Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/139d23-802d-4224-832e-1f8581421760/1/ChCKKMcHsOXCwubCE31Fh5EUu5I.mft
File: ChCKKMcHsOXCwubCE31Fh5EUu5I.mft (raw, json)
Hash identifier: /3TOImUKj0EPE8EyECfLXfr2lIlf92SLMm5O9AW0Op8=
Subject key identifier: 38:BF:AE:21:3B:76:A6:D7:2B:94:71:00:4B:D2:23:10:97:AE:09:90
Authority key identifier: 0A:10:8A:28:C7:07:B0:E5:C2:C2:E6:C2:13:7D:45:87:91:14:BB:92
Certificate issuer: /CN=0a108a28c707b0e5c2c2e6c2137d45879114bb92
Certificate serial: 019D382E22D4ECE214E8C2D2C958DE6DA3F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ChCKKMcHsOXCwubCE31Fh5EUu5I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/139d23-802d-4224-832e-1f8581421760/1/ChCKKMcHsOXCwubCE31Fh5EUu5I.mft
Manifest number: 0A89
Signing time: Sun 29 Mar 2026 06:00:40 +0000
Manifest this update: Sun 29 Mar 2026 06:00:40 +0000
Manifest next update: Mon 30 Mar 2026 06:00:40 +0000
Files and hashes: 1: ChCKKMcHsOXCwubCE31Fh5EUu5I.crl (hash: sQ3L9UuGAgp/FTfnn20eG4yIY46XUUFt5JLI13Poma0=)
2: Fp4UEgpqLjFgWOhGK_G7aio72NU.roa (hash: YSrfGKlIuE0FqJ0gu+vKGaGUCKaaLtU+2IoC/r0Bjwg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/49/139d23-802d-4224-832e-1f8581421760/1/ChCKKMcHsOXCwubCE31Fh5EUu5I.crl
rsync://rpki.ripe.net/repository/DEFAULT/49/139d23-802d-4224-832e-1f8581421760/1/ChCKKMcHsOXCwubCE31Fh5EUu5I.mft
rsync://rpki.ripe.net/repository/DEFAULT/ChCKKMcHsOXCwubCE31Fh5EUu5I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 06:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:2e:22:d4:ec:e2:14:e8:c2:d2:c9:58:de:6d:a3:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a108a28c707b0e5c2c2e6c2137d45879114bb92
Validity
Not Before: Mar 29 06:00:40 2026 GMT
Not After : Mar 30 06:00:40 2026 GMT
Subject: CN=38bfae213b76a6d72b9471004bd2231097ae0990
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:4b:82:12:de:05:5f:59:9d:a3:79:8e:b6:d0:
4b:2d:0a:d0:b9:8a:f6:b1:5c:0d:5f:6b:f3:a7:3f:
8e:3d:ab:a0:0b:24:04:22:fd:f3:f5:a8:1d:5f:e4:
72:ea:3b:6a:91:1d:44:17:6c:33:a0:d8:03:73:6a:
aa:50:3d:00:46:89:a5:c1:f9:c9:c7:ff:77:38:d6:
4d:b8:0d:df:32:0e:b8:b8:b2:f1:2f:7e:12:ef:2a:
15:28:7f:33:7c:ff:9c:b8:e6:55:19:8b:42:59:be:
0b:c4:f1:90:b9:f4:79:29:6a:08:22:cc:a8:c8:be:
19:6d:86:bf:73:ed:de:1c:2d:3c:e9:d5:ce:ee:d0:
f2:8e:4f:62:91:87:b4:d9:18:8b:9b:d0:4d:74:a1:
9c:5b:0c:d3:52:1c:d2:3f:d9:47:5d:4e:4c:21:fe:
66:52:89:dc:ed:21:29:32:0e:32:2b:c1:47:91:1c:
ab:a7:2f:3a:7f:1c:c5:b1:2b:37:47:9e:62:7f:b4:
64:d7:f1:fc:5a:a6:45:fc:df:20:dd:51:15:55:2e:
65:9c:5e:f5:dd:8e:f6:b8:95:45:91:17:23:bd:83:
b8:c9:32:5d:2c:c6:0d:2e:4a:17:e1:e2:33:01:45:
db:98:ee:d6:3f:03:bf:de:54:5e:21:00:94:c8:9d:
f0:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:BF:AE:21:3B:76:A6:D7:2B:94:71:00:4B:D2:23:10:97:AE:09:90
X509v3 Authority Key Identifier:
keyid:0A:10:8A:28:C7:07:B0:E5:C2:C2:E6:C2:13:7D:45:87:91:14:BB:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ChCKKMcHsOXCwubCE31Fh5EUu5I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/139d23-802d-4224-832e-1f8581421760/1/ChCKKMcHsOXCwubCE31Fh5EUu5I.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/139d23-802d-4224-832e-1f8581421760/1/ChCKKMcHsOXCwubCE31Fh5EUu5I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
38:56:5f:c9:51:16:ba:c5:6e:d4:0b:b2:61:6c:67:44:09:ce:
98:4a:20:db:0b:9c:3a:75:3b:5b:c3:3c:00:a2:83:55:17:b1:
ce:00:5a:22:8e:82:f5:78:a6:69:09:a1:db:bd:e3:94:8e:8e:
cc:db:17:ab:df:2a:9b:bf:eb:e0:7c:32:86:96:76:ec:fe:57:
39:73:2e:82:ba:96:83:72:62:83:51:e2:7c:52:cc:64:dc:57:
46:88:34:20:d9:0c:9a:32:9b:a0:c9:70:38:60:d1:ee:88:da:
26:63:e2:71:5d:97:a9:d9:25:29:96:09:5b:ec:97:59:a4:f7:
ba:d5:f4:ea:44:11:e3:e9:53:71:65:d6:10:53:4b:30:19:28:
a9:08:78:bd:5b:c1:1b:39:ec:2d:5d:68:0c:21:a6:2c:7e:9e:
c9:90:0b:20:93:11:d8:dc:1a:2e:d2:f1:9f:f1:d6:11:f8:cc:
c7:a9:04:6a:8f:0f:e3:44:63:a7:01:54:f7:47:bd:95:24:66:
44:42:c5:0e:3c:cc:e1:cb:da:68:c0:cc:62:d8:da:ad:75:ff:
30:d0:9f:97:31:e5:29:4d:7f:1f:d6:2d:9c:97:c6:51:85:eb:
3a:e7:7f:0f:94:80:f3:07:64:0e:86:7d:26:3e:c4:5b:20:39:
02:2e:19:b5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04LiLU7OIU6MLSyVjebaP1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhMTA4YTI4YzcwN2IwZTVjMmMyZTZjMjEzN2Q0NTg3OTEx
NGJiOTIwHhcNMjYwMzI5MDYwMDQwWhcNMjYwMzMwMDYwMDQwWjAzMTEwLwYDVQQD
EygzOGJmYWUyMTNiNzZhNmQ3MmI5NDcxMDA0YmQyMjMxMDk3YWUwOTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlUuCEt4FX1mdo3mOttBLLQrQuYr2
sVwNX2vzpz+OPaugCyQEIv3z9agdX+Ry6jtqkR1EF2wzoNgDc2qqUD0ARomlwfnJ
x/93ONZNuA3fMg64uLLxL34S7yoVKH8zfP+cuOZVGYtCWb4LxPGQufR5KWoIIsyo
yL4ZbYa/c+3eHC086dXO7tDyjk9ikYe02RiLm9BNdKGcWwzTUhzSP9lHXU5MIf5m
Uonc7SEpMg4yK8FHkRyrpy86fxzFsSs3R55if7Rk1/H8WqZF/N8g3VEVVS5lnF71
3Y72uJVFkRcjvYO4yTJdLMYNLkoX4eIzAUXbmO7WPwO/3lReIQCUyJ3wbQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDi/riE7dqbXK5RxAEvSIxCXrgmQMB8GA1UdIwQY
MBaAFAoQiijHB7DlwsLmwhN9RYeRFLuSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2hDS0tNY0hzT1hDd3ViQ0UzMUZoNUVVdTVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS8xMzlkMjMtODAyZC00MjI0LTgzMmUt
MWY4NTgxNDIxNzYwLzEvQ2hDS0tNY0hzT1hDd3ViQ0UzMUZoNUVVdTVJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS8xMzlkMjMtODAyZC00MjI0LTgzMmUtMWY4NTgxNDIxNzYw
LzEvQ2hDS0tNY0hzT1hDd3ViQ0UzMUZoNUVVdTVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOFZfyVEW
usVu1AuyYWxnRAnOmEog2wucOnU7W8M8AKKDVRexzgBaIo6C9XimaQmh273jlI6O
zNsXq98qm7/r4HwyhpZ27P5XOXMugrqWg3Jig1HifFLMZNxXRog0INkMmjKboMlw
OGDR7ojaJmPicV2XqdklKZYJW+yXWaT3utX06kQR4+lTcWXWEFNLMBkoqQh4vVvB
GznsLV1oDCGmLH6eyZALIJMR2NwaLtLxn/HWEfjMx6kEao8P40RjpwFU90e9lSRm
RELFDjzM4cvaaMDMYtjarXX/MNCflzHlKU1/H9YtnJfGUYXrOud/D5SA8wdkDoZ9
Jj7EWyA5Ai4ZtQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 13:49:01 2026 by rpki-client