Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/75dbc4-ae22-4971-9ef5-a3f355beeedd/1/KFjS8TFxXLrzzdkgZFkk9TUI4Gc.mft
File: KFjS8TFxXLrzzdkgZFkk9TUI4Gc.mft (raw, json)
Hash identifier: SyZVd88v6mpD5lFxq/gCMPyIU0BDRmh5abt+DbOVM/U=
Subject key identifier: 52:A2:9C:DD:19:61:6D:12:66:C6:3E:FA:5F:46:8A:8E:06:3C:AC:B4
Authority key identifier: 28:58:D2:F1:31:71:5C:BA:F3:CD:D9:20:64:59:24:F5:35:08:E0:67
Certificate issuer: /CN=2858d2f131715cbaf3cdd920645924f53508e067
Certificate serial: 019D3977C41B20D30EAAA9BB47266007EBF1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KFjS8TFxXLrzzdkgZFkk9TUI4Gc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/75dbc4-ae22-4971-9ef5-a3f355beeedd/1/KFjS8TFxXLrzzdkgZFkk9TUI4Gc.mft
Manifest number: 0D2F
Signing time: Sun 29 Mar 2026 12:00:43 +0000
Manifest this update: Sun 29 Mar 2026 12:00:43 +0000
Manifest next update: Mon 30 Mar 2026 12:00:43 +0000
Files and hashes: 1: 1-dlVSJ7JEEPisJQ9EP0HveRpK-4.roa (hash: RiIz/j+OmLa7FEdZbMFlKrhGfrujyA65C/HnMjy7A3s=)
2: KFjS8TFxXLrzzdkgZFkk9TUI4Gc.crl (hash: vPmiw5Yy+z5tOLrT+Ag1LK1yZVoOixU/eUknH1wiHlY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/12/75dbc4-ae22-4971-9ef5-a3f355beeedd/1/KFjS8TFxXLrzzdkgZFkk9TUI4Gc.crl
rsync://rpki.ripe.net/repository/DEFAULT/12/75dbc4-ae22-4971-9ef5-a3f355beeedd/1/KFjS8TFxXLrzzdkgZFkk9TUI4Gc.mft
rsync://rpki.ripe.net/repository/DEFAULT/KFjS8TFxXLrzzdkgZFkk9TUI4Gc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:77:c4:1b:20:d3:0e:aa:a9:bb:47:26:60:07:eb:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2858d2f131715cbaf3cdd920645924f53508e067
Validity
Not Before: Mar 29 12:00:43 2026 GMT
Not After : Mar 30 12:00:43 2026 GMT
Subject: CN=52a29cdd19616d1266c63efa5f468a8e063cacb4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:89:24:78:ba:76:ae:e9:2d:96:a2:45:e1:17:
c8:8c:be:03:17:a8:06:2c:c3:b4:3c:7c:9b:2a:9c:
98:1e:bc:7a:cc:a4:e7:c4:fb:fb:05:8d:72:d0:bf:
f2:c3:ee:43:55:96:84:9d:9e:c7:6e:19:ac:5a:4b:
17:0a:40:47:0b:95:46:de:b9:22:0f:76:8f:8e:09:
84:24:1c:49:0b:13:3e:3f:66:b7:16:06:10:e7:ca:
8d:a3:8e:5c:9e:74:aa:b2:a6:9b:1a:9a:7b:fc:ca:
44:f1:8c:91:9e:5b:07:bc:12:58:cc:36:25:b0:7d:
c8:f2:72:b7:54:cb:e0:bf:3d:05:9c:71:31:18:3d:
2d:c1:c5:3b:f2:cb:f7:2b:e6:8a:26:fc:95:38:58:
d8:4f:63:36:c2:ee:4e:1e:5c:bb:22:0d:02:32:c1:
f0:90:df:cc:56:27:08:dc:c2:be:76:8a:9c:61:27:
96:16:01:68:77:d2:65:75:c3:54:9c:63:1b:96:7a:
52:62:3a:13:e9:4f:7c:f4:a6:a9:ef:5d:ef:16:27:
83:dc:22:2e:84:08:15:dc:e9:ca:37:53:d4:b7:32:
f9:17:9f:3b:da:e3:30:d9:d2:a8:82:26:26:6b:19:
b7:11:ac:22:7c:5b:6f:9d:55:5b:44:d4:f6:e5:d8:
c9:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:A2:9C:DD:19:61:6D:12:66:C6:3E:FA:5F:46:8A:8E:06:3C:AC:B4
X509v3 Authority Key Identifier:
keyid:28:58:D2:F1:31:71:5C:BA:F3:CD:D9:20:64:59:24:F5:35:08:E0:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KFjS8TFxXLrzzdkgZFkk9TUI4Gc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/75dbc4-ae22-4971-9ef5-a3f355beeedd/1/KFjS8TFxXLrzzdkgZFkk9TUI4Gc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/75dbc4-ae22-4971-9ef5-a3f355beeedd/1/KFjS8TFxXLrzzdkgZFkk9TUI4Gc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
87:60:24:22:ba:6f:2f:01:fd:1f:9b:af:0b:b5:cd:70:4c:60:
28:3b:8c:14:85:74:86:7e:02:83:97:fc:88:6e:01:fd:da:4b:
2b:91:f5:28:4f:de:70:cc:19:95:09:f2:0f:c3:6d:d9:7a:0c:
65:db:0d:8e:51:0d:ee:84:71:4a:c0:66:96:50:72:c5:23:9e:
6b:25:41:6d:14:03:1a:51:17:d9:4e:b4:c1:34:e6:0b:02:24:
df:cb:b2:ce:2c:23:89:d1:82:14:1e:75:de:41:7d:c4:07:1d:
cc:7e:8f:40:f1:75:d9:f2:e7:75:4a:9f:40:ad:52:3b:d1:23:
52:40:d2:b0:d5:b1:3f:c5:1e:d8:48:61:0b:b0:38:a7:03:ba:
0a:85:bd:b1:d3:86:1a:3b:15:af:cc:30:da:e5:b9:19:7e:66:
6f:52:25:59:ec:8e:fb:ec:17:4b:58:09:7f:c9:fc:01:42:3d:
a6:3b:22:f2:39:31:c7:51:eb:b0:ad:41:61:c9:6c:37:98:cb:
3c:4d:59:a8:fd:f4:30:16:17:95:08:3f:99:91:3d:e8:d8:5a:
92:ce:80:0e:08:1d:1c:51:0c:40:6a:de:50:b2:9c:fa:68:61:
f8:8f:9e:47:f6:e8:56:d3:ed:60:7c:ea:7e:de:c2:07:36:2f:
f4:5b:2a:55
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05d8QbINMOqqm7RyZgB+vxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4NThkMmYxMzE3MTVjYmFmM2NkZDkyMDY0NTkyNGY1MzUw
OGUwNjcwHhcNMjYwMzI5MTIwMDQzWhcNMjYwMzMwMTIwMDQzWjAzMTEwLwYDVQQD
Eyg1MmEyOWNkZDE5NjE2ZDEyNjZjNjNlZmE1ZjQ2OGE4ZTA2M2NhY2I0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvIkkeLp2ruktlqJF4RfIjL4DF6gG
LMO0PHybKpyYHrx6zKTnxPv7BY1y0L/yw+5DVZaEnZ7HbhmsWksXCkBHC5VG3rki
D3aPjgmEJBxJCxM+P2a3FgYQ58qNo45cnnSqsqabGpp7/MpE8YyRnlsHvBJYzDYl
sH3I8nK3VMvgvz0FnHExGD0twcU78sv3K+aKJvyVOFjYT2M2wu5OHly7Ig0CMsHw
kN/MVicI3MK+doqcYSeWFgFod9JldcNUnGMblnpSYjoT6U989Kap713vFieD3CIu
hAgV3OnKN1PUtzL5F5872uMw2dKogiYmaxm3EawifFtvnVVbRNT25djJwwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFKinN0ZYW0SZsY++l9Gio4GPKy0MB8GA1UdIwQY
MBaAFChY0vExcVy6883ZIGRZJPU1COBnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0ZqUzhURnhYTHJ6emRrZ1pGa2s5VFVJNEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi83NWRiYzQtYWUyMi00OTcxLTllZjUt
YTNmMzU1YmVlZWRkLzEvS0ZqUzhURnhYTHJ6emRrZ1pGa2s5VFVJNEdjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi83NWRiYzQtYWUyMi00OTcxLTllZjUtYTNmMzU1YmVlZWRk
LzEvS0ZqUzhURnhYTHJ6emRrZ1pGa2s5VFVJNEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAh2AkIrpv
LwH9H5uvC7XNcExgKDuMFIV0hn4Cg5f8iG4B/dpLK5H1KE/ecMwZlQnyD8Nt2XoM
ZdsNjlEN7oRxSsBmllByxSOeayVBbRQDGlEX2U60wTTmCwIk38uyziwjidGCFB51
3kF9xAcdzH6PQPF12fLndUqfQK1SO9EjUkDSsNWxP8Ue2EhhC7A4pwO6CoW9sdOG
GjsVr8ww2uW5GX5mb1IlWeyO++wXS1gJf8n8AUI9pjsi8jkxx1HrsK1BYclsN5jL
PE1ZqP30MBYXlQg/mZE96Nhaks6ADggdHFEMQGreULKc+mhh+I+eR/boVtPtYHzq
ft7CBzYv9FsqVQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 15:03:14 2026 by rpki-client