Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/31d6c1-1146-4588-838d-147177b837de/1/kRiMpkxGcKbrVrQqUKEFiK2WR-4.mft
File: kRiMpkxGcKbrVrQqUKEFiK2WR-4.mft (raw, json)
Hash identifier: xbm6y827HlUUwJ87GTptioq2xChS1VXDRDThQDEfyfQ=
Subject key identifier: 90:F6:D7:1A:E3:67:ED:88:AE:21:75:DA:92:B1:83:0D:A0:FD:20:DD
Authority key identifier: 91:18:8C:A6:4C:46:70:A6:EB:56:B4:2A:50:A1:05:88:AD:96:47:EE
Certificate issuer: /CN=91188ca64c4670a6eb56b42a50a10588ad9647ee
Certificate serial: 019D9BBECDC17B6658344490318BAEE2FF4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kRiMpkxGcKbrVrQqUKEFiK2WR-4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/31d6c1-1146-4588-838d-147177b837de/1/kRiMpkxGcKbrVrQqUKEFiK2WR-4.mft
Manifest number: 0D57
Signing time: Fri 17 Apr 2026 14:01:06 +0000
Manifest this update: Fri 17 Apr 2026 14:01:06 +0000
Manifest next update: Sat 18 Apr 2026 14:01:06 +0000
Files and hashes: 1: bChcbGdFNJLxkL6cWvlOuiphISs.roa (hash: +dNUc4mkY1Ks/wJrUAYjbgs9Kw+RWtpPfvShsAp4TVY=)
2: kRiMpkxGcKbrVrQqUKEFiK2WR-4.crl (hash: zbN+qYXeMYh7IpgFLjV7Ow/C3TAcFiYPWnfZXCwiHbA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/eb/31d6c1-1146-4588-838d-147177b837de/1/kRiMpkxGcKbrVrQqUKEFiK2WR-4.crl
rsync://rpki.ripe.net/repository/DEFAULT/eb/31d6c1-1146-4588-838d-147177b837de/1/kRiMpkxGcKbrVrQqUKEFiK2WR-4.mft
rsync://rpki.ripe.net/repository/DEFAULT/kRiMpkxGcKbrVrQqUKEFiK2WR-4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 14:01:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9b:be:cd:c1:7b:66:58:34:44:90:31:8b:ae:e2:ff:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91188ca64c4670a6eb56b42a50a10588ad9647ee
Validity
Not Before: Apr 17 14:01:06 2026 GMT
Not After : Apr 18 14:01:06 2026 GMT
Subject: CN=90f6d71ae367ed88ae2175da92b1830da0fd20dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:e1:8a:2e:9e:18:43:2d:7d:fc:5a:14:d8:e5:
9b:91:70:64:08:e3:fe:6c:f2:da:7e:be:f9:a1:3f:
7c:74:31:ad:e7:31:7e:63:d9:ab:15:c6:d3:e1:8c:
d1:5e:0b:a4:09:df:61:42:22:f7:99:6e:1d:83:ff:
fe:7b:ef:9e:9e:17:74:a5:67:b2:ab:ab:d1:75:7e:
32:2b:86:65:3c:bd:be:6e:95:55:b9:f4:7a:67:ab:
50:87:c7:ee:68:c5:a4:bb:c2:ba:85:10:07:4c:2d:
a6:c7:b5:1e:42:c8:0b:9e:bb:99:ee:77:06:7a:0e:
a7:2e:a6:32:7c:1d:dd:35:45:71:1f:66:85:3c:5f:
32:24:03:43:35:8b:82:4b:86:9c:1f:61:fa:fd:6e:
e1:94:ff:8d:25:99:8a:15:61:7d:7e:5e:6a:a2:ab:
e1:fa:dd:94:20:33:76:e5:03:39:cf:30:1a:ea:fd:
ef:c9:c3:36:11:f0:c6:3c:d1:8c:fe:53:cc:fe:b3:
36:d5:94:15:7b:b1:9c:2a:8b:93:16:6a:a7:9f:4c:
86:f1:06:4e:a4:ce:fc:e9:b1:87:fb:85:65:d0:7c:
01:ac:cc:bf:b9:ed:43:bb:d0:2e:d2:3d:7c:b7:c0:
52:dd:39:ee:86:c2:13:ee:4f:2d:17:4f:6d:79:2a:
d3:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:F6:D7:1A:E3:67:ED:88:AE:21:75:DA:92:B1:83:0D:A0:FD:20:DD
X509v3 Authority Key Identifier:
keyid:91:18:8C:A6:4C:46:70:A6:EB:56:B4:2A:50:A1:05:88:AD:96:47:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kRiMpkxGcKbrVrQqUKEFiK2WR-4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/31d6c1-1146-4588-838d-147177b837de/1/kRiMpkxGcKbrVrQqUKEFiK2WR-4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/31d6c1-1146-4588-838d-147177b837de/1/kRiMpkxGcKbrVrQqUKEFiK2WR-4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
78:50:bb:42:47:af:c3:53:6a:dd:59:3f:14:9e:a2:0f:e5:26:
e4:7c:af:ea:3c:5b:7c:c7:1e:c0:11:d8:a3:51:69:c6:b8:c0:
15:27:3b:a9:7b:c8:a5:63:86:07:ac:9d:f6:74:70:1b:7a:8e:
d4:5f:f8:c6:a8:6f:a6:06:2e:9f:39:af:e2:1a:88:54:f0:bc:
60:9a:67:bf:4b:48:6b:4d:07:07:ac:6d:f9:82:c2:a7:04:8a:
53:6b:13:97:d5:ef:e2:f7:25:fa:72:81:41:e5:da:29:0c:d3:
d3:67:ba:ad:e4:ad:d3:03:26:ce:ca:d9:03:33:85:29:6a:94:
bc:5c:39:6c:fa:ee:cb:2b:e8:9a:46:10:65:1d:dc:56:09:d5:
ab:3d:34:46:31:e4:96:ed:cb:10:29:94:67:0e:95:aa:29:df:
6f:65:ef:38:a7:51:fc:d8:5e:9d:64:05:8d:3f:78:6d:b8:3c:
64:97:15:85:77:64:ff:bf:17:cc:77:03:5f:e5:ac:da:f5:d3:
76:8f:0e:76:47:7f:68:8b:9b:74:59:b3:aa:b4:c4:9e:70:2e:
61:3f:f5:e6:bc:78:ac:9e:9b:86:d5:3d:0d:04:92:37:a5:38:
b7:57:c1:55:50:5f:c6:c0:92:e8:e2:1b:2f:8b:b7:98:6d:d4:
79:61:4f:bd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2bvs3Be2ZYNESQMYuu4v9LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxMTg4Y2E2NGM0NjcwYTZlYjU2YjQyYTUwYTEwNTg4YWQ5
NjQ3ZWUwHhcNMjYwNDE3MTQwMTA2WhcNMjYwNDE4MTQwMTA2WjAzMTEwLwYDVQQD
Eyg5MGY2ZDcxYWUzNjdlZDg4YWUyMTc1ZGE5MmIxODMwZGEwZmQyMGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyeGKLp4YQy19/FoU2OWbkXBkCOP+
bPLafr75oT98dDGt5zF+Y9mrFcbT4YzRXgukCd9hQiL3mW4dg//+e++enhd0pWey
q6vRdX4yK4ZlPL2+bpVVufR6Z6tQh8fuaMWku8K6hRAHTC2mx7UeQsgLnruZ7ncG
eg6nLqYyfB3dNUVxH2aFPF8yJANDNYuCS4acH2H6/W7hlP+NJZmKFWF9fl5qoqvh
+t2UIDN25QM5zzAa6v3vycM2EfDGPNGM/lPM/rM21ZQVe7GcKouTFmqnn0yG8QZO
pM786bGH+4Vl0HwBrMy/ue1Du9Au0j18t8BS3TnuhsIT7k8tF09teSrTPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJD21xrjZ+2IriF12pKxgw2g/SDdMB8GA1UdIwQY
MBaAFJEYjKZMRnCm61a0KlChBYitlkfuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1JpTXBreEdjS2JyVnJRcVVLRUZpSzJXUi00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8zMWQ2YzEtMTE0Ni00NTg4LTgzOGQt
MTQ3MTc3YjgzN2RlLzEva1JpTXBreEdjS2JyVnJRcVVLRUZpSzJXUi00Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8zMWQ2YzEtMTE0Ni00NTg4LTgzOGQtMTQ3MTc3YjgzN2Rl
LzEva1JpTXBreEdjS2JyVnJRcVVLRUZpSzJXUi00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeFC7Qkev
w1Nq3Vk/FJ6iD+Um5Hyv6jxbfMcewBHYo1FpxrjAFSc7qXvIpWOGB6yd9nRwG3qO
1F/4xqhvpgYunzmv4hqIVPC8YJpnv0tIa00HB6xt+YLCpwSKU2sTl9Xv4vcl+nKB
QeXaKQzT02e6reSt0wMmzsrZAzOFKWqUvFw5bPruyyvomkYQZR3cVgnVqz00RjHk
lu3LECmUZw6Vqinfb2XvOKdR/NhenWQFjT94bbg8ZJcVhXdk/78XzHcDX+Ws2vXT
do8Odkd/aIubdFmzqrTEnnAuYT/15rx4rJ6bhtU9DQSSN6U4t1fBVVBfxsCS6OIb
L4u3mG3UeWFPvQ==
-----END CERTIFICATE-----
Generated at Fri Apr 17 22:31:08 2026 by rpki-client