Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/31d6c1-1146-4588-838d-147177b837de/1/kRiMpkxGcKbrVrQqUKEFiK2WR-4.mft
File: kRiMpkxGcKbrVrQqUKEFiK2WR-4.mft (raw, json)
Hash identifier: ROPJwXENzxf08pw/alxPsuhghHlC3qDj6TST+Z7keyg=
Subject key identifier: 90:F2:49:29:B1:B4:AD:9C:45:59:6E:13:3D:B2:01:DB:90:01:A1:0B
Authority key identifier: 91:18:8C:A6:4C:46:70:A6:EB:56:B4:2A:50:A1:05:88:AD:96:47:EE
Certificate issuer: /CN=91188ca64c4670a6eb56b42a50a10588ad9647ee
Certificate serial: 019CAE34F615A1F205CCC643617FDA21F127
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kRiMpkxGcKbrVrQqUKEFiK2WR-4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/31d6c1-1146-4588-838d-147177b837de/1/kRiMpkxGcKbrVrQqUKEFiK2WR-4.mft
Manifest number: 0CDC
Signing time: Mon 02 Mar 2026 11:00:32 +0000
Manifest this update: Mon 02 Mar 2026 11:00:32 +0000
Manifest next update: Tue 03 Mar 2026 11:00:32 +0000
Files and hashes: 1: bChcbGdFNJLxkL6cWvlOuiphISs.roa (hash: +dNUc4mkY1Ks/wJrUAYjbgs9Kw+RWtpPfvShsAp4TVY=)
2: kRiMpkxGcKbrVrQqUKEFiK2WR-4.crl (hash: CRM8ayekjSrBirWzZ5h+YRvBXIfbZcAqxVzhTmbtcIg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/eb/31d6c1-1146-4588-838d-147177b837de/1/kRiMpkxGcKbrVrQqUKEFiK2WR-4.crl
rsync://rpki.ripe.net/repository/DEFAULT/eb/31d6c1-1146-4588-838d-147177b837de/1/kRiMpkxGcKbrVrQqUKEFiK2WR-4.mft
rsync://rpki.ripe.net/repository/DEFAULT/kRiMpkxGcKbrVrQqUKEFiK2WR-4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 09:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ae:34:f6:15:a1:f2:05:cc:c6:43:61:7f:da:21:f1:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91188ca64c4670a6eb56b42a50a10588ad9647ee
Validity
Not Before: Mar 2 11:00:32 2026 GMT
Not After : Mar 3 11:00:32 2026 GMT
Subject: CN=90f24929b1b4ad9c45596e133db201db9001a10b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:84:7d:3c:32:50:b4:89:3d:1f:c6:41:33:6e:
c3:7e:15:60:5b:83:f1:6a:91:2c:37:1e:f0:86:9e:
b8:9e:c5:ad:0f:0b:8d:58:fb:e0:4b:ad:8f:60:b2:
e6:50:ad:83:3f:ea:ac:db:d7:6b:4b:60:c4:a6:d3:
c6:15:e0:2a:77:ec:5c:7f:19:9c:f7:83:98:ab:d1:
8a:b6:d5:e4:68:b3:d2:55:84:0c:da:67:5a:13:bc:
dd:8b:be:aa:2e:1d:09:ec:b6:f1:4f:b9:63:f5:1a:
ae:0b:34:84:f8:d8:a7:41:7c:80:95:e4:f7:d0:a4:
75:f5:ef:ed:95:2d:05:21:a1:5c:59:8f:4e:22:1a:
2b:1c:d7:00:f8:74:e9:8c:14:fb:e7:7a:d7:c5:c0:
22:be:aa:90:3e:cf:3b:9a:46:8d:a5:46:86:1a:2d:
5c:2b:de:3d:b1:ca:17:64:7e:1c:f3:94:fd:2f:1f:
0d:5b:55:04:e5:2f:87:ef:d6:c1:c9:68:a2:ad:99:
fc:54:9c:b7:da:c8:c9:0f:cd:4d:96:45:c8:17:91:
14:11:78:44:fb:f0:5e:66:d9:ed:fc:1a:16:b3:9d:
ee:90:92:40:32:23:da:be:33:ad:5f:57:fa:f3:23:
a7:ca:80:14:75:fd:6a:04:c9:94:76:67:de:ee:6d:
2b:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:F2:49:29:B1:B4:AD:9C:45:59:6E:13:3D:B2:01:DB:90:01:A1:0B
X509v3 Authority Key Identifier:
keyid:91:18:8C:A6:4C:46:70:A6:EB:56:B4:2A:50:A1:05:88:AD:96:47:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kRiMpkxGcKbrVrQqUKEFiK2WR-4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/31d6c1-1146-4588-838d-147177b837de/1/kRiMpkxGcKbrVrQqUKEFiK2WR-4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/31d6c1-1146-4588-838d-147177b837de/1/kRiMpkxGcKbrVrQqUKEFiK2WR-4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b4:dc:b3:8e:2b:7b:7e:d4:76:ab:37:25:b6:ed:07:8e:ec:12:
93:65:f1:15:fe:06:16:84:51:ae:ad:57:37:6e:6c:6a:b8:cb:
ff:09:f8:0f:81:1b:8b:5a:cd:76:b2:ab:ef:ed:1e:16:59:e1:
83:d2:96:d8:0f:3d:38:37:79:fa:b2:64:4a:5a:c0:ff:87:04:
0c:8d:55:00:c0:f6:77:ed:cd:94:9e:3e:fd:a2:e1:a0:26:c6:
4b:ed:65:f8:e5:d8:0d:cb:3d:c0:dc:f8:56:a1:48:a2:e8:dc:
b0:f4:2c:45:a1:03:2c:f2:de:d3:4b:1d:fb:87:d8:77:8a:25:
8a:5f:ea:96:a2:ea:61:85:d3:2c:15:69:f6:94:7b:49:f8:83:
ba:62:11:53:de:21:92:a7:f8:83:98:5a:23:0d:57:85:1e:24:
0e:73:2b:73:3d:be:c5:ee:70:bb:b6:7a:78:db:88:cb:e8:11:
ac:48:d9:ef:13:63:87:40:3f:80:1e:bf:df:1d:9b:f5:6d:40:
13:c6:f9:1e:43:95:46:bd:81:19:8b:ab:32:dd:28:19:79:e8:
7b:80:66:03:e8:72:14:f5:eb:00:40:65:bc:72:0d:21:03:99:
0a:4d:f0:75:ba:ce:22:fd:7e:e1:bc:53:6b:a4:0d:89:10:1f:
f1:9e:2d:f3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyuNPYVofIFzMZDYX/aIfEnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxMTg4Y2E2NGM0NjcwYTZlYjU2YjQyYTUwYTEwNTg4YWQ5
NjQ3ZWUwHhcNMjYwMzAyMTEwMDMyWhcNMjYwMzAzMTEwMDMyWjAzMTEwLwYDVQQD
Eyg5MGYyNDkyOWIxYjRhZDljNDU1OTZlMTMzZGIyMDFkYjkwMDFhMTBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtIR9PDJQtIk9H8ZBM27DfhVgW4Px
apEsNx7whp64nsWtDwuNWPvgS62PYLLmUK2DP+qs29drS2DEptPGFeAqd+xcfxmc
94OYq9GKttXkaLPSVYQM2mdaE7zdi76qLh0J7LbxT7lj9RquCzSE+NinQXyAleT3
0KR19e/tlS0FIaFcWY9OIhorHNcA+HTpjBT753rXxcAivqqQPs87mkaNpUaGGi1c
K949scoXZH4c85T9Lx8NW1UE5S+H79bByWiirZn8VJy32sjJD81NlkXIF5EUEXhE
+/BeZtnt/BoWs53ukJJAMiPavjOtX1f68yOnyoAUdf1qBMmUdmfe7m0rIwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJDySSmxtK2cRVluEz2yAduQAaELMB8GA1UdIwQY
MBaAFJEYjKZMRnCm61a0KlChBYitlkfuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1JpTXBreEdjS2JyVnJRcVVLRUZpSzJXUi00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8zMWQ2YzEtMTE0Ni00NTg4LTgzOGQt
MTQ3MTc3YjgzN2RlLzEva1JpTXBreEdjS2JyVnJRcVVLRUZpSzJXUi00Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8zMWQ2YzEtMTE0Ni00NTg4LTgzOGQtMTQ3MTc3YjgzN2Rl
LzEva1JpTXBreEdjS2JyVnJRcVVLRUZpSzJXUi00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtNyzjit7
ftR2qzcltu0HjuwSk2XxFf4GFoRRrq1XN25sarjL/wn4D4Ebi1rNdrKr7+0eFlnh
g9KW2A89ODd5+rJkSlrA/4cEDI1VAMD2d+3NlJ4+/aLhoCbGS+1l+OXYDcs9wNz4
VqFIoujcsPQsRaEDLPLe00sd+4fYd4olil/qlqLqYYXTLBVp9pR7SfiDumIRU94h
kqf4g5haIw1XhR4kDnMrcz2+xe5wu7Z6eNuIy+gRrEjZ7xNjh0A/gB6/3x2b9W1A
E8b5HkOVRr2BGYurMt0oGXnoe4BmA+hyFPXrAEBlvHINIQOZCk3wdbrOIv1+4bxT
a6QNiRAf8Z4t8w==
-----END CERTIFICATE-----
Generated at Mon Mar 2 14:48:06 2026 by rpki-client