Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/11477c-8452-4abb-9147-f0b09c0c90c7/1/KRKNnU8aVulw-HRtaCesESD5Jmc.mft
File: KRKNnU8aVulw-HRtaCesESD5Jmc.mft (raw, json)
Hash identifier: zXvhpto0Mq7EVYXxazJ58er7AbbVpKKF0sR2/bV6MiI=
Subject key identifier: 70:C9:28:E0:BE:F4:24:90:51:FE:CB:A3:97:83:B9:47:88:2C:A1:8B
Authority key identifier: 29:12:8D:9D:4F:1A:56:E9:70:F8:74:6D:68:27:AC:11:20:F9:26:67
Certificate issuer: /CN=29128d9d4f1a56e970f8746d6827ac1120f92667
Certificate serial: 019DA3784688481CC8AC679896DA0B16BE61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KRKNnU8aVulw-HRtaCesESD5Jmc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/11477c-8452-4abb-9147-f0b09c0c90c7/1/KRKNnU8aVulw-HRtaCesESD5Jmc.mft
Manifest number: 03CC
Signing time: Sun 19 Apr 2026 02:01:01 +0000
Manifest this update: Sun 19 Apr 2026 02:01:01 +0000
Manifest next update: Mon 20 Apr 2026 02:01:01 +0000
Files and hashes: 1: 8KaJwIuZexyBoZjYRmZrjQf9lJQ.roa (hash: LrRg49gpH/+ELMxEyexBUIqT8W2t/5VIfE4dXyblhxM=)
2: KRKNnU8aVulw-HRtaCesESD5Jmc.crl (hash: +pJtrJkcN+BwRuWPMWRlILn5GY3ZlxRPnrBVFSfpmN8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cb/11477c-8452-4abb-9147-f0b09c0c90c7/1/KRKNnU8aVulw-HRtaCesESD5Jmc.crl
rsync://rpki.ripe.net/repository/DEFAULT/cb/11477c-8452-4abb-9147-f0b09c0c90c7/1/KRKNnU8aVulw-HRtaCesESD5Jmc.mft
rsync://rpki.ripe.net/repository/DEFAULT/KRKNnU8aVulw-HRtaCesESD5Jmc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 02:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:a3:78:46:88:48:1c:c8:ac:67:98:96:da:0b:16:be:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29128d9d4f1a56e970f8746d6827ac1120f92667
Validity
Not Before: Apr 19 02:01:01 2026 GMT
Not After : Apr 20 02:01:01 2026 GMT
Subject: CN=70c928e0bef4249051fecba39783b947882ca18b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:52:31:02:7d:19:c3:89:11:67:da:27:58:c9:
ac:45:63:33:53:33:42:8e:ad:ba:c1:49:a3:02:5a:
61:f1:25:57:fc:df:7d:64:ed:1a:4d:5e:25:53:7c:
28:6e:52:d7:ee:66:ce:55:b0:ea:dc:b9:d5:93:dc:
da:42:16:18:78:d4:0f:04:2e:9a:8f:f0:4c:b4:a4:
e1:22:a2:05:33:d4:70:9f:98:d5:6c:6c:6b:88:de:
20:50:62:ad:99:c8:3a:5f:3f:ce:c9:02:cb:79:e0:
db:8b:68:13:71:f1:d7:68:93:71:62:4b:ee:ef:f2:
38:c0:8e:ae:df:05:86:41:55:c5:e6:3d:a2:7b:66:
81:6c:1d:cc:ed:f5:29:b9:2b:4f:14:81:c1:eb:a9:
69:17:42:f3:98:76:bd:cf:40:d1:b3:1d:03:84:83:
aa:a8:68:d2:86:16:2e:cc:ce:3b:98:e8:e2:48:5c:
11:86:13:58:b4:dc:6a:32:d6:e6:09:bb:11:3b:1d:
d2:ae:69:ca:d6:a4:87:75:d7:b5:38:6d:7b:29:41:
36:7d:87:65:7f:41:63:76:95:34:ed:e9:b9:11:e5:
95:00:bd:3c:a4:5d:00:60:91:2d:d8:38:eb:91:23:
ff:02:ed:d7:d3:93:4e:6a:21:f6:f5:7f:4b:f6:c1:
68:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:C9:28:E0:BE:F4:24:90:51:FE:CB:A3:97:83:B9:47:88:2C:A1:8B
X509v3 Authority Key Identifier:
