Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/b08e6e-0822-4224-954b-a6b1ad34e08c/1/kdfs8XFCs7CTX443uPfZwlPw7hk.mft
File: kdfs8XFCs7CTX443uPfZwlPw7hk.mft (raw, json)
Hash identifier: o0h0jYGlvS0P75DdC2uIsFg9UQ3yDdjPdupK3Ci3yYk=
Subject key identifier: 5D:48:A3:82:C0:1C:84:18:61:0D:1E:61:C6:E8:0C:7C:BE:5E:41:1D
Authority key identifier: 91:D7:EC:F1:71:42:B3:B0:93:5F:8E:37:B8:F7:D9:C2:53:F0:EE:19
Certificate issuer: /CN=91d7ecf17142b3b0935f8e37b8f7d9c253f0ee19
Certificate serial: 019D9A74E27A51109DC2A8710759583C3342
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kdfs8XFCs7CTX443uPfZwlPw7hk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/b08e6e-0822-4224-954b-a6b1ad34e08c/1/kdfs8XFCs7CTX443uPfZwlPw7hk.mft
Manifest number: 18C7
Signing time: Fri 17 Apr 2026 08:00:44 +0000
Manifest this update: Fri 17 Apr 2026 08:00:44 +0000
Manifest next update: Sat 18 Apr 2026 08:00:44 +0000
Files and hashes: 1: JL_bv1rE4SOiwiRn1jc2s_87lQQ.roa (hash: dWOsdKuE7dNLYI4NP8+n+WEeun5in1SyaWv26Okq8QI=)
2: kdfs8XFCs7CTX443uPfZwlPw7hk.crl (hash: IKMb+DaxUpwvDTU5S7J9hyE5+XrZ4jutum9HBkdPdBE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b6/b08e6e-0822-4224-954b-a6b1ad34e08c/1/kdfs8XFCs7CTX443uPfZwlPw7hk.crl
rsync://rpki.ripe.net/repository/DEFAULT/b6/b08e6e-0822-4224-954b-a6b1ad34e08c/1/kdfs8XFCs7CTX443uPfZwlPw7hk.mft
rsync://rpki.ripe.net/repository/DEFAULT/kdfs8XFCs7CTX443uPfZwlPw7hk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9a:74:e2:7a:51:10:9d:c2:a8:71:07:59:58:3c:33:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91d7ecf17142b3b0935f8e37b8f7d9c253f0ee19
Validity
Not Before: Apr 17 08:00:44 2026 GMT
Not After : Apr 18 08:00:44 2026 GMT
Subject: CN=5d48a382c01c8418610d1e61c6e80c7cbe5e411d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:e1:8c:30:5f:ad:3b:f5:28:9b:aa:78:9b:c7:
3f:8c:5f:bf:fe:dd:a3:95:dc:50:d9:5b:ab:07:00:
02:97:02:61:fe:ae:8b:62:9a:0d:0d:fa:c8:90:08:
c8:93:bf:d5:6c:49:af:40:57:55:1e:ad:2c:15:a8:
61:40:83:c4:15:c7:f8:9e:82:ed:6f:ad:71:36:da:
49:68:40:ec:c5:c5:f0:2b:d0:26:61:f4:a0:54:55:
9b:0b:3f:1b:f2:c4:13:21:03:63:8a:56:91:ee:ed:
a2:eb:08:a0:4a:0b:f5:85:3b:3c:fe:ea:6d:90:7a:
7a:a0:43:d1:a9:08:cf:59:59:82:1b:66:19:36:4f:
32:16:60:3d:f0:73:ab:c0:c2:8b:b5:34:31:54:c7:
20:de:f5:d3:e6:87:d2:58:06:00:16:fd:22:30:c6:
c4:f1:4e:6a:65:34:e6:60:cc:4d:10:3d:83:c1:6f:
4c:06:cd:b0:92:2d:3c:a9:c0:23:14:4e:ae:57:ba:
5b:06:9f:3e:91:96:37:4c:fe:da:52:41:e8:b4:e0:
4b:54:d1:a9:b1:15:d1:2c:f8:28:de:a9:0a:39:1a:
26:c0:32:8f:5c:75:81:0e:99:56:13:cf:93:60:4c:
09:63:56:35:fc:f1:ce:27:6f:66:ce:b8:a7:a0:b2:
d3:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:48:A3:82:C0:1C:84:18:61:0D:1E:61:C6:E8:0C:7C:BE:5E:41:1D
X509v3 Authority Key Identifier:
