Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/d317ca-3961-4fe0-bde8-f7c501418e56/1/gEH-6hI_ywfocqjLS92at7jaL88.mft
File: gEH-6hI_ywfocqjLS92at7jaL88.mft (raw, json)
Hash identifier: Sq0i8Vqy6a4J+/FHcobgTcefvC8X4Q+kV9eQChEwdYg=
Subject key identifier: D3:A3:09:8C:0A:35:C0:2C:67:8E:D6:00:FD:4C:E3:C7:93:0B:79:6D
Authority key identifier: 80:41:FE:EA:12:3F:CB:07:E8:72:A8:CB:4B:DD:9A:B7:B8:DA:2F:CF
Certificate issuer: /CN=8041feea123fcb07e872a8cb4bdd9ab7b8da2fcf
Certificate serial: 019D382DFD5A4B88DDDB0B8020B48FCD313A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gEH-6hI_ywfocqjLS92at7jaL88.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/d317ca-3961-4fe0-bde8-f7c501418e56/1/gEH-6hI_ywfocqjLS92at7jaL88.mft
Manifest number: 0CA6
Signing time: Sun 29 Mar 2026 06:00:31 +0000
Manifest this update: Sun 29 Mar 2026 06:00:31 +0000
Manifest next update: Mon 30 Mar 2026 06:00:31 +0000
Files and hashes: 1: TtXo5-QRvXwKIgknKnZ4_4t2vL8.roa (hash: mXHeMxujxsacK8/QlflktbO+DxAXX0UCko2MtIwDM0I=)
2: fSV05LTtRowHQPxeGrTgmMw12XI.asa (hash: 1wYE2I2ay1wSvk0f46A4Hik/XpXQv4vsPJSMPwGvQmo=)
3: gEH-6hI_ywfocqjLS92at7jaL88.crl (hash: dQiVgk2n9tf54M+aAqJhSKGfyCGduZaQ9f14Qp89zHg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1f/d317ca-3961-4fe0-bde8-f7c501418e56/1/gEH-6hI_ywfocqjLS92at7jaL88.crl
rsync://rpki.ripe.net/repository/DEFAULT/1f/d317ca-3961-4fe0-bde8-f7c501418e56/1/gEH-6hI_ywfocqjLS92at7jaL88.mft
rsync://rpki.ripe.net/repository/DEFAULT/gEH-6hI_ywfocqjLS92at7jaL88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 06:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:2d:fd:5a:4b:88:dd:db:0b:80:20:b4:8f:cd:31:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8041feea123fcb07e872a8cb4bdd9ab7b8da2fcf
Validity
Not Before: Mar 29 06:00:31 2026 GMT
Not After : Mar 30 06:00:31 2026 GMT
Subject: CN=d3a3098c0a35c02c678ed600fd4ce3c7930b796d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:75:14:59:86:6e:cd:de:3d:8b:07:ee:1d:4a:
1d:26:7f:9f:09:8e:76:6f:69:a4:c3:ac:ef:01:7c:
bc:5a:fa:e3:8d:4c:f1:11:3a:7a:c4:f4:10:54:a4:
a5:86:b2:ec:e3:0c:f6:e9:7c:9b:87:47:ca:8a:63:
4e:51:84:d1:27:9a:eb:62:9f:38:e8:0f:d2:30:43:
83:f5:6a:03:ae:f1:12:32:46:24:46:94:81:a0:a0:
8e:86:de:9c:b9:95:1f:cd:85:d1:c2:1b:b6:0a:d3:
2d:fc:3b:41:26:05:b8:91:1e:27:c3:e3:54:8c:65:
d7:e1:8e:33:9e:09:d7:81:f9:0d:5f:6b:f3:24:43:
bd:cf:06:59:be:57:b4:9f:5b:aa:6a:ba:03:81:4c:
07:5b:40:e1:4f:f4:c0:95:f0:16:9a:c2:f0:fe:a1:
40:b0:02:50:34:69:e8:11:29:3f:4a:35:eb:e5:f2:
9c:63:f8:c6:57:ad:d9:dc:58:50:14:b1:a9:1e:fa:
df:f2:1c:46:90:43:2f:f5:40:6b:a1:ac:3f:94:a0:
06:6f:e1:d0:c3:cc:6a:01:a2:3c:aa:a8:3d:cd:fa:
e0:59:df:9f:59:22:74:86:ee:81:1e:67:48:7d:b1:
97:d8:b1:d0:6f:64:84:7d:60:6a:43:5f:32:b9:e2:
6b:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:A3:09:8C:0A:35:C0:2C:67:8E:D6:00:FD:4C:E3:C7:93:0B:79:6D
X509v3 Authority Key Identifier:
keyid:80:41:FE:EA:12:3F:CB:07:E8:72:A8:CB:4B:DD:9A:B7:B8:DA:2F:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gEH-6hI_ywfocqjLS92at7jaL88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/d317ca-3961-4fe0-bde8-f7c501418e56/1/gEH-6hI_ywfocqjLS92at7jaL88.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/d317ca-3961-4fe0-bde8-f7c501418e56/1/gEH-6hI_ywfocqjLS92at7jaL88.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
36:9a:44:a8:46:fb:8a:06:b9:f6:a5:46:7f:6e:ce:fb:f5:df:
ef:50:24:ad:19:cd:cd:77:3c:64:13:44:02:bb:97:15:32:9f:
1b:68:2d:da:21:27:f2:da:1a:5a:57:47:17:f5:e7:5b:21:51:
43:a4:31:cd:b9:86:3d:bb:00:5e:c8:7e:5a:0b:69:1c:0b:cb:
eb:c8:e0:ab:71:f6:f5:24:c2:ab:ba:fc:55:e0:5f:4f:a6:85:
86:4e:19:94:50:17:76:1c:02:17:83:f9:4f:fa:d0:ae:be:9b:
b3:a5:69:d2:c7:68:19:83:6f:e9:15:ba:88:61:64:14:80:74:
f3:26:89:ac:4a:56:d5:9d:87:8c:5c:46:1f:c9:ef:e2:b7:d9:
10:5e:76:7c:64:74:4d:f0:cb:10:52:fa:7e:f9:e5:09:fb:21:
c2:96:74:b2:c2:6d:af:b2:1c:30:38:94:1b:a7:85:78:e4:30:
25:6a:e1:06:65:67:94:51:42:dc:59:c0:29:d5:1d:e6:ca:64:
10:61:a8:73:10:62:24:9d:7d:ca:4f:9d:7a:58:12:ee:f9:42:
9b:51:f1:0d:e9:e0:e2:da:5e:d2:f2:92:5a:2b:44:d8:17:8b:
7a:54:e6:aa:21:cd:f2:54:48:40:35:94:dc:4d:1c:eb:60:29:
24:a4:37:14
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04Lf1aS4jd2wuAILSPzTE6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwNDFmZWVhMTIzZmNiMDdlODcyYThjYjRiZGQ5YWI3Yjhk
YTJmY2YwHhcNMjYwMzI5MDYwMDMxWhcNMjYwMzMwMDYwMDMxWjAzMTEwLwYDVQQD
EyhkM2EzMDk4YzBhMzVjMDJjNjc4ZWQ2MDBmZDRjZTNjNzkzMGI3OTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyXUUWYZuzd49iwfuHUodJn+fCY52
b2mkw6zvAXy8WvrjjUzxETp6xPQQVKSlhrLs4wz26Xybh0fKimNOUYTRJ5rrYp84
6A/SMEOD9WoDrvESMkYkRpSBoKCOht6cuZUfzYXRwhu2CtMt/DtBJgW4kR4nw+NU
jGXX4Y4zngnXgfkNX2vzJEO9zwZZvle0n1uqaroDgUwHW0DhT/TAlfAWmsLw/qFA
sAJQNGnoESk/SjXr5fKcY/jGV63Z3FhQFLGpHvrf8hxGkEMv9UBroaw/lKAGb+HQ
w8xqAaI8qqg9zfrgWd+fWSJ0hu6BHmdIfbGX2LHQb2SEfWBqQ18yueJroQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNOjCYwKNcAsZ47WAP1M48eTC3ltMB8GA1UdIwQY
MBaAFIBB/uoSP8sH6HKoy0vdmre42i/PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0VILTZoSV95d2ZvY3FqTFM5MmF0N2phTDg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi9kMzE3Y2EtMzk2MS00ZmUwLWJkZTgt
ZjdjNTAxNDE4ZTU2LzEvZ0VILTZoSV95d2ZvY3FqTFM5MmF0N2phTDg4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi9kMzE3Y2EtMzk2MS00ZmUwLWJkZTgtZjdjNTAxNDE4ZTU2
LzEvZ0VILTZoSV95d2ZvY3FqTFM5MmF0N2phTDg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANppEqEb7
iga59qVGf27O+/Xf71AkrRnNzXc8ZBNEAruXFTKfG2gt2iEn8toaWldHF/XnWyFR
Q6QxzbmGPbsAXsh+WgtpHAvL68jgq3H29STCq7r8VeBfT6aFhk4ZlFAXdhwCF4P5
T/rQrr6bs6Vp0sdoGYNv6RW6iGFkFIB08yaJrEpW1Z2HjFxGH8nv4rfZEF52fGR0
TfDLEFL6fvnlCfshwpZ0ssJtr7IcMDiUG6eFeOQwJWrhBmVnlFFC3FnAKdUd5spk
EGGocxBiJJ19yk+delgS7vlCm1HxDeng4tpe0vKSWitE2BeLelTmqiHN8lRIQDWU
3E0c62ApJKQ3FA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:27:23 2026 by rpki-client