keyid:29:12:8D:9D:4F:1A:56:E9:70:F8:74:6D:68:27:AC:11:20:F9:26:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KRKNnU8aVulw-HRtaCesESD5Jmc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/11477c-8452-4abb-9147-f0b09c0c90c7/1/KRKNnU8aVulw-HRtaCesESD5Jmc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/11477c-8452-4abb-9147-f0b09c0c90c7/1/KRKNnU8aVulw-HRtaCesESD5Jmc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
d1:2a:e3:0d:ad:f3:2a:0e:2d:77:d6:3a:1a:a7:7d:65:65:ef:
47:9d:ac:ca:45:5d:df:fe:ff:ef:d8:0b:98:cd:60:56:7d:56:
d8:de:df:e6:66:27:1f:e4:36:b9:ec:4c:de:70:cf:2e:9d:6f:
e5:c9:5e:f0:d6:47:fb:9d:5f:30:de:85:da:08:54:a2:81:de:
50:41:b8:ae:2a:29:d9:cd:49:26:af:3b:ff:3c:b8:08:a8:a0:
b4:4e:ab:56:ef:a6:37:a6:1d:36:43:e4:7a:5b:ea:fd:a3:f1:
13:72:3e:8f:3d:57:3b:c6:57:24:75:be:93:56:8d:57:c2:45:
8c:fe:e0:09:a8:a5:70:4e:41:4f:ab:94:5b:c7:bc:37:90:72:
2d:c6:10:de:e1:56:a0:07:43:a3:9d:d2:64:d7:c1:d5:7c:e1:
8a:1c:31:7e:d8:fe:e3:25:df:0e:f9:8f:9e:9e:f9:b0:77:d7:
76:d3:3a:d5:c6:4c:42:d8:78:d2:73:6d:5d:3d:c0:0d:77:02:
5d:2c:46:e8:fb:aa:bc:75:f2:ab:03:53:54:04:8b:14:8d:f0:
8b:e7:34:10:41:e6:e1:ed:d6:c5:70:38:bd:bf:2b:d7:32:53:
56:f1:b9:1c:48:80:cf:f0:8a:d9:ed:fa:5b:77:d9:a4:0f:34:
4b:d6:0c:a1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2jeEaISBzIrGeYltoLFr5hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MTI4ZDlkNGYxYTU2ZTk3MGY4NzQ2ZDY4MjdhYzExMjBm
OTI2NjcwHhcNMjYwNDE5MDIwMTAxWhcNMjYwNDIwMDIwMTAxWjAzMTEwLwYDVQQD
Eyg3MGM5MjhlMGJlZjQyNDkwNTFmZWNiYTM5NzgzYjk0Nzg4MmNhMThiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr1IxAn0Zw4kRZ9onWMmsRWMzUzNC
jq26wUmjAlph8SVX/N99ZO0aTV4lU3woblLX7mbOVbDq3LnVk9zaQhYYeNQPBC6a
j/BMtKThIqIFM9Rwn5jVbGxriN4gUGKtmcg6Xz/OyQLLeeDbi2gTcfHXaJNxYkvu
7/I4wI6u3wWGQVXF5j2ie2aBbB3M7fUpuStPFIHB66lpF0LzmHa9z0DRsx0DhIOq
qGjShhYuzM47mOjiSFwRhhNYtNxqMtbmCbsROx3SrmnK1qSHdde1OG17KUE2fYdl
f0FjdpU07em5EeWVAL08pF0AYJEt2DjrkSP/Au3X05NOaiH29X9L9sFoAwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHDJKOC+9CSQUf7Lo5eDuUeILKGLMB8GA1UdIwQY
MBaAFCkSjZ1PGlbpcPh0bWgnrBEg+SZnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1JLTm5VOGFWdWx3LUhSdGFDZXNFU0Q1Sm1jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi8xMTQ3N2MtODQ1Mi00YWJiLTkxNDct
ZjBiMDljMGM5MGM3LzEvS1JLTm5VOGFWdWx3LUhSdGFDZXNFU0Q1Sm1jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi8xMTQ3N2MtODQ1Mi00YWJiLTkxNDctZjBiMDljMGM5MGM3
LzEvS1JLTm5VOGFWdWx3LUhSdGFDZXNFU0Q1Sm1jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA0SrjDa3z
Kg4td9Y6Gqd9ZWXvR52sykVd3/7/79gLmM1gVn1W2N7f5mYnH+Q2uexM3nDPLp1v
5cle8NZH+51fMN6F2ghUooHeUEG4riop2c1JJq87/zy4CKigtE6rVu+mN6YdNkPk
elvq/aPxE3I+jz1XO8ZXJHW+k1aNV8JFjP7gCailcE5BT6uUW8e8N5ByLcYQ3uFW
oAdDo53SZNfB1Xzhihwxftj+4yXfDvmPnp75sHfXdtM61cZMQth40nNtXT3ADXcC
XSxG6PuqvHXyqwNTVASLFI3wi+c0EEHm4e3WxXA4vb8r1zJTVvG5HEiAz/CK2e36
W3fZpA80S9YMoQ==
-----END CERTIFICATE-----
Generated at Sun Apr 19 11:43:44 2026 by rpki-client