Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.mft
File: gh8Shdd1qfWJJD6shErcWridl8k.mft (raw, json)
Hash identifier: TBvgsiYeu5AInDx/pOLIb5hpDJj/lM4XjpGj9154AOY=
Subject key identifier: 75:D0:B8:43:90:B0:08:BB:57:0B:1E:9F:9F:05:3F:44:CC:16:58:DE
Authority key identifier: 82:1F:12:85:D7:75:A9:F5:89:24:3E:AC:84:4A:DC:5A:B8:9D:97:C9
Certificate issuer: /CN=821f1285d775a9f589243eac844adc5ab89d97c9
Certificate serial: 019D3865CB34C47DE0E76234057A4C9585C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gh8Shdd1qfWJJD6shErcWridl8k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.mft
Manifest number: 0D34
Signing time: Sun 29 Mar 2026 07:01:28 +0000
Manifest this update: Sun 29 Mar 2026 07:01:28 +0000
Manifest next update: Mon 30 Mar 2026 07:01:28 +0000
Files and hashes: 1: Ken1-UyKUV7K-ivTPRx21HrB1go.roa (hash: SzlYiDowE9Ts27wto98BsM6+plGlLtF6xf2nTMUOAKI=)
2: dGmTMuCLcokZ_dpzsnFglotPhbE.roa (hash: xS9B/n1G06zo3aHFhFfNBhI/mXvOeeGrRH7j7PtD+Q0=)
3: gh8Shdd1qfWJJD6shErcWridl8k.crl (hash: tcLn1albpEde/A4fajlxcWSxGUdYiDE/7LzzRrVGI4Q=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.mft
rsync://rpki.ripe.net/repository/DEFAULT/gh8Shdd1qfWJJD6shErcWridl8k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:65:cb:34:c4:7d:e0:e7:62:34:05:7a:4c:95:85:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=821f1285d775a9f589243eac844adc5ab89d97c9
Validity
Not Before: Mar 29 07:01:28 2026 GMT
Not After : Mar 30 07:01:28 2026 GMT
Subject: CN=75d0b84390b008bb570b1e9f9f053f44cc1658de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:90:c8:23:ae:89:06:61:ab:b9:8e:f6:7d:75:
5b:e6:1d:81:72:af:d9:53:8e:53:2f:c7:0b:5b:7c:
0e:99:2f:78:95:63:81:c2:31:57:c2:d4:d2:5f:ae:
0b:d0:12:3b:8b:0c:ae:11:84:e2:a7:af:a4:71:c9:
4d:73:fc:a0:d7:97:58:15:34:f5:5b:27:ef:0d:d9:
a0:a3:59:83:08:ee:46:e6:5a:96:3b:3e:a2:7b:31:
e4:94:e4:c4:66:b2:80:97:93:5e:65:8d:48:63:44:
9a:b3:dd:b9:99:6e:ab:31:63:30:51:ac:0a:e5:7a:
a0:09:6f:d0:b9:f9:71:8d:cb:f5:84:a5:1a:15:a2:
7d:d9:14:10:1c:ae:5d:56:0c:3d:2c:f5:1e:a0:83:
5f:4e:fe:c0:77:08:b9:e8:40:ea:fc:b3:cf:24:ae:
70:f7:62:8c:cd:37:05:19:61:5b:69:73:40:6a:c6:
7c:f6:fe:23:6d:3e:63:5f:27:4d:8a:6f:b3:c0:cc:
38:23:26:7f:fb:66:1d:94:85:b2:91:9a:e8:d5:a3:
42:df:34:a5:99:bb:57:3f:0d:1d:15:01:34:03:e4:
c5:d4:cd:75:b9:13:8b:bf:4a:bc:02:be:85:d0:a6:
49:d2:0e:4b:d3:7d:8a:1b:5b:ba:a3:43:a0:c4:30:
e0:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:D0:B8:43:90:B0:08:BB:57:0B:1E:9F:9F:05:3F:44:CC:16:58:DE
X509v3 Authority Key Identifier:
keyid:82:1F:12:85:D7:75:A9:F5:89:24:3E:AC:84:4A:DC:5A:B8:9D:97:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gh8Shdd1qfWJJD6shErcWridl8k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
43:e3:9a:8d:75:bf:47:06:22:4e:aa:65:01:c3:93:9f:5a:ac:
fd:81:b8:a3:5f:6f:14:23:61:2c:76:f1:be:0b:06:6a:0b:31:
4f:2a:b8:1b:26:14:ef:dd:76:e5:cc:1b:a8:eb:ae:38:24:c7:
06:41:d8:0f:54:58:7c:1e:17:3d:a5:a0:9e:69:1f:58:fb:01:
56:97:01:10:24:7a:89:03:69:0b:1a:e2:a9:ba:6e:f7:a2:d8:
c7:f1:c9:24:cf:df:83:f7:71:3a:15:5d:4f:52:b7:95:19:b5:
b3:25:34:c3:08:7f:de:cc:dc:76:d0:5a:56:5e:5a:3f:b1:a6:
44:f2:95:bf:48:56:28:66:4d:f9:25:25:b7:56:ca:88:bc:0e:
24:d8:9e:50:29:85:c1:0d:66:88:81:c2:2c:16:d5:0d:34:b6:
5d:4f:8b:5c:e2:f9:66:7c:66:c8:21:aa:28:ca:4f:da:d7:84:
0f:94:a7:44:f7:28:a4:28:0d:b0:f7:af:20:8f:91:62:f2:6c:
10:d6:be:ed:95:73:87:fc:1d:07:18:f0:c6:a0:3b:06:ec:55:
76:e8:91:53:c1:bc:ba:2f:24:f1:75:6c:12:f0:f4:c1:25:fc:
3b:34:b3:27:14:60:64:f1:90:a0:12:b4:60:8c:d6:a9:55:b7:
4f:d1:c3:9e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04Zcs0xH3g52I0BXpMlYXHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyMWYxMjg1ZDc3NWE5ZjU4OTI0M2VhYzg0NGFkYzVhYjg5
ZDk3YzkwHhcNMjYwMzI5MDcwMTI4WhcNMjYwMzMwMDcwMTI4WjAzMTEwLwYDVQQD
Eyg3NWQwYjg0MzkwYjAwOGJiNTcwYjFlOWY5ZjA1M2Y0NGNjMTY1OGRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz5DII66JBmGruY72fXVb5h2Bcq/Z
U45TL8cLW3wOmS94lWOBwjFXwtTSX64L0BI7iwyuEYTip6+kcclNc/yg15dYFTT1
WyfvDdmgo1mDCO5G5lqWOz6iezHklOTEZrKAl5NeZY1IY0Sas925mW6rMWMwUawK
5XqgCW/Quflxjcv1hKUaFaJ92RQQHK5dVgw9LPUeoINfTv7Adwi56EDq/LPPJK5w
92KMzTcFGWFbaXNAasZ89v4jbT5jXydNim+zwMw4IyZ/+2YdlIWykZro1aNC3zSl
mbtXPw0dFQE0A+TF1M11uROLv0q8Ar6F0KZJ0g5L032KG1u6o0OgxDDgMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHXQuEOQsAi7Vwsen58FP0TMFljeMB8GA1UdIwQY
MBaAFIIfEoXXdan1iSQ+rIRK3Fq4nZfJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2g4U2hkZDFxZldKSkQ2c2hFcmNXcmlkbDhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8xN2Q4MWQtMTczZC00NDg2LTk1NWQt
NDhlZWE4ZDVmZWYxLzEvZ2g4U2hkZDFxZldKSkQ2c2hFcmNXcmlkbDhrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi8xN2Q4MWQtMTczZC00NDg2LTk1NWQtNDhlZWE4ZDVmZWYx
LzEvZ2g4U2hkZDFxZldKSkQ2c2hFcmNXcmlkbDhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQ+OajXW/
RwYiTqplAcOTn1qs/YG4o19vFCNhLHbxvgsGagsxTyq4GyYU79125cwbqOuuOCTH
BkHYD1RYfB4XPaWgnmkfWPsBVpcBECR6iQNpCxriqbpu96LYx/HJJM/fg/dxOhVd
T1K3lRm1syU0wwh/3szcdtBaVl5aP7GmRPKVv0hWKGZN+SUlt1bKiLwOJNieUCmF
wQ1miIHCLBbVDTS2XU+LXOL5ZnxmyCGqKMpP2teED5SnRPcopCgNsPevII+RYvJs
ENa+7ZVzh/wdBxjwxqA7BuxVduiRU8G8ui8k8XVsEvD0wSX8OzSzJxRgZPGQoBK0
YIzWqVW3T9HDng==
-----END CERTIFICATE-----
Generated at Sun Mar 29 14:03:30 2026 by rpki-client