Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/49c3e1-1f7f-4e58-b02b-88592043026f/1/KMID1l3y1lvbzzyINELdq1WjvN4.mft
File: KMID1l3y1lvbzzyINELdq1WjvN4.mft (raw, json)
Hash identifier: 4pC6+F4AiFF7sE4WMlnKCpTtWhn7mTQNlrphznKSkQ8=
Subject key identifier: 0C:91:4D:85:41:83:06:DD:31:F9:FE:71:1A:C4:38:11:09:36:F8:8E
Authority key identifier: 28:C2:03:D6:5D:F2:D6:5B:DB:CF:3C:88:34:42:DD:AB:55:A3:BC:DE
Certificate issuer: /CN=28c203d65df2d65bdbcf3c883442ddab55a3bcde
Certificate serial: 019D9A07648AB137F3C78F4DED3FF577ED45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KMID1l3y1lvbzzyINELdq1WjvN4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/49c3e1-1f7f-4e58-b02b-88592043026f/1/KMID1l3y1lvbzzyINELdq1WjvN4.mft
Manifest number: 0EB0
Signing time: Fri 17 Apr 2026 06:01:08 +0000
Manifest this update: Fri 17 Apr 2026 06:01:08 +0000
Manifest next update: Sat 18 Apr 2026 06:01:08 +0000
Files and hashes: 1: 4Okejz2k1ubGfI-GRgB_ARKBmuk.roa (hash: wHN9epTREmpbGi1iOO1PMq2WQBeGFf6WjNTcLZ9jeLg=)
2: KMID1l3y1lvbzzyINELdq1WjvN4.crl (hash: jZZ037ME9NqhGuolcGPuvTV6fhWZ1aMJKs+zAtFJ0hk=)
3: PcKBEnG4Fc83PTLXnIgOvRcy3V4.roa (hash: dksZAzhosBbHaXLsuDmV40VTdGY6aq3NK9xY13PmQvE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f5/49c3e1-1f7f-4e58-b02b-88592043026f/1/KMID1l3y1lvbzzyINELdq1WjvN4.crl
rsync://rpki.ripe.net/repository/DEFAULT/f5/49c3e1-1f7f-4e58-b02b-88592043026f/1/KMID1l3y1lvbzzyINELdq1WjvN4.mft
rsync://rpki.ripe.net/repository/DEFAULT/KMID1l3y1lvbzzyINELdq1WjvN4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 06:01:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9a:07:64:8a:b1:37:f3:c7:8f:4d:ed:3f:f5:77:ed:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28c203d65df2d65bdbcf3c883442ddab55a3bcde
Validity
Not Before: Apr 17 06:01:08 2026 GMT
Not After : Apr 18 06:01:08 2026 GMT
Subject: CN=0c914d85418306dd31f9fe711ac438110936f88e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:63:ea:84:4e:91:68:e8:57:48:ce:e9:07:99:
d5:6a:1e:6f:b0:0f:58:f1:b9:91:a3:4c:de:98:7f:
f6:7a:f1:c3:20:40:10:90:17:ff:fc:f2:65:1d:81:
8f:80:de:35:09:69:56:27:ca:17:8f:1c:12:92:ba:
b2:83:e0:bc:40:10:3c:b1:96:03:28:cc:55:f6:2f:
d3:12:1d:59:46:3a:c2:03:96:34:c3:f1:9e:dc:99:
63:08:38:1a:e9:55:54:ba:e6:c5:2f:f2:51:ae:af:
78:c0:bd:2d:b4:da:8c:4d:50:2d:fd:90:36:a7:63:
b7:33:f3:bf:56:03:e4:83:21:ec:67:9d:e6:d0:7f:
dd:9f:90:c4:ec:c0:d9:b0:a2:d3:cc:65:39:eb:5f:
9b:52:77:3c:fe:3e:c8:2b:6f:5b:9f:2a:06:08:47:
e5:4f:1d:eb:b5:71:69:b9:60:7f:ed:72:67:ed:5a:
68:67:27:17:99:95:ce:1b:8c:42:18:ca:2d:81:10:
16:74:f6:d7:3f:da:10:07:84:52:4a:e0:0c:27:8d:
51:95:15:61:61:07:7c:75:86:d1:c2:83:b9:60:db:
ad:2f:68:ea:37:ac:84:6e:5a:7c:f7:c9:a9:18:db:
c5:62:51:57:b5:6e:36:be:75:38:da:e0:a2:2a:1f:
0f:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:91:4D:85:41:83:06:DD:31:F9:FE:71:1A:C4:38:11:09:36:F8:8E
X509v3 Authority Key Identifier:
