Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/bcf272-d751-45be-9856-018a3770da77/1/KfFNQRwg7PxJYhX82w9D2EchkJY.mft
File: KfFNQRwg7PxJYhX82w9D2EchkJY.mft (raw, json)
Hash identifier: XJbL6eLGZgBQPKgEbBaamr4XvaAFxjTxg+PnEcFVMWI=
Subject key identifier: D6:2A:BA:F7:D1:DC:12:AE:3C:16:CF:38:81:9F:B3:76:40:8C:A0:B9
Authority key identifier: 29:F1:4D:41:1C:20:EC:FC:49:62:15:FC:DB:0F:43:D8:47:21:90:96
Certificate issuer: /CN=29f14d411c20ecfc496215fcdb0f43d847219096
Certificate serial: 019CAA216B5B56155D277477B7D8FBFA6B73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KfFNQRwg7PxJYhX82w9D2EchkJY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/bcf272-d751-45be-9856-018a3770da77/1/KfFNQRwg7PxJYhX82w9D2EchkJY.mft
Manifest number: 14D9
Signing time: Sun 01 Mar 2026 16:00:42 +0000
Manifest this update: Sun 01 Mar 2026 16:00:42 +0000
Manifest next update: Mon 02 Mar 2026 16:00:42 +0000
Files and hashes: 1: KfFNQRwg7PxJYhX82w9D2EchkJY.crl (hash: tPh6fInBenYgx0NXTVbicUGglnwiQGENkrOOVCoMufQ=)
2: iu7FFkG2QJaHmPA7RGTX_kUyXKI.roa (hash: QTLspgP39MYk5PSZszpGPAjQcEqECucB1FhWpPvxaIM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/18/bcf272-d751-45be-9856-018a3770da77/1/KfFNQRwg7PxJYhX82w9D2EchkJY.crl
rsync://rpki.ripe.net/repository/DEFAULT/18/bcf272-d751-45be-9856-018a3770da77/1/KfFNQRwg7PxJYhX82w9D2EchkJY.mft
rsync://rpki.ripe.net/repository/DEFAULT/KfFNQRwg7PxJYhX82w9D2EchkJY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:aa:21:6b:5b:56:15:5d:27:74:77:b7:d8:fb:fa:6b:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29f14d411c20ecfc496215fcdb0f43d847219096
Validity
Not Before: Mar 1 16:00:42 2026 GMT
Not After : Mar 2 16:00:42 2026 GMT
Subject: CN=d62abaf7d1dc12ae3c16cf38819fb376408ca0b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:39:63:8d:5f:27:46:e4:24:e5:11:bf:bb:30:
a6:fd:e8:14:81:7f:34:a2:7d:43:a5:ed:3a:85:e0:
0e:02:9a:2b:17:34:b1:9f:14:9e:7c:24:a4:71:5a:
b4:f2:d2:8e:1a:7f:e2:0f:77:d8:7c:25:d0:bc:c8:
96:5e:b0:56:f2:0d:58:92:5f:48:16:4f:e5:e9:30:
14:ed:60:e8:b8:60:b6:54:aa:2a:49:0f:62:6d:d1:
56:65:ee:0e:d3:10:51:6a:b8:e5:dd:ef:1d:ff:84:
d7:8d:c0:f8:65:be:53:8a:82:7e:e0:78:36:b1:bb:
d1:b6:1c:23:14:f2:10:8a:a4:67:c1:62:c6:e9:2a:
1a:03:ad:e4:11:b7:b6:6e:8e:f7:bd:e2:bf:06:4a:
05:ac:02:8b:b8:3a:7a:dc:c9:98:da:77:b7:68:8f:
85:f0:65:ed:d7:bb:31:9a:83:8b:1d:4c:b7:01:55:
ff:e0:1a:38:8d:bd:26:ee:18:e2:ef:12:13:55:f1:
20:e1:88:97:cb:c7:8e:46:70:58:78:e3:66:98:90:
d5:d2:27:cb:7b:9d:b2:e8:39:d9:54:23:db:61:21:
3e:ff:c0:12:90:4a:c0:23:1b:96:0b:16:37:9d:43:
75:78:ba:09:f5:97:9a:97:94:5d:21:31:d1:ca:7a:
13:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:2A:BA:F7:D1:DC:12:AE:3C:16:CF:38:81:9F:B3:76:40:8C:A0:B9
X509v3 Authority Key Identifier:
keyid:29:F1:4D:41:1C:20:EC:FC:49:62:15:FC:DB:0F:43:D8:47:21:90:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KfFNQRwg7PxJYhX82w9D2EchkJY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/bcf272-d751-45be-9856-018a3770da77/1/KfFNQRwg7PxJYhX82w9D2EchkJY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/bcf272-d751-45be-9856-018a3770da77/1/KfFNQRwg7PxJYhX82w9D2EchkJY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
90:f1:cf:fa:73:42:d3:59:c2:ad:d5:9e:d0:53:ba:b0:0b:68:
19:21:44:53:6d:5a:b4:d5:8e:13:fa:30:56:9f:08:ab:93:5a:
6f:04:37:97:c1:ac:25:d2:65:9b:3f:68:c6:20:f0:e5:c7:c3:
1c:24:07:8c:a3:70:e3:97:74:d2:a9:af:0d:9b:0d:45:5c:18:
fe:16:b4:4e:db:bf:c5:1f:51:16:2d:81:dc:49:75:45:4d:15:
06:d2:91:24:c5:db:6a:b0:34:84:7a:e1:64:be:31:8d:0d:4a:
ea:8e:b0:57:d4:a1:81:7c:a8:00:be:87:fa:99:10:ec:61:6d:
58:91:d2:68:9f:ab:23:53:c8:e3:90:3b:b1:ca:75:b9:1b:26:
ea:0c:ec:dd:51:70:c0:ae:ab:0d:db:82:0f:3b:9b:f8:32:b8:
01:25:4c:78:dd:bf:81:0d:bd:41:93:69:0b:68:54:93:10:e1:
ab:8a:f8:7d:8c:2c:1f:98:34:f4:87:49:79:bf:21:f4:3a:6d:
8c:35:5b:36:4d:a1:ef:20:39:0e:ee:53:69:c1:81:5a:6e:e3:
44:5e:cd:3d:6b:b7:8f:a5:a5:3b:ea:f0:a5:6e:b6:a5:17:58:
b7:f0:44:5b:bd:44:fd:1d:38:69:99:fa:90:39:e8:96:07:06:
7e:85:17:70
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqIWtbVhVdJ3R3t9j7+mtzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZjE0ZDQxMWMyMGVjZmM0OTYyMTVmY2RiMGY0M2Q4NDcy
MTkwOTYwHhcNMjYwMzAxMTYwMDQyWhcNMjYwMzAyMTYwMDQyWjAzMTEwLwYDVQQD
EyhkNjJhYmFmN2QxZGMxMmFlM2MxNmNmMzg4MTlmYjM3NjQwOGNhMGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxTljjV8nRuQk5RG/uzCm/egUgX80
on1Dpe06heAOAporFzSxnxSefCSkcVq08tKOGn/iD3fYfCXQvMiWXrBW8g1Ykl9I
Fk/l6TAU7WDouGC2VKoqSQ9ibdFWZe4O0xBRarjl3e8d/4TXjcD4Zb5TioJ+4Hg2
sbvRthwjFPIQiqRnwWLG6SoaA63kEbe2bo73veK/BkoFrAKLuDp63MmY2ne3aI+F
8GXt17sxmoOLHUy3AVX/4Bo4jb0m7hji7xITVfEg4YiXy8eORnBYeONmmJDV0ifL
e52y6DnZVCPbYSE+/8ASkErAIxuWCxY3nUN1eLoJ9Zeal5RdITHRynoT8wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNYquvfR3BKuPBbPOIGfs3ZAjKC5MB8GA1UdIwQY
MBaAFCnxTUEcIOz8SWIV/NsPQ9hHIZCWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2ZGTlFSd2c3UHhKWWhYODJ3OUQyRWNoa0pZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9iY2YyNzItZDc1MS00NWJlLTk4NTYt
MDE4YTM3NzBkYTc3LzEvS2ZGTlFSd2c3UHhKWWhYODJ3OUQyRWNoa0pZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9iY2YyNzItZDc1MS00NWJlLTk4NTYtMDE4YTM3NzBkYTc3
LzEvS2ZGTlFSd2c3UHhKWWhYODJ3OUQyRWNoa0pZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkPHP+nNC
01nCrdWe0FO6sAtoGSFEU21atNWOE/owVp8Iq5NabwQ3l8GsJdJlmz9oxiDw5cfD
HCQHjKNw45d00qmvDZsNRVwY/ha0Ttu/xR9RFi2B3El1RU0VBtKRJMXbarA0hHrh
ZL4xjQ1K6o6wV9ShgXyoAL6H+pkQ7GFtWJHSaJ+rI1PI45A7scp1uRsm6gzs3VFw
wK6rDduCDzub+DK4ASVMeN2/gQ29QZNpC2hUkxDhq4r4fYwsH5g09IdJeb8h9Dpt
jDVbNk2h7yA5Du5TacGBWm7jRF7NPWu3j6WlO+rwpW62pRdYt/BEW71E/R04aZn6
kDnolgcGfoUXcA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 00:56:31 2026 by rpki-client