Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.mft
File: gh8Shdd1qfWJJD6shErcWridl8k.mft (raw, json)
Hash identifier: HWcpRcdfvYwtt56dO7mC/99Ge3qx8bZjDPSnaiBRWb4=
Subject key identifier: 5C:3F:27:E9:D5:B8:E8:9D:4B:F8:04:CD:E1:78:62:E1:2C:60:45:9F
Authority key identifier: 82:1F:12:85:D7:75:A9:F5:89:24:3E:AC:84:4A:DC:5A:B8:9D:97:C9
Certificate issuer: /CN=821f1285d775a9f589243eac844adc5ab89d97c9
Certificate serial: 019D28F32E0ABA8C21EAE2CCF434351F9B29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gh8Shdd1qfWJJD6shErcWridl8k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.mft
Manifest number: 0D2C
Signing time: Thu 26 Mar 2026 07:01:58 +0000
Manifest this update: Thu 26 Mar 2026 07:01:58 +0000
Manifest next update: Fri 27 Mar 2026 07:01:58 +0000
Files and hashes: 1: Ken1-UyKUV7K-ivTPRx21HrB1go.roa (hash: SzlYiDowE9Ts27wto98BsM6+plGlLtF6xf2nTMUOAKI=)
2: dGmTMuCLcokZ_dpzsnFglotPhbE.roa