Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/f433c3-132f-4d66-bd30-c62cf20a5ec9/1/CKNNqqiH2YpTSMOkYKIfyE4RpOY.mft
File: CKNNqqiH2YpTSMOkYKIfyE4RpOY.mft (raw, json)
Hash identifier: gTlwHdRJYsuztyAo2WKFHG2m5QuG+1xSVXvo/HO5cr8=
Subject key identifier: E6:CD:A4:42:F0:E3:E9:74:78:09:45:3F:1C:E1:5C:5C:6E:B9:37:43
Authority key identifier: 08:A3:4D:AA:A8:87:D9:8A:53:48:C3:A4:60:A2:1F:C8:4E:11:A4:E6
Certificate issuer: /CN=08a34daaa887d98a5348c3a460a21fc84e11a4e6
Certificate serial: 019CAA8F8498A4ED32AA2B38A1739DB1EF3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CKNNqqiH2YpTSMOkYKIfyE4RpOY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/f433c3-132f-4d66-bd30-c62cf20a5ec9/1/CKNNqqiH2YpTSMOkYKIfyE4RpOY.mft
Manifest number: 14AD
Signing time: Sun 01 Mar 2026 18:00:58 +0000
Manifest this update: Sun 01 Mar 2026 18:00:58 +0000
Manifest next update: Mon 02 Mar 2026 18:00:58 +0000
Files and hashes: 1: CKNNqqiH2YpTSMOkYKIfyE4RpOY.crl (hash: PM8Sx3nagDoUeFxBzERRBeKAp1KPK2trEWKdzxEvwFI=)
2: S6WAJx7TbU110k_g0oyFg1H_34U.roa (hash: toyst882a1xCVx/3FvwHIaERW16kFo9wkqRcGIDeq00=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/f433c3-132f-4d66-bd30-c62cf20a5ec9/1/CKNNqqiH2YpTSMOkYKIfyE4RpOY.crl
rsync://rpki.ripe.net/repository/DEFAULT/33/f433c3-132f-4d66-bd30-c62cf20a5ec9/1/CKNNqqiH2YpTSMOkYKIfyE4RpOY.mft
rsync://rpki.ripe.net/repository/DEFAULT/CKNNqqiH2YpTSMOkYKIfyE4RpOY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:aa:8f:84:98:a4:ed:32:aa:2b:38:a1:73:9d:b1:ef:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08a34daaa887d98a5348c3a460a21fc84e11a4e6
Validity
Not Before: Mar 1 18:00:58 2026 GMT
Not After : Mar 2 18:00:58 2026 GMT
Subject: CN=e6cda442f0e3e9747809453f1ce15c5c6eb93743
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:72:3c:12:d2:ba:b5:b5:fe:fb:ef:62:1b:e6:
2b:7e:2e:a9:37:0a:ea:4a:63:7b:5c:d4:36:31:c9:
0b:29:54:56:d1:72:41:52:6e:81:b8:60:95:8b:3e:
ba:7a:82:ba:a1:6f:27:17:18:bd:25:cd:73:b5:13:
69:f5:50:52:b1:13:8f:03:e2:76:d9:35:b8:7a:62:
09:04:f3:36:50:0b:c0:71:a0:ae:4a:50:4e:6f:09:
2f:97:60:c8:aa:cc:65:6e:28:54:72:97:78:47:27:
d7:17:b0:f7:b5:3e:56:b1:94:02:eb:4b:77:af:5d:
85:33:cb:cb:0e:f1:d9:29:09:0b:13:90:2f:40:0a:
d4:1e:64:79:f7:60:c8:8f:d2:f7:45:3b:33:9c:2d:
00:6e:05:be:80:2f:4c:23:00:c3:b7:89:8c:78:17:
83:d4:8b:9d:9a:dc:ef:7b:74:54:ff:da:c8:bc:4c:
31:49:e9:ed:7d:a7:33:5a:9d:3f:cb:01:25:24:95:
c8:fb:8f:09:d1:63:82:7a:60:17:da:8a:80:15:4d:
f8:94:70:6a:b1:a3:23:f9:09:b5:d4:6d:08:e0:2b:
86:2a:89:c8:2c:a0:d0:ed:08:00:42:e2:35:9f:2f:
92:d5:69:a6:c8:66:0f:4e:89:c3:eb:49:05:4a:50:
d9:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:CD:A4:42:F0:E3:E9:74:78:09:45:3F:1C:E1:5C:5C:6E:B9:37:43
X509v3 Authority Key Identifier:
keyid:08:A3:4D:AA:A8:87:D9:8A:53:48:C3:A4:60:A2:1F:C8:4E:11:A4:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CKNNqqiH2YpTSMOkYKIfyE4RpOY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/f433c3-132f-4d66-bd30-c62cf20a5ec9/1/CKNNqqiH2YpTSMOkYKIfyE4RpOY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/f433c3-132f-4d66-bd30-c62cf20a5ec9/1/CKNNqqiH2YpTSMOkYKIfyE4RpOY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
77:45:42:90:09:b2:40:33:9c:4f:f0:da:b6:de:2f:80:72:6e:
07:06:3f:1b:3b:03:5b:81:10:22:49:81:60:cb:30:a6:ac:75:
ef:37:16:60:20:97:36:1e:37:1f:94:a3:cf:9d:dd:24:4e:80:
9b:72:b6:fa:5b:08:08:3f:8c:f8:f8:2b:0b:04:5a:05:dd:da:
83:be:3b:03:4b:a1:06:19:d7:38:ae:1e:41:47:0a:6e:10:43:
be:b9:c6:9e:b2:71:a0:3d:9c:61:a1:10:fd:fe:b5:44:86:d6:
17:ed:77:1d:c8:fd:08:d4:65:37:6e:37:a8:e7:b4:0b:18:a2:
bd:79:e0:cc:e3:81:5f:6e:7e:b4:ce:fb:53:37:90:28:0f:f6:
0d:66:e4:dc:93:86:9f:b7:55:0c:7f:74:ab:27:c1:ba:26:58:
42:2c:b2:fd:cf:89:c5:ec:d2:0a:6f:a1:b6:b6:7d:f6:46:01:
80:b2:78:10:7a:82:92:5b:ca:b0:3b:b6:4d:43:c4:a4:1a:d3:
ee:22:f7:fb:1f:19:91:57:de:e1:df:6b:36:36:a1:95:33:4e:
92:a2:5a:51:e4:e8:1f:8d:51:16:de:93:92:66:5b:d3:36:66:
27:38:99:5a:b9:35:4f:31:d1:76:98:83:b4:e8:09:14:46:04:
e2:e7:1b:00
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqj4SYpO0yqis4oXOdse8/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4YTM0ZGFhYTg4N2Q5OGE1MzQ4YzNhNDYwYTIxZmM4NGUx
MWE0ZTYwHhcNMjYwMzAxMTgwMDU4WhcNMjYwMzAyMTgwMDU4WjAzMTEwLwYDVQQD
EyhlNmNkYTQ0MmYwZTNlOTc0NzgwOTQ1M2YxY2UxNWM1YzZlYjkzNzQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsXI8EtK6tbX+++9iG+Yrfi6pNwrq
SmN7XNQ2MckLKVRW0XJBUm6BuGCViz66eoK6oW8nFxi9Jc1ztRNp9VBSsROPA+J2
2TW4emIJBPM2UAvAcaCuSlBObwkvl2DIqsxlbihUcpd4RyfXF7D3tT5WsZQC60t3
r12FM8vLDvHZKQkLE5AvQArUHmR592DIj9L3RTsznC0AbgW+gC9MIwDDt4mMeBeD
1Iudmtzve3RU/9rIvEwxSentfaczWp0/ywElJJXI+48J0WOCemAX2oqAFU34lHBq
saMj+Qm11G0I4CuGKonILKDQ7QgAQuI1ny+S1WmmyGYPTonD60kFSlDZzQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFObNpELw4+l0eAlFPxzhXFxuuTdDMB8GA1UdIwQY
MBaAFAijTaqoh9mKU0jDpGCiH8hOEaTmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0tOTnFxaUgyWXBUU01Pa1lLSWZ5RTRScE9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy9mNDMzYzMtMTMyZi00ZDY2LWJkMzAt
YzYyY2YyMGE1ZWM5LzEvQ0tOTnFxaUgyWXBUU01Pa1lLSWZ5RTRScE9ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy9mNDMzYzMtMTMyZi00ZDY2LWJkMzAtYzYyY2YyMGE1ZWM5
LzEvQ0tOTnFxaUgyWXBUU01Pa1lLSWZ5RTRScE9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAd0VCkAmy
QDOcT/Datt4vgHJuBwY/GzsDW4EQIkmBYMswpqx17zcWYCCXNh43H5Sjz53dJE6A
m3K2+lsICD+M+PgrCwRaBd3ag747A0uhBhnXOK4eQUcKbhBDvrnGnrJxoD2cYaEQ
/f61RIbWF+13Hcj9CNRlN243qOe0CxiivXngzOOBX25+tM77UzeQKA/2DWbk3JOG
n7dVDH90qyfBuiZYQiyy/c+JxezSCm+htrZ99kYBgLJ4EHqCklvKsDu2TUPEpBrT
7iL3+x8ZkVfe4d9rNjahlTNOkqJaUeToH41RFt6TkmZb0zZmJziZWrk1TzHRdpiD
tOgJFEYE4ucbAA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 02:17:42 2026 by rpki-client