Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.mft
File: gh8Shdd1qfWJJD6shErcWridl8k.mft (raw, json)
Hash identifier: rFfjnH9VnnVAkf7WUMyOsulseTPVNRIOGD5s5og88gE=
Subject key identifier: DF:2B:36:2E:C8:A9:4C:32:6D:D7:CC:43:E5:02:84:CA:13:52:F7:75
Authority key identifier: 82:1F:12:85:D7:75:A9:F5:89:24:3E:AC:84:4A:DC:5A:B8:9D:97:C9
Certificate issuer: /CN=821f1285d775a9f589243eac844adc5ab89d97c9
Certificate serial: 019CAD5A3A11703ED85E1DD3EDD063196FB3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gh8Shdd1qfWJJD6shErcWridl8k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.mft
Manifest number: 0CEC
Signing time: Mon 02 Mar 2026 07:01:37 +0000
Manifest this update: Mon 02 Mar 2026 07:01:37 +0000
Manifest next update: Tue 03 Mar 2026 07:01:37 +0000
Files and hashes: 1: Ken1-UyKUV7K-ivTPRx21HrB1go.roa (hash: SzlYiDowE9Ts27wto98BsM6+plGlLtF6xf2nTMUOAKI=)
2: dGmTMuCLcokZ_dpzsnFglotPhbE.roa (hash: xS9B/n1G06zo3aHFhFfNBhI/mXvOeeGrRH7j7PtD+Q0=)
3: gh8Shdd1qfWJJD6shErcWridl8k.crl (hash: pcIZhcoetVRHhp9DpCDtzloEhFOi4aQWppe4/9a/A8Q=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.mft
rsync://rpki.ripe.net/repository/DEFAULT/gh8Shdd1qfWJJD6shErcWridl8k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 07:01:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ad:5a:3a:11:70:3e:d8:5e:1d:d3:ed:d0:63:19:6f:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=821f1285d775a9f589243eac844adc5ab89d97c9
Validity
Not Before: Mar 2 07:01:37 2026 GMT
Not After : Mar 3 07:01:37 2026 GMT
Subject: CN=df2b362ec8a94c326dd7cc43e50284ca1352f775
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:b0:93:5d:02:a3:dd:1c:38:5b:59:df:60:32:
9e:c8:7d:a5:6c:3d:cc:01:29:d4:09:51:35:27:4f:
b8:da:70:c8:24:0e:3b:97:e6:7c:49:2e:ff:74:d2:
59:35:54:b4:b2:a1:25:26:ce:7a:ca:b1:0b:85:c3:
d0:1b:65:ec:e0:64:86:b5:09:aa:65:ec:5e:d5:5f:
40:28:4e:61:35:9f:96:5a:41:42:7c:79:c4:62:e6:
bf:40:dc:45:f3:86:d3:5e:1f:cd:70:7f:a3:17:da:
73:b5:db:39:e0:7b:01:bc:69:38:35:a8:ab:8a:7c:
16:cf:6e:bd:95:bd:1f:3f:d1:26:76:ad:73:60:6f:
67:02:80:aa:75:57:af:cf:4d:58:7e:1d:35:0f:42:
98:0e:d9:db:04:8b:cb:2b:db:c8:66:3c:36:b8:e2:
d3:37:84:b2:92:3d:18:8e:a4:4c:5f:e7:35:82:89:
96:85:7e:1c:3d:ab:a8:a3:d1:50:7a:bd:1d:99:50:
b7:16:6d:ed:36:2e:6e:e2:ed:eb:20:83:03:0e:8c:
93:87:94:b0:2c:23:31:7e:6a:70:4a:1d:59:5f:7b:
d9:67:f4:21:68:9b:31:93:e0:c7:94:8d:71:f0:75:
bf:ba:68:0c:70:df:2f:77:6c:db:9a:50:ff:8c:1f:
4c:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:2B:36:2E:C8:A9:4C:32:6D:D7:CC:43:E5:02:84:CA:13:52:F7:75
X509v3 Authority Key Identifier:
keyid:82:1F:12:85:D7:75:A9:F5:89:24:3E:AC:84:4A:DC:5A:B8:9D:97:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gh8Shdd1qfWJJD6shErcWridl8k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b7:f3:3a:0f:84:c7:2a:11:35:4a:f0:78:76:89:8d:de:32:ab:
fd:a7:3b:cf:00:88:9c:eb:dd:ba:23:c6:60:61:8f:a7:f6:fc:
71:9c:e3:44:e6:3b:04:91:08:93:b2:99:27:ad:05:a5:b6:dc:
a3:3c:c7:e3:fa:ed:f6:5a:a1:b4:d6:e5:b4:49:83:03:2d:44:
c9:b4:e2:d8:2e:bd:75:60:f6:39:cc:46:50:e4:e0:4a:39:26:
d7:33:49:b9:4a:9c:13:15:dd:45:1e:dd:ae:e3:92:e3:ed:e4:
b5:3f:16:4f:98:29:b1:71:01:a4:d2:d2:ce:9d:96:85:cb:4d:
da:27:d2:19:bc:02:0d:2e:55:c8:5e:18:9b:df:33:7d:50:06:
b6:d4:e1:60:30:de:85:89:ee:f1:9d:41:53:29:bb:24:ef:38:
c7:87:d6:1c:54:12:6b:d4:71:e0:68:a8:38:6b:fd:8f:b7:11:
09:bf:8f:bf:93:34:72:52:e1:18:ab:5c:85:3d:18:9e:db:a9:
5e:4a:95:95:d2:c8:77:ea:97:48:f3:42:46:cd:85:07:69:89:
3e:cb:30:3d:b7:40:e6:49:97:77:4b:9b:ad:ac:f1:dc:41:78:
04:55:a3:8f:d6:fe:18:88:11:4c:ec:e3:ac:52:3b:f2:3c:3a:
bf:e8:2c:e6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytWjoRcD7YXh3T7dBjGW+zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyMWYxMjg1ZDc3NWE5ZjU4OTI0M2VhYzg0NGFkYzVhYjg5
ZDk3YzkwHhcNMjYwMzAyMDcwMTM3WhcNMjYwMzAzMDcwMTM3WjAzMTEwLwYDVQQD
EyhkZjJiMzYyZWM4YTk0YzMyNmRkN2NjNDNlNTAyODRjYTEzNTJmNzc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5bCTXQKj3Rw4W1nfYDKeyH2lbD3M
ASnUCVE1J0+42nDIJA47l+Z8SS7/dNJZNVS0sqElJs56yrELhcPQG2Xs4GSGtQmq
Zexe1V9AKE5hNZ+WWkFCfHnEYua/QNxF84bTXh/NcH+jF9pztds54HsBvGk4Nair
inwWz269lb0fP9Emdq1zYG9nAoCqdVevz01Yfh01D0KYDtnbBIvLK9vIZjw2uOLT
N4Sykj0YjqRMX+c1gomWhX4cPauoo9FQer0dmVC3Fm3tNi5u4u3rIIMDDoyTh5Sw
LCMxfmpwSh1ZX3vZZ/QhaJsxk+DHlI1x8HW/umgMcN8vd2zbmlD/jB9M4wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN8rNi7IqUwybdfMQ+UChMoTUvd1MB8GA1UdIwQY
MBaAFIIfEoXXdan1iSQ+rIRK3Fq4nZfJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2g4U2hkZDFxZldKSkQ2c2hFcmNXcmlkbDhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8xN2Q4MWQtMTczZC00NDg2LTk1NWQt
NDhlZWE4ZDVmZWYxLzEvZ2g4U2hkZDFxZldKSkQ2c2hFcmNXcmlkbDhrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi8xN2Q4MWQtMTczZC00NDg2LTk1NWQtNDhlZWE4ZDVmZWYx
LzEvZ2g4U2hkZDFxZldKSkQ2c2hFcmNXcmlkbDhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAt/M6D4TH
KhE1SvB4domN3jKr/ac7zwCInOvduiPGYGGPp/b8cZzjROY7BJEIk7KZJ60Fpbbc
ozzH4/rt9lqhtNbltEmDAy1EybTi2C69dWD2OcxGUOTgSjkm1zNJuUqcExXdRR7d
ruOS4+3ktT8WT5gpsXEBpNLSzp2WhctN2ifSGbwCDS5VyF4Ym98zfVAGttThYDDe
hYnu8Z1BUym7JO84x4fWHFQSa9Rx4GioOGv9j7cRCb+Pv5M0clLhGKtchT0Yntup
XkqVldLId+qXSPNCRs2FB2mJPsswPbdA5kmXd0ubrazx3EF4BFWjj9b+GIgRTOzj
rFI78jw6v+gs5g==
-----END CERTIFICATE-----
Generated at Mon Mar 2 16:25:30 2026 by rpki-client