keyid:91:D7:EC:F1:71:42:B3:B0:93:5F:8E:37:B8:F7:D9:C2:53:F0:EE:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kdfs8XFCs7CTX443uPfZwlPw7hk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/b08e6e-0822-4224-954b-a6b1ad34e08c/1/kdfs8XFCs7CTX443uPfZwlPw7hk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/b08e6e-0822-4224-954b-a6b1ad34e08c/1/kdfs8XFCs7CTX443uPfZwlPw7hk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
57:5a:c8:e7:a8:12:c2:36:31:ee:18:dc:04:d5:04:26:fc:6c:
90:0f:f8:5e:1c:3a:64:a2:53:2f:f0:32:8f:53:53:68:f4:ae:
fa:37:e8:f9:fb:f9:86:bf:73:11:53:92:d7:a0:15:40:e5:40:
ff:02:15:fc:09:eb:1a:12:a9:4b:e5:3f:62:43:84:68:6c:69:
42:cb:1f:2d:66:63:e6:da:07:3f:d5:c4:1e:dc:10:7d:38:04:
ea:f8:5d:fd:fc:aa:06:d7:5e:41:59:d8:84:9f:b2:92:3a:37:
ea:b5:32:c5:9c:80:ca:5b:0b:89:6e:3f:25:4b:cb:9a:c7:0a:
e4:97:b1:20:c7:29:43:cd:5f:a9:b8:4b:b6:95:ff:b8:bc:8b:
5d:d4:e2:a5:ef:f1:72:ee:56:62:51:12:e3:13:c4:89:1e:97:
2d:16:2a:4a:e9:8f:96:01:aa:c0:dd:3a:77:bb:a8:4b:96:b3:
53:a8:e6:9a:d8:c2:86:71:8e:14:fa:74:3c:91:27:e5:3d:b8:
9e:f0:1b:28:43:c6:94:87:c6:b9:a6:49:3d:7b:67:58:02:4a:
b3:fe:d9:4d:a3:e4:d4:8c:ff:32:df:43:fc:ca:15:b1:24:6c:
94:58:d2:36:ba:63:ae:4b:c2:19:ae:82:aa:cb:60:80:fa:74:
8f:2a:74:3a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2adOJ6URCdwqhxB1lYPDNCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxZDdlY2YxNzE0MmIzYjA5MzVmOGUzN2I4ZjdkOWMyNTNm
MGVlMTkwHhcNMjYwNDE3MDgwMDQ0WhcNMjYwNDE4MDgwMDQ0WjAzMTEwLwYDVQQD
Eyg1ZDQ4YTM4MmMwMWM4NDE4NjEwZDFlNjFjNmU4MGM3Y2JlNWU0MTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmuGMMF+tO/Uom6p4m8c/jF+//t2j
ldxQ2VurBwAClwJh/q6LYpoNDfrIkAjIk7/VbEmvQFdVHq0sFahhQIPEFcf4noLt
b61xNtpJaEDsxcXwK9AmYfSgVFWbCz8b8sQTIQNjilaR7u2i6wigSgv1hTs8/upt
kHp6oEPRqQjPWVmCG2YZNk8yFmA98HOrwMKLtTQxVMcg3vXT5ofSWAYAFv0iMMbE
8U5qZTTmYMxNED2DwW9MBs2wki08qcAjFE6uV7pbBp8+kZY3TP7aUkHotOBLVNGp
sRXRLPgo3qkKORomwDKPXHWBDplWE8+TYEwJY1Y1/PHOJ29mzrinoLLTDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF1Io4LAHIQYYQ0eYcboDHy+XkEdMB8GA1UdIwQY
MBaAFJHX7PFxQrOwk1+ON7j32cJT8O4ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2RmczhYRkNzN0NUWDQ0M3VQZlp3bFB3N2hrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi9iMDhlNmUtMDgyMi00MjI0LTk1NGIt
YTZiMWFkMzRlMDhjLzEva2RmczhYRkNzN0NUWDQ0M3VQZlp3bFB3N2hrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi9iMDhlNmUtMDgyMi00MjI0LTk1NGItYTZiMWFkMzRlMDhj
LzEva2RmczhYRkNzN0NUWDQ0M3VQZlp3bFB3N2hrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAV1rI56gS
wjYx7hjcBNUEJvxskA/4Xhw6ZKJTL/Ayj1NTaPSu+jfo+fv5hr9zEVOS16AVQOVA
/wIV/AnrGhKpS+U/YkOEaGxpQssfLWZj5toHP9XEHtwQfTgE6vhd/fyqBtdeQVnY
hJ+ykjo36rUyxZyAylsLiW4/JUvLmscK5JexIMcpQ81fqbhLtpX/uLyLXdTipe/x
cu5WYlES4xPEiR6XLRYqSumPlgGqwN06d7uoS5azU6jmmtjChnGOFPp0PJEn5T24
nvAbKEPGlIfGuaZJPXtnWAJKs/7ZTaPk1Iz/Mt9D/MoVsSRslFjSNrpjrkvCGa6C
qstggPp0jyp0Og==
-----END CERTIFICATE-----
Generated at Fri Apr 17 12:32:18 2026 by rpki-client