Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.mft
File: gh8Shdd1qfWJJD6shErcWridl8k.mft (raw, json)
Hash identifier: gtI7lbcMySQjl4rR2uCQNrM9l7EJAQRtkUqI6FnGJ6Y=
Subject key identifier: 3C:A6:0A:8C:72:68:04:68:10:30:05:4B:DC:08:0A:92:82:FD:53:B1
Authority key identifier: 82:1F:12:85:D7:75:A9:F5:89:24:3E:AC:84:4A:DC:5A:B8:9D:97:C9
Certificate issuer: /CN=821f1285d775a9f589243eac844adc5ab89d97c9
Certificate serial: 019EBE7EB9BBE13D70DA71AD85B1C48312CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gh8Shdd1qfWJJD6shErcWridl8k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.mft
Manifest number: 0DFE
Signing time: Sat 13 Jun 2026 01:00:36 +0000
Manifest this update: Sat 13 Jun 2026 01:00:36 +0000
Manifest next update: Sun 14 Jun 2026 01:00:36 +0000
Files and hashes: 1: Ken1-UyKUV7K-ivTPRx21HrB1go.roa (hash: SzlYiDowE9Ts27wto98BsM6+plGlLtF6xf2nTMUOAKI=)
2: dGmTMuCLcokZ_dpzsnFglotPhbE.roa (hash: xS9B/n1G06zo3aHFhFfNBhI/mXvOeeGrRH7j7PtD+Q0=)
3: gh8Shdd1qfWJJD6shErcWridl8k.crl (hash: Ev/DGJMqVqrQ3AVdTzCb44k/N9TjfqnGny31dDX8vJA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.mft
rsync://rpki.ripe.net/repository/DEFAULT/gh8Shdd1qfWJJD6shErcWridl8k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:be:7e:b9:bb:e1:3d:70:da:71:ad:85:b1:c4:83:12:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=821f1285d775a9f589243eac844adc5ab89d97c9
Validity
Not Before: Jun 13 01:00:36 2026 GMT
Not After : Jun 14 01:00:36 2026 GMT
Subject: CN=3ca60a8c726804681030054bdc080a9282fd53b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:10:05:fb:f6:2d:be:bc:16:42:53:30:2a:6e:
85:80:94:b3:d9:d6:67:2a:7d:d5:c4:99:18:27:b0:
08:a1:a6:38:3b:e3:83:52:ba:95:c5:6d:0c:53:dd:
f1:e2:a1:95:51:fc:77:e9:b3:33:8e:b4:d0:7c:46:
a3:44:73:a3:3e:93:03:69:b4:b0:56:65:1a:7e:3e:
d1:c5:5c:62:9d:d5:0b:a6:09:74:eb:9c:66:8b:75:
cb:9c:de:f4:0d:50:19:55:7e:d5:90:7a:9c:ec:b1:
5c:dc:0d:37:76:49:12:24:e1:0f:72:ad:87:ea:80:
fc:b7:e7:92:80:b4:e8:f1:9d:b4:90:b5:68:f0:cf:
a0:5c:82:68:99:9e:61:7f:dc:db:26:4f:b9:23:75:
2e:41:5a:46:18:9c:b2:2a:b2:97:b2:83:33:6d:a7:
c1:76:6f:d6:c3:26:08:09:f4:f8:5c:1c:b3:cd:25:
f1:95:15:ab:04:db:d1:84:71:4b:86:55:cd:58:91:
e5:21:c2:f5:8e:3b:70:0d:48:02:c7:b0:38:5d:c5:
bb:b6:ac:b5:d3:6e:15:9c:bc:1a:0a:24:c9:58:38:
37:62:17:66:ba:67:95:f8:1b:68:33:f4:db:10:f8:
c9:8a:45:ee:10:07:d5:4f:26:0e:c1:4b:eb:f0:55:
41:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:A6:0A:8C:72:68:04:68:10:30:05:4B:DC:08:0A:92:82:FD:53:B1
X509v3 Authority Key Identifier:
keyid:82:1F:12:85:D7:75:A9:F5:89:24:3E:AC:84:4A:DC:5A:B8:9D:97:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gh8Shdd1qfWJJD6shErcWridl8k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
64:59:ea:c1:28:82:96:62:3c:09:ec:5b:06:e1:31:d9:b1:0b:
b2:51:ad:ae:50:8d:a7:f1:4d:6a:8d:ea:56:a0:7a:04:e7:67:
0b:1d:cf:ef:4b:10:90:44:9d:b7:32:e1:52:61:3e:42:ec:36:
ba:a3:f3:21:31:49:28:ba:f8:4a:b5:61:99:a4:d0:fc:3f:a2:
45:3d:ff:88:a4:3e:67:6f:e1:05:84:88:d4:7c:3f:91:fa:cc:
1a:29:66:f7:f1:d4:8a:ca:95:61:46:9c:c8:07:0f:a2:0e:8d:
a2:d7:e8:8a:36:bf:fd:bc:c4:6f:72:64:13:6c:b6:c2:2b:c4:
5e:1c:43:13:ae:f2:22:10:9b:ce:2f:64:92:25:c8:79:37:87:
23:ed:24:14:0d:38:84:b7:ba:ba:4e:71:f6:6e:77:c1:6e:fd:
64:d3:f0:1e:e3:35:14:a4:be:f7:e8:2a:40:e5:a7:f3:ac:dd:
1e:72:40:b0:d9:75:11:3f:a0:85:66:64:6d:d6:7b:7c:c1:1d:
f1:ef:67:12:5a:04:08:f8:ce:39:05:1a:fc:0a:0a:04:6b:6e:
e8:6a:81:9b:ef:45:8e:cf:6b:51:8f:7b:b5:ab:db:c6:82:5c:
e5:b9:da:7a:ae:65:c1:ff:e7:80:14:bd:9d:d1:25:07:07:bc:
e5:83:73:be
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ6+frm74T1w2nGthbHEgxLPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyMWYxMjg1ZDc3NWE5ZjU4OTI0M2VhYzg0NGFkYzVhYjg5
ZDk3YzkwHhcNMjYwNjEzMDEwMDM2WhcNMjYwNjE0MDEwMDM2WjAzMTEwLwYDVQQD
EygzY2E2MGE4YzcyNjgwNDY4MTAzMDA1NGJkYzA4MGE5MjgyZmQ1M2IxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwhAF+/YtvrwWQlMwKm6FgJSz2dZn
Kn3VxJkYJ7AIoaY4O+ODUrqVxW0MU93x4qGVUfx36bMzjrTQfEajRHOjPpMDabSw
VmUafj7RxVxindULpgl065xmi3XLnN70DVAZVX7VkHqc7LFc3A03dkkSJOEPcq2H
6oD8t+eSgLTo8Z20kLVo8M+gXIJomZ5hf9zbJk+5I3UuQVpGGJyyKrKXsoMzbafB
dm/WwyYICfT4XByzzSXxlRWrBNvRhHFLhlXNWJHlIcL1jjtwDUgCx7A4XcW7tqy1
024VnLwaCiTJWDg3YhdmumeV+BtoM/TbEPjJikXuEAfVTyYOwUvr8FVBXwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDymCoxyaARoEDAFS9wICpKC/VOxMB8GA1UdIwQY
MBaAFIIfEoXXdan1iSQ+rIRK3Fq4nZfJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2g4U2hkZDFxZldKSkQ2c2hFcmNXcmlkbDhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8xN2Q4MWQtMTczZC00NDg2LTk1NWQt
NDhlZWE4ZDVmZWYxLzEvZ2g4U2hkZDFxZldKSkQ2c2hFcmNXcmlkbDhrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi8xN2Q4MWQtMTczZC00NDg2LTk1NWQtNDhlZWE4ZDVmZWYx
LzEvZ2g4U2hkZDFxZldKSkQ2c2hFcmNXcmlkbDhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZFnqwSiC
lmI8CexbBuEx2bELslGtrlCNp/FNao3qVqB6BOdnCx3P70sQkESdtzLhUmE+Quw2
uqPzITFJKLr4SrVhmaTQ/D+iRT3/iKQ+Z2/hBYSI1Hw/kfrMGilm9/HUisqVYUac
yAcPog6Notfoija//bzEb3JkE2y2wivEXhxDE67yIhCbzi9kkiXIeTeHI+0kFA04
hLe6uk5x9m53wW79ZNPwHuM1FKS+9+gqQOWn86zdHnJAsNl1ET+ghWZkbdZ7fMEd
8e9nEloECPjOOQUa/AoKBGtu6GqBm+9Fjs9rUY97tavbxoJc5bnaeq5lwf/ngBS9
ndElBwe85YNzvg==
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:55:02 2026 by rpki-client