Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/f433c3-132f-4d66-bd30-c62cf20a5ec9/1/CKNNqqiH2YpTSMOkYKIfyE4RpOY.mft
File: CKNNqqiH2YpTSMOkYKIfyE4RpOY.mft (raw, json)
Hash identifier: hllQaMg9fZ3uuIoSYXhDGTFvgvDe/hnpbaLz7RVQ3mk=
Subject key identifier: 20:D1:30:8E:76:DF:16:4F:11:0D:42:E6:10:39:22:B6:5F:CB:47:97
Authority key identifier: 08:A3:4D:AA:A8:87:D9:8A:53:48:C3:A4:60:A2:1F:C8:4E:11:A4:E6
Certificate issuer: /CN=08a34daaa887d98a5348c3a460a21fc84e11a4e6
Certificate serial: 019D9818E65DB4FF471B8DE285E2C40F746A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CKNNqqiH2YpTSMOkYKIfyE4RpOY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/f433c3-132f-4d66-bd30-c62cf20a5ec9/1/CKNNqqiH2YpTSMOkYKIfyE4RpOY.mft
Manifest number: 1528
Signing time: Thu 16 Apr 2026 21:01:01 +0000
Manifest this update: Thu 16 Apr 2026 21:01:01 +0000
Manifest next update: Fri 17 Apr 2026 21:01:01 +0000
Files and hashes: 1: CKNNqqiH2YpTSMOkYKIfyE4RpOY.crl (hash: KKSFHndbGNZ5U8ugSCFPAQcldMtxDYtmGh5YOLAokLo=)
2: S6WAJx7TbU110k_g0oyFg1H_34U.roa (hash: toyst882a1xCVx/3FvwHIaERW16kFo9wkqRcGIDeq00=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/f433c3-132f-4d66-bd30-c62cf20a5ec9/1/CKNNqqiH2YpTSMOkYKIfyE4RpOY.crl
rsync://rpki.ripe.net/repository/DEFAULT/33/f433c3-132f-4d66-bd30-c62cf20a5ec9/1/CKNNqqiH2YpTSMOkYKIfyE4RpOY.mft
rsync://rpki.ripe.net/repository/DEFAULT/CKNNqqiH2YpTSMOkYKIfyE4RpOY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 21:01:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:98:18:e6:5d:b4:ff:47:1b:8d:e2:85:e2:c4:0f:74:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08a34daaa887d98a5348c3a460a21fc84e11a4e6
Validity
Not Before: Apr 16 21:01:01 2026 GMT
Not After : Apr 17 21:01:01 2026 GMT
Subject: CN=20d1308e76df164f110d42e6103922b65fcb4797
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:9f:a3:e5:2c:21:71:27:50:34:24:a5:2b:c3:
86:f2:fb:bf:da:cf:d5:c4:aa:92:8a:25:ef:86:82:
2d:f9:58:5d:4b:cf:75:0b:a4:d6:17:2e:df:af:a4:
91:bb:90:37:70:e9:37:85:13:0a:42:9b:fd:08:4b:
b3:5c:17:1b:de:0d:21:1a:7c:e5:1f:3c:6d:6a:d6:
da:76:ce:a7:aa:95:be:94:e2:a5:6b:ac:e6:b7:e4:
ae:ad:f3:1e:e8:a9:a5:52:4b:84:0a:26:fc:16:e7:
b0:a9:a7:23:0f:32:89:0d:d2:c6:e3:bb:5f:47:c0:
36:65:5a:e0:74:09:df:22:69:32:81:71:25:1a:1d:
ab:09:bc:1a:68:32:6b:33:b7:4d:f3:80:04:28:63:
54:df:7f:03:f0:de:82:8f:a3:e3:cb:5f:8f:f9:4e:
4f:7a:61:35:ea:5f:4b:8a:e9:6f:22:92:72:6a:b6:
61:b6:17:3e:3e:fb:30:7f:9c:ce:9c:5e:ce:38:b8:
b1:24:72:fa:9a:de:09:61:fd:39:89:74:06:a3:01:
8b:c4:61:19:57:3f:8a:d5:80:84:46:e6:61:3c:a7:
1f:a0:2f:1c:65:82:c5:2c:37:90:9d:39:54:77:6f:
24:42:10:5a:89:e2:ec:44:4a:10:df:3b:d4:48:bb:
7e:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:D1:30:8E:76:DF:16:4F:11:0D:42:E6:10:39:22:B6:5F:CB:47:97
X509v3 Authority Key Identifier:
keyid:08:A3:4D:AA:A8:87:D9:8A:53:48:C3:A4:60:A2:1F:C8:4E:11:A4:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CKNNqqiH2YpTSMOkYKIfyE4RpOY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/f433c3-132f-4d66-bd30-c62cf20a5ec9/1/CKNNqqiH2YpTSMOkYKIfyE4RpOY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/f433c3-132f-4d66-bd30-c62cf20a5ec9/1/CKNNqqiH2YpTSMOkYKIfyE4RpOY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4e:94:16:16:4c:65:09:2f:4a:f5:3a:4f:9e:e7:a0:2c:87:d8:
d1:03:40:c9:e1:e4:3f:fa:4e:05:f7:1b:f9:ad:92:47:5d:a9:
d7:84:f0:a9:37:59:1a:91:e5:db:5c:f6:5a:31:8f:de:18:02:
cc:d5:05:8d:9a:db:47:75:19:d4:68:15:49:2b:31:dd:6a:5c:
e9:f3:a4:0e:4f:64:67:7e:8d:7d:78:d9:f9:2c:e8:b1:15:c2:
07:60:13:74:e1:46:0e:06:66:f4:41:46:01:ee:db:19:40:9f:
59:97:c8:81:81:7c:5c:6b:68:87:ad:e4:58:b3:e0:7e:fa:f4:
00:e0:fc:52:23:f4:8f:7d:cc:4b:4c:da:c9:b4:c4:d3:49:e4:
88:d9:bb:a9:ed:79:8b:39:d1:52:bf:6a:54:13:21:eb:22:60:
14:f8:b6:22:ca:10:d3:4c:54:f0:79:56:0a:bc:c8:f9:e7:e9:
07:f7:d8:5d:0d:2b:03:2f:13:2a:7a:d5:f0:0c:c2:fc:ce:82:
3c:fb:92:e1:11:39:88:b5:fa:ef:cd:21:d8:0d:8b:0d:ce:fc:
46:86:46:5c:97:74:0e:b1:eb:a1:6b:95:a9:1b:ae:c1:bd:42:
e6:b7:f8:29:bc:22:d7:02:9b:71:50:c0:97:a5:b5:fb:23:72:
38:9c:10:15
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2YGOZdtP9HG43iheLED3RqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4YTM0ZGFhYTg4N2Q5OGE1MzQ4YzNhNDYwYTIxZmM4NGUx
MWE0ZTYwHhcNMjYwNDE2MjEwMTAxWhcNMjYwNDE3MjEwMTAxWjAzMTEwLwYDVQQD
EygyMGQxMzA4ZTc2ZGYxNjRmMTEwZDQyZTYxMDM5MjJiNjVmY2I0Nzk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA65+j5SwhcSdQNCSlK8OG8vu/2s/V
xKqSiiXvhoIt+VhdS891C6TWFy7fr6SRu5A3cOk3hRMKQpv9CEuzXBcb3g0hGnzl
Hzxtatbads6nqpW+lOKla6zmt+SurfMe6KmlUkuECib8FuewqacjDzKJDdLG47tf
R8A2ZVrgdAnfImkygXElGh2rCbwaaDJrM7dN84AEKGNU338D8N6Cj6Pjy1+P+U5P
emE16l9LiulvIpJyarZhthc+Pvswf5zOnF7OOLixJHL6mt4JYf05iXQGowGLxGEZ
Vz+K1YCERuZhPKcfoC8cZYLFLDeQnTlUd28kQhBaieLsREoQ3zvUSLt+ywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCDRMI523xZPEQ1C5hA5IrZfy0eXMB8GA1UdIwQY
MBaAFAijTaqoh9mKU0jDpGCiH8hOEaTmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0tOTnFxaUgyWXBUU01Pa1lLSWZ5RTRScE9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy9mNDMzYzMtMTMyZi00ZDY2LWJkMzAt
YzYyY2YyMGE1ZWM5LzEvQ0tOTnFxaUgyWXBUU01Pa1lLSWZ5RTRScE9ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy9mNDMzYzMtMTMyZi00ZDY2LWJkMzAtYzYyY2YyMGE1ZWM5
LzEvQ0tOTnFxaUgyWXBUU01Pa1lLSWZ5RTRScE9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATpQWFkxl
CS9K9TpPnuegLIfY0QNAyeHkP/pOBfcb+a2SR12p14TwqTdZGpHl21z2WjGP3hgC
zNUFjZrbR3UZ1GgVSSsx3Wpc6fOkDk9kZ36NfXjZ+SzosRXCB2ATdOFGDgZm9EFG
Ae7bGUCfWZfIgYF8XGtoh63kWLPgfvr0AOD8UiP0j33MS0zaybTE00nkiNm7qe15
iznRUr9qVBMh6yJgFPi2IsoQ00xU8HlWCrzI+efpB/fYXQ0rAy8TKnrV8AzC/M6C
PPuS4RE5iLX6780h2A2LDc78RoZGXJd0DrHroWuVqRuuwb1C5rf4Kbwi1wKbcVDA
l6W1+yNyOJwQFQ==
-----END CERTIFICATE-----
Generated at Fri Apr 17 07:09:47 2026 by rpki-client