Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/7bd8cf-2a61-4b74-860d-364fae7c72c4/1/CKXDq6Qht4p9XQm3W0zjvlJzyqw.mft
File: CKXDq6Qht4p9XQm3W0zjvlJzyqw.mft (raw, json)
Hash identifier: PKryM1GENVEoND7RdQrPlUjIhwWWI1vlhw8/nNfO4AI=
Subject key identifier: 40:68:DC:6A:2B:84:3A:9B:E0:32:1C:60:F7:74:AF:A1:B5:40:49:16
Authority key identifier: 08:A5:C3:AB:A4:21:B7:8A:7D:5D:09:B7:5B:4C:E3:BE:52:73:CA:AC
Certificate issuer: /CN=08a5c3aba421b78a7d5d09b75b4ce3be5273caac
Certificate serial: 019F145396AA613C4BE74F121C02ECE6B4AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CKXDq6Qht4p9XQm3W0zjvlJzyqw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/7bd8cf-2a61-4b74-860d-364fae7c72c4/1/CKXDq6Qht4p9XQm3W0zjvlJzyqw.mft
Manifest number: 198A
Signing time: Mon 29 Jun 2026 17:00:50 +0000
Manifest this update: Mon 29 Jun 2026 17:00:50 +0000
Manifest next update: Tue 30 Jun 2026 17:00:50 +0000
Files and hashes: 1: CKXDq6Qht4p9XQm3W0zjvlJzyqw.crl (hash: o7s5Yg1LgOZaXoKGa2TI3Bw/CRCJG2p7EuvmlLRn6Hk=)
2: cDoC-jSYN7u0frpLx2bXUSxluu0.roa (hash: 0c+KBOgKhiecSN5vnMV9D8GmEY0jyIF5LXtXoNSNf7w=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/7bd8cf-2a61-4b74-860d-364fae7c72c4/1/CKXDq6Qht4p9XQm3W0zjvlJzyqw.crl
rsync://rpki.ripe.net/repository/DEFAULT/53/7bd8cf-2a61-4b74-860d-364fae7c72c4/1/CKXDq6Qht4p9XQm3W0zjvlJzyqw.mft
rsync://rpki.ripe.net/repository/DEFAULT/CKXDq6Qht4p9XQm3W0zjvlJzyqw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 30 Jun 2026 14:12:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9f:14:53:96:aa:61:3c:4b:e7:4f:12:1c:02:ec:e6:b4:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08a5c3aba421b78a7d5d09b75b4ce3be5273caac
Validity
Not Before: Jun 29 17:00:50 2026 GMT
Not After : Jun 30 17:00:50 2026 GMT
Subject: CN=4068dc6a2b843a9be0321c60f774afa1b5404916
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:c7:d5:27:e8:bf:35:23:cf:d6:7d:76:83:e8:
2e:c2:76:aa:99:de:f9:78:7f:bb:e3:30:e8:d4:eb:
d5:f7:03:a5:ca:d9:d9:53:f7:68:de:4f:a0:53:f6:
37:bf:b1:80:8d:3b:f1:64:5c:95:09:ac:3c:9d:20:
bf:d6:04:a8:9f:a6:6b:f3:5e:86:fb:9a:97:f5:1b:
e6:a6:92:e1:bd:91:6c:48:ed:0e:7c:23:38:be:db:
ff:f9:4c:09:74:11:10:2c:16:2e:c9:d1:07:19:67:
06:49:76:62:0c:61:3e:14:5e:b2:1d:03:21:fa:93:
20:0e:b5:29:7f:80:c9:86:f0:b8:bf:3d:28:11:0b:
65:40:d7:d7:f3:2a:49:99:5e:93:c5:19:47:69:6c:
02:49:26:bf:1b:34:f6:e8:ec:c1:7d:89:c0:19:61:
fd:36:f4:a3:28:d5:cc:2c:ec:bb:25:fd:42:4c:ff:
b2:4a:3f:a7:32:a2:cb:97:93:bc:ac:94:da:28:17:
bf:1c:3b:fd:28:57:c1:a4:25:ae:30:dc:5a:ff:fb:
0a:7e:4a:14:6a:55:f0:a7:45:cd:3e:30:44:fd:d8:
5c:1a:e9:e2:e2:e9:03:74:4c:88:97:06:ee:65:c6:
61:ad:5b:d5:8e:ad:61:ea:6d:39:f5:6e:43:a4:5f:
63:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:68:DC:6A:2B:84:3A:9B:E0:32:1C:60:F7:74:AF:A1:B5:40:49:16
X509v3 Authority Key Identifier:
keyid:08:A5:C3:AB:A4:21:B7:8A:7D:5D:09:B7:5B:4C:E3:BE:52:73:CA:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CKXDq6Qht4p9XQm3W0zjvlJzyqw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/7bd8cf-2a61-4b74-860d-364fae7c72c4/1/CKXDq6Qht4p9XQm3W0zjvlJzyqw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/7bd8cf-2a61-4b74-860d-364fae7c72c4/1/CKXDq6Qht4p9XQm3W0zjvlJzyqw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5e:78:88:19:b0:e4:e9:9e:cf:7d:5b:17:97:98:ba:66:ef:66:
cd:48:76:1c:ca:4b:67:7b:27:f8:fe:46:76:f3:38:27:69:40:
d5:42:4d:11:e4:0b:4e:84:0c:ca:d6:d5:08:83:89:c5:a6:3a:
19:5d:1e:15:40:da:b0:c5:b5:93:cf:bd:6a:cd:c5:f3:51:db:
8c:4f:18:f7:1f:a3:28:4f:7f:07:bf:2f:ca:6b:d4:2f:c5:c2:
85:9a:32:ed:34:13:cb:b3:07:66:01:e0:83:6f:4d:17:13:0f:
d2:f3:ea:b7:38:c3:f4:e3:ef:17:5f:7b:71:fe:6d:6e:ef:df:
67:51:93:e6:5e:7f:82:e0:a4:d9:b7:a8:09:59:e1:ba:42:a4:
3a:57:9c:f4:57:65:ad:53:9e:44:2f:fb:a5:ea:8d:6b:aa:32:
6b:3e:62:22:8c:b0:d9:9d:63:7a:eb:a4:63:47:f2:a9:4b:5d:
b5:76:41:17:16:f7:34:dc:16:2c:b6:e5:2f:de:99:13:81:88:
bc:38:32:74:41:2b:26:10:ec:d1:0e:e6:1e:aa:99:d1:cf:30:
b5:f8:27:8a:6c:fd:a6:4d:ae:c2:ee:83:50:59:10:6e:e7:59:
c5:f5:28:cc:f5:4a:28:9b:08:01:a1:30:fb:38:4c:e8:ec:0d:
cf:47:09:e7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ8UU5aqYTxL508SHALs5rSvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4YTVjM2FiYTQyMWI3OGE3ZDVkMDliNzViNGNlM2JlNTI3
M2NhYWMwHhcNMjYwNjI5MTcwMDUwWhcNMjYwNjMwMTcwMDUwWjAzMTEwLwYDVQQD
Eyg0MDY4ZGM2YTJiODQzYTliZTAzMjFjNjBmNzc0YWZhMWI1NDA0OTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAssfVJ+i/NSPP1n12g+guwnaqmd75
eH+74zDo1OvV9wOlytnZU/do3k+gU/Y3v7GAjTvxZFyVCaw8nSC/1gSon6Zr816G
+5qX9RvmppLhvZFsSO0OfCM4vtv/+UwJdBEQLBYuydEHGWcGSXZiDGE+FF6yHQMh
+pMgDrUpf4DJhvC4vz0oEQtlQNfX8ypJmV6TxRlHaWwCSSa/GzT26OzBfYnAGWH9
NvSjKNXMLOy7Jf1CTP+ySj+nMqLLl5O8rJTaKBe/HDv9KFfBpCWuMNxa//sKfkoU
alXwp0XNPjBE/dhcGuni4ukDdEyIlwbuZcZhrVvVjq1h6m059W5DpF9j0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEBo3GorhDqb4DIcYPd0r6G1QEkWMB8GA1UdIwQY
MBaAFAilw6ukIbeKfV0Jt1tM475Sc8qsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0tYRHE2UWh0NHA5WFFtM1cwemp2bEp6eXF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My83YmQ4Y2YtMmE2MS00Yjc0LTg2MGQt
MzY0ZmFlN2M3MmM0LzEvQ0tYRHE2UWh0NHA5WFFtM1cwemp2bEp6eXF3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My83YmQ4Y2YtMmE2MS00Yjc0LTg2MGQtMzY0ZmFlN2M3MmM0
LzEvQ0tYRHE2UWh0NHA5WFFtM1cwemp2bEp6eXF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXniIGbDk
6Z7PfVsXl5i6Zu9mzUh2HMpLZ3sn+P5GdvM4J2lA1UJNEeQLToQMytbVCIOJxaY6
GV0eFUDasMW1k8+9as3F81HbjE8Y9x+jKE9/B78vymvUL8XChZoy7TQTy7MHZgHg
g29NFxMP0vPqtzjD9OPvF197cf5tbu/fZ1GT5l5/guCk2beoCVnhukKkOlec9Fdl
rVOeRC/7peqNa6oyaz5iIoyw2Z1jeuukY0fyqUtdtXZBFxb3NNwWLLblL96ZE4GI
vDgydEErJhDs0Q7mHqqZ0c8wtfgnimz9pk2uwu6DUFkQbudZxfUozPVKKJsIAaEw
+zhM6OwNz0cJ5w==
-----END CERTIFICATE-----
Generated at Mon Jun 29 19:43:26 2026 by rpki-client