Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/1d72ce-be4c-4498-a823-3aebc9f817ce/1/KXpCKXFPNOKdPZKyX3tZx0jw38Y.mft
File: KXpCKXFPNOKdPZKyX3tZx0jw38Y.mft (raw, json)
Hash identifier: 1ZBkGmwRd5vPi11gzEMmsbPCv0j0ZobDcZu0CzifqOU=
Subject key identifier: B5:8A:C5:1C:D2:A4:08:02:5E:45:E7:56:0E:73:0B:20:C1:8D:A5:0A
Authority key identifier: 29:7A:42:29:71:4F:34:E2:9D:3D:92:B2:5F:7B:59:C7:48:F0:DF:C6
Certificate issuer: /CN=297a4229714f34e29d3d92b25f7b59c748f0dfc6
Certificate serial: 019DA340FE904EA852BA04E5B4E06C8432E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KXpCKXFPNOKdPZKyX3tZx0jw38Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/1d72ce-be4c-4498-a823-3aebc9f817ce/1/KXpCKXFPNOKdPZKyX3tZx0jw38Y.mft
Manifest number: 0B55
Signing time: Sun 19 Apr 2026 01:00:38 +0000
Manifest this update: Sun 19 Apr 2026 01:00:38 +0000
Manifest next update: Mon 20 Apr 2026 01:00:38 +0000
Files and hashes: 1: KXpCKXFPNOKdPZKyX3tZx0jw38Y.crl (hash: b97GPfZ9/uvfFJuRaq0toRS5MoZVZ7s7RQDLPFe60nY=)
2: xzFbm4sk1g_z1hTqJzkSoYGfwII.roa (hash: vGpqbjJ2sbADDdZ1dTIQ9ghtcR849/Jhk0Pb4QG33k4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e4/1d72ce-be4c-4498-a823-3aebc9f817ce/1/KXpCKXFPNOKdPZKyX3tZx0jw38Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/e4/1d72ce-be4c-4498-a823-3aebc9f817ce/1/KXpCKXFPNOKdPZKyX3tZx0jw38Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/KXpCKXFPNOKdPZKyX3tZx0jw38Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 01:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:a3:40:fe:90:4e:a8:52:ba:04:e5:b4:e0:6c:84:32:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=297a4229714f34e29d3d92b25f7b59c748f0dfc6
Validity
Not Before: Apr 19 01:00:38 2026 GMT
Not After : Apr 20 01:00:38 2026 GMT
Subject: CN=b58ac51cd2a408025e45e7560e730b20c18da50a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:24:25:2d:b0:0d:91:18:0d:e5:55:dd:0c:1f:
9c:f5:2f:da:c2:55:43:34:35:18:33:fc:f6:0e:73:
b9:ee:8b:ef:36:7c:a3:43:77:18:18:25:89:fd:29:
23:a5:1f:c0:cb:81:90:37:e5:4d:f8:f7:ac:64:93:
5a:c9:ab:be:14:52:b1:a1:ad:5b:f0:96:f4:a2:b2:
88:ac:d2:05:19:4c:bd:9f:f7:1d:16:3a:06:bf:70:
93:49:e0:e7:b5:5b:ae:8b:f5:64:ae:2a:a8:d9:62:
af:d0:2f:f6:ab:81:f6:57:f2:c0:82:5e:bf:13:94:
32:fa:a3:b2:53:4c:a8:a2:d8:77:8f:9b:7c:72:a7:
0c:f4:15:df:8b:f9:9c:b0:b4:e8:10:aa:e3:f2:06:
7a:b6:d0:bc:31:08:c2:0f:f9:f5:22:b1:35:ba:50:
90:b3:91:25:ab:f4:9b:00:9d:a2:00:92:49:8a:27:
66:7b:78:42:25:0e:06:d6:9a:19:a8:75:d2:75:c5:
77:1e:ab:36:f4:a0:58:07:42:53:23:20:f8:c0:53:
21:8c:1e:14:f9:e2:d9:f0:45:08:bd:a3:8e:cf:bb:
58:b9:e8:c2:e4:8a:aa:e8:0c:6f:b3:85:b8:4a:03:
ee:89:26:48:27:86:22:44:bb:75:fa:a2:6b:49:08:
f6:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:8A:C5:1C:D2:A4:08:02:5E:45:E7:56:0E:73:0B:20:C1:8D:A5:0A
X509v3 Authority Key Identifier:
