Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/43a672-d151-4c4e-9809-149f6365ffda/1/KgGcraFj42jMM2J2PyBrPerE0yA.mft
File: KgGcraFj42jMM2J2PyBrPerE0yA.mft (raw, json)
Hash identifier: AfFISb7+ZWkeXommgGRgG5o8R+FrfsoEzms49W8Y+yM=
Subject key identifier: 80:2F:0F:3B:DE:D0:7F:21:AE:E6:F8:D3:10:F8:0D:9F:0D:D6:E5:65
Authority key identifier: 2A:01:9C:AD:A1:63:E3:68:CC:33:62:76:3F:20:6B:3D:EA:C4:D3:20
Certificate issuer: /CN=2a019cada163e368cc3362763f206b3deac4d320
Certificate serial: 019D39099EDFAF8C408528A9944A00140144
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KgGcraFj42jMM2J2PyBrPerE0yA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/43a672-d151-4c4e-9809-149f6365ffda/1/KgGcraFj42jMM2J2PyBrPerE0yA.mft
Manifest number: 0DFE
Signing time: Sun 29 Mar 2026 10:00:24 +0000
Manifest this update: Sun 29 Mar 2026 10:00:24 +0000
Manifest next update: Mon 30 Mar 2026 10:00:24 +0000
Files and hashes: 1: KgGcraFj42jMM2J2PyBrPerE0yA.crl (hash: KC6Gblt37oz/7npzlDF3/hN6HSiCLhgYHBqZrps+zHY=)
2: jY0MoOJ3PtdveQuCsZ0fuBIhTjY.roa (hash: vqPVQAGkx6I5WnNS9zEmXw+PjdH2vmfPnggrjPunD0I=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f2/43a672-d151-4c4e-9809-149f6365ffda/1/KgGcraFj42jMM2J2PyBrPerE0yA.crl
rsync://rpki.ripe.net/repository/DEFAULT/f2/43a672-d151-4c4e-9809-149f6365ffda/1/KgGcraFj42jMM2J2PyBrPerE0yA.mft
rsync://rpki.ripe.net/repository/DEFAULT/KgGcraFj42jMM2J2PyBrPerE0yA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:09:9e:df:af:8c:40:85:28:a9:94:4a:00:14:01:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a019cada163e368cc3362763f206b3deac4d320
Validity
Not Before: Mar 29 10:00:24 2026 GMT
Not After : Mar 30 10:00:24 2026 GMT
Subject: CN=802f0f3bded07f21aee6f8d310f80d9f0dd6e565
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:35:9f:53:ff:44:3b:c0:d5:53:4d:2f:da:f5:
29:37:61:62:ea:ba:cf:96:19:29:e9:a4:e0:2e:1d:
53:cb:d7:4e:1b:fd:b9:aa:a6:d7:84:e8:67:3e:b9:
e9:e7:58:f2:35:e3:9a:52:a1:45:e4:e5:97:7e:ef:
56:56:d1:73:47:48:bc:be:4b:18:3e:20:6b:b7:0f:
f0:eb:a1:5f:bd:1b:9d:4a:14:b5:e6:27:23:7e:2c:
e9:58:7b:31:7b:a7:7c:8e:cc:32:5a:2a:74:a7:60:
77:da:40:c9:92:75:c3:74:36:66:27:fb:40:b8:4c:
e2:96:43:c6:5a:e6:d1:1c:94:fa:0a:ef:13:0c:ed:
d9:57:59:50:70:6e:88:0a:93:e1:05:f6:0a:e6:a8:
7f:ca:33:95:20:e3:c5:70:ed:45:d1:8f:0f:7b:4c:
9f:7a:d9:59:ea:60:8b:2a:58:56:ee:1d:36:be:7c:
2a:0a:d8:13:6a:f2:cc:9a:18:72:d7:dd:9b:d1:f4:
c3:8a:76:50:9a:b1:b7:3c:8d:15:f3:c5:81:54:7b:
24:ae:cf:9e:17:46:72:da:c3:8e:19:5d:74:69:0c:
46:92:d9:a9:39:b3:1f:49:93:2c:a0:33:53:5a:90:
1d:bf:60:98:af:04:f8:6e:ef:29:c4:99:77:7b:7c:
53:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:2F:0F:3B:DE:D0:7F:21:AE:E6:F8:D3:10:F8:0D:9F:0D:D6:E5:65
X509v3 Authority Key Identifier:
keyid:2A:01:9C:AD:A1:63:E3:68:CC:33:62:76:3F:20:6B:3D:EA:C4:D3:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KgGcraFj42jMM2J2PyBrPerE0yA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/43a672-d151-4c4e-9809-149f6365ffda/1/KgGcraFj42jMM2J2PyBrPerE0yA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/43a672-d151-4c4e-9809-149f6365ffda/1/KgGcraFj42jMM2J2PyBrPerE0yA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
07:c5:21:18:2d:0b:38:f4:ba:b6:26:67:f2:77:94:47:1a:ba:
c6:4d:3d:7d:c5:86:f7:ff:c7:09:fd:8b:d2:59:53:ef:9e:7b:
27:b6:a5:64:de:32:95:93:87:22:5a:19:05:10:fd:43:45:6e:
70:6e:5f:52:1d:e1:c5:ee:90:b2:bf:49:e9:29:b1:2a:32:50:
b5:24:cc:82:c1:14:c4:7c:f9:ed:96:ea:8f:26:26:73:fd:20:
e4:16:72:62:68:5f:8f:37:56:fc:9c:8d:41:19:dc:1c:88:e1:
cf:c1:70:59:33:cf:fd:09:69:46:49:4f:8f:ef:75:55:1b:bd:
dc:45:a0:20:c6:cb:ee:35:3a:41:08:36:5b:0d:67:91:81:b2:
66:38:dc:6d:a3:5e:aa:35:ff:81:69:f0:40:83:aa:71:c3:3d:
e6:45:c8:e9:17:08:68:68:e6:ba:80:e3:9b:d1:e4:76:27:31:
f6:22:8b:6f:1b:07:b5:ed:39:30:ee:3f:7c:63:1f:0a:fc:98:
d1:9f:c2:da:6a:f5:37:54:33:aa:54:53:64:9e:e4:3e:32:51:
39:31:e6:b4:fc:99:36:4c:8e:bc:d3:d6:95:a6:ea:90:3b:dc:
0a:41:31:cd:13:20:99:c5:00:64:57:b8:1f:4f:16:4a:d4:a8:
25:19:3c:4d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05CZ7fr4xAhSiplEoAFAFEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhMDE5Y2FkYTE2M2UzNjhjYzMzNjI3NjNmMjA2YjNkZWFj
NGQzMjAwHhcNMjYwMzI5MTAwMDI0WhcNMjYwMzMwMTAwMDI0WjAzMTEwLwYDVQQD
Eyg4MDJmMGYzYmRlZDA3ZjIxYWVlNmY4ZDMxMGY4MGQ5ZjBkZDZlNTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoDWfU/9EO8DVU00v2vUpN2Fi6rrP
lhkp6aTgLh1Ty9dOG/25qqbXhOhnPrnp51jyNeOaUqFF5OWXfu9WVtFzR0i8vksY
PiBrtw/w66FfvRudShS15icjfizpWHsxe6d8jswyWip0p2B32kDJknXDdDZmJ/tA
uEzilkPGWubRHJT6Cu8TDO3ZV1lQcG6ICpPhBfYK5qh/yjOVIOPFcO1F0Y8Pe0yf
etlZ6mCLKlhW7h02vnwqCtgTavLMmhhy192b0fTDinZQmrG3PI0V88WBVHskrs+e
F0Zy2sOOGV10aQxGktmpObMfSZMsoDNTWpAdv2CYrwT4bu8pxJl3e3xT6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIAvDzve0H8hrub40xD4DZ8N1uVlMB8GA1UdIwQY
MBaAFCoBnK2hY+NozDNidj8gaz3qxNMgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2dHY3JhRmo0MmpNTTJKMlB5QnJQZXJFMHlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi80M2E2NzItZDE1MS00YzRlLTk4MDkt
MTQ5ZjYzNjVmZmRhLzEvS2dHY3JhRmo0MmpNTTJKMlB5QnJQZXJFMHlBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi80M2E2NzItZDE1MS00YzRlLTk4MDktMTQ5ZjYzNjVmZmRh
LzEvS2dHY3JhRmo0MmpNTTJKMlB5QnJQZXJFMHlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAB8UhGC0L
OPS6tiZn8neURxq6xk09fcWG9//HCf2L0llT7557J7alZN4ylZOHIloZBRD9Q0Vu
cG5fUh3hxe6Qsr9J6SmxKjJQtSTMgsEUxHz57ZbqjyYmc/0g5BZyYmhfjzdW/JyN
QRncHIjhz8FwWTPP/QlpRklPj+91VRu93EWgIMbL7jU6QQg2Ww1nkYGyZjjcbaNe
qjX/gWnwQIOqccM95kXI6RcIaGjmuoDjm9Hkdicx9iKLbxsHte05MO4/fGMfCvyY
0Z/C2mr1N1QzqlRTZJ7kPjJROTHmtPyZNkyOvNPWlabqkDvcCkExzRMgmcUAZFe4
H08WStSoJRk8TQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 17:43:51 2026 by rpki-client