Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/b08e6e-0822-4224-954b-a6b1ad34e08c/1/kdfs8XFCs7CTX443uPfZwlPw7hk.mft
File: kdfs8XFCs7CTX443uPfZwlPw7hk.mft (raw, json)
Hash identifier: F944zv9M+itJMrx0H9WTHlIeN6aG0He+tGN52F0c8yI=
Subject key identifier: BB:E3:30:90:5B:B3:C9:EA:50:4D:53:1C:DB:79:12:44:E0:86:B8:E8
Authority key identifier: 91:D7:EC:F1:71:42:B3:B0:93:5F:8E:37:B8:F7:D9:C2:53:F0:EE:19
Certificate issuer: /CN=91d7ecf17142b3b0935f8e37b8f7d9c253f0ee19
Certificate serial: 019CAAFD635D08336510B74B4297CC6569D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kdfs8XFCs7CTX443uPfZwlPw7hk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/b08e6e-0822-4224-954b-a6b1ad34e08c/1/kdfs8XFCs7CTX443uPfZwlPw7hk.mft
Manifest number: 184B
Signing time: Sun 01 Mar 2026 20:00:58 +0000
Manifest this update: Sun 01 Mar 2026 20:00:58 +0000
Manifest next update: Mon 02 Mar 2026 20:00:58 +0000
Files and hashes: 1: JL_bv1rE4SOiwiRn1jc2s_87lQQ.roa (hash: dWOsdKuE7dNLYI4NP8+n+WEeun5in1SyaWv26Okq8QI=)
2: kdfs8XFCs7CTX443uPfZwlPw7hk.crl (hash: bDIu/7i+4sPOiPCvUcsxTfQO8nyhNF3If19JyS7v9Eo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b6/b08e6e-0822-4224-954b-a6b1ad34e08c/1/kdfs8XFCs7CTX443uPfZwlPw7hk.crl
rsync://rpki.ripe.net/repository/DEFAULT/b6/b08e6e-0822-4224-954b-a6b1ad34e08c/1/kdfs8XFCs7CTX443uPfZwlPw7hk.mft
rsync://rpki.ripe.net/repository/DEFAULT/kdfs8XFCs7CTX443uPfZwlPw7hk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:aa:fd:63:5d:08:33:65:10:b7:4b:42:97:cc:65:69:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91d7ecf17142b3b0935f8e37b8f7d9c253f0ee19
Validity
Not Before: Mar 1 20:00:58 2026 GMT
Not After : Mar 2 20:00:58 2026 GMT
Subject: CN=bbe330905bb3c9ea504d531cdb791244e086b8e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:f8:3d:f9:57:2d:89:ad:c8:a0:ee:d7:44:91:
5c:5d:2d:79:7d:fb:aa:d2:56:1c:d5:0b:b8:a5:7b:
97:f4:6c:71:ce:0a:88:43:9b:c2:b5:ee:18:99:ff:
79:1a:2f:96:0e:dc:cc:69:de:ea:24:84:c4:2a:b1:
a0:25:b9:6a:5b:46:c3:3a:6e:58:70:6e:a0:9d:e0:
5c:08:61:77:49:c2:55:6a:8c:e6:9a:01:23:7b:66:
40:b0:99:95:45:67:32:a6:ba:1c:12:0e:6b:62:25:
f8:9b:dd:73:9c:04:af:8a:22:04:03:16:4f:98:03:
51:17:54:4b:a7:3b:c0:85:55:14:7b:0e:47:e2:ef:
18:35:3d:60:fa:71:5a:0b:38:bb:69:37:3f:e0:8d:
79:54:3f:ad:c3:0e:d9:c3:7c:6a:7f:da:e0:13:9c:
4d:12:52:f2:98:a6:3d:2c:f6:64:4c:3d:7d:80:06:
33:6a:89:b1:c3:82:68:6d:4a:1e:4e:e7:01:97:70:
86:4e:ff:96:50:8b:55:fd:dc:f5:3e:b6:1b:a4:97:
40:67:c2:84:79:0a:7f:52:e5:12:28:74:3d:83:03:
61:b9:f7:0e:a8:b5:14:c0:05:12:fb:92:42:45:4f:
c3:80:51:4e:7c:93:45:7c:4c:f4:e1:2a:ad:6d:e0:
63:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:E3:30:90:5B:B3:C9:EA:50:4D:53:1C:DB:79:12:44:E0:86:B8:E8
X509v3 Authority Key Identifier:
keyid:91:D7:EC:F1:71:42:B3:B0:93:5F:8E:37:B8:F7:D9:C2:53:F0:EE:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kdfs8XFCs7CTX443uPfZwlPw7hk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/b08e6e-0822-4224-954b-a6b1ad34e08c/1/kdfs8XFCs7CTX443uPfZwlPw7hk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/b08e6e-0822-4224-954b-a6b1ad34e08c/1/kdfs8XFCs7CTX443uPfZwlPw7hk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
82:99:33:24:e3:ce:87:fc:ba:2c:fd:b6:ee:7d:2d:6b:9f:77:
31:e1:69:00:5e:34:31:3d:e5:1c:bc:b3:f7:80:70:f6:7f:c2:
66:ec:d3:4c:16:98:9a:e4:bb:08:20:e2:ab:df:79:31:ea:24:
15:8c:64:4d:04:33:7e:83:40:77:86:09:62:23:32:a5:8d:56:
5a:02:e3:b3:33:f0:96:d4:f4:8d:db:34:15:1c:09:73:d2:34:
82:ec:da:d6:27:8b:42:56:d8:68:8f:04:62:72:56:c7:24:44:
3e:af:28:fa:83:cd:44:66:98:19:df:f1:ef:ad:30:2a:13:04:
1f:66:2a:d4:76:9f:d0:95:85:f7:de:bf:7a:2d:9f:65:ad:17:
fe:c0:32:03:8c:9e:eb:b3:07:9c:9b:73:6b:2f:02:70:d4:e0:
b6:89:03:77:6e:55:df:f6:4d:95:18:06:03:65:4c:0b:10:ad:
9a:6b:7c:5c:f0:74:e1:81:bc:aa:73:8f:fc:98:01:05:72:39:
7f:0a:8e:c3:70:d6:d7:7c:82:2a:fb:34:5d:df:10:8e:aa:30:
97:0b:78:cb:96:17:5e:10:11:58:95:60:39:0e:47:66:b4:48:
b6:02:44:5a:c0:03:fc:6c:d8:22:32:fd:16:26:bb:eb:fd:4c:
cd:df:4f:b6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyq/WNdCDNlELdLQpfMZWnZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxZDdlY2YxNzE0MmIzYjA5MzVmOGUzN2I4ZjdkOWMyNTNm
MGVlMTkwHhcNMjYwMzAxMjAwMDU4WhcNMjYwMzAyMjAwMDU4WjAzMTEwLwYDVQQD
EyhiYmUzMzA5MDViYjNjOWVhNTA0ZDUzMWNkYjc5MTI0NGUwODZiOGU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0fg9+Vctia3IoO7XRJFcXS15ffuq
0lYc1Qu4pXuX9GxxzgqIQ5vCte4Ymf95Gi+WDtzMad7qJITEKrGgJblqW0bDOm5Y
cG6gneBcCGF3ScJVaozmmgEje2ZAsJmVRWcyprocEg5rYiX4m91znASviiIEAxZP
mANRF1RLpzvAhVUUew5H4u8YNT1g+nFaCzi7aTc/4I15VD+tww7Zw3xqf9rgE5xN
ElLymKY9LPZkTD19gAYzaomxw4JobUoeTucBl3CGTv+WUItV/dz1PrYbpJdAZ8KE
eQp/UuUSKHQ9gwNhufcOqLUUwAUS+5JCRU/DgFFOfJNFfEz04SqtbeBj1wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLvjMJBbs8nqUE1THNt5EkTghrjoMB8GA1UdIwQY
MBaAFJHX7PFxQrOwk1+ON7j32cJT8O4ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2RmczhYRkNzN0NUWDQ0M3VQZlp3bFB3N2hrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi9iMDhlNmUtMDgyMi00MjI0LTk1NGIt
YTZiMWFkMzRlMDhjLzEva2RmczhYRkNzN0NUWDQ0M3VQZlp3bFB3N2hrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi9iMDhlNmUtMDgyMi00MjI0LTk1NGItYTZiMWFkMzRlMDhj
LzEva2RmczhYRkNzN0NUWDQ0M3VQZlp3bFB3N2hrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgpkzJOPO
h/y6LP227n0ta593MeFpAF40MT3lHLyz94Bw9n/CZuzTTBaYmuS7CCDiq995Meok
FYxkTQQzfoNAd4YJYiMypY1WWgLjszPwltT0jds0FRwJc9I0guza1ieLQlbYaI8E
YnJWxyREPq8o+oPNRGaYGd/x760wKhMEH2Yq1Haf0JWF996/ei2fZa0X/sAyA4ye
67MHnJtzay8CcNTgtokDd25V3/ZNlRgGA2VMCxCtmmt8XPB04YG8qnOP/JgBBXI5
fwqOw3DW13yCKvs0Xd8Qjqowlwt4y5YXXhARWJVgOQ5HZrRItgJEWsAD/GzYIjL9
Fia76/1Mzd9Ptg==
-----END CERTIFICATE-----
Generated at Mon Mar 2 03:27:09 2026 by rpki-client