keyid:29:7A:42:29:71:4F:34:E2:9D:3D:92:B2:5F:7B:59:C7:48:F0:DF:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KXpCKXFPNOKdPZKyX3tZx0jw38Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/1d72ce-be4c-4498-a823-3aebc9f817ce/1/KXpCKXFPNOKdPZKyX3tZx0jw38Y.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/1d72ce-be4c-4498-a823-3aebc9f817ce/1/KXpCKXFPNOKdPZKyX3tZx0jw38Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
01:e4:27:55:c2:a1:9d:0f:3b:60:dd:2e:22:5a:ca:27:8e:6f:
78:47:76:ff:84:2f:75:a7:48:bd:95:a5:7e:c4:31:72:f0:68:
1b:7a:5f:b5:b9:c7:81:bb:03:46:2f:16:c4:7c:53:83:47:53:
26:de:02:61:0f:39:53:7a:a7:1a:0a:55:0b:c8:fe:85:71:13:
69:82:36:9f:67:fd:17:c2:68:84:79:da:a6:5a:ed:5f:ca:f8:
45:7f:f0:22:7c:4f:3d:f2:63:16:3a:77:67:83:0e:8b:ca:05:
79:54:12:ce:ca:b0:c6:d8:e7:d9:32:26:56:6c:1c:ad:8f:96:
0d:27:19:87:b7:ca:3e:32:81:96:30:e0:23:a0:e8:c0:eb:3f:
fd:12:9d:f6:04:87:7f:49:b8:da:7d:3b:32:dd:45:b6:4b:2f:
7e:b6:4b:df:e1:2e:3b:60:a7:16:1e:b0:62:91:ca:12:04:19:
06:41:25:9b:7d:03:06:c1:16:0d:4d:f2:c0:cf:72:ac:d7:92:
30:d6:b2:da:31:fe:61:de:1d:cd:d2:92:e9:f4:18:3d:67:c9:
67:2c:01:82:75:c9:4b:04:25:5e:a9:5e:da:b6:c4:af:9f:74:
35:79:a8:51:ed:76:fa:21:83:dc:78:2b:34:ed:92:9d:45:af:
9e:26:c4:ed
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2jQP6QTqhSugTltOBshDLmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5N2E0MjI5NzE0ZjM0ZTI5ZDNkOTJiMjVmN2I1OWM3NDhm
MGRmYzYwHhcNMjYwNDE5MDEwMDM4WhcNMjYwNDIwMDEwMDM4WjAzMTEwLwYDVQQD
EyhiNThhYzUxY2QyYTQwODAyNWU0NWU3NTYwZTczMGIyMGMxOGRhNTBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqiQlLbANkRgN5VXdDB+c9S/awlVD
NDUYM/z2DnO57ovvNnyjQ3cYGCWJ/SkjpR/Ay4GQN+VN+PesZJNayau+FFKxoa1b
8Jb0orKIrNIFGUy9n/cdFjoGv3CTSeDntVuui/Vkriqo2WKv0C/2q4H2V/LAgl6/
E5Qy+qOyU0yooth3j5t8cqcM9BXfi/mcsLToEKrj8gZ6ttC8MQjCD/n1IrE1ulCQ
s5Elq/SbAJ2iAJJJiidme3hCJQ4G1poZqHXSdcV3Hqs29KBYB0JTIyD4wFMhjB4U
+eLZ8EUIvaOOz7tYuejC5Iqq6Axvs4W4SgPuiSZIJ4YiRLt1+qJrSQj2hwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLWKxRzSpAgCXkXnVg5zCyDBjaUKMB8GA1UdIwQY
MBaAFCl6QilxTzTinT2Ssl97WcdI8N/GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1hwQ0tYRlBOT0tkUFpLeVgzdFp4MGp3MzhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC8xZDcyY2UtYmU0Yy00NDk4LWE4MjMt
M2FlYmM5ZjgxN2NlLzEvS1hwQ0tYRlBOT0tkUFpLeVgzdFp4MGp3MzhZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC8xZDcyY2UtYmU0Yy00NDk4LWE4MjMtM2FlYmM5ZjgxN2Nl
LzEvS1hwQ0tYRlBOT0tkUFpLeVgzdFp4MGp3MzhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAeQnVcKh
nQ87YN0uIlrKJ45veEd2/4QvdadIvZWlfsQxcvBoG3pftbnHgbsDRi8WxHxTg0dT
Jt4CYQ85U3qnGgpVC8j+hXETaYI2n2f9F8JohHnaplrtX8r4RX/wInxPPfJjFjp3
Z4MOi8oFeVQSzsqwxtjn2TImVmwcrY+WDScZh7fKPjKBljDgI6DowOs//RKd9gSH
f0m42n07Mt1FtksvfrZL3+EuO2CnFh6wYpHKEgQZBkElm30DBsEWDU3ywM9yrNeS
MNay2jH+Yd4dzdKS6fQYPWfJZywBgnXJSwQlXqle2rbEr590NXmoUe12+iGD3Hgr
NO2SnUWvnibE7Q==
-----END CERTIFICATE-----
Generated at Sun Apr 19 09:44:26 2026 by rpki-client