Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/7bd8cf-2a61-4b74-860d-364fae7c72c4/1/CKXDq6Qht4p9XQm3W0zjvlJzyqw.mft
File: CKXDq6Qht4p9XQm3W0zjvlJzyqw.mft (raw, json)
Hash identifier: hDH0SZ7vFkvTGcRV5fS0b0EUntB3qwJVrm+QUPEHjKY=
Subject key identifier: 62:7A:D8:E0:3C:72:9D:B6:11:CE:4C:22:F5:65:2A:6E:A3:4A:CE:5B
Authority key identifier: 08:A5:C3:AB:A4:21:B7:8A:7D:5D:09:B7:5B:4C:E3:BE:52:73:CA:AC
Certificate issuer: /CN=08a5c3aba421b78a7d5d09b75b4ce3be5273caac
Certificate serial: 019D39415F9629C982075FEC75FB02760350
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CKXDq6Qht4p9XQm3W0zjvlJzyqw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/7bd8cf-2a61-4b74-860d-364fae7c72c4/1/CKXDq6Qht4p9XQm3W0zjvlJzyqw.mft
Manifest number: 1894
Signing time: Sun 29 Mar 2026 11:01:18 +0000
Manifest this update: Sun 29 Mar 2026 11:01:18 +0000
Manifest next update: Mon 30 Mar 2026 11:01:18 +0000
Files and hashes: 1: CKXDq6Qht4p9XQm3W0zjvlJzyqw.crl (hash: AAaGmraSxGxnZBtUReBjdnDszehJeM9c6ufzjgKJR9c=)
2: cDoC-jSYN7u0frpLx2bXUSxluu0.roa (hash: 0c+KBOgKhiecSN5vnMV9D8GmEY0jyIF5LXtXoNSNf7w=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/7bd8cf-2a61-4b74-860d-364fae7c72c4/1/CKXDq6Qht4p9XQm3W0zjvlJzyqw.crl
rsync://rpki.ripe.net/repository/DEFAULT/53/7bd8cf-2a61-4b74-860d-364fae7c72c4/1/CKXDq6Qht4p9XQm3W0zjvlJzyqw.mft
rsync://rpki.ripe.net/repository/DEFAULT/CKXDq6Qht4p9XQm3W0zjvlJzyqw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:41:5f:96:29:c9:82:07:5f:ec:75:fb:02:76:03:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08a5c3aba421b78a7d5d09b75b4ce3be5273caac
Validity
Not Before: Mar 29 11:01:18 2026 GMT
Not After : Mar 30 11:01:18 2026 GMT
Subject: CN=627ad8e03c729db611ce4c22f5652a6ea34ace5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:6c:df:63:73:47:04:66:02:14:1d:93:f7:d0:
f3:dd:07:a7:6b:08:92:81:30:20:88:87:de:d7:88:
66:ed:d9:cd:88:fa:05:4e:dc:55:db:39:06:c6:59:
98:3f:b7:90:a1:12:e6:0b:9e:d1:97:3d:04:70:ff:
9d:08:41:04:45:c8:01:3b:d0:ac:30:0b:4a:74:bd:
28:f0:05:a2:e5:49:71:bd:4a:c9:33:43:0b:91:1b:
97:9b:f9:60:92:5d:09:d3:98:40:ea:8c:e8:2e:ff:
f2:c7:65:a5:df:70:1c:ca:0e:b1:16:9a:9f:32:fd:
62:32:00:e9:38:57:be:2e:ea:02:ee:bf:7c:4a:c7:
6b:fc:af:53:6f:92:fa:fa:d6:db:6f:23:16:31:c9:
27:fd:e6:64:44:0c:56:33:78:5f:26:b9:27:70:66:
86:b6:04:86:0e:87:ae:1a:73:dd:4c:83:32:3b:18:
cb:a2:37:21:e7:9f:d1:ea:31:dc:e5:75:19:61:b3:
6c:d1:24:b9:af:37:65:a7:25:e9:c6:d9:f1:5f:36:
57:07:53:4f:1b:9f:6b:c5:9a:ac:95:9a:30:4e:a7:
b8:56:a0:9e:ab:6c:40:c3:99:f2:04:d1:39:b4:11:
26:a2:ef:f2:33:62:91:ae:83:96:2d:a2:d4:66:cc:
f5:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:7A:D8:E0:3C:72:9D:B6:11:CE:4C:22:F5:65:2A:6E:A3:4A:CE:5B
X509v3 Authority Key Identifier:
keyid:08:A5:C3:AB:A4:21:B7:8A:7D:5D:09:B7:5B:4C:E3:BE:52:73:CA:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CKXDq6Qht4p9XQm3W0zjvlJzyqw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/7bd8cf-2a61-4b74-860d-364fae7c72c4/1/CKXDq6Qht4p9XQm3W0zjvlJzyqw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/7bd8cf-2a61-4b74-860d-364fae7c72c4/1/CKXDq6Qht4p9XQm3W0zjvlJzyqw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a2:24:27:88:ca:45:51:92:69:c0:d5:30:2b:21:5b:59:ff:6b:
a1:76:38:dd:3c:40:b2:53:24:e7:03:82:df:4d:7c:b3:9d:e0:
7a:35:b5:85:15:2e:68:3d:4f:60:44:6d:92:7f:c4:9d:98:5b:
c9:51:2a:73:27:76:c3:dd:c6:28:98:d0:81:09:ec:5a:7a:87:
69:40:30:e4:6e:d7:32:b9:ee:7b:db:26:89:38:1e:19:56:70:
28:b8:af:06:1d:e1:57:c4:1f:8e:ce:ed:10:02:ec:81:af:1d:
77:4c:c5:57:1a:54:c6:c8:48:2a:d4:e8:36:a9:79:95:16:07:
44:12:0e:d0:80:cb:70:3e:c3:49:24:7c:ff:3f:53:e4:28:ad:
be:60:ac:e0:3b:94:de:22:8b:53:80:ff:47:62:6a:d9:80:6a:
56:2e:d4:33:c0:b5:10:63:ea:8f:4b:e8:3b:9d:32:5a:64:62:
f1:5b:c3:db:9c:5d:ed:74:5c:55:bb:52:f6:b4:3d:68:a5:e9:
51:26:e4:55:2f:34:90:00:2e:79:a6:c3:bb:4a:32:bf:53:63:
24:70:78:7e:ae:bc:1f:c1:52:25:c9:46:7e:58:c3:6f:73:e4:
61:81:0b:98:f3:1b:3e:13:f4:d2:35:b3:60:e5:ab:08:17:80:
b2:90:0c:2c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05QV+WKcmCB1/sdfsCdgNQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4YTVjM2FiYTQyMWI3OGE3ZDVkMDliNzViNGNlM2JlNTI3
M2NhYWMwHhcNMjYwMzI5MTEwMTE4WhcNMjYwMzMwMTEwMTE4WjAzMTEwLwYDVQQD
Eyg2MjdhZDhlMDNjNzI5ZGI2MTFjZTRjMjJmNTY1MmE2ZWEzNGFjZTViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2zfY3NHBGYCFB2T99Dz3QenawiS
gTAgiIfe14hm7dnNiPoFTtxV2zkGxlmYP7eQoRLmC57Rlz0EcP+dCEEERcgBO9Cs
MAtKdL0o8AWi5UlxvUrJM0MLkRuXm/lgkl0J05hA6ozoLv/yx2Wl33Acyg6xFpqf
Mv1iMgDpOFe+LuoC7r98Ssdr/K9Tb5L6+tbbbyMWMckn/eZkRAxWM3hfJrkncGaG
tgSGDoeuGnPdTIMyOxjLojch55/R6jHc5XUZYbNs0SS5rzdlpyXpxtnxXzZXB1NP
G59rxZqslZowTqe4VqCeq2xAw5nyBNE5tBEmou/yM2KRroOWLaLUZsz1hQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGJ62OA8cp22Ec5MIvVlKm6jSs5bMB8GA1UdIwQY
MBaAFAilw6ukIbeKfV0Jt1tM475Sc8qsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0tYRHE2UWh0NHA5WFFtM1cwemp2bEp6eXF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My83YmQ4Y2YtMmE2MS00Yjc0LTg2MGQt
MzY0ZmFlN2M3MmM0LzEvQ0tYRHE2UWh0NHA5WFFtM1cwemp2bEp6eXF3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My83YmQ4Y2YtMmE2MS00Yjc0LTg2MGQtMzY0ZmFlN2M3MmM0
LzEvQ0tYRHE2UWh0NHA5WFFtM1cwemp2bEp6eXF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoiQniMpF
UZJpwNUwKyFbWf9roXY43TxAslMk5wOC3018s53gejW1hRUuaD1PYERtkn/EnZhb
yVEqcyd2w93GKJjQgQnsWnqHaUAw5G7XMrnue9smiTgeGVZwKLivBh3hV8Qfjs7t
EALsga8dd0zFVxpUxshIKtToNql5lRYHRBIO0IDLcD7DSSR8/z9T5CitvmCs4DuU
3iKLU4D/R2Jq2YBqVi7UM8C1EGPqj0voO50yWmRi8VvD25xd7XRcVbtS9rQ9aKXp
USbkVS80kAAueabDu0oyv1NjJHB4fq68H8FSJclGfljDb3PkYYELmPMbPhP00jWz
YOWrCBeAspAMLA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:53:03 2026 by rpki-client