Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/0614a6-d01c-4ff2-a993-7246457fd2b3/1/KfUkAji4KPFuYCKeJjNQPwSEZZk.mft
File: KfUkAji4KPFuYCKeJjNQPwSEZZk.mft (raw, json)
Hash identifier: QdfmL6JfGfdeCQq82dKcepMRW4eJF4F3BfTWYDRTORo=
Subject key identifier: CB:1E:1E:FC:11:F9:25:D1:0A:B6:47:FB:A8:C8:D9:A7:D2:43:4B:52
Authority key identifier: 29:F5:24:02:38:B8:28:F1:6E:60:22:9E:26:33:50:3F:04:84:65:99
Certificate issuer: /CN=29f5240238b828f16e60229e2633503f04846599
Certificate serial: 019CAA8F4CC542F3898805D5C8CC20773C8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KfUkAji4KPFuYCKeJjNQPwSEZZk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/0614a6-d01c-4ff2-a993-7246457fd2b3/1/KfUkAji4KPFuYCKeJjNQPwSEZZk.mft
Manifest number: 0537
Signing time: Sun 01 Mar 2026 18:00:43 +0000
Manifest this update: Sun 01 Mar 2026 18:00:43 +0000
Manifest next update: Mon 02 Mar 2026 18:00:43 +0000
Files and hashes: 1: 5HzcZ6a4XAtwOavRhWgPVbFXunY.roa (hash: WuFbSIBYf/9ZwaN+lOrty44DR9s11eIeBklLm/eyCus=)
2: KfUkAji4KPFuYCKeJjNQPwSEZZk.crl (hash: wxHIqhmPxet6ZkQfZBpEq1hOErZguf1Xk9MS5V8Y5tE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/52/0614a6-d01c-4ff2-a993-7246457fd2b3/1/KfUkAji4KPFuYCKeJjNQPwSEZZk.crl
rsync://rpki.ripe.net/repository/DEFAULT/52/0614a6-d01c-4ff2-a993-7246457fd2b3/1/KfUkAji4KPFuYCKeJjNQPwSEZZk.mft
rsync://rpki.ripe.net/repository/DEFAULT/KfUkAji4KPFuYCKeJjNQPwSEZZk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:aa:8f:4c:c5:42:f3:89:88:05:d5:c8:cc:20:77:3c:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29f5240238b828f16e60229e2633503f04846599
Validity
Not Before: Mar 1 18:00:43 2026 GMT
Not After : Mar 2 18:00:43 2026 GMT
Subject: CN=cb1e1efc11f925d10ab647fba8c8d9a7d2434b52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:b3:46:6f:db:53:2e:e0:1c:17:61:1a:be:e7:
fb:4d:43:c4:65:88:49:23:09:f7:85:47:55:b1:84:
fe:67:aa:85:6a:96:b5:c6:d2:a2:8b:ba:50:53:70:
ee:0a:b1:da:58:8f:50:c8:48:e0:f5:d6:0b:69:b7:
b5:33:96:e5:a1:1c:28:4e:78:ef:39:26:e0:b4:02:
7e:8e:a4:d3:c1:5b:b7:06:d2:c3:7f:98:99:ed:1e:
61:ae:ec:5c:a8:97:2d:01:e6:67:7e:52:88:be:60:
5d:49:76:4f:ec:20:ae:00:98:5a:e4:1b:d9:f3:47:
fb:2a:29:9c:38:12:67:d0:b3:07:6d:3b:78:9e:f8:
71:32:54:14:78:2b:ad:28:bc:5e:34:80:10:f4:29:
db:b9:af:77:31:f7:3f:7c:1d:30:f7:b8:16:69:b8:
78:bc:1f:09:a5:9d:b4:28:08:f6:66:4e:ce:a3:ac:
ff:c9:4f:a0:c1:0b:89:76:75:fa:f6:ad:5c:c5:b3:
2a:13:d6:20:8e:a5:a1:40:b8:23:ad:e9:e4:19:a3:
9a:7d:cb:8c:f7:78:4c:c6:5a:33:b8:35:af:64:a8:
f1:b8:6d:50:f2:13:4b:96:57:76:46:39:22:a7:36:
6b:0f:2d:d5:05:4e:50:3a:aa:ed:c5:d0:67:99:a6:
6f:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:1E:1E:FC:11:F9:25:D1:0A:B6:47:FB:A8:C8:D9:A7:D2:43:4B:52
X509v3 Authority Key Identifier:
