Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/045820-3546-407c-83a5-0a0f3e78a493/1/KXNk9QJTTodxoMYll5TCbibUvKQ.mft
File: KXNk9QJTTodxoMYll5TCbibUvKQ.mft (raw, json)
Hash identifier: kbTxw1i6eumXzY2xMZEJihDADxU78lvP3iweiFY23sc=
Subject key identifier: 3B:D1:AA:F8:48:0D:7F:9A:10:6A:CF:03:7E:6C:1A:22:FD:0D:C9:42
Authority key identifier: 29:73:64:F5:02:53:4E:87:71:A0:C6:25:97:94:C2:6E:26:D4:BC:A4
Certificate issuer: /CN=297364f502534e8771a0c6259794c26e26d4bca4
Certificate serial: 019D27DFD4782D36EDCB123472D6F9742320
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KXNk9QJTTodxoMYll5TCbibUvKQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/045820-3546-407c-83a5-0a0f3e78a493/1/KXNk9QJTTodxoMYll5TCbibUvKQ.mft
Manifest number: 16F2
Signing time: Thu 26 Mar 2026 02:01:13 +0000
Manifest this update: Thu 26 Mar 2026 02:01:13 +0000
Manifest next update: Fri 27 Mar 2026 02:01:13 +0000
Files and hashes: 1: 2kkM-Y1oeDm04wY-B4Ml04duWlg.roa (hash: MnJVJ4NyKNUCeBGsbiD72vxTrQHy4p8bo+xWfr40jXY=)
2: 8iiZMHriRE_NQY6BUN56TO301wk.roa (hash: 8IgM/46WS34GJx+A7aRcZL/22xuZUdfmC4JGezJbIGo=)
3: KXNk9QJTTodxoMYll5TCbibUvKQ.crl (hash: h3a6WPLjlRw51NOGsQrEBtwA3nMcCubncxqcVo09lNI=)
4: NPRTFimJGsBmacQOAQQPr9jae44.roa (hash: wYMwFG2bixNFHagAivVzR2PmUxqhFfwt/BNGFSbdkYM=)
5: OaCi7coDoqW_riGEhMlZBNecV8E.roa (hash: kw8cwASGXXkuOedKfXksZTABUFf4TlTavoR1JiY/+a8=)
6: c-719yS8qxXgAQfc5k5AVeBx00Y.roa (hash: YUllSSiOqr0+m8URR4HPwAVQ/Ac036ttga4eWG7Bio8=)
7: qeQwzeNuT9jDdOYxI4TWIN4Zo9k.roa (hash: PM8l8vqtrNKxFXFYvlOWXQYhkfaDDt1UoO4UWCG6wSU=)
8: u2ApTDuWn4HOYvbWn1xa_cni-dQ.roa (hash: Y3toE9g8ryMSPFUg9EX1w3rj5SHRcm5JoXPtk8CcbE0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/12/045820-3546-407c-83a5-0a0f3e78a493/1/KXNk9QJTTodxoMYll5TCbibUvKQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/12/045820-3546-407c-83a5-0a0f3e78a493/1/KXNk9QJTTodxoMYll5TCbibUvKQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/KXNk9QJTTodxoMYll5TCbibUvKQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:27:df:d4:78:2d:36:ed:cb:12:34:72:d6:f9:74:23:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=297364f502534e8771a0c6259794c26e26d4bca4
Validity
Not Before: Mar 26 02:01:13 2026 GMT
Not After : Mar 27 02:01:13 2026 GMT
Subject: CN=3bd1aaf8480d7f9a106acf037e6c1a22fd0dc942
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:44:e9:d6:09:e2:34:e9:ad:ce:96:80:fe:bf:
b8:53:31:e2:75:e0:9d:89:33:fc:13:05:95:61:5c:
52:be:d5:f9:a7:aa:9b:e7:b5:01:a7:4b:25:31:62:
27:93:a6:5e:31:67:c1:22:68:67:1d:dd:d6:6a:2c:
89:35:51:0e:0d:1f:65:89:08:67:37:84:10:d8:86:
8d:17:f9:8f:d8:af:33:e9:06:7a:66:f3:76:52:2f:
21:28:c4:42:aa:84:f7:ef:7f:5f:e7:b8:43:e6:50:
17:2d:e5:ce:45:b6:ea:99:d3:d6:88:56:e5:83:49:
f3:4d:6a:74:92:05:1f:bc:ed:5e:00:85:8c:61:7a:
99:a3:d6:af:12:17:f7:b6:99:eb:f6:d4:f4:b7:5f:
df:c1:38:58:86:b1:f6:9d:3a:57:a9:5e:1b:24:da:
df:bd:27:7d:08:c8:26:a8:69:4d:46:2b:b6:3b:1e:
da:00:3c:79:98:09:d4:b2:e6:27:58:37:48:74:4a:
2f:df:86:a4:5e:6b:c7:a0:6d:a2:46:8c:3d:1b:6a:
84:09:10:86:08:8e:88:2e:ea:48:64:4a:6b:b3:e4:
3e:7d:c9:ce:29:f5:9c:20:ba:38:30:c3:13:7b:c1:
c1:fa:ee:d8:88:4d:a7:df:f2:a9:c8:ed:54:c7:c4:
4d:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:D1:AA:F8:48:0D:7F:9A:10:6A:CF:03:7E:6C:1A:22:FD:0D:C9:42
X509v3 Authority Key Identifier:
keyid:29:73:64:F5:02:53:4E:87:71:A0:C6:25:97:94:C2:6E:26:D4:BC:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KXNk9QJTTodxoMYll5TCbibUvKQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/045820-3546-407c-83a5-0a0f3e78a493/1/KXNk9QJTTodxoMYll5TCbibUvKQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/045820-3546-407c-83a5-0a0f3e78a493/1/KXNk9QJTTodxoMYll5TCbibUvKQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
63:bd:be:44:0b:51:c9:22:0c:0f:ba:64:ae:09:4a:72:07:c6:
e8:82:94:a7:b1:e7:fd:6b:86:16:ff:42:01:ce:a4:a4:f0:d6:
02:39:47:2b:89:5a:3b:9b:97:39:62:bf:ff:bf:9e:2b:54:89:
76:ea:03:13:f0:8e:66:b0:54:0f:7f:e4:c3:32:5c:7e:c4:3c:
3a:49:ed:84:22:3b:dc:5a:3b:4a:d7:1a:d9:af:df:1c:23:ea:
06:3e:22:cd:91:8a:06:8a:2f:57:33:60:e4:60:6c:52:a8:25:
60:a8:09:1a:6d:8d:33:ad:8d:7b:9c:89:6a:2d:68:d8:79:9e:
a1:ae:14:4f:92:ca:f0:f0:7f:e7:f4:45:87:c2:4e:dc:f3:0e:
11:f3:bb:ef:29:5e:f4:06:87:56:8b:ae:0e:d0:31:26:e7:79:
52:b1:ac:ba:56:18:62:69:0c:e9:62:f3:9b:4d:3f:aa:33:20:
c6:1c:20:51:4d:b3:c6:d7:dd:50:3a:9f:5e:b4:c5:48:26:cc:
cd:14:90:ff:36:8a:38:2b:02:51:ee:37:79:52:f9:83:a3:1f:
50:8e:88:7e:d3:f8:6b:be:4d:64:6a:c6:89:37:4c:e1:e7:3d:
46:ad:77:57:9f:fd:5a:49:71:49:c9:63:8e:c3:f7:ed:a8:c0:
56:a5:8b:5d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0n39R4LTbtyxI0ctb5dCMgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NzM2NGY1MDI1MzRlODc3MWEwYzYyNTk3OTRjMjZlMjZk
NGJjYTQwHhcNMjYwMzI2MDIwMTEzWhcNMjYwMzI3MDIwMTEzWjAzMTEwLwYDVQQD
EygzYmQxYWFmODQ4MGQ3ZjlhMTA2YWNmMDM3ZTZjMWEyMmZkMGRjOTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArETp1gniNOmtzpaA/r+4UzHideCd
iTP8EwWVYVxSvtX5p6qb57UBp0slMWInk6ZeMWfBImhnHd3WaiyJNVEODR9liQhn
N4QQ2IaNF/mP2K8z6QZ6ZvN2Ui8hKMRCqoT3739f57hD5lAXLeXORbbqmdPWiFbl
g0nzTWp0kgUfvO1eAIWMYXqZo9avEhf3tpnr9tT0t1/fwThYhrH2nTpXqV4bJNrf
vSd9CMgmqGlNRiu2Ox7aADx5mAnUsuYnWDdIdEov34akXmvHoG2iRow9G2qECRCG
CI6ILupIZEprs+Q+fcnOKfWcILo4MMMTe8HB+u7YiE2n3/KpyO1Ux8RN7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDvRqvhIDX+aEGrPA35sGiL9DclCMB8GA1UdIwQY
MBaAFClzZPUCU06HcaDGJZeUwm4m1LykMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1hOazlRSlRUb2R4b01ZbGw1VENiaWJVdktRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi8wNDU4MjAtMzU0Ni00MDdjLTgzYTUt
MGEwZjNlNzhhNDkzLzEvS1hOazlRSlRUb2R4b01ZbGw1VENiaWJVdktRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi8wNDU4MjAtMzU0Ni00MDdjLTgzYTUtMGEwZjNlNzhhNDkz
LzEvS1hOazlRSlRUb2R4b01ZbGw1VENiaWJVdktRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAY72+RAtR
ySIMD7pkrglKcgfG6IKUp7Hn/WuGFv9CAc6kpPDWAjlHK4laO5uXOWK//7+eK1SJ
duoDE/COZrBUD3/kwzJcfsQ8OknthCI73Fo7Stca2a/fHCPqBj4izZGKBoovVzNg
5GBsUqglYKgJGm2NM62Ne5yJai1o2Hmeoa4UT5LK8PB/5/RFh8JO3PMOEfO77yle
9AaHVouuDtAxJud5UrGsulYYYmkM6WLzm00/qjMgxhwgUU2zxtfdUDqfXrTFSCbM
zRSQ/zaKOCsCUe43eVL5g6MfUI6IftP4a75NZGrGiTdM4ec9Rq13V5/9WklxSclj
jsP37ajAVqWLXQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 07:52:23 2026 by rpki-client