Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/7f1b74-c8d7-4a0d-8a39-daa7390b5ba7/1/kfWJGibPpDaiPn4f-XZki-5573c.mft
File: kfWJGibPpDaiPn4f-XZki-5573c.mft (raw, json)
Hash identifier: D3kxB4lfojPeW1p0z6KSZf7uzx5RsKIv77FNYiqDhLk=
Subject key identifier: 4A:8D:F0:9B:27:F8:D2:3D:27:EE:A7:55:F2:89:53:1E:BA:3C:DC:46
Authority key identifier: 91:F5:89:1A:26:CF:A4:36:A2:3E:7E:1F:F9:76:64:8B:EE:79:EF:77
Certificate issuer: /CN=91f5891a26cfa436a23e7e1ff976648bee79ef77
Certificate serial: 019D08C340802A87F203130101C58A4C05BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kfWJGibPpDaiPn4f-XZki-5573c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/7f1b74-c8d7-4a0d-8a39-daa7390b5ba7/1/kfWJGibPpDaiPn4f-XZki-5573c.mft
Manifest number: 16E6
Signing time: Fri 20 Mar 2026 01:01:46 +0000
Manifest this update: Fri 20 Mar 2026 01:01:46 +0000
Manifest next update: Sat 21 Mar 2026 01:01:46 +0000
Files and hashes: 1: 13pODHcx3eQP7xOkMHNEefG7IIQ.roa (hash: qlJleMO2jwSLSXtFMrN9K1iB2b/o+2MJHkGDE9iSiW4=)
2: kfWJGibPpDaiPn4f-XZki-5573c.crl (hash: 0szhBzgbM72ZTF/VHlv3hiDv6TG0+1t9APrfPK+c8Rc=)
3: n4Dsi3C82jo2ZtBfzJElgZJ-w5k.roa (hash: 3luKXeODer9xKHZYN0At3nnyayOvshr2VqXrwUa+RzY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/23/7f1b74-c8d7-4a0d-8a39-daa7390b5ba7/1/kfWJGibPpDaiPn4f-XZki-5573c.crl
rsync://rpki.ripe.net/repository/DEFAULT/23/7f1b74-c8d7-4a0d-8a39-daa7390b5ba7/1/kfWJGibPpDaiPn4f-XZki-5573c.mft
rsync://rpki.ripe.net/repository/DEFAULT/kfWJGibPpDaiPn4f-XZki-5573c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 21 Mar 2026 01:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:08:c3:40:80:2a:87:f2:03:13:01:01:c5:8a:4c:05:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91f5891a26cfa436a23e7e1ff976648bee79ef77
Validity
Not Before: Mar 20 01:01:46 2026 GMT
Not After : Mar 21 01:01:46 2026 GMT
Subject: CN=4a8df09b27f8d23d27eea755f289531eba3cdc46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:c9:58:39:6b:95:fe:19:cb:5b:f7:22:1b:f3:
dd:e5:a1:79:66:ed:aa:26:21:2e:b3:80:d3:76:9f:
0f:69:b6:4c:01:db:56:7c:10:72:51:d1:97:c0:d2:
82:71:bd:ab:f7:32:c4:ab:58:75:dc:96:7c:93:66:
ff:df:49:92:57:ca:08:43:a3:04:9c:ae:f2:58:31:
e9:47:19:74:f0:59:5e:f7:33:e3:84:c7:9a:d7:36:
ad:37:62:b5:95:09:3c:15:bc:cd:e7:dc:2f:65:49:
0d:4e:00:ed:87:09:ab:69:f0:ec:a2:61:78:77:14:
34:32:f5:f7:9a:0b:d4:c8:5a:6d:c0:4d:80:5c:94:
b1:dd:3d:19:02:b0:e3:ff:4b:18:e0:45:c9:e2:c9:
3a:ea:db:09:99:00:f4:06:d3:5a:b2:95:0a:fa:0e:
4d:58:d8:40:18:14:fd:55:26:3e:0f:c3:0f:ba:b9:
08:c2:2c:61:7f:25:45:3e:9a:cb:d8:3e:14:ef:b7:
a9:ac:66:21:eb:42:c3:ba:04:59:95:62:1a:94:2e:
3d:6a:01:39:c0:43:66:43:4d:48:12:97:78:de:2a:
3f:ff:21:d2:48:de:d1:6b:bf:ca:1e:96:0b:20:fc:
4e:b8:e9:cf:16:29:b1:91:4f:66:a5:fe:46:9e:a3:
0f:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:8D:F0:9B:27:F8:D2:3D:27:EE:A7:55:F2:89:53:1E:BA:3C:DC:46
X509v3 Authority Key Identifier:
keyid:91:F5:89:1A:26:CF:A4:36:A2:3E:7E:1F:F9:76:64:8B:EE:79:EF:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kfWJGibPpDaiPn4f-XZki-5573c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/7f1b74-c8d7-4a0d-8a39-daa7390b5ba7/1/kfWJGibPpDaiPn4f-XZki-5573c.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/7f1b74-c8d7-4a0d-8a39-daa7390b5ba7/1/kfWJGibPpDaiPn4f-XZki-5573c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
81:35:23:11:d6:e5:91:e7:af:bd:d3:14:25:3b:34:72:ee:42:
f9:81:3a:af:98:29:cf:b2:d6:7b:04:5e:cf:ef:67:be:de:af:
08:27:85:1b:12:5d:ec:eb:9d:00:dd:18:38:4e:b2:8e:f3:b1:
6c:f6:d1:a0:3b:54:39:8e:9e:f1:06:6b:19:06:d0:bd:46:0e:
a9:43:17:d5:3e:a9:c7:73:b2:cd:78:f3:94:28:36:4d:85:a8:
41:09:7f:99:66:b2:71:61:3e:a3:bf:c4:e0:f3:a6:e3:f2:f2:
1f:55:ab:99:33:c4:c8:ac:8d:eb:12:44:48:64:10:09:a6:c7:
64:77:03:19:06:04:ec:d1:45:4e:78:7d:74:b0:1b:81:fe:e3:
47:a1:fc:e8:6c:b9:55:f9:3d:d8:9c:18:ab:82:fd:72:94:3e:
b9:69:e2:c3:70:fa:d1:06:30:04:ac:54:e2:ae:63:4d:5f:2d:
13:22:5e:9f:66:89:b6:51:f8:22:88:bd:73:bc:a3:8e:f4:fb:
0b:52:10:7d:84:b0:83:b9:54:05:1b:3c:b0:c1:a5:07:d1:e8:
c2:d4:9d:05:1e:4a:ea:86:6d:c0:93:31:f8:c3:ef:31:c6:a8:
b6:6c:d9:f8:99:a5:50:77:3f:50:3a:a0:bf:73:87:7e:ef:9e:
c5:c0:0f:89
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0Iw0CAKofyAxMBAcWKTAW7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxZjU4OTFhMjZjZmE0MzZhMjNlN2UxZmY5NzY2NDhiZWU3
OWVmNzcwHhcNMjYwMzIwMDEwMTQ2WhcNMjYwMzIxMDEwMTQ2WjAzMTEwLwYDVQQD
Eyg0YThkZjA5YjI3ZjhkMjNkMjdlZWE3NTVmMjg5NTMxZWJhM2NkYzQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyMlYOWuV/hnLW/ciG/Pd5aF5Zu2q
JiEus4DTdp8PabZMAdtWfBByUdGXwNKCcb2r9zLEq1h13JZ8k2b/30mSV8oIQ6ME
nK7yWDHpRxl08Fle9zPjhMea1zatN2K1lQk8FbzN59wvZUkNTgDthwmrafDsomF4
dxQ0MvX3mgvUyFptwE2AXJSx3T0ZArDj/0sY4EXJ4sk66tsJmQD0BtNaspUK+g5N
WNhAGBT9VSY+D8MPurkIwixhfyVFPprL2D4U77eprGYh60LDugRZlWIalC49agE5
wENmQ01IEpd43io//yHSSN7Ra7/KHpYLIPxOuOnPFimxkU9mpf5GnqMPFwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEqN8Jsn+NI9J+6nVfKJUx66PNxGMB8GA1UdIwQY
MBaAFJH1iRomz6Q2oj5+H/l2ZIvuee93MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2ZXSkdpYlBwRGFpUG40Zi1YWmtpLTU1NzNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy83ZjFiNzQtYzhkNy00YTBkLThhMzkt
ZGFhNzM5MGI1YmE3LzEva2ZXSkdpYlBwRGFpUG40Zi1YWmtpLTU1NzNjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy83ZjFiNzQtYzhkNy00YTBkLThhMzktZGFhNzM5MGI1YmE3
LzEva2ZXSkdpYlBwRGFpUG40Zi1YWmtpLTU1NzNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgTUjEdbl
keevvdMUJTs0cu5C+YE6r5gpz7LWewRez+9nvt6vCCeFGxJd7OudAN0YOE6yjvOx
bPbRoDtUOY6e8QZrGQbQvUYOqUMX1T6px3OyzXjzlCg2TYWoQQl/mWaycWE+o7/E
4POm4/LyH1WrmTPEyKyN6xJESGQQCabHZHcDGQYE7NFFTnh9dLAbgf7jR6H86Gy5
Vfk92JwYq4L9cpQ+uWniw3D60QYwBKxU4q5jTV8tEyJen2aJtlH4Ioi9c7yjjvT7
C1IQfYSwg7lUBRs8sMGlB9HowtSdBR5K6oZtwJMx+MPvMcaotmzZ+JmlUHc/UDqg
v3OHfu+excAPiQ==
-----END CERTIFICATE-----
Generated at Fri Mar 20 04:33:12 2026 by rpki-client