keyid:29:F5:24:02:38:B8:28:F1:6E:60:22:9E:26:33:50:3F:04:84:65:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KfUkAji4KPFuYCKeJjNQPwSEZZk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/0614a6-d01c-4ff2-a993-7246457fd2b3/1/KfUkAji4KPFuYCKeJjNQPwSEZZk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/0614a6-d01c-4ff2-a993-7246457fd2b3/1/KfUkAji4KPFuYCKeJjNQPwSEZZk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
17:60:c0:4a:71:9e:0a:f5:c1:76:c0:55:73:2c:4b:79:08:09:
21:47:55:b4:bd:75:84:01:1d:71:4a:b3:11:8d:4b:3c:4a:34:
4a:8a:10:23:c8:3d:f7:5d:b4:a1:57:bb:bc:e6:74:c1:27:87:
e2:67:d4:50:89:0b:98:54:97:13:04:06:cd:82:a9:fb:b2:3a:
91:65:09:87:17:49:14:01:64:64:a6:bd:e2:9d:42:5e:f1:79:
01:7e:44:f1:36:73:23:49:24:8b:39:cc:b4:29:09:fd:97:73:
40:a0:cc:27:01:d7:48:36:d6:41:5b:6e:8c:58:4e:cc:11:2e:
02:54:49:a3:89:de:76:e2:86:35:52:54:75:c0:9a:1e:d4:fd:
ea:4e:73:44:9c:d9:17:25:ed:11:8b:f6:da:3f:29:c4:41:6b:
31:a8:58:e4:92:2b:c0:ce:4e:1a:1f:66:87:b8:c1:ee:ce:fa:
64:e0:58:3f:0a:6c:b3:94:37:82:8e:d4:c8:3b:c2:6d:bf:f2:
33:65:36:0d:c1:a6:19:3d:d1:d1:43:80:f1:b9:28:41:19:16:
f2:f5:f8:84:10:c6:4c:be:19:f3:3b:c5:eb:c9:b5:7d:88:df:
97:22:09:00:00:7a:4b:52:1e:2a:64:eb:f9:a3:3b:5a:22:f0:
12:b0:93:f4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqj0zFQvOJiAXVyMwgdzyMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZjUyNDAyMzhiODI4ZjE2ZTYwMjI5ZTI2MzM1MDNmMDQ4
NDY1OTkwHhcNMjYwMzAxMTgwMDQzWhcNMjYwMzAyMTgwMDQzWjAzMTEwLwYDVQQD
EyhjYjFlMWVmYzExZjkyNWQxMGFiNjQ3ZmJhOGM4ZDlhN2QyNDM0YjUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkbNGb9tTLuAcF2Eavuf7TUPEZYhJ
Iwn3hUdVsYT+Z6qFapa1xtKii7pQU3DuCrHaWI9QyEjg9dYLabe1M5bloRwoTnjv
OSbgtAJ+jqTTwVu3BtLDf5iZ7R5hruxcqJctAeZnflKIvmBdSXZP7CCuAJha5BvZ
80f7KimcOBJn0LMHbTt4nvhxMlQUeCutKLxeNIAQ9Cnbua93Mfc/fB0w97gWabh4
vB8JpZ20KAj2Zk7Oo6z/yU+gwQuJdnX69q1cxbMqE9YgjqWhQLgjrenkGaOafcuM
93hMxlozuDWvZKjxuG1Q8hNLlld2RjkipzZrDy3VBU5QOqrtxdBnmaZvXwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMseHvwR+SXRCrZH+6jI2afSQ0tSMB8GA1UdIwQY
MBaAFCn1JAI4uCjxbmAiniYzUD8EhGWZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2ZVa0FqaTRLUEZ1WUNLZUpqTlFQd1NFWlprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8wNjE0YTYtZDAxYy00ZmYyLWE5OTMt
NzI0NjQ1N2ZkMmIzLzEvS2ZVa0FqaTRLUEZ1WUNLZUpqTlFQd1NFWlprLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8wNjE0YTYtZDAxYy00ZmYyLWE5OTMtNzI0NjQ1N2ZkMmIz
LzEvS2ZVa0FqaTRLUEZ1WUNLZUpqTlFQd1NFWlprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAF2DASnGe
CvXBdsBVcyxLeQgJIUdVtL11hAEdcUqzEY1LPEo0SooQI8g99120oVe7vOZ0wSeH
4mfUUIkLmFSXEwQGzYKp+7I6kWUJhxdJFAFkZKa94p1CXvF5AX5E8TZzI0kkiznM
tCkJ/ZdzQKDMJwHXSDbWQVtujFhOzBEuAlRJo4neduKGNVJUdcCaHtT96k5zRJzZ
FyXtEYv22j8pxEFrMahY5JIrwM5OGh9mh7jB7s76ZOBYPwpss5Q3go7UyDvCbb/y
M2U2DcGmGT3R0UOA8bkoQRkW8vX4hBDGTL4Z8zvF68m1fYjflyIJAAB6S1IeKmTr
+aM7WiLwErCT9A==
-----END CERTIFICATE-----
Generated at Mon Mar 2 02:26:58 2026 by rpki-client