Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/cee572-3420-45e4-87b6-c2799753c853/1/jghAgExmgMQfIehybzgLleaelEc.mft
File: jghAgExmgMQfIehybzgLleaelEc.mft (raw, json)
Hash identifier: U+eoiYIdae1LXbriXeholhfIV8cX8NjRye5kqwG0cnA=
Subject key identifier: CD:72:95:46:C8:A7:8B:6E:AC:B7:B4:CA:4A:B5:70:66:5C:5D:CC:21
Authority key identifier: 8E:08:40:80:4C:66:80:C4:1F:21:E8:72:6F:38:0B:95:E6:9E:94:47
Certificate issuer: /CN=8e0840804c6680c41f21e8726f380b95e69e9447
Certificate serial: 019D389C2D308F8A4AC9542C645DC17F76A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jghAgExmgMQfIehybzgLleaelEc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/cee572-3420-45e4-87b6-c2799753c853/1/jghAgExmgMQfIehybzgLleaelEc.mft
Manifest number: 0DE0
Signing time: Sun 29 Mar 2026 08:00:52 +0000
Manifest this update: Sun 29 Mar 2026 08:00:52 +0000
Manifest next update: Mon 30 Mar 2026 08:00:52 +0000
Files and hashes: 1: FcDP4t2fUN_dTrYyfxsE8QW3Eyg.roa (hash: sDQcJIThGsK9Nrdf2isebfLDyVxi7JAHTUMrXx4QKTw=)
2: cjfADLaDEFlQK8qrVJ5NipbhmYQ.roa (hash: IRslVjUODdyfex5FaSaSEKWcalRpU1+utYy+dcv1SD4=)
3: jghAgExmgMQfIehybzgLleaelEc.crl (hash: OxEKwjoA6K1UT3xbprrIanAg+qdOEo/N7y3FCxsmu/A=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cf/cee572-3420-45e4-87b6-c2799753c853/1/jghAgExmgMQfIehybzgLleaelEc.crl
rsync://rpki.ripe.net/repository/DEFAULT/cf/cee572-3420-45e4-87b6-c2799753c853/1/jghAgExmgMQfIehybzgLleaelEc.mft
rsync://rpki.ripe.net/repository/DEFAULT/jghAgExmgMQfIehybzgLleaelEc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:9c:2d:30:8f:8a:4a:c9:54:2c:64:5d:c1:7f:76:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e0840804c6680c41f21e8726f380b95e69e9447
Validity
Not Before: Mar 29 08:00:52 2026 GMT
Not After : Mar 30 08:00:52 2026 GMT
Subject: CN=cd729546c8a78b6eacb7b4ca4ab570665c5dcc21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:e4:d4:7a:cb:e9:68:9a:15:9a:51:62:62:45:
67:50:12:61:55:cd:d5:30:43:4c:81:f4:67:fc:c6:
c7:6e:ab:2a:15:b1:39:90:3a:66:83:eb:59:ef:27:
03:87:97:b5:1f:5d:ae:2c:c6:9e:73:5f:9c:0e:2c:
e2:3e:21:67:95:cb:82:22:02:df:0d:c5:2d:3f:39:
fe:f4:98:7a:a7:37:a1:3d:c8:05:e1:63:51:b3:d2:
2f:e6:2d:a0:76:13:cf:f3:47:ed:b6:0c:a6:8e:30:
33:8c:86:2c:99:3f:67:c1:43:1f:3e:eb:c5:a4:d6:
6f:ab:b0:bf:ab:1e:55:50:f1:ce:fc:d6:63:c3:02:
3f:13:b5:b6:df:8f:1d:ed:d0:b6:e1:78:26:0a:dd:
c5:ab:7e:8c:c5:ea:8b:5e:cd:3b:1b:6d:44:d5:ee:
21:ec:bc:91:78:69:59:57:7e:f1:10:bd:72:6d:58:
33:b3:b5:8b:8f:c9:5d:65:ee:c5:0f:71:5c:f0:67:
69:79:35:ee:95:c5:09:22:f3:1f:25:e3:4e:1d:fc:
0b:49:67:dd:22:c4:ae:c4:d5:bc:c0:8f:19:dc:90:
7d:4a:c5:92:98:e8:2b:e0:73:a0:7f:ee:23:7d:d8:
3d:e9:63:0f:bb:22:03:74:9c:84:5b:ea:12:1f:34:
86:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:72:95:46:C8:A7:8B:6E:AC:B7:B4:CA:4A:B5:70:66:5C:5D:CC:21
X509v3 Authority Key Identifier:
keyid:8E:08:40:80:4C:66:80:C4:1F:21:E8:72:6F:38:0B:95:E6:9E:94:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jghAgExmgMQfIehybzgLleaelEc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/cee572-3420-45e4-87b6-c2799753c853/1/jghAgExmgMQfIehybzgLleaelEc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/cee572-3420-45e4-87b6-c2799753c853/1/jghAgExmgMQfIehybzgLleaelEc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
09:bc:a4:30:9c:09:06:89:25:b6:8f:61:2f:c3:e2:ea:49:c7:
ac:76:06:1f:53:f6:4c:bc:af:0e:8c:a8:ad:df:2e:78:1b:c2:
6f:ae:f5:e3:ee:11:73:22:da:1b:21:2a:37:6c:9b:d3:1b:5e:
35:28:5f:36:26:d6:e8:b4:73:78:f3:91:8d:ab:22:7f:91:e6:
96:59:3d:9d:55:ce:c5:1f:f9:ab:6c:45:d6:c0:66:84:fa:7d:
d0:cb:9f:32:01:aa:a0:c6:5f:0b:62:30:b8:69:31:b0:d4:c8:
56:dc:93:8c:ab:74:9b:b9:aa:3b:44:0c:81:3a:de:18:38:77:
a2:50:01:7b:80:11:87:9e:42:21:84:c8:67:92:f0:68:a2:0e:
f1:cc:66:d2:5c:e2:87:c8:6a:7f:06:be:9a:68:aa:49:08:7e:
74:c3:0f:08:21:5c:05:88:89:6a:ff:05:d6:ee:56:64:7b:3b:
e1:9f:b4:7a:b6:4b:4c:1a:38:39:c2:aa:ca:cb:c6:99:f5:48:
90:08:a0:36:27:e1:3e:6f:ca:a0:15:f5:89:02:10:d8:ea:28:
3c:e3:16:77:73:4f:e5:db:64:04:e7:d8:06:92:9b:f9:f4:67:
12:be:f3:3f:bf:90:31:2b:06:1f:69:84:fe:80:8a:69:0e:c2:
e8:80:af:24
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04nC0wj4pKyVQsZF3Bf3apMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlMDg0MDgwNGM2NjgwYzQxZjIxZTg3MjZmMzgwYjk1ZTY5
ZTk0NDcwHhcNMjYwMzI5MDgwMDUyWhcNMjYwMzMwMDgwMDUyWjAzMTEwLwYDVQQD
EyhjZDcyOTU0NmM4YTc4YjZlYWNiN2I0Y2E0YWI1NzA2NjVjNWRjYzIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw+TUesvpaJoVmlFiYkVnUBJhVc3V
MENMgfRn/MbHbqsqFbE5kDpmg+tZ7ycDh5e1H12uLMaec1+cDiziPiFnlcuCIgLf
DcUtPzn+9Jh6pzehPcgF4WNRs9Iv5i2gdhPP80fttgymjjAzjIYsmT9nwUMfPuvF
pNZvq7C/qx5VUPHO/NZjwwI/E7W2348d7dC24XgmCt3Fq36MxeqLXs07G21E1e4h
7LyReGlZV37xEL1ybVgzs7WLj8ldZe7FD3Fc8GdpeTXulcUJIvMfJeNOHfwLSWfd
IsSuxNW8wI8Z3JB9SsWSmOgr4HOgf+4jfdg96WMPuyIDdJyEW+oSHzSG4QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM1ylUbIp4turLe0ykq1cGZcXcwhMB8GA1UdIwQY
MBaAFI4IQIBMZoDEHyHocm84C5XmnpRHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamdoQWdFeG1nTVFmSWVoeWJ6Z0xsZWFlbEVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9jZWU1NzItMzQyMC00NWU0LTg3YjYt
YzI3OTk3NTNjODUzLzEvamdoQWdFeG1nTVFmSWVoeWJ6Z0xsZWFlbEVjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi9jZWU1NzItMzQyMC00NWU0LTg3YjYtYzI3OTk3NTNjODUz
LzEvamdoQWdFeG1nTVFmSWVoeWJ6Z0xsZWFlbEVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACbykMJwJ
Boklto9hL8Pi6knHrHYGH1P2TLyvDoyord8ueBvCb6714+4RcyLaGyEqN2yb0xte
NShfNibW6LRzePORjasif5Hmllk9nVXOxR/5q2xF1sBmhPp90MufMgGqoMZfC2Iw
uGkxsNTIVtyTjKt0m7mqO0QMgTreGDh3olABe4ARh55CIYTIZ5LwaKIO8cxm0lzi
h8hqfwa+mmiqSQh+dMMPCCFcBYiJav8F1u5WZHs74Z+0erZLTBo4OcKqysvGmfVI
kAigNifhPm/KoBX1iQIQ2OooPOMWd3NP5dtkBOfYBpKb+fRnEr7zP7+QMSsGH2mE
/oCKaQ7C6ICvJA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 13:44:02 2026 by rpki-client