Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/bcf272-d751-45be-9856-018a3770da77/1/KfFNQRwg7PxJYhX82w9D2EchkJY.mft
File: KfFNQRwg7PxJYhX82w9D2EchkJY.mft (raw, json)
Hash identifier: ZARySpoDifPtiqLzZiiABB6J+qxNqupFSAIP5DpOH1o=
Subject key identifier: 6F:C2:5A:12:C0:62:D8:BF:5C:34:20:7A:7A:AE:3C:12:66:C2:DD:B9
Authority key identifier: 29:F1:4D:41:1C:20:EC:FC:49:62:15:FC:DB:0F:43:D8:47:21:90:96
Certificate issuer: /CN=29f14d411c20ecfc496215fcdb0f43d847219096
Certificate serial: 019D390A2A16A895D27894183ED66B46FE10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KfFNQRwg7PxJYhX82w9D2EchkJY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/bcf272-d751-45be-9856-018a3770da77/1/KfFNQRwg7PxJYhX82w9D2EchkJY.mft
Manifest number: 1523
Signing time: Sun 29 Mar 2026 10:01:00 +0000
Manifest this update: Sun 29 Mar 2026 10:01:00 +0000
Manifest next update: Mon 30 Mar 2026 10:01:00 +0000
Files and hashes: 1: KfFNQRwg7PxJYhX82w9D2EchkJY.crl (hash: avRxVZXaxF/JeYR/g01jIFyu0B9/efGeI5ehjQggs/g=)
2: iu7FFkG2QJaHmPA7RGTX_kUyXKI.roa (hash: QTLspgP39MYk5PSZszpGPAjQcEqECucB1FhWpPvxaIM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/18/bcf272-d751-45be-9856-018a3770da77/1/KfFNQRwg7PxJYhX82w9D2EchkJY.crl
rsync://rpki.ripe.net/repository/DEFAULT/18/bcf272-d751-45be-9856-018a3770da77/1/KfFNQRwg7PxJYhX82w9D2EchkJY.mft
rsync://rpki.ripe.net/repository/DEFAULT/KfFNQRwg7PxJYhX82w9D2EchkJY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:0a:2a:16:a8:95:d2:78:94:18:3e:d6:6b:46:fe:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29f14d411c20ecfc496215fcdb0f43d847219096
Validity
Not Before: Mar 29 10:01:00 2026 GMT
Not After : Mar 30 10:01:00 2026 GMT
Subject: CN=6fc25a12c062d8bf5c34207a7aae3c1266c2ddb9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:4c:04:b7:b1:5d:22:66:d0:68:27:d0:a1:8b:
55:7c:41:b3:b1:3e:3b:85:23:20:31:7d:59:9c:ea:
c3:ea:20:1f:d5:6c:32:57:29:e6:e4:7c:19:3d:9e:
87:91:e4:b5:89:6f:a8:13:d9:e2:ad:ae:b8:10:e3:
cd:06:49:c5:7b:dd:ab:da:78:bb:85:d7:95:51:a3:
7e:78:08:47:f6:ee:fd:51:32:20:52:29:ee:29:b6:
2d:5a:50:7e:6d:64:9f:0f:61:db:6d:d5:d8:1e:e9:
d7:4a:cd:c8:e9:a7:35:d5:99:33:92:92:c8:00:58:
01:61:5f:53:82:79:d3:d9:7c:fb:37:c2:50:38:b6:
52:d7:cb:34:51:1e:1e:49:06:85:7e:a5:e2:b2:9a:
37:70:e8:17:0d:1f:11:e5:b7:92:10:2d:35:dc:6f:
8b:94:d3:5e:98:41:7b:4a:57:6f:6d:79:a6:0f:30:
50:54:fd:1f:5c:e8:b8:af:d6:48:60:26:a6:40:89:
42:02:c8:42:80:f9:06:8e:36:84:6a:e3:f3:0d:bf:
67:c0:e2:d0:78:bf:ea:e2:b9:31:e5:63:82:cc:5c:
be:ea:66:87:fc:06:87:c9:b0:5f:10:86:ea:50:94:
a7:55:92:08:e7:7a:a2:6d:dc:58:d2:a7:64:b7:cb:
17:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:C2:5A:12:C0:62:D8:BF:5C:34:20:7A:7A:AE:3C:12:66:C2:DD:B9
X509v3 Authority Key Identifier:
keyid:29:F1:4D:41:1C:20:EC:FC:49:62:15:FC:DB:0F:43:D8:47:21:90:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KfFNQRwg7PxJYhX82w9D2EchkJY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/bcf272-d751-45be-9856-018a3770da77/1/KfFNQRwg7PxJYhX82w9D2EchkJY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/bcf272-d751-45be-9856-018a3770da77/1/KfFNQRwg7PxJYhX82w9D2EchkJY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a3:a9:73:2e:60:d0:26:38:c3:5d:7f:30:cf:0d:60:53:46:cf:
87:ae:6e:69:e8:4f:e9:d5:f3:36:38:03:f7:4a:5c:6d:66:1a:
da:35:13:10:8e:c2:ff:09:04:f3:18:e6:2a:44:16:08:f3:02:
d5:f6:b8:ff:1b:a9:08:fa:3d:65:5f:2d:39:fd:d3:f3:f0:13:
e0:09:84:ea:46:94:49:d7:bf:9a:22:0d:4c:75:59:fe:56:43:
5a:0f:a5:2b:6c:16:2f:2d:74:ab:85:6c:f9:ac:db:c8:00:18:
22:69:b7:2a:9f:18:87:9a:89:dc:70:3a:da:24:42:b9:20:6c:
ea:68:d6:b8:ab:51:19:4c:e2:54:0e:4f:0a:88:a9:c5:55:ef:
38:af:d6:74:fb:90:12:31:67:4d:7b:93:b9:0a:cf:0a:12:6e:
f6:cc:4a:77:e0:c5:25:72:14:d3:6c:a1:f4:cd:7b:4e:55:c9:
9d:49:a7:da:be:11:14:06:7a:0c:49:b8:4e:aa:2d:ec:09:21:
e7:77:62:90:1d:47:94:33:68:ca:7a:80:d8:86:7d:71:f7:f2:
76:6c:4f:51:15:f7:2f:e8:51:30:62:4d:a5:75:9b:e6:04:50:
8d:bc:20:66:50:f6:a8:26:42:6d:41:ab:fa:33:cf:13:f4:90:
8f:18:db:97
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05CioWqJXSeJQYPtZrRv4QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZjE0ZDQxMWMyMGVjZmM0OTYyMTVmY2RiMGY0M2Q4NDcy
MTkwOTYwHhcNMjYwMzI5MTAwMTAwWhcNMjYwMzMwMTAwMTAwWjAzMTEwLwYDVQQD
Eyg2ZmMyNWExMmMwNjJkOGJmNWMzNDIwN2E3YWFlM2MxMjY2YzJkZGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxUwEt7FdImbQaCfQoYtVfEGzsT47
hSMgMX1ZnOrD6iAf1WwyVynm5HwZPZ6HkeS1iW+oE9nira64EOPNBknFe92r2ni7
hdeVUaN+eAhH9u79UTIgUinuKbYtWlB+bWSfD2HbbdXYHunXSs3I6ac11ZkzkpLI
AFgBYV9TgnnT2Xz7N8JQOLZS18s0UR4eSQaFfqXispo3cOgXDR8R5beSEC013G+L
lNNemEF7SldvbXmmDzBQVP0fXOi4r9ZIYCamQIlCAshCgPkGjjaEauPzDb9nwOLQ
eL/q4rkx5WOCzFy+6maH/AaHybBfEIbqUJSnVZII53qibdxY0qdkt8sXiQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG/CWhLAYti/XDQgenquPBJmwt25MB8GA1UdIwQY
MBaAFCnxTUEcIOz8SWIV/NsPQ9hHIZCWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2ZGTlFSd2c3UHhKWWhYODJ3OUQyRWNoa0pZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9iY2YyNzItZDc1MS00NWJlLTk4NTYt
MDE4YTM3NzBkYTc3LzEvS2ZGTlFSd2c3UHhKWWhYODJ3OUQyRWNoa0pZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9iY2YyNzItZDc1MS00NWJlLTk4NTYtMDE4YTM3NzBkYTc3
LzEvS2ZGTlFSd2c3UHhKWWhYODJ3OUQyRWNoa0pZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAo6lzLmDQ
JjjDXX8wzw1gU0bPh65uaehP6dXzNjgD90pcbWYa2jUTEI7C/wkE8xjmKkQWCPMC
1fa4/xupCPo9ZV8tOf3T8/AT4AmE6kaUSde/miINTHVZ/lZDWg+lK2wWLy10q4Vs
+azbyAAYImm3Kp8Yh5qJ3HA62iRCuSBs6mjWuKtRGUziVA5PCoipxVXvOK/WdPuQ
EjFnTXuTuQrPChJu9sxKd+DFJXIU02yh9M17TlXJnUmn2r4RFAZ6DEm4Tqot7Akh
53dikB1HlDNoynqA2IZ9cffydmxPURX3L+hRMGJNpXWb5gRQjbwgZlD2qCZCbUGr
+jPPE/SQjxjblw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 13:43:33 2026 by rpki-client