
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.mft
File: MkdKx8qF4JwtSLM-e_Zvjtdk3g8.mft (raw, json)
Hash identifier: 98XE38h0dPDg6zMNLMuBgK1bBff8jahWcdf3cN39aoU=
Subject key identifier: BF:3F:46:D2:54:88:19:4A:40:32:83:50:D5:2E:AF:F4:E3:AE:EE:13
Authority key identifier: 32:47:4A:C7:CA:85:E0:9C:2D:48:B3:3E:7B:F6:6F:8E:D7:64:DE:0F
Certificate issuer: /CN=32474ac7ca85e09c2d48b33e7bf66f8ed764de0f
Certificate serial: 019D0A42F492B5A9AD3539662E61DDC2FE0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.mft
Manifest number: 18A2
Signing time: Fri 20 Mar 2026 08:00:53 +0000
Manifest this update: Fri 20 Mar 2026 08:00:53 +0000
Manifest next update: Sat 21 Mar 2026 08:00:53 +0000
Files and hashes: 1: 0ld9oICrjkM9PiOBYi7PkCMaP7g.roa (hash: 7pPoPeKMxfAld72vWaWuaU3WiGoLWbNKS8HJfbCj2GY=)
2: 1BFQM936y9WGcLJKwy60Wg2ag-8.roa (hash: NTbQFXMY5QSvW0BgWqBt3HeqiX8tXZPRJi0IS+SKq2s=)
3: DT8TXPB7Zoh4Y9JFFdsSZ2RIgLg.roa (hash: cdCtaCnFbbokb4IxB6SbsLXr+yswcQckTbmvZnS/sJA=)
4: H3d0QP653F6Jo-epVSXBiVH1h6k.roa (hash: B2NZF4jz4UwnLzA3KbDxjNp0EF7Qv4Th+B09WImKi2I=)
5: MkdKx8qF4JwtSLM-e_Zvjtdk3g8.crl (hash: xTIXwxmi31lqLsUz91eJYLF3GQ3Ct+JSz58WwnS4l08=)
6: O2mRnCNeDokP5q-PUWLd28D1SG8.roa (hash: XL7s2EUC28zeBKoJlmCFsu+5IjkYrbxfH3a9YMWon60=)
7: XPPuMgWRNY1QAnjWn2LftTc8cH4.roa (hash: LqWi3Xbli/jxxlx74n8O7L6EJtxaJ1UA0GYHmPMDyEU=)
8: ZRr2QwcqGgt_EOiTtMFoE-lkmow.roa (hash: SIg3ToChfd1+8YW/rxSI4oA419Stw5Sb9StcFL22beM=)
9: dY6eqUD4ykA92I5VKqHmYTX3q88.roa (hash: uvlx5CXBvfA8EWdxrFvclZnKJJH1HmhxtH5z6Fa+fBo=)
10: hCjWTJUhp9C-lxxCdRV4Jwzm4mk.roa (hash: ECwHPN5lxdIugX2ttk1L3l/uci2ps9CeCy1VAcBMeQs=)
11: lERL5Mrj2Bt3hRDr7br_N3d-JkE.roa (hash: /A5fyVRtCeR1gSok1lWq8T+wbRAaNz8PoEuYxSfdZSU=)
12: lWQXyxEJYv9OPJsRSSX1CCPbFb8.roa (hash: qyL/Gv6WkVcsE18337JVKs2VK9z6GTYDQ6GMJ2m3/WQ=)
13: whyP5FxoblHoIHhMTAeqWb1jp8w.roa (hash: a7SodNhSARcbHydA3wymHLN4IRqMOWIhBwT2PU/EoPc=)
14: zd2dqaKa6O4wz9TxJzSxhbKbteU.roa (hash: Sv1+bPBughIj/le0hfMKADppbA91Co/u0NeJGW/Uifs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.crl
rsync://rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.mft
rsync://rpki.ripe.net/repository/DEFAULT/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 21 Mar 2026 02:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:0a:42:f4:92:b5:a9:ad:35:39:66:2e:61:dd:c2:fe:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=32474ac7ca85e09c2d48b33e7bf66f8ed764de0f
Validity
Not Before: Mar 20 08:00:53 2026 GMT
Not After : Mar 21 08:00:53 2026 GMT
Subject: CN=bf3f46d25488194a40328350d52eaff4e3aeee13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:89:3b:46:c3:64:b7:a4:65:f7:0a:83:14:cf:
5c:ab:21:88:0d:57:6a:c5:a3:4e:94:8a:a1:c9:78:
57:03:c9:47:ca:6b:b3:53:8c:d9:bf:29:96:52:53:
d2:88:5f:42:4f:72:57:f1:8c:f7:57:2a:d4:b3:18:
85:77:79:b1:52:0b:0d:bc:64:d2:8b:58:e4:f3:bc:
18:4d:03:31:67:b8:64:6a:3c:73:68:16:c7:71:a4:
48:70:82:4c:9a:72:dc:84:5e:6f:75:05:d8:62:e4:
14:d1:05:7a:9e:ea:11:53:32:0d:e6:5a:b3:6d:51:
50:90:89:81:64:f1:8a:c9:c2:7d:0a:3c:dd:e4:c1:
50:16:a1:66:62:c7:d2:ba:e9:1f:2d:33:e5:1e:ad:
a1:8b:e7:8a:83:5c:30:7c:d8:f7:5a:90:fd:88:b6:
cb:50:ed:68:89:55:ee:ad:20:1b:c5:d7:0d:de:fc:
a7:a7:94:58:a5:12:73:8d:11:50:91:86:2b:12:52:
32:ba:94:f9:e5:b0:e6:66:ba:e3:57:2b:58:18:00:
4d:22:f4:0f:12:24:0e:54:93:a0:31:d9:0b:24:2b:
36:67:89:80:3e:62:01:71:f4:b2:b1:09:39:7a:6d:
31:10:20:32:9e:7f:ca:96:a5:18:c3:0e:9a:e7:af:
02:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:3F:46:D2:54:88:19:4A:40:32:83:50:D5:2E:AF:F4:E3:AE:EE:13
X509v3 Authority Key Identifier:
keyid:32:47:4A:C7:CA:85:E0:9C:2D:48:B3:3E:7B:F6:6F:8E:D7:64:DE:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
ae:66:8d:f7:eb:91:8c:9d:a6:fc:31:1a:a2:4b:4a:d3:7d:2d:
5c:a5:46:92:9b:cc:36:1b:fc:f7:b2:2d:5f:ab:49:19:98:32:
76:05:45:8f:b8:2d:73:f2:06:09:86:e0:eb:8e:09:87:fc:47:
e9:40:f1:ef:5c:ca:da:27:af:2e:a0:18:08:4b:62:62:da:d4:
22:78:f3:8d:4a:d0:5d:16:d2:64:d9:83:0a:a9:1d:cd:41:8d:
f9:cb:0f:82:24:89:44:64:58:67:d2:10:2f:c0:31:a6:40:a4:
12:55:01:77:a5:b3:80:16:bd:f8:c1:2a:f0:00:5c:87:a2:97:
e8:dc:59:01:8d:93:2d:93:43:2e:d3:69:fd:99:f0:8d:b5:68:
42:53:b2:21:3c:f2:f8:13:52:c6:6e:f5:c0:fe:95:a2:83:a1:
5e:14:2c:cf:4b:31:b2:c3:7d:91:c3:bb:c3:d0:28:e4:4c:d3:
43:16:da:67:f4:cd:f4:c3:8c:95:83:28:55:c6:dd:2f:36:60:
61:d1:67:26:f7:7c:1c:5c:c9:73:9e:7e:2e:de:bc:b1:19:28:
eb:99:c1:84:18:cd:f8:4c:bf:ba:84:e3:56:e0:c4:19:c2:10:
c5:69:52:4f:69:29:e2:dd:de:c4:86:43:60:be:b4:bc:48:b8:
09:7e:df:12
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0KQvSStamtNTlmLmHdwv4MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyNDc0YWM3Y2E4NWUwOWMyZDQ4YjMzZTdiZjY2ZjhlZDc2
NGRlMGYwHhcNMjYwMzIwMDgwMDUzWhcNMjYwMzIxMDgwMDUzWjAzMTEwLwYDVQQD
EyhiZjNmNDZkMjU0ODgxOTRhNDAzMjgzNTBkNTJlYWZmNGUzYWVlZTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz4k7RsNkt6Rl9wqDFM9cqyGIDVdq
xaNOlIqhyXhXA8lHymuzU4zZvymWUlPSiF9CT3JX8Yz3VyrUsxiFd3mxUgsNvGTS
i1jk87wYTQMxZ7hkajxzaBbHcaRIcIJMmnLchF5vdQXYYuQU0QV6nuoRUzIN5lqz
bVFQkImBZPGKycJ9Cjzd5MFQFqFmYsfSuukfLTPlHq2hi+eKg1wwfNj3WpD9iLbL
UO1oiVXurSAbxdcN3vynp5RYpRJzjRFQkYYrElIyupT55bDmZrrjVytYGABNIvQP
EiQOVJOgMdkLJCs2Z4mAPmIBcfSysQk5em0xECAynn/KlqUYww6a568CgQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL8/RtJUiBlKQDKDUNUur/Tjru4TMB8GA1UdIwQY
MBaAFDJHSsfKheCcLUizPnv2b47XZN4PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWtkS3g4cUY0Snd0U0xNLWVfWnZqdGRrM2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC8xZmQwYTYtNDUxNy00YTBiLWIzYzkt
MTJlYzIyYzljNWEyLzEvTWtkS3g4cUY0Snd0U0xNLWVfWnZqdGRrM2c4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC8xZmQwYTYtNDUxNy00YTBiLWIzYzktMTJlYzIyYzljNWEy
LzEvTWtkS3g4cUY0Snd0U0xNLWVfWnZqdGRrM2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArmaN9+uR
jJ2m/DEaoktK030tXKVGkpvMNhv897ItX6tJGZgydgVFj7gtc/IGCYbg644Jh/xH
6UDx71zK2ievLqAYCEtiYtrUInjzjUrQXRbSZNmDCqkdzUGN+csPgiSJRGRYZ9IQ
L8AxpkCkElUBd6WzgBa9+MEq8ABch6KX6NxZAY2TLZNDLtNp/ZnwjbVoQlOyITzy
+BNSxm71wP6VooOhXhQsz0sxssN9kcO7w9Ao5EzTQxbaZ/TN9MOMlYMoVcbdLzZg
YdFnJvd8HFzJc55+Lt68sRko65nBhBjN+Ey/uoTjVuDEGcIQxWlST2kp4t3exIZD
YL60vEi4CX7fEg==
-----END CERTIFICATE-----
Generated at Fri Mar 20 11:57:47 2026 by rpki-client