
Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.mft
File: gh8Shdd1qfWJJD6shErcWridl8k.mft (raw, json)
Hash identifier: oHWX6lUeV6/ve92KE4T8KMxveMztwSIeX7Yn31O2hJw=
Subject key identifier: 93:A9:DE:A8:A3:9A:4F:C3:18:C0:A9:0C:25:8B:CC:53:F4:4D:86:AF
Authority key identifier: 82:1F:12:85:D7:75:A9:F5:89:24:3E:AC:84:4A:DC:5A:B8:9D:97:C9
Certificate issuer: /CN=821f1285d775a9f589243eac844adc5ab89d97c9
Certificate serial: 019EB8B484704073FA46D5030E457BD12E41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gh8Shdd1qfWJJD6shErcWridl8k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.mft
Manifest number: 0DFB
Signing time: Thu 11 Jun 2026 22:01:38 +0000
Manifest this update: Thu 11 Jun 2026 22:01:38 +0000
Manifest next update: Fri 12 Jun 2026 22:01:38 +0000
Files and hashes: 1: Ken1-UyKUV7K-ivTPRx21HrB1go.roa (hash: SzlYiDowE9Ts27wto98BsM6+plGlLtF6xf2nTMUOAKI=)
2: dGmTMuCLcokZ_dpzsnFglotPhbE.roa (hash: xS9B/n1G06zo3aHFhFfNBhI/mXvOeeGrRH7j7PtD+Q0=)
3: gh8Shdd1qfWJJD6shErcWridl8k.crl (hash: 6qEFPtTTtK84O79DOYmrPgSCJQPNZCA/58XinGG0eeM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.mft
rsync://rpki.ripe.net/repository/DEFAULT/gh8Shdd1qfWJJD6shErcWridl8k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 13:27:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:b8:b4:84:70:40:73:fa:46:d5:03:0e:45:7b:d1:2e:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=821f1285d775a9f589243eac844adc5ab89d97c9
Validity
Not Before: Jun 11 22:01:38 2026 GMT
Not After : Jun 12 22:01:38 2026 GMT
Subject: CN=93a9dea8a39a4fc318c0a90c258bcc53f44d86af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:c0:bc:93:0f:a1:1c:51:1d:32:74:99:d1:41:
12:a0:9b:3d:e2:5f:b6:35:41:c9:8d:81:22:9c:24:
21:41:53:85:44:df:82:46:fe:4a:2f:a1:61:d3:cb:
a8:77:79:d9:e1:75:b9:80:72:fc:4b:7c:6c:0d:9e:
b0:93:15:94:f1:9b:68:9e:95:02:2c:65:77:f8:00:
4e:4c:2c:07:df:43:3e:4c:d9:a6:16:7a:b9:1b:f5:
de:02:60:c5:01:29:9c:f4:a5:26:05:c8:a7:bc:c7:
57:44:fd:ac:07:0f:17:b4:32:cb:62:4b:c9:1c:fa:
b8:5c:f6:82:5c:49:b6:f5:91:6f:bb:3c:0b:21:e0:
3d:b0:f5:66:42:25:c3:e3:7a:e2:e8:2c:d6:17:41:
99:2f:bf:28:8b:34:52:df:20:3e:26:8c:02:37:39:
64:be:21:12:94:7f:2b:dd:4f:88:3c:04:94:bb:a4:
c1:1e:81:0a:1a:a7:e6:1a:0a:e8:39:dc:23:87:a0:
8a:f4:ae:14:1f:62:a7:d1:ff:c7:06:d0:fd:47:7e:
32:55:2a:4d:fb:2e:f4:17:f0:f3:fb:d8:54:0e:88:
f4:3f:65:39:be:d3:8e:07:7c:cf:5b:45:86:ac:be:
63:2d:07:04:c3:e8:88:19:7d:f8:11:40:cb:13:dd:
5d:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:A9:DE:A8:A3:9A:4F:C3:18:C0:A9:0C:25:8B:CC:53:F4:4D:86:AF
X509v3 Authority Key Identifier:
keyid:82:1F:12:85:D7:75:A9:F5:89:24:3E:AC:84:4A:DC:5A:B8:9D:97:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gh8Shdd1qfWJJD6shErcWridl8k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2d:2e:a8:48:c2:92:91:dc:08:e8:58:19:ac:a8:ea:5f:61:2f:
05:01:7c:73:a4:31:c0:84:39:5f:1c:d2:3c:f2:bd:ad:e2:6f:
c8:60:db:d6:e3:5c:e9:d3:0c:c0:26:d8:9b:b7:f9:34:01:4d:
65:bf:f4:84:30:a7:e5:8f:17:fd:10:10:a4:bf:62:70:97:46:
27:c8:fc:5b:f6:75:21:05:51:1a:11:b8:3d:f0:d6:5e:0a:78:
5d:25:87:16:ff:32:5e:11:42:a5:95:c4:04:3e:b8:d5:02:f1:
a1:b9:dd:03:a7:ea:e5:55:e2:ed:17:6e:bb:b1:d8:00:af:32:
f2:b1:bd:e3:8f:2a:18:f2:f8:74:c4:0e:d4:cf:90:d0:bf:59:
e4:ea:a2:9a:81:a1:a1:73:2f:bb:14:ed:23:8c:8b:b2:a8:2c:
5b:48:2d:01:5d:b7:12:ae:a5:77:bc:09:99:69:69:6a:ee:29:
2d:a0:0b:0d:c4:17:d9:f5:cd:8e:07:e9:45:9d:0b:c0:30:a9:
7a:26:e4:ea:4c:46:d0:68:39:a0:09:d8:49:54:81:f5:8b:85:
97:6f:a0:9e:12:fe:84:1f:39:20:0e:d2:42:81:54:07:cd:43:
82:cc:4e:78:a0:de:9c:1f:af:e2:da:cd:70:30:27:5f:9b:08:
1f:34:1e:99
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ64tIRwQHP6RtUDDkV70S5BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyMWYxMjg1ZDc3NWE5ZjU4OTI0M2VhYzg0NGFkYzVhYjg5
ZDk3YzkwHhcNMjYwNjExMjIwMTM4WhcNMjYwNjEyMjIwMTM4WjAzMTEwLwYDVQQD
Eyg5M2E5ZGVhOGEzOWE0ZmMzMThjMGE5MGMyNThiY2M1M2Y0NGQ4NmFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArMC8kw+hHFEdMnSZ0UESoJs94l+2
NUHJjYEinCQhQVOFRN+CRv5KL6Fh08uod3nZ4XW5gHL8S3xsDZ6wkxWU8ZtonpUC
LGV3+ABOTCwH30M+TNmmFnq5G/XeAmDFASmc9KUmBcinvMdXRP2sBw8XtDLLYkvJ
HPq4XPaCXEm29ZFvuzwLIeA9sPVmQiXD43ri6CzWF0GZL78oizRS3yA+JowCNzlk
viESlH8r3U+IPASUu6TBHoEKGqfmGgroOdwjh6CK9K4UH2Kn0f/HBtD9R34yVSpN
+y70F/Dz+9hUDoj0P2U5vtOOB3zPW0WGrL5jLQcEw+iIGX34EUDLE91dnQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJOp3qijmk/DGMCpDCWLzFP0TYavMB8GA1UdIwQY
MBaAFIIfEoXXdan1iSQ+rIRK3Fq4nZfJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2g4U2hkZDFxZldKSkQ2c2hFcmNXcmlkbDhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8xN2Q4MWQtMTczZC00NDg2LTk1NWQt
NDhlZWE4ZDVmZWYxLzEvZ2g4U2hkZDFxZldKSkQ2c2hFcmNXcmlkbDhrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi8xN2Q4MWQtMTczZC00NDg2LTk1NWQtNDhlZWE4ZDVmZWYx
LzEvZ2g4U2hkZDFxZldKSkQ2c2hFcmNXcmlkbDhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALS6oSMKS
kdwI6FgZrKjqX2EvBQF8c6QxwIQ5XxzSPPK9reJvyGDb1uNc6dMMwCbYm7f5NAFN
Zb/0hDCn5Y8X/RAQpL9icJdGJ8j8W/Z1IQVRGhG4PfDWXgp4XSWHFv8yXhFCpZXE
BD641QLxobndA6fq5VXi7Rduu7HYAK8y8rG9448qGPL4dMQO1M+Q0L9Z5OqimoGh
oXMvuxTtI4yLsqgsW0gtAV23Eq6ld7wJmWlpau4pLaALDcQX2fXNjgfpRZ0LwDCp
eibk6kxG0Gg5oAnYSVSB9YuFl2+gnhL+hB85IA7SQoFUB81DgsxOeKDenB+v4trN
cDAnX5sIHzQemQ==
-----END CERTIFICATE-----
Generated at Thu Jun 11 23:26:18 2026 by rpki-client