Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/8300f8-9ece-47cd-837d-f1990b0c705a/1/ckgd2Q0QC9W8I8BLEMCoQxzJpbU.mft
File: ckgd2Q0QC9W8I8BLEMCoQxzJpbU.mft (raw, json)
Hash identifier: IlYbOGVoCjspxKV+qw04ea1/oNX9Ce9huDn29DaSOn0=
Subject key identifier: 46:63:07:8A:33:D7:CD:6C:AA:07:9C:78:69:E9:6E:25:1E:0D:67:F1
Authority key identifier: 72:48:1D:D9:0D:10:0B:D5:BC:23:C0:4B:10:C0:A8:43:1C:C9:A5:B5
Certificate issuer: /CN=72481dd90d100bd5bc23c04b10c0a8431cc9a5b5
Certificate serial: 019D382E797CF6117230C63DA9E553407FE4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ckgd2Q0QC9W8I8BLEMCoQxzJpbU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/8300f8-9ece-47cd-837d-f1990b0c705a/1/ckgd2Q0QC9W8I8BLEMCoQxzJpbU.mft
Manifest number: 17D3
Signing time: Sun 29 Mar 2026 06:01:03 +0000
Manifest this update: Sun 29 Mar 2026 06:01:03 +0000
Manifest next update: Mon 30 Mar 2026 06:01:03 +0000
Files and hashes: 1: NvNBBzczdvedzfA0zmq_oqTjNy0.roa (hash: aNRFQnk32ELUJc2di3VPfCYAy8SNGZZzchv0G1guk1k=)
2: ckgd2Q0QC9W8I8BLEMCoQxzJpbU.crl (hash: UdD8fC/Ga9n3I+IYGOlt8GsnkfP/S4Vhp/dXjMkWb8w=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/8300f8-9ece-47cd-837d-f1990b0c705a/1/ckgd2Q0QC9W8I8BLEMCoQxzJpbU.crl
rsync://rpki.ripe.net/repository/DEFAULT/28/8300f8-9ece-47cd-837d-f1990b0c705a/1/ckgd2Q0QC9W8I8BLEMCoQxzJpbU.mft
rsync://rpki.ripe.net/repository/DEFAULT/ckgd2Q0QC9W8I8BLEMCoQxzJpbU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 06:01:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:2e:79:7c:f6:11:72:30:c6:3d:a9:e5:53:40:7f:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72481dd90d100bd5bc23c04b10c0a8431cc9a5b5
Validity
Not Before: Mar 29 06:01:03 2026 GMT
Not After : Mar 30 06:01:03 2026 GMT
Subject: CN=4663078a33d7cd6caa079c7869e96e251e0d67f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:48:32:67:27:ac:73:7b:2c:0e:1a:5e:f6:e0:
a1:d2:65:ad:a7:6b:82:55:10:32:52:17:6c:ee:96:
e4:85:88:20:79:f7:e4:0b:d7:a8:87:8a:93:d2:2e:
be:7d:4e:20:b9:2c:af:10:a4:b5:e4:44:c6:39:07:
48:b1:04:09:05:68:aa:94:21:f3:b3:af:54:29:fc:
8a:2c:a5:29:ac:a8:6e:50:b3:a9:d2:78:b1:71:3d:
48:99:41:44:3b:22:60:62:21:1d:18:2f:43:87:3d:
02:c4:60:5e:e3:d2:6d:db:9a:2d:ec:12:8c:16:1b:
62:04:c2:81:77:0d:2a:5d:00:d4:9d:75:4b:d5:0b:
c3:a5:43:20:9b:e4:9c:cd:79:db:cc:0b:aa:67:8f:
ca:0b:88:02:21:9e:30:2d:74:4f:4c:87:96:15:f7:
aa:28:f4:3a:39:ea:a1:31:f5:15:41:75:2b:53:4a:
94:21:30:bf:24:87:bd:64:af:b1:db:76:c5:4a:4c:
2f:c0:fc:b9:1e:ef:93:76:4d:1e:a8:10:33:3b:43:
9a:30:d3:ab:8b:76:52:0b:91:64:54:c3:7a:27:c1:
00:34:35:c1:89:ea:4a:c7:62:df:79:bc:c9:30:66:
d8:4a:a9:58:2b:35:ae:c0:78:2d:2d:ad:29:b9:e6:
2a:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:63:07:8A:33:D7:CD:6C:AA:07:9C:78:69:E9:6E:25:1E:0D:67:F1
X509v3 Authority Key Identifier:
keyid:72:48:1D:D9:0D:10:0B:D5:BC:23:C0:4B:10:C0:A8:43:1C:C9:A5:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ckgd2Q0QC9W8I8BLEMCoQxzJpbU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/8300f8-9ece-47cd-837d-f1990b0c705a/1/ckgd2Q0QC9W8I8BLEMCoQxzJpbU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/8300f8-9ece-47cd-837d-f1990b0c705a/1/ckgd2Q0QC9W8I8BLEMCoQxzJpbU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
67:61:16:d9:a3:fe:72:21:f8:53:4e:a3:4e:79:1a:d3:ed:15:
f7:a4:ee:00:17:32:ea:37:bd:70:6f:a3:0a:ba:d8:6d:e9:a5:
0d:b6:b8:fd:d0:08:4a:17:b5:e3:eb:d6:4a:bc:df:08:48:58:
5b:12:bf:f5:72:00:28:12:e4:52:ae:3a:01:77:73:df:af:5f:
d6:bc:4a:79:74:53:ad:05:a1:60:88:cb:ba:e6:2c:b5:cd:c4:
76:29:f1:4a:99:bf:33:bd:b1:e5:25:c5:d9:5c:e3:ed:1c:d9:
68:e9:ca:32:5b:3b:f8:02:1a:d8:01:00:02:61:86:9c:9e:79:
42:c7:9c:ab:23:9e:be:d4:a6:3f:6f:b6:0f:e9:30:71:f7:70:
2a:13:a2:2e:19:a7:a6:3b:66:65:99:20:a5:bf:be:54:93:a1:
aa:77:bf:62:b1:92:95:65:f7:0e:09:6e:e7:2c:0f:94:22:7c:
16:82:4c:1f:9c:9f:b2:d0:c9:1f:cb:29:57:6f:8b:85:55:d1:
7a:71:8f:5c:f3:fa:18:66:b4:17:c6:fe:d3:ca:ce:57:67:fb:
f2:63:f2:01:59:4c:44:cc:a9:ca:b6:43:49:b4:0e:da:2b:bb:
bf:08:73:58:1c:d4:b5:91:7c:20:55:80:6c:14:fb:82:d2:05:
cf:a6:ec:eb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04Lnl89hFyMMY9qeVTQH/kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyNDgxZGQ5MGQxMDBiZDViYzIzYzA0YjEwYzBhODQzMWNj
OWE1YjUwHhcNMjYwMzI5MDYwMTAzWhcNMjYwMzMwMDYwMTAzWjAzMTEwLwYDVQQD
Eyg0NjYzMDc4YTMzZDdjZDZjYWEwNzljNzg2OWU5NmUyNTFlMGQ2N2YxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyEgyZyesc3ssDhpe9uCh0mWtp2uC
VRAyUhds7pbkhYggeffkC9eoh4qT0i6+fU4guSyvEKS15ETGOQdIsQQJBWiqlCHz
s69UKfyKLKUprKhuULOp0nixcT1ImUFEOyJgYiEdGC9Dhz0CxGBe49Jt25ot7BKM
FhtiBMKBdw0qXQDUnXVL1QvDpUMgm+SczXnbzAuqZ4/KC4gCIZ4wLXRPTIeWFfeq
KPQ6OeqhMfUVQXUrU0qUITC/JIe9ZK+x23bFSkwvwPy5Hu+Tdk0eqBAzO0OaMNOr
i3ZSC5FkVMN6J8EANDXBiepKx2LfebzJMGbYSqlYKzWuwHgtLa0pueYqXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEZjB4oz181sqgeceGnpbiUeDWfxMB8GA1UdIwQY
MBaAFHJIHdkNEAvVvCPASxDAqEMcyaW1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2tnZDJRMFFDOVc4SThCTEVNQ29ReHpKcGJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC84MzAwZjgtOWVjZS00N2NkLTgzN2Qt
ZjE5OTBiMGM3MDVhLzEvY2tnZDJRMFFDOVc4SThCTEVNQ29ReHpKcGJVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC84MzAwZjgtOWVjZS00N2NkLTgzN2QtZjE5OTBiMGM3MDVh
LzEvY2tnZDJRMFFDOVc4SThCTEVNQ29ReHpKcGJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZ2EW2aP+
ciH4U06jTnka0+0V96TuABcy6je9cG+jCrrYbemlDba4/dAIShe14+vWSrzfCEhY
WxK/9XIAKBLkUq46AXdz369f1rxKeXRTrQWhYIjLuuYstc3EdinxSpm/M72x5SXF
2Vzj7RzZaOnKMls7+AIa2AEAAmGGnJ55QsecqyOevtSmP2+2D+kwcfdwKhOiLhmn
pjtmZZkgpb++VJOhqne/YrGSlWX3Dglu5ywPlCJ8FoJMH5yfstDJH8spV2+LhVXR
enGPXPP6GGa0F8b+08rOV2f78mPyAVlMRMypyrZDSbQO2iu7vwhzWBzUtZF8IFWA
bBT7gtIFz6bs6w==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:39:53 2026 by rpki-client