Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.mft
File: gh8Shdd1qfWJJD6shErcWridl8k.mft (raw, json)
Hash identifier: YEd/eY2Wd7EMqkihhZjuiWPkelGnlTlbS2KPcAUrAo8=
Subject key identifier: 76:2C:97:B9:A6:DF:87:50:83:24:8F:CA:BD:D2:DD:08:C9:53:ED:38
Authority key identifier: 82:1F:12:85:D7:75:A9:F5:89:24:3E:AC:84:4A:DC:5A:B8:9D:97:C9
Certificate issuer: /CN=821f1285d775a9f589243eac844adc5ab89d97c9
Certificate serial: 019D98F48E7A1DF04E88DD43CBD5A99FA291
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gh8Shdd1qfWJJD6shErcWridl8k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.mft
Manifest number: 0D66
Signing time: Fri 17 Apr 2026 01:00:57 +0000
Manifest this update: Fri 17 Apr 2026 01:00:57 +0000
Manifest next update: Sat 18 Apr 2026 01:00:57 +0000
Files and hashes: 1: Ken1-UyKUV7K-ivTPRx21HrB1go.roa (hash: SzlYiDowE9Ts27wto98BsM6+plGlLtF6xf2nTMUOAKI=)
2: dGmTMuCLcokZ_dpzsnFglotPhbE.roa (hash: xS9B/n1G06zo3aHFhFfNBhI/mXvOeeGrRH7j7PtD+Q0=)
3: gh8Shdd1qfWJJD6shErcWridl8k.crl (hash: ZDscUE48zvMvb5Z2B66OrQknLgqLf8195HT7KWmgfTA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.mft
rsync://rpki.ripe.net/repository/DEFAULT/gh8Shdd1qfWJJD6shErcWridl8k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:98:f4:8e:7a:1d:f0:4e:88:dd:43:cb:d5:a9:9f:a2:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=821f1285d775a9f589243eac844adc5ab89d97c9
Validity
Not Before: Apr 17 01:00:57 2026 GMT
Not After : Apr 18 01:00:57 2026 GMT
Subject: CN=762c97b9a6df875083248fcabdd2dd08c953ed38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:26:94:9a:27:60:6a:22:b8:2d:07:15:08:49:
7e:51:81:7f:00:b7:01:f0:9f:8a:09:be:f2:17:35:
5f:1d:8a:43:99:23:3a:ef:58:ce:c8:0b:94:53:76:
1e:6d:dc:7e:1d:1d:d4:7d:cc:15:1c:0f:43:58:78:
bf:8f:74:bb:e7:13:cc:2f:00:94:64:ec:68:69:3f:
8d:03:37:2f:42:c5:c2:9f:d3:24:5b:5b:43:1d:1e:
b3:55:70:9f:8e:69:ba:f9:0f:25:6e:5a:28:da:da:
02:98:d0:c2:d5:bd:88:4a:b7:29:a7:b2:fa:59:22:
75:07:cd:e5:66:67:57:a7:ce:41:03:10:09:f2:81:
cb:5d:40:a2:9b:83:19:db:36:04:c4:88:bf:d6:27:
e1:0a:dd:8f:a0:30:e0:f0:d6:d4:0f:63:ec:48:f6:
ee:27:3d:13:3d:5b:a7:ae:cb:2e:03:62:6e:ed:2d:
8f:8a:af:0c:3a:06:25:1b:9a:93:d5:48:0c:ff:1d:
a2:81:41:1b:65:4c:16:bb:9c:c7:24:38:19:c3:e6:
1c:8f:bf:38:db:d6:de:cb:2a:f2:0c:1f:e7:f1:4a:
bb:29:34:c0:b9:09:52:79:5e:a8:2c:50:f2:46:da:
57:c8:8c:dd:d1:ec:d6:6e:9b:87:61:8a:97:8b:da:
99:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:2C:97:B9:A6:DF:87:50:83:24:8F:CA:BD:D2:DD:08:C9:53:ED:38
X509v3 Authority Key Identifier:
keyid:82:1F:12:85:D7:75:A9:F5:89:24:3E:AC:84:4A:DC:5A:B8:9D:97:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gh8Shdd1qfWJJD6shErcWridl8k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3a:b1:72:ec:45:ee:c6:c8:a8:3c:8a:1b:90:ed:36:22:9d:f8:
00:ec:77:74:07:ed:ef:6b:fa:1a:4e:bf:8b:5a:c2:e7:fa:29:
5e:ba:a2:82:64:f5:e1:0b:0e:3b:30:7e:2a:c7:3a:3a:7a:4d:
16:b1:51:f8:65:1c:d2:d6:05:c6:e8:be:03:b1:25:c9:ab:1d:
c4:c6:36:f0:c2:f4:a3:4a:67:26:c3:44:ca:c4:43:50:8c:39:
0d:89:51:38:69:b7:89:c1:43:6b:37:c7:e0:5f:14:42:cc:be:
3a:47:eb:80:32:f0:f7:95:fd:ad:c9:c5:6a:5d:c1:6b:2a:27:
18:b3:35:4e:ec:53:02:46:ea:bd:ef:17:c0:22:fe:b6:5e:96:
4d:cb:d2:5e:31:53:e3:47:69:27:f6:05:4f:08:47:93:74:a0:
ab:ea:a8:10:92:70:ca:7b:53:96:1f:29:2d:16:2a:0e:5e:70:
a3:5b:8c:1a:e0:16:0f:31:db:38:76:b6:5d:43:10:00:89:dd:
7f:fe:da:6e:7d:f1:95:6b:a1:c2:1a:d8:3b:49:3c:88:43:da:
5a:3b:2f:d6:06:9f:54:3d:4d:7e:5a:a7:ce:15:97:af:2f:93:
56:70:57:4f:6e:14:33:fc:81:00:7e:83:da:5d:47:fa:d4:15:
0e:0f:71:ea
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Y9I56HfBOiN1Dy9Wpn6KRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyMWYxMjg1ZDc3NWE5ZjU4OTI0M2VhYzg0NGFkYzVhYjg5
ZDk3YzkwHhcNMjYwNDE3MDEwMDU3WhcNMjYwNDE4MDEwMDU3WjAzMTEwLwYDVQQD
Eyg3NjJjOTdiOWE2ZGY4NzUwODMyNDhmY2FiZGQyZGQwOGM5NTNlZDM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtyaUmidgaiK4LQcVCEl+UYF/ALcB
8J+KCb7yFzVfHYpDmSM671jOyAuUU3Yebdx+HR3UfcwVHA9DWHi/j3S75xPMLwCU
ZOxoaT+NAzcvQsXCn9MkW1tDHR6zVXCfjmm6+Q8lbloo2toCmNDC1b2ISrcpp7L6
WSJ1B83lZmdXp85BAxAJ8oHLXUCim4MZ2zYExIi/1ifhCt2PoDDg8NbUD2PsSPbu
Jz0TPVunrssuA2Ju7S2Piq8MOgYlG5qT1UgM/x2igUEbZUwWu5zHJDgZw+Ycj784
29beyyryDB/n8Uq7KTTAuQlSeV6oLFDyRtpXyIzd0ezWbpuHYYqXi9qZhQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHYsl7mm34dQgySPyr3S3QjJU+04MB8GA1UdIwQY
MBaAFIIfEoXXdan1iSQ+rIRK3Fq4nZfJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2g4U2hkZDFxZldKSkQ2c2hFcmNXcmlkbDhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8xN2Q4MWQtMTczZC00NDg2LTk1NWQt
NDhlZWE4ZDVmZWYxLzEvZ2g4U2hkZDFxZldKSkQ2c2hFcmNXcmlkbDhrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi8xN2Q4MWQtMTczZC00NDg2LTk1NWQtNDhlZWE4ZDVmZWYx
LzEvZ2g4U2hkZDFxZldKSkQ2c2hFcmNXcmlkbDhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOrFy7EXu
xsioPIobkO02Ip34AOx3dAft72v6Gk6/i1rC5/opXrqigmT14QsOOzB+Ksc6OnpN
FrFR+GUc0tYFxui+A7ElyasdxMY28ML0o0pnJsNEysRDUIw5DYlROGm3icFDazfH
4F8UQsy+OkfrgDLw95X9rcnFal3BayonGLM1TuxTAkbqve8XwCL+tl6WTcvSXjFT
40dpJ/YFTwhHk3Sgq+qoEJJwyntTlh8pLRYqDl5wo1uMGuAWDzHbOHa2XUMQAInd
f/7abn3xlWuhwhrYO0k8iEPaWjsv1gafVD1NflqnzhWXry+TVnBXT24UM/yBAH6D
2l1H+tQVDg9x6g==
-----END CERTIFICATE-----
Generated at Fri Apr 17 07:06:25 2026 by rpki-client