Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/d2ff5b-0008-4572-9380-976c04bdf18f/1/KeoL3n9pK8X9wLFoumFKAnLy5k0.mft
File: KeoL3n9pK8X9wLFoumFKAnLy5k0.mft (raw, json)
Hash identifier: mvCUP8dJHBt9OslyDK/HvKrKiRE27f2iUK5JZQ56N+o=
Subject key identifier: 70:F9:74:0A:06:89:DF:30:84:17:B5:FD:5F:2F:D2:6C:D1:BC:B8:E8
Authority key identifier: 29:EA:0B:DE:7F:69:2B:C5:FD:C0:B1:68:BA:61:4A:02:72:F2:E6:4D
Certificate issuer: /CN=29ea0bde7f692bc5fdc0b168ba614a0272f2e64d
Certificate serial: 019D98BD57A977F6C88C31E7B640279357AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KeoL3n9pK8X9wLFoumFKAnLy5k0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/d2ff5b-0008-4572-9380-976c04bdf18f/1/KeoL3n9pK8X9wLFoumFKAnLy5k0.mft
Manifest number: 0F2C
Signing time: Fri 17 Apr 2026 00:00:38 +0000
Manifest this update: Fri 17 Apr 2026 00:00:38 +0000
Manifest next update: Sat 18 Apr 2026 00:00:38 +0000
Files and hashes: 1: AoiLP-aKiV68_RegC3FR8BLmoTY.roa (hash: cAZegRRMeuO3/yO4SqdfyQYoOuuZTcc84vu6Tr6LRDs=)
2: KeoL3n9pK8X9wLFoumFKAnLy5k0.crl (hash: qok6o7rfuDetrFh3ZEYgNcYTaNRM7sVArUn9IJCEs80=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/d2ff5b-0008-4572-9380-976c04bdf18f/1/KeoL3n9pK8X9wLFoumFKAnLy5k0.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/d2ff5b-0008-4572-9380-976c04bdf18f/1/KeoL3n9pK8X9wLFoumFKAnLy5k0.mft
rsync://rpki.ripe.net/repository/DEFAULT/KeoL3n9pK8X9wLFoumFKAnLy5k0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:98:bd:57:a9:77:f6:c8:8c:31:e7:b6:40:27:93:57:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29ea0bde7f692bc5fdc0b168ba614a0272f2e64d
Validity
Not Before: Apr 17 00:00:38 2026 GMT
Not After : Apr 18 00:00:38 2026 GMT
Subject: CN=70f9740a0689df308417b5fd5f2fd26cd1bcb8e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:51:dd:15:47:ed:20:5f:16:bd:dd:69:74:e6:
7f:1b:02:7a:90:ac:5d:9b:04:35:60:65:c7:8a:a4:
3f:a1:5c:96:e8:ac:90:9e:d2:da:73:3a:d8:0b:5e:
7f:cf:9f:e4:17:8a:d2:74:2f:b7:0c:03:66:85:c8:
b5:57:8d:94:fe:9c:c1:b9:0f:d6:0e:2a:fa:66:66:
37:24:5c:29:db:8c:31:ed:9d:52:65:37:ba:92:d6:
c6:18:6b:52:d4:1d:aa:6e:ec:c5:30:da:6b:3a:35:
08:06:fe:58:2f:a1:dc:a5:b9:fd:c2:60:a9:a2:d2:
0c:26:fb:a7:89:1d:b9:f7:fe:62:31:8c:f0:45:85:
b9:af:8c:28:82:16:0d:7e:f4:46:c0:04:9a:17:51:
40:b1:6e:d5:95:95:09:3e:c1:fb:50:9a:5c:ea:c4:
75:60:b1:56:da:97:30:30:5f:58:3f:a3:51:6b:41:
37:2b:4c:aa:a0:45:1b:b0:a5:22:e2:13:7e:1d:45:
55:85:2a:a1:a5:95:e9:98:94:3f:37:56:0f:06:7a:
12:c8:da:1b:31:d8:be:c8:be:14:d3:f3:8f:78:64:
ec:fe:ba:de:07:87:8c:29:b6:30:ff:e5:eb:8a:57:
cb:dc:92:d2:ca:b1:dd:8d:27:48:72:5d:51:e6:41:
75:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:F9:74:0A:06:89:DF:30:84:17:B5:FD:5F:2F:D2:6C:D1:BC:B8:E8
X509v3 Authority Key Identifier:
keyid:29:EA:0B:DE:7F:69:2B:C5:FD:C0:B1:68:BA:61:4A:02:72:F2:E6:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KeoL3n9pK8X9wLFoumFKAnLy5k0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/d2ff5b-0008-4572-9380-976c04bdf18f/1/KeoL3n9pK8X9wLFoumFKAnLy5k0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/d2ff5b-0008-4572-9380-976c04bdf18f/1/KeoL3n9pK8X9wLFoumFKAnLy5k0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
91:e4:26:32:51:1c:8a:6f:b8:93:fa:46:59:3b:16:63:cd:23:
2b:27:79:a0:39:10:30:b1:5b:fc:5c:1e:83:71:30:9f:c3:c2:
56:2a:db:6b:b7:04:6a:68:9f:b3:bc:fe:9d:2c:d9:f1:f0:43:
f5:18:55:ef:8e:2f:61:c7:de:ad:ee:88:5c:1c:3a:12:8b:66:
73:a6:51:9f:c1:82:1c:8e:3c:ec:f3:ac:23:6b:ce:02:01:9c:
cd:f8:5c:12:03:06:2c:66:f3:a2:d7:81:b5:3c:a0:cf:6d:54:
c4:c8:2c:51:7a:79:6c:d6:f5:d3:59:90:57:f6:dc:8e:5d:b2:
fe:d9:ea:46:6b:83:2b:a7:fd:89:aa:20:11:7e:77:bc:3b:e1:
23:d8:39:1e:8b:98:80:88:da:c9:b4:0a:78:24:62:fb:73:61:
d1:66:d1:6b:b7:bf:74:ab:49:3f:f6:27:11:20:19:6f:18:e6:
93:d9:a9:3f:c3:5c:f4:a5:27:88:d6:7a:8e:07:3d:a2:d9:04:
43:e8:52:0e:55:25:1c:62:92:4d:62:b5:c3:3c:9a:40:4a:19:
eb:07:a3:97:c1:74:02:69:15:88:3d:fe:f4:8e:f3:57:b6:82:
ec:7a:8b:23:61:bb:41:21:1b:ea:2f:c2:24:12:e8:23:e0:e7:
23:95:2f:a4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2YvVepd/bIjDHntkAnk1esMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZWEwYmRlN2Y2OTJiYzVmZGMwYjE2OGJhNjE0YTAyNzJm
MmU2NGQwHhcNMjYwNDE3MDAwMDM4WhcNMjYwNDE4MDAwMDM4WjAzMTEwLwYDVQQD
Eyg3MGY5NzQwYTA2ODlkZjMwODQxN2I1ZmQ1ZjJmZDI2Y2QxYmNiOGU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt1HdFUftIF8Wvd1pdOZ/GwJ6kKxd
mwQ1YGXHiqQ/oVyW6KyQntLaczrYC15/z5/kF4rSdC+3DANmhci1V42U/pzBuQ/W
Dir6ZmY3JFwp24wx7Z1SZTe6ktbGGGtS1B2qbuzFMNprOjUIBv5YL6Hcpbn9wmCp
otIMJvuniR259/5iMYzwRYW5r4woghYNfvRGwASaF1FAsW7VlZUJPsH7UJpc6sR1
YLFW2pcwMF9YP6NRa0E3K0yqoEUbsKUi4hN+HUVVhSqhpZXpmJQ/N1YPBnoSyNob
Mdi+yL4U0/OPeGTs/rreB4eMKbYw/+XrilfL3JLSyrHdjSdIcl1R5kF1swIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHD5dAoGid8whBe1/V8v0mzRvLjoMB8GA1UdIwQY
MBaAFCnqC95/aSvF/cCxaLphSgJy8uZNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2VvTDNuOXBLOFg5d0xGb3VtRktBbkx5NWswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC9kMmZmNWItMDAwOC00NTcyLTkzODAt
OTc2YzA0YmRmMThmLzEvS2VvTDNuOXBLOFg5d0xGb3VtRktBbkx5NWswLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC9kMmZmNWItMDAwOC00NTcyLTkzODAtOTc2YzA0YmRmMThm
LzEvS2VvTDNuOXBLOFg5d0xGb3VtRktBbkx5NWswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkeQmMlEc
im+4k/pGWTsWY80jKyd5oDkQMLFb/Fweg3Ewn8PCVirba7cEamifs7z+nSzZ8fBD
9RhV744vYcfere6IXBw6Eotmc6ZRn8GCHI487POsI2vOAgGczfhcEgMGLGbzoteB
tTygz21UxMgsUXp5bNb101mQV/bcjl2y/tnqRmuDK6f9iaogEX53vDvhI9g5HouY
gIjaybQKeCRi+3Nh0WbRa7e/dKtJP/YnESAZbxjmk9mpP8Nc9KUniNZ6jgc9otkE
Q+hSDlUlHGKSTWK1wzyaQEoZ6wejl8F0AmkViD3+9I7zV7aC7HqLI2G7QSEb6i/C
JBLoI+DnI5UvpA==
-----END CERTIFICATE-----
Generated at Fri Apr 17 07:48:08 2026 by rpki-client