Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/11477c-8452-4abb-9147-f0b09c0c90c7/1/KRKNnU8aVulw-HRtaCesESD5Jmc.mft
File: KRKNnU8aVulw-HRtaCesESD5Jmc.mft (raw, json)
Hash identifier: SLV9tlPurc8VhIxmvYP9RX20kWUaBA6GyD4qz++iTks=
Subject key identifier: 9A:66:B8:A0:83:66:35:D6:AD:E7:D3:55:48:D7:04:84:A0:D1:E9:FF
Authority key identifier: 29:12:8D:9D:4F:1A:56:E9:70:F8:74:6D:68:27:AC:11:20:F9:26:67
Certificate issuer: /CN=29128d9d4f1a56e970f8746d6827ac1120f92667
Certificate serial: 019CAE35524B011D154ABA495AC86D65F859
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KRKNnU8aVulw-HRtaCesESD5Jmc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/11477c-8452-4abb-9147-f0b09c0c90c7/1/KRKNnU8aVulw-HRtaCesESD5Jmc.mft
Manifest number: 034D
Signing time: Mon 02 Mar 2026 11:00:55 +0000
Manifest this update: Mon 02 Mar 2026 11:00:55 +0000
Manifest next update: Tue 03 Mar 2026 11:00:55 +0000
Files and hashes: 1: 8KaJwIuZexyBoZjYRmZrjQf9lJQ.roa (hash: LrRg49gpH/+ELMxEyexBUIqT8W2t/5VIfE4dXyblhxM=)
2: KRKNnU8aVulw-HRtaCesESD5Jmc.crl (hash: 9hSn8Uau4Oq4j0A8iV+I/lqMB5xcx0o6ziX3xQxwd8M=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cb/11477c-8452-4abb-9147-f0b09c0c90c7/1/KRKNnU8aVulw-HRtaCesESD5Jmc.crl
rsync://rpki.ripe.net/repository/DEFAULT/cb/11477c-8452-4abb-9147-f0b09c0c90c7/1/KRKNnU8aVulw-HRtaCesESD5Jmc.mft
rsync://rpki.ripe.net/repository/DEFAULT/KRKNnU8aVulw-HRtaCesESD5Jmc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 11:00:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ae:35:52:4b:01:1d:15:4a:ba:49:5a:c8:6d:65:f8:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29128d9d4f1a56e970f8746d6827ac1120f92667
Validity
Not Before: Mar 2 11:00:55 2026 GMT
Not After : Mar 3 11:00:55 2026 GMT
Subject: CN=9a66b8a0836635d6ade7d35548d70484a0d1e9ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:fd:64:b0:01:d4:a3:c3:ae:05:ce:c5:0a:59:
96:49:21:d3:8a:96:4a:ef:68:05:59:2c:dc:c0:71:
27:98:33:72:2d:fa:48:be:8d:05:be:bb:9f:e7:c4:
fb:69:20:48:6d:81:89:40:98:b5:e0:94:e3:de:c6:
0d:21:e4:40:93:83:c3:2b:bf:57:e1:be:87:53:db:
85:67:a3:f0:42:77:e2:96:1b:ef:a9:30:ac:06:88:
ad:47:ab:00:3e:0f:4e:8d:d9:aa:eb:13:cc:fc:0b:
1e:fc:c9:4c:c3:ae:e3:42:2b:52:13:e6:de:6a:c8:
13:ec:2c:8b:e3:3a:b5:ff:e6:60:c3:05:e3:5f:44:
c0:f5:1e:b2:3a:f2:e6:34:aa:99:f0:a3:dd:8d:3f:
2f:fd:ef:dc:16:bc:97:d0:bc:a9:0b:d4:50:c4:25:
04:50:b0:ca:2d:c9:34:34:70:49:db:44:96:7d:73:
32:12:e3:3d:75:8f:75:38:7a:65:4b:fc:e0:3a:f6:
14:68:9f:d6:ad:4e:3d:8f:10:1b:b1:c1:c6:57:2c:
a8:85:6c:8b:8a:0f:64:45:a7:b0:13:44:31:63:30:
f7:c6:53:33:f2:13:ed:49:cf:1d:9c:37:f3:1b:d2:
f1:9b:2d:f1:07:c3:d7:1e:78:9b:69:97:e2:a4:be:
f0:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:66:B8:A0:83:66:35:D6:AD:E7:D3:55:48:D7:04:84:A0:D1:E9:FF
X509v3 Authority Key Identifier:
keyid:29:12:8D:9D:4F:1A:56:E9:70:F8:74:6D:68:27:AC:11:20:F9:26:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KRKNnU8aVulw-HRtaCesESD5Jmc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/11477c-8452-4abb-9147-f0b09c0c90c7/1/KRKNnU8aVulw-HRtaCesESD5Jmc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/11477c-8452-4abb-9147-f0b09c0c90c7/1/KRKNnU8aVulw-HRtaCesESD5Jmc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
87:be:0d:c1:70:df:fc:25:85:c3:26:9a:37:89:0c:4e:07:84:
5e:62:93:1d:73:0c:54:e1:39:2e:14:37:00:a4:4e:dd:f5:6c:
ca:15:37:84:1f:f1:9f:46:dc:cf:1c:46:10:ad:4a:e7:f8:61:
51:36:da:e9:53:ba:ce:37:b1:87:9d:5f:69:b3:7c:af:52:f1:
25:5c:fb:d4:8d:54:40:45:e9:f4:bb:67:b3:18:2f:96:68:9b:
84:ef:ae:7d:43:4a:92:4f:39:fb:59:6b:35:98:68:fa:9c:fc:
6d:dd:4b:27:e5:0b:b4:55:6c:42:a2:53:e6:cb:58:bc:de:2c:
eb:2f:7c:db:57:1c:54:fd:04:84:8d:a1:98:eb:11:5f:a7:0b:
79:41:5d:de:55:d5:3a:db:04:53:b0:70:58:5c:f0:a6:55:28:
73:ed:66:0f:79:ed:ac:6f:de:52:9b:fe:2b:25:a8:41:7d:4b:
7e:f9:b4:d5:ee:1e:62:f4:7d:ae:e1:4a:2f:d6:d0:68:62:02:
55:21:49:6d:48:2f:46:9a:2a:48:be:c9:7d:ef:db:9a:e2:59:
b5:42:1c:3d:7a:8b:00:a3:ee:e7:e4:72:b2:8e:9f:11:af:88:
98:2c:ae:86:4d:a0:21:15:94:67:cc:7e:17:97:69:35:2f:90:
47:59:01:33
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyuNVJLAR0VSrpJWshtZfhZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MTI4ZDlkNGYxYTU2ZTk3MGY4NzQ2ZDY4MjdhYzExMjBm
OTI2NjcwHhcNMjYwMzAyMTEwMDU1WhcNMjYwMzAzMTEwMDU1WjAzMTEwLwYDVQQD
Eyg5YTY2YjhhMDgzNjYzNWQ2YWRlN2QzNTU0OGQ3MDQ4NGEwZDFlOWZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwP1ksAHUo8OuBc7FClmWSSHTipZK
72gFWSzcwHEnmDNyLfpIvo0Fvruf58T7aSBIbYGJQJi14JTj3sYNIeRAk4PDK79X
4b6HU9uFZ6PwQnfilhvvqTCsBoitR6sAPg9Ojdmq6xPM/Ase/MlMw67jQitSE+be
asgT7CyL4zq1/+ZgwwXjX0TA9R6yOvLmNKqZ8KPdjT8v/e/cFryX0LypC9RQxCUE
ULDKLck0NHBJ20SWfXMyEuM9dY91OHplS/zgOvYUaJ/WrU49jxAbscHGVyyohWyL
ig9kRaewE0QxYzD3xlMz8hPtSc8dnDfzG9Lxmy3xB8PXHnibaZfipL7wtQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJpmuKCDZjXWrefTVUjXBISg0en/MB8GA1UdIwQY
MBaAFCkSjZ1PGlbpcPh0bWgnrBEg+SZnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1JLTm5VOGFWdWx3LUhSdGFDZXNFU0Q1Sm1jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi8xMTQ3N2MtODQ1Mi00YWJiLTkxNDct
ZjBiMDljMGM5MGM3LzEvS1JLTm5VOGFWdWx3LUhSdGFDZXNFU0Q1Sm1jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi8xMTQ3N2MtODQ1Mi00YWJiLTkxNDctZjBiMDljMGM5MGM3
LzEvS1JLTm5VOGFWdWx3LUhSdGFDZXNFU0Q1Sm1jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAh74NwXDf
/CWFwyaaN4kMTgeEXmKTHXMMVOE5LhQ3AKRO3fVsyhU3hB/xn0bczxxGEK1K5/hh
UTba6VO6zjexh51fabN8r1LxJVz71I1UQEXp9LtnsxgvlmibhO+ufUNKkk85+1lr
NZho+pz8bd1LJ+ULtFVsQqJT5stYvN4s6y9821ccVP0EhI2hmOsRX6cLeUFd3lXV
OtsEU7BwWFzwplUoc+1mD3ntrG/eUpv+KyWoQX1Lfvm01e4eYvR9ruFKL9bQaGIC
VSFJbUgvRpoqSL7Jfe/bmuJZtUIcPXqLAKPu5+Ryso6fEa+ImCyuhk2gIRWUZ8x+
F5dpNS+QR1kBMw==
-----END CERTIFICATE-----
Generated at Mon Mar 2 19:09:40 2026 by rpki-client