keyid:28:C2:03:D6:5D:F2:D6:5B:DB:CF:3C:88:34:42:DD:AB:55:A3:BC:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KMID1l3y1lvbzzyINELdq1WjvN4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/49c3e1-1f7f-4e58-b02b-88592043026f/1/KMID1l3y1lvbzzyINELdq1WjvN4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/49c3e1-1f7f-4e58-b02b-88592043026f/1/KMID1l3y1lvbzzyINELdq1WjvN4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2d:c9:ae:98:84:18:8f:2c:81:4d:16:b6:99:33:76:61:9d:69:
cf:0a:b0:fc:b4:18:37:6b:5d:cc:69:5b:f0:58:da:12:f3:36:
20:b5:38:27:e0:06:d6:e2:25:f1:d0:48:eb:2b:ea:1d:f9:cd:
4c:12:ad:84:f7:97:a1:c4:0e:f1:b2:15:bb:f2:a3:98:ae:18:
bb:5d:97:a9:a3:3f:f7:d2:38:6d:e8:3b:f5:ce:1a:99:7b:fc:
1f:02:b5:9e:1b:c1:a0:34:0e:56:f0:15:b5:25:62:da:9d:c9:
b4:14:ec:23:ac:eb:97:72:d0:ab:00:05:b6:f8:b6:af:5a:b8:
13:41:16:f4:35:da:41:7a:e5:49:dd:f0:d6:91:b9:05:20:6f:
f2:8c:8f:c0:51:73:a4:06:e7:ab:42:e3:d1:6b:8f:77:d2:5a:
33:d9:ba:72:26:51:3d:ea:14:13:fa:49:d5:24:fa:07:03:38:
ad:a6:3b:96:c1:c2:b8:ef:3e:99:d2:b4:77:01:b4:57:04:7b:
51:f1:bb:e7:d1:42:37:a7:79:7c:cc:78:a0:27:96:9c:89:82:
ec:42:a9:38:ac:35:d5:ea:3f:55:fb:74:2f:f5:a1:6a:b5:06:
27:0a:87:20:e6:d5:92:ce:8a:98:74:b3:e1:2c:cf:c9:96:d7:
52:eb:15:75
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2aB2SKsTfzx49N7T/1d+1FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4YzIwM2Q2NWRmMmQ2NWJkYmNmM2M4ODM0NDJkZGFiNTVh
M2JjZGUwHhcNMjYwNDE3MDYwMTA4WhcNMjYwNDE4MDYwMTA4WjAzMTEwLwYDVQQD
EygwYzkxNGQ4NTQxODMwNmRkMzFmOWZlNzExYWM0MzgxMTA5MzZmODhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtGPqhE6RaOhXSM7pB5nVah5vsA9Y
8bmRo0zemH/2evHDIEAQkBf//PJlHYGPgN41CWlWJ8oXjxwSkrqyg+C8QBA8sZYD
KMxV9i/TEh1ZRjrCA5Y0w/Ge3JljCDga6VVUuubFL/JRrq94wL0ttNqMTVAt/ZA2
p2O3M/O/VgPkgyHsZ53m0H/dn5DE7MDZsKLTzGU561+bUnc8/j7IK29bnyoGCEfl
Tx3rtXFpuWB/7XJn7VpoZycXmZXOG4xCGMotgRAWdPbXP9oQB4RSSuAMJ41RlRVh
YQd8dYbRwoO5YNutL2jqN6yEblp898mpGNvFYlFXtW42vnU42uCiKh8PEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAyRTYVBgwbdMfn+cRrEOBEJNviOMB8GA1UdIwQY
MBaAFCjCA9Zd8tZb2888iDRC3atVo7zeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS01JRDFsM3kxbHZienp5SU5FTGRxMVdqdk40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS80OWMzZTEtMWY3Zi00ZTU4LWIwMmIt
ODg1OTIwNDMwMjZmLzEvS01JRDFsM3kxbHZienp5SU5FTGRxMVdqdk40Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS80OWMzZTEtMWY3Zi00ZTU4LWIwMmItODg1OTIwNDMwMjZm
LzEvS01JRDFsM3kxbHZienp5SU5FTGRxMVdqdk40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALcmumIQY
jyyBTRa2mTN2YZ1pzwqw/LQYN2tdzGlb8FjaEvM2ILU4J+AG1uIl8dBI6yvqHfnN
TBKthPeXocQO8bIVu/KjmK4Yu12XqaM/99I4beg79c4amXv8HwK1nhvBoDQOVvAV
tSVi2p3JtBTsI6zrl3LQqwAFtvi2r1q4E0EW9DXaQXrlSd3w1pG5BSBv8oyPwFFz
pAbnq0Lj0WuPd9JaM9m6ciZRPeoUE/pJ1ST6BwM4raY7lsHCuO8+mdK0dwG0VwR7
UfG759FCN6d5fMx4oCeWnImC7EKpOKw11eo/Vft0L/WharUGJwqHIObVks6KmHSz
4SzPyZbXUusVdQ==
-----END CERTIFICATE-----
Generated at Fri Apr 17 16:58:44 2026 by rpki-client