Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/49c3e1-1f7f-4e58-b02b-88592043026f/1/KMID1l3y1lvbzzyINELdq1WjvN4.mft
File: KMID1l3y1lvbzzyINELdq1WjvN4.mft (raw, json)
Hash identifier: YVqypTKFeRMPXedyXBlhnWYFAqTMLi8FLQJGS1XAVQ4=
Subject key identifier: 23:9B:56:1F:70:D5:72:D4:89:89:A5:DC:25:CA:B9:9E:88:B1:86:77
Authority key identifier: 28:C2:03:D6:5D:F2:D6:5B:DB:CF:3C:88:34:42:DD:AB:55:A3:BC:DE
Certificate issuer: /CN=28c203d65df2d65bdbcf3c883442ddab55a3bcde
Certificate serial: 019CAC7E531027BDCDDA9AA15E6ADB3718C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KMID1l3y1lvbzzyINELdq1WjvN4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/49c3e1-1f7f-4e58-b02b-88592043026f/1/KMID1l3y1lvbzzyINELdq1WjvN4.mft
Manifest number: 0E35
Signing time: Mon 02 Mar 2026 03:01:25 +0000
Manifest this update: Mon 02 Mar 2026 03:01:25 +0000
Manifest next update: Tue 03 Mar 2026 03:01:25 +0000
Files and hashes: 1: 4Okejz2k1ubGfI-GRgB_ARKBmuk.roa (hash: wHN9epTREmpbGi1iOO1PMq2WQBeGFf6WjNTcLZ9jeLg=)
2: KMID1l3y1lvbzzyINELdq1WjvN4.crl (hash: MTb7nlrwmkIDFukO6gvf47vdPn+F9tvzQBlfZFFb+Eg=)
3: PcKBEnG4Fc83PTLXnIgOvRcy3V4.roa (hash: dksZAzhosBbHaXLsuDmV40VTdGY6aq3NK9xY13PmQvE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f5/49c3e1-1f7f-4e58-b02b-88592043026f/1/KMID1l3y1lvbzzyINELdq1WjvN4.crl
rsync://rpki.ripe.net/repository/DEFAULT/f5/49c3e1-1f7f-4e58-b02b-88592043026f/1/KMID1l3y1lvbzzyINELdq1WjvN4.mft
rsync://rpki.ripe.net/repository/DEFAULT/KMID1l3y1lvbzzyINELdq1WjvN4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ac:7e:53:10:27:bd:cd:da:9a:a1:5e:6a:db:37:18:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28c203d65df2d65bdbcf3c883442ddab55a3bcde
Validity
Not Before: Mar 2 03:01:25 2026 GMT
Not After : Mar 3 03:01:25 2026 GMT
Subject: CN=239b561f70d572d48989a5dc25cab99e88b18677
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:72:e0:93:69:81:ab:16:73:b6:65:50:4b:bb:
ba:57:d1:38:e9:5d:b1:75:0d:dd:38:a1:f0:e6:d2:
24:e8:97:f0:25:d8:21:aa:1f:58:bf:a7:d7:01:56:
0a:b1:3f:a4:6c:d0:ed:d7:13:ce:b2:13:81:7d:a3:
72:c9:95:bd:1a:b8:d8:f5:24:75:5e:34:45:c6:39:
0d:81:75:19:75:ad:ea:1b:8f:d7:53:e9:f3:4c:09:
26:62:3a:7c:fc:de:30:c3:e1:16:7d:81:6c:ea:a3:
d3:f6:61:91:7b:33:86:61:bd:02:2f:20:fd:f8:a3:
75:76:11:4f:8a:cc:62:61:3f:05:9f:cd:33:07:4e:
7a:a7:89:d6:80:4a:dd:b4:c8:7e:8a:00:14:e4:7d:
6f:a6:3f:26:00:0f:51:52:3a:22:83:08:23:66:26:
f9:2e:12:66:86:25:46:ba:73:9f:ec:8d:91:67:c0:
50:e1:7f:c1:3a:5b:19:13:35:f7:b2:61:c6:af:9a:
01:c5:22:4f:14:60:c9:83:ba:d5:8b:69:1f:8f:6b:
de:e2:07:31:c5:6c:d1:17:a1:ce:52:73:d0:a5:78:
4f:98:ed:09:09:7a:89:eb:b5:b9:b2:ba:67:18:30:
2f:e8:c3:cc:e8:33:9b:9e:78:04:b1:fc:ae:d5:dc:
91:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:9B:56:1F:70:D5:72:D4:89:89:A5:DC:25:CA:B9:9E:88:B1:86:77
X509v3 Authority Key Identifier:
keyid:28:C2:03:D6:5D:F2:D6:5B:DB:CF:3C:88:34:42:DD:AB:55:A3:BC:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KMID1l3y1lvbzzyINELdq1WjvN4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/49c3e1-1f7f-4e58-b02b-88592043026f/1/KMID1l3y1lvbzzyINELdq1WjvN4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/49c3e1-1f7f-4e58-b02b-88592043026f/1/KMID1l3y1lvbzzyINELdq1WjvN4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
07:48:93:da:79:d5:31:51:08:c4:3b:8b:c4:d3:a4:c9:9b:3a:
d5:26:c0:95:32:1e:89:51:a4:6e:a1:d3:cd:ad:63:e1:06:fa:
1d:28:a7:6e:45:cb:3e:87:cd:46:fa:72:e4:bb:1c:26:63:8f:
31:04:01:23:0a:77:6c:7b:df:91:12:44:ba:b8:35:61:65:5d:
72:aa:b5:f6:18:0e:ea:fc:88:48:68:60:61:86:14:8a:bf:5a:
72:6d:3d:a5:ba:44:f1:91:c0:93:ae:a9:81:8b:a4:5d:f3:d0:
30:14:a4:69:ef:fc:6a:87:09:15:75:6a:c7:bc:41:8f:e5:d8:
5b:ae:0c:1a:7a:11:7d:0f:7e:11:9a:2b:e7:96:99:e2:92:52:
80:80:8b:a7:b5:f2:68:c6:7b:6e:df:c7:86:9d:03:01:f3:53:
8d:d5:1c:da:9d:84:5a:41:04:f0:bc:2d:16:c9:88:a4:ec:15:
b4:4f:ff:09:bc:eb:eb:b7:5e:5f:70:1a:86:6f:6e:c0:bd:b9:
be:32:6b:e7:2f:ce:1f:3e:7c:53:8c:ac:23:ad:ef:c3:0e:38:
91:79:74:eb:f1:ee:51:bc:da:1c:38:6b:2e:b6:8d:72:9a:2e:
21:07:60:e8:ab:d1:5d:6f:de:18:0b:a8:0d:a2:83:6e:21:dd:
4c:7e:cd:2b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZysflMQJ73N2pqhXmrbNxjEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4YzIwM2Q2NWRmMmQ2NWJkYmNmM2M4ODM0NDJkZGFiNTVh
M2JjZGUwHhcNMjYwMzAyMDMwMTI1WhcNMjYwMzAzMDMwMTI1WjAzMTEwLwYDVQQD
EygyMzliNTYxZjcwZDU3MmQ0ODk4OWE1ZGMyNWNhYjk5ZTg4YjE4Njc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvXLgk2mBqxZztmVQS7u6V9E46V2x
dQ3dOKHw5tIk6JfwJdghqh9Yv6fXAVYKsT+kbNDt1xPOshOBfaNyyZW9GrjY9SR1
XjRFxjkNgXUZda3qG4/XU+nzTAkmYjp8/N4ww+EWfYFs6qPT9mGRezOGYb0CLyD9
+KN1dhFPisxiYT8Fn80zB056p4nWgErdtMh+igAU5H1vpj8mAA9RUjoigwgjZib5
LhJmhiVGunOf7I2RZ8BQ4X/BOlsZEzX3smHGr5oBxSJPFGDJg7rVi2kfj2ve4gcx
xWzRF6HOUnPQpXhPmO0JCXqJ67W5srpnGDAv6MPM6DObnngEsfyu1dyRFwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCObVh9w1XLUiYml3CXKuZ6IsYZ3MB8GA1UdIwQY
MBaAFCjCA9Zd8tZb2888iDRC3atVo7zeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS01JRDFsM3kxbHZienp5SU5FTGRxMVdqdk40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS80OWMzZTEtMWY3Zi00ZTU4LWIwMmIt
ODg1OTIwNDMwMjZmLzEvS01JRDFsM3kxbHZienp5SU5FTGRxMVdqdk40Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS80OWMzZTEtMWY3Zi00ZTU4LWIwMmItODg1OTIwNDMwMjZm
LzEvS01JRDFsM3kxbHZienp5SU5FTGRxMVdqdk40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAB0iT2nnV
MVEIxDuLxNOkyZs61SbAlTIeiVGkbqHTza1j4Qb6HSinbkXLPofNRvpy5LscJmOP
MQQBIwp3bHvfkRJEurg1YWVdcqq19hgO6vyISGhgYYYUir9acm09pbpE8ZHAk66p
gYukXfPQMBSkae/8aocJFXVqx7xBj+XYW64MGnoRfQ9+EZor55aZ4pJSgICLp7Xy
aMZ7bt/Hhp0DAfNTjdUc2p2EWkEE8LwtFsmIpOwVtE//Cbzr67deX3Aahm9uwL25
vjJr5y/OHz58U4ysI63vww44kXl06/HuUbzaHDhrLraNcpouIQdg6KvRXW/eGAuo
DaKDbiHdTH7NKw==
-----END CERTIFICATE-----
Generated at Mon Mar 2 06:03:16 2026 by rpki-client