Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/bcf272-d751-45be-9856-018a3770da77/1/KfFNQRwg7PxJYhX82w9D2EchkJY.mft
File: KfFNQRwg7PxJYhX82w9D2EchkJY.mft (raw, json)
Hash identifier: 54g4BRAABQZ1nBWAs87JhTg2LDbhB3avFVmRP0VPz3o=
Subject key identifier: 6E:D4:CC:E8:19:DB:25:D6:58:1B:E9:DF:C3:35:A6:50:2D:50:3E:45
Authority key identifier: 29:F1:4D:41:1C:20:EC:FC:49:62:15:FC:DB:0F:43:D8:47:21:90:96
Certificate issuer: /CN=29f14d411c20ecfc496215fcdb0f43d847219096
Certificate serial: 019D333EE017290427DE5CD3A2BF13D7FDB7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KfFNQRwg7PxJYhX82w9D2EchkJY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/bcf272-d751-45be-9856-018a3770da77/1/KfFNQRwg7PxJYhX82w9D2EchkJY.mft
Manifest number: 1520
Signing time: Sat 28 Mar 2026 07:00:51 +0000
Manifest this update: Sat 28 Mar 2026 07:00:51 +0000
Manifest next update: Sun 29 Mar 2026 07:00:51 +0000
Files and hashes: 1: KfFNQRwg7PxJYhX82w9D2EchkJY.crl (hash: s3fsFpdl/HPEy9d510ogDFhX6Me2lI59FojGokctf10=)
2: iu7FFkG2QJaHmPA7RGTX_kUyXKI.roa (hash: QTLspgP39MYk5PSZszpGPAjQcEqECucB1FhWpPvxaIM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/18/bcf272-d751-45be-9856-018a3770da77/1/KfFNQRwg7PxJYhX82w9D2EchkJY.crl
rsync://rpki.ripe.net/repository/DEFAULT/18/bcf272-d751-45be-9856-018a3770da77/1/KfFNQRwg7PxJYhX82w9D2EchkJY.mft
rsync://rpki.ripe.net/repository/DEFAULT/KfFNQRwg7PxJYhX82w9D2EchkJY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Mar 2026 07:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:33:3e:e0:17:29:04:27:de:5c:d3:a2:bf:13:d7:fd:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29f14d411c20ecfc496215fcdb0f43d847219096
Validity
Not Before: Mar 28 07:00:51 2026 GMT
Not After : Mar 29 07:00:51 2026 GMT
Subject: CN=6ed4cce819db25d6581be9dfc335a6502d503e45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:1c:11:7c:0c:1c:11:45:f3:f4:ce:48:b3:94:
75:91:00:57:6b:cf:b4:4e:97:98:5d:ab:ba:52:49:
cf:2c:80:ac:84:b1:3b:8a:02:26:16:36:a1:b1:3e:
a0:e9:53:40:99:4f:ec:85:e1:f8:e5:ad:e1:a9:ab:
a0:7a:08:83:1b:c4:e0:85:80:3a:17:25:ae:bf:a3:
b2:a7:26:63:44:70:fe:5b:4e:90:64:93:56:db:4a:
05:64:99:5a:64:52:84:59:47:66:70:9c:ee:44:f5:
a5:98:58:e7:8d:55:94:a8:00:a0:49:2a:58:9b:68:
e2:3f:86:9d:71:7c:e2:59:99:af:d7:dd:94:26:14:
9a:a5:af:2c:fd:4a:08:b6:a2:e4:b5:1b:1d:5a:19:
48:18:8e:d8:cd:a5:7a:e2:7e:b4:e0:c1:19:04:51:
3d:ff:d5:47:13:f2:91:bc:17:2f:4b:4c:26:0c:38:
b1:b7:6c:ad:cf:88:87:c6:70:66:82:03:cd:b5:f5:
bf:fe:1b:68:47:1b:06:f4:ce:65:ce:7c:41:7b:8c:
f9:8e:c3:10:52:7f:1a:40:81:77:e4:83:09:f6:86:
83:73:aa:eb:96:7c:f8:1b:99:11:09:29:b7:be:5d:
a6:07:ac:ee:58:d7:e7:38:71:3d:af:6e:29:80:81:
f6:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:D4:CC:E8:19:DB:25:D6:58:1B:E9:DF:C3:35:A6:50:2D:50:3E:45
X509v3 Authority Key Identifier:
keyid:29:F1:4D:41:1C:20:EC:FC:49:62:15:FC:DB:0F:43:D8:47:21:90:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KfFNQRwg7PxJYhX82w9D2EchkJY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/bcf272-d751-45be-9856-018a3770da77/1/KfFNQRwg7PxJYhX82w9D2EchkJY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/bcf272-d751-45be-9856-018a3770da77/1/KfFNQRwg7PxJYhX82w9D2EchkJY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4d:b9:72:1f:ff:af:11:31:17:8c:01:43:3b:72:43:40:08:71:
32:71:06:81:2e:65:cb:18:c3:fa:21:a2:4f:b2:47:6d:a7:1c:
7c:f8:b3:c0:af:01:f9:5a:e6:b4:74:15:a0:62:39:80:c4:48:
0b:c5:13:c5:39:b0:a8:5b:e2:87:8f:74:bc:6b:65:0a:70:d4:
55:ee:c9:24:82:0c:ad:4c:ee:3c:c6:af:f9:57:9a:ee:8b:09:
5e:01:88:3e:dc:cc:ab:53:da:95:a5:c2:73:18:9d:11:c1:ff:
42:c3:91:9e:ec:07:e9:f8:8e:a7:48:3c:21:8c:28:de:7f:19:
41:2f:df:22:06:e8:28:28:25:4f:0b:d4:94:e5:bf:ee:c4:c3:
77:a6:0c:2d:1a:09:f7:cf:21:f2:57:ba:65:40:2b:a1:ca:56:
84:fa:40:88:6e:81:4a:91:af:60:ae:0f:af:cd:7c:fe:35:a7:
c7:5e:7f:48:27:24:d1:46:34:e4:4f:21:e4:47:89:4a:1f:46:
a1:33:85:f0:98:27:b5:ff:53:8c:a6:1f:58:92:0e:d9:03:42:
bf:ba:95:6d:2b:86:3f:ee:70:74:3a:9c:75:42:fe:c4:1f:6f:
f1:ac:33:3c:a1:98:9f:bc:18:da:80:97:e6:f6:ba:85:d6:67:
e3:c4:a4:69
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0zPuAXKQQn3lzTor8T1/23MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZjE0ZDQxMWMyMGVjZmM0OTYyMTVmY2RiMGY0M2Q4NDcy
MTkwOTYwHhcNMjYwMzI4MDcwMDUxWhcNMjYwMzI5MDcwMDUxWjAzMTEwLwYDVQQD
Eyg2ZWQ0Y2NlODE5ZGIyNWQ2NTgxYmU5ZGZjMzM1YTY1MDJkNTAzZTQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzRwRfAwcEUXz9M5Is5R1kQBXa8+0
TpeYXau6UknPLICshLE7igImFjahsT6g6VNAmU/sheH45a3hqaugegiDG8TghYA6
FyWuv6OypyZjRHD+W06QZJNW20oFZJlaZFKEWUdmcJzuRPWlmFjnjVWUqACgSSpY
m2jiP4adcXziWZmv192UJhSapa8s/UoItqLktRsdWhlIGI7YzaV64n604MEZBFE9
/9VHE/KRvBcvS0wmDDixt2ytz4iHxnBmggPNtfW//htoRxsG9M5lznxBe4z5jsMQ
Un8aQIF35IMJ9oaDc6rrlnz4G5kRCSm3vl2mB6zuWNfnOHE9r24pgIH2jwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG7UzOgZ2yXWWBvp38M1plAtUD5FMB8GA1UdIwQY
MBaAFCnxTUEcIOz8SWIV/NsPQ9hHIZCWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2ZGTlFSd2c3UHhKWWhYODJ3OUQyRWNoa0pZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9iY2YyNzItZDc1MS00NWJlLTk4NTYt
MDE4YTM3NzBkYTc3LzEvS2ZGTlFSd2c3UHhKWWhYODJ3OUQyRWNoa0pZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9iY2YyNzItZDc1MS00NWJlLTk4NTYtMDE4YTM3NzBkYTc3
LzEvS2ZGTlFSd2c3UHhKWWhYODJ3OUQyRWNoa0pZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATblyH/+v
ETEXjAFDO3JDQAhxMnEGgS5lyxjD+iGiT7JHbaccfPizwK8B+VrmtHQVoGI5gMRI
C8UTxTmwqFvih490vGtlCnDUVe7JJIIMrUzuPMav+Vea7osJXgGIPtzMq1PalaXC
cxidEcH/QsORnuwH6fiOp0g8IYwo3n8ZQS/fIgboKCglTwvUlOW/7sTDd6YMLRoJ
988h8le6ZUArocpWhPpAiG6BSpGvYK4Pr818/jWnx15/SCck0UY05E8h5EeJSh9G
oTOF8Jgntf9TjKYfWJIO2QNCv7qVbSuGP+5wdDqcdUL+xB9v8awzPKGYn7wY2oCX
5va6hdZn48SkaQ==
-----END CERTIFICATE-----
Generated at Sat Mar 28 17:35:04 2026 by rpki-client