
Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.mft
File: gh8Shdd1qfWJJD6shErcWridl8k.mft (raw, json)
Hash identifier: 0WNS3nAyOE+RYc42/90yuMU7F2LkPr16kFarZ86w1Jg=
Subject key identifier: 3D:71:E3:46:D5:B0:40:47:BC:F9:FF:7A:AD:05:25:90:8B:98:CD:C4
Authority key identifier: 82:1F:12:85:D7:75:A9:F5:89:24:3E:AC:84:4A:DC:5A:B8:9D:97:C9
Certificate issuer: /CN=821f1285d775a9f589243eac844adc5ab89d97c9
Certificate serial: 019EB6C5BC49481363AF688655906A611972
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gh8Shdd1qfWJJD6shErcWridl8k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.mft
Manifest number: 0DFA
Signing time: Thu 11 Jun 2026 13:01:12 +0000
Manifest this update: Thu 11 Jun 2026 13:01:12 +0000
Manifest next update: Fri 12 Jun 2026 13:01:12 +0000
Files and hashes: 1: Ken1-UyKUV7K-ivTPRx21HrB1go.roa (hash: SzlYiDowE9Ts27wto98BsM6+plGlLtF6xf2nTMUOAKI=)
2: dGmTMuCLcokZ_dpzsnFglotPhbE.roa (hash: xS9B/n1G06zo3aHFhFfNBhI/mXvOeeGrRH7j7PtD+Q0=)
3: gh8Shdd1qfWJJD6shErcWridl8k.crl (hash: 9TpLISUXSSl3yvjp9hKatYb2tyF817N6ztYWE2/oH94=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.mft
rsync://rpki.ripe.net/repository/DEFAULT/gh8Shdd1qfWJJD6shErcWridl8k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 13:01:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:b6:c5:bc:49:48:13:63:af:68:86:55:90:6a:61:19:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=821f1285d775a9f589243eac844adc5ab89d97c9
Validity
Not Before: Jun 11 13:01:12 2026 GMT
Not After : Jun 12 13:01:12 2026 GMT
Subject: CN=3d71e346d5b04047bcf9ff7aad0525908b98cdc4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:2d:8f:64:ac:8d:32:47:03:41:9d:1d:47:3b:
3f:16:16:e9:1f:41:74:d7:a6:2f:3b:b2:87:68:c3:
19:32:79:c7:cb:3b:35:b5:aa:aa:09:f2:e0:9d:55:
6f:e7:d7:7d:df:8d:5a:3a:3a:07:f1:d4:38:ea:b5:
fa:b3:b8:c2:2e:1a:3d:37:37:d0:9e:96:8e:52:9e:
63:40:19:fe:fa:0b:c3:67:61:69:9d:da:4d:63:68:
af:02:9b:1b:23:de:d9:82:00:7c:46:1c:b5:06:9f:
0f:7a:2a:33:e0:2e:d2:b7:e2:08:3e:ff:30:2a:5a:
8a:be:76:df:e5:8b:d9:89:da:66:6b:aa:51:bc:84:
31:d5:c8:8b:01:e8:95:8a:65:6b:7d:a3:6a:e0:14:
99:5d:7d:07:70:b4:cb:05:65:06:ae:2a:cd:d4:3a:
36:0c:57:01:36:c2:ad:2d:4f:7c:27:0e:87:2d:8a:
2d:6f:b3:b8:2d:6c:92:1e:ad:2d:b4:69:bc:90:a1:
f2:78:d6:16:98:1d:37:51:ce:8d:5d:f3:a8:5f:ba:
a2:f6:17:75:8d:ae:89:19:c2:65:d9:59:71:19:03:
81:76:91:21:22:c7:ea:ea:71:28:e8:15:f5:23:c3:
26:c0:ec:7d:35:67:91:b5:5d:f1:b3:f8:10:c1:f4:
f9:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:71:E3:46:D5:B0:40:47:BC:F9:FF:7A:AD:05:25:90:8B:98:CD:C4
X509v3 Authority Key Identifier:
keyid:82:1F:12:85:D7:75:A9:F5:89:24:3E:AC:84:4A:DC:5A:B8:9D:97:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gh8Shdd1qfWJJD6shErcWridl8k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6d:5b:35:56:0d:c7:da:b2:2e:69:36:8f:a4:36:a6:dc:22:06:
7e:31:ae:26:4d:b3:47:ca:91:69:59:15:b6:1e:7f:53:30:14:
83:7f:69:a2:ec:45:3e:ac:2c:2e:5a:a5:81:92:80:67:55:d3:
46:80:a6:b3:a2:30:62:56:a4:b2:1b:0e:31:05:fd:71:38:94:
77:e5:2b:3e:5b:d8:a1:c9:1f:23:6d:13:4f:c6:02:03:72:9e:
eb:29:56:f3:91:8a:2f:63:22:8f:54:3e:79:6e:4a:eb:72:1f:
1a:a2:97:08:4d:34:62:ea:62:cf:be:4b:90:2a:97:a4:3f:11:
a6:53:ca:87:92:b0:a7:99:2d:96:d6:4b:df:4d:ec:b5:27:e5:
e2:30:db:49:26:da:d8:6e:49:bf:68:49:d8:98:3b:e4:ac:a2:
d7:5b:4a:db:3f:6f:06:2b:f1:ab:3c:c7:ca:de:13:75:02:75:
5f:7e:be:0a:f4:cc:7d:8d:1d:ba:fd:ca:ef:6d:72:4a:a1:f3:
c4:42:0b:ac:fc:bc:8b:65:f7:77:5a:21:8b:37:51:cd:4f:c0:
ac:b1:24:41:8a:86:c0:d4:88:16:68:86:50:12:02:e4:fe:6c:
30:eb:fb:df:4a:6b:12:a6:1c:b6:e2:cd:1e:6f:36:a5:cf:0b:
d6:ae:de:f1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ62xbxJSBNjr2iGVZBqYRlyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyMWYxMjg1ZDc3NWE5ZjU4OTI0M2VhYzg0NGFkYzVhYjg5
ZDk3YzkwHhcNMjYwNjExMTMwMTEyWhcNMjYwNjEyMTMwMTEyWjAzMTEwLwYDVQQD
EygzZDcxZTM0NmQ1YjA0MDQ3YmNmOWZmN2FhZDA1MjU5MDhiOThjZGM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApy2PZKyNMkcDQZ0dRzs/FhbpH0F0
16YvO7KHaMMZMnnHyzs1taqqCfLgnVVv59d9341aOjoH8dQ46rX6s7jCLho9NzfQ
npaOUp5jQBn++gvDZ2FpndpNY2ivApsbI97ZggB8Rhy1Bp8Peioz4C7St+IIPv8w
KlqKvnbf5YvZidpma6pRvIQx1ciLAeiVimVrfaNq4BSZXX0HcLTLBWUGrirN1Do2
DFcBNsKtLU98Jw6HLYotb7O4LWySHq0ttGm8kKHyeNYWmB03Uc6NXfOoX7qi9hd1
ja6JGcJl2VlxGQOBdpEhIsfq6nEo6BX1I8MmwOx9NWeRtV3xs/gQwfT5VQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD1x40bVsEBHvPn/eq0FJZCLmM3EMB8GA1UdIwQY
MBaAFIIfEoXXdan1iSQ+rIRK3Fq4nZfJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2g4U2hkZDFxZldKSkQ2c2hFcmNXcmlkbDhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8xN2Q4MWQtMTczZC00NDg2LTk1NWQt
NDhlZWE4ZDVmZWYxLzEvZ2g4U2hkZDFxZldKSkQ2c2hFcmNXcmlkbDhrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi8xN2Q4MWQtMTczZC00NDg2LTk1NWQtNDhlZWE4ZDVmZWYx
LzEvZ2g4U2hkZDFxZldKSkQ2c2hFcmNXcmlkbDhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbVs1Vg3H
2rIuaTaPpDam3CIGfjGuJk2zR8qRaVkVth5/UzAUg39pouxFPqwsLlqlgZKAZ1XT
RoCms6IwYlakshsOMQX9cTiUd+UrPlvYockfI20TT8YCA3Ke6ylW85GKL2Mij1Q+
eW5K63IfGqKXCE00Yupiz75LkCqXpD8RplPKh5Kwp5ktltZL303stSfl4jDbSSba
2G5Jv2hJ2Jg75Kyi11tK2z9vBivxqzzHyt4TdQJ1X36+CvTMfY0duv3K721ySqHz
xEILrPy8i2X3d1ohizdRzU/ArLEkQYqGwNSIFmiGUBIC5P5sMOv730prEqYctuLN
Hm82pc8L1q7e8Q==
-----END CERTIFICATE-----
Generated at Thu Jun 11 22:23:39 2026 by rpki-client