5:27:f9:fb:78:5a:00:d9:1b:74:85:
42:0d:fb:ad:17:ec:11:48:6a:1d:b1:e0:e1:b1:b9:e3:29:4f:
44:93:d5:b8:22:63:60:5b:40:fc:21:0c:5a:b7:34:1b:4b:2b:
de:53:db:1d:ef:47:ef:fb:8c:ea:27:b0:90:eb:a4:5e:66:93:
a8:f4:b6:b0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2YhjoiGvb3ZHl6UXdQXBlvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ODVjYzQzZDgwNmEyMWI2MzMzMDIxOWViNjM4YmIxYmE0
OWFlODAwHhcNMjYwNDE2MjMwMDI2WhcNMjYwNDE3MjMwMDI2WjAzMTEwLwYDVQQD
Eyg1ZWU5YzQ4YTMxMDE4OGU2MDFiODk3Y2VhMzQxNGJjZmRiYzZlMjY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxJYxC+EwJdwZJ68MsNRTliRovHwL
Lk1LWH3aE0lNDDr97cGu2p2F4zwDb5m1BzNGsTXj11/pAb9eveE90aCjgdYQ8nHF
h7Fqz+3+rVMwISeZB3zMW0mv2n9QDxggWT+cTjzL+/rhDWNsT6KjVaNz/q+NeCBJ
wn97J5poUcK81k9Qt09ehDSW6qdKFig8vB1L+9+GZc0iJMMMNn4YHEv/Pi8YlyT2
K8afnpuNmwWED5HOTexMLdFpvUo9ul/qrU78tatAmEKNbjFHfR10/5wNlD5Nrt7k
8jIcuUK+MTd+mwAK0TsJRh1OnPLe7B7UHPRJnK2r83s4/W/NuYhcf0L1dwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF7pxIoxAYjmAbiXzqNBS8/bxuJoMB8GA1UdIwQY
MBaAFCmFzEPYBqIbYzMCGetji7G6Sa6AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1lYTVE5Z0dvaHRqTXdJWjYyT0xzYnBKcm9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny9mM2ZlZjQtNDVkYS00YjQzLTk4YzIt
NGRmODg0MGVmYjE3LzEvS1lYTVE5Z0dvaHRqTXdJWjYyT0xzYnBKcm9BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny9mM2ZlZjQtNDVkYS00YjQzLTk4YzItNGRmODg0MGVmYjE3
LzEvS1lYTVE5Z0dvaHRqTXdJWjYyT0xzYnBKcm9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAb01bWimd
aWSoFG+e5WUVbHUhz5S8YGhyvOfcf1GWSQACI8SVjIkr3e6Rla0uDHhrEggmwbYw
I1hFJ8NGOEXztrI0YxnI67m9PDL9xeGaZSLlkKdM2lkJATHfEAU7QrDTCrb0zf3G
o42C/FFVm1sQUi2f54y21zr4ri4pHhzCvPOmJk9O8gVF3EEOZ4+hyS4O7dtjfl1g
09FSgxwEGfhFh53xTY/43+gRZQxrslmDe+d04CDdGWng3R69i+Un+ft4WgDZG3SF
Qg37rRfsEUhqHbHg4bG54ylPRJPVuCJjYFtA/CEMWrc0G0sr3lPbHe9H7/uM6iew
kOukXmaTqPS2sA==
-----END CERTIFICATE-----
Generated at Fri Apr 17 05:06:35 2026 by rpki-client