Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/991f1c-999b-4f75-b0bf-5129172b6966/1/sho_SvlKWA6557WFQqAISyHCsJs.mft
File: sho_SvlKWA6557WFQqAISyHCsJs.mft (raw, json)
Hash identifier: DKTPr1E+e1Cv41BztkI8fsSxxlZq0dFhZ/YNCeFx03E=
Subject key identifier: DB:71:70:0F:42:CF:50:12:30:8F:56:B1:A0:CE:19:A7:E2:A9:5C:FD
Authority key identifier: B2:1A:3F:4A:F9:4A:58:0E:B9:E7:B5:85:42:A0:08:4B:21:C2:B0:9B
Certificate issuer: /CN=b21a3f4af94a580eb9e7b58542a0084b21c2b09b
Certificate serial: 019D270433FC437F210605D16FAE6F94177D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sho_SvlKWA6557WFQqAISyHCsJs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/991f1c-999b-4f75-b0bf-5129172b6966/1/sho_SvlKWA6557WFQqAISyHCsJs.mft
Manifest number: 0968
Signing time: Wed 25 Mar 2026 22:01:20 +0000
Manifest this update: Wed 25 Mar 2026 22:01:20 +0000
Manifest next update: Thu 26 Mar 2026 22:01:20 +0000
Files and hashes: 1: MwiX1sWT4L9Sd2jLdKK-is1cuoU.roa (hash: oswXbOPtoGvOkQD2v1oxYSwYp3lw3uvemjQYUy0pcbU=)
2: qzh2vh62kqjCq_kquaQFKN2dkjk.roa (hash: z2SqtvBA5B+Uxlu9McSqz/3+lS4dmqsulgYELWekW6s=)
3: sho_SvlKWA6557WFQqAISyHCsJs.crl (hash: opvgvxoM+BeoDQwbGqurUMPOwUQ4E3GN3xEQebD2OdA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1a/991f1c-999b-4f75-b0bf-5129172b6966/1/sho_SvlKWA6557WFQqAISyHCsJs.crl
rsync://rpki.ripe.net/repository/DEFAULT/1a/991f1c-999b-4f75-b0bf-5129172b6966/1/sho_SvlKWA6557WFQqAISyHCsJs.mft
rsync://rpki.ripe.net/repository/DEFAULT/sho_SvlKWA6557WFQqAISyHCsJs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 22:01:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:27:04:33:fc:43:7f:21:06:05:d1:6f:ae:6f:94:17:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b21a3f4af94a580eb9e7b58542a0084b21c2b09b
Validity
Not Before: Mar 25 22:01:20 2026 GMT
Not After : Mar 26 22:01:20 2026 GMT
Subject: CN=db71700f42cf5012308f56b1a0ce19a7e2a95cfd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:da:47:3c:0a:54:b1:bc:24:96:d0:dc:9e:c4:
d6:cb:25:84:93:cf:a5:be:5e:15:c9:8a:a1:69:07:
a0:37:70:55:75:9e:a2:8c:e1:33:de:d8:9d:f4:4b:
20:52:fa:c9:ea:ec:9e:24:b4:90:18:12:f5:a4:14:
d4:18:60:50:8e:ee:ed:0a:42:22:ba:e5:a9:85:32:
10:3f:a8:a8:5a:4a:1b:b7:7d:a2:a6:31:c2:30:0b:
0b:d0:55:a5:5b:e6:78:f1:3c:f6:4e:cc:88:b1:9a:
c8:93:66:cf:dc:c9:7c:cb:62:05:51:4d:c0:5c:55:
25:d7:bc:dc:2d:47:79:2e:48:26:ee:2b:34:03:e0:
0e:fd:d7:c9:1c:a8:3e:7e:7a:30:0f:7e:5d:ce:1f:
5d:47:39:bf:15:67:42:44:b6:90:08:ae:97:f7:7a:
26:0d:51:35:aa:35:3c:5c:38:2c:01:3f:c1:38:c8:
d3:bc:da:10:a2:62:94:dc:a2:9d:ab:02:23:d2:d0:
93:41:b0:cb:87:17:be:90:3a:03:a7:cd:03:bd:52:
b3:06:90:b5:eb:65:87:a4:fd:b9:5d:a1:b2:ea:6b:
dd:a5:a1:83:3f:4b:de:1b:66:3f:c4:2a:e4:9b:3c:
13:83:d9:a8:4a:b0:f6:91:34:ec:43:16:0d:b4:02:
fa:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:71:70:0F:42:CF:50:12:30:8F:56:B1:A0:CE:19:A7:E2:A9:5C:FD
X509v3 Authority Key Identifier:
keyid:B2:1A:3F:4A:F9:4A:58:0E:B9:E7:B5:85:42:A0:08:4B:21:C2:B0:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sho_SvlKWA6557WFQqAISyHCsJs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/991f1c-999b-4f75-b0bf-5129172b6966/1/sho_SvlKWA6557WFQqAISyHCsJs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/991f1c-999b-4f75-b0bf-5129172b6966/1/sho_SvlKWA6557WFQqAISyHCsJs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
57:6c:4e:c7:3c:b7:52:89:50:88:9f:bb:ba:86:fa:4d:e4:6d:
a2:c2:6a:e1:e4:38:be:49:73:68:59:8b:4d:7c:8b:f0:c8:7f:
58:cb:8b:e8:e2:bc:bc:45:7b:05:27:c0:e9:ea:33:3a:1c:77:
dc:1d:66:b0:6e:84:9d:dc:33:73:ca:e8:54:4a:60:1a:40:db:
a8:e4:7f:b1:75:9d:5c:a8:9c:5d:fd:ba:59:85:99:e1:7e:0f:
f4:25:74:51:c0:06:9a:95:2b:e1:fc:19:f9:6a:7d:c1:d7:40:
27:a3:e8:b8:2c:ac:0e:76:7e:f2:3b:40:41:98:5d:41:11:76:
b6:3f:32:ba:1f:0b:b4:e4:db:6c:da:98:61:ef:e4:a5:6b:db:
c2:43:31:f8:81:11:b8:8e:06:b5:eb:4b:de:6a:3f:b7:4d:9c:
af:63:79:07:80:0f:22:0e:c1:e2:ca:10:2b:7c:d9:9d:31:6f:
12:24:22:ae:12:b7:3a:29:99:cd:1e:c0:45:b8:75:2c:27:ed:
94:7f:61:08:4b:ea:68:2e:b3:00:d7:a8:ae:db:e7:27:98:99:
26:27:94:31:09:0e:5e:bc:7a:f1:f6:28:43:82:6a:2b:5d:37:
9a:d5:38:4b:43:2d:cd:9b:29:49:0c:a7:fe:8f:41:cb:2d:cb:
02:1c:3c:0b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBDP8Q38hBgXRb65vlBd9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyMWEzZjRhZjk0YTU4MGViOWU3YjU4NTQyYTAwODRiMjFj
MmIwOWIwHhcNMjYwMzI1MjIwMTIwWhcNMjYwMzI2MjIwMTIwWjAzMTEwLwYDVQQD
EyhkYjcxNzAwZjQyY2Y1MDEyMzA4ZjU2YjFhMGNlMTlhN2UyYTk1Y2ZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+NpHPApUsbwkltDcnsTWyyWEk8+l
vl4VyYqhaQegN3BVdZ6ijOEz3tid9EsgUvrJ6uyeJLSQGBL1pBTUGGBQju7tCkIi
uuWphTIQP6ioWkobt32ipjHCMAsL0FWlW+Z48Tz2TsyIsZrIk2bP3Ml8y2IFUU3A
XFUl17zcLUd5Lkgm7is0A+AO/dfJHKg+fnowD35dzh9dRzm/FWdCRLaQCK6X93om
DVE1qjU8XDgsAT/BOMjTvNoQomKU3KKdqwIj0tCTQbDLhxe+kDoDp80DvVKzBpC1
62WHpP25XaGy6mvdpaGDP0veG2Y/xCrkmzwTg9moSrD2kTTsQxYNtAL6rwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNtxcA9Cz1ASMI9WsaDOGafiqVz9MB8GA1UdIwQY
MBaAFLIaP0r5SlgOuee1hUKgCEshwrCbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2hvX1N2bEtXQTY1NTdXRlFxQUlTeUhDc0pzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS85OTFmMWMtOTk5Yi00Zjc1LWIwYmYt
NTEyOTE3MmI2OTY2LzEvc2hvX1N2bEtXQTY1NTdXRlFxQUlTeUhDc0pzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS85OTFmMWMtOTk5Yi00Zjc1LWIwYmYtNTEyOTE3MmI2OTY2
LzEvc2hvX1N2bEtXQTY1NTdXRlFxQUlTeUhDc0pzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAV2xOxzy3
UolQiJ+7uob6TeRtosJq4eQ4vklzaFmLTXyL8Mh/WMuL6OK8vEV7BSfA6eozOhx3
3B1msG6Endwzc8roVEpgGkDbqOR/sXWdXKicXf26WYWZ4X4P9CV0UcAGmpUr4fwZ
+Wp9wddAJ6PouCysDnZ+8jtAQZhdQRF2tj8yuh8LtOTbbNqYYe/kpWvbwkMx+IER
uI4GtetL3mo/t02cr2N5B4APIg7B4soQK3zZnTFvEiQirhK3OimZzR7ARbh1LCft
lH9hCEvqaC6zANeortvnJ5iZJieUMQkOXrx68fYoQ4JqK103mtU4S0MtzZspSQyn
/o9Byy3LAhw8Cw==
-----END CERTIFICATE-----
Generated at Thu Mar 26 07:43:11 2026 by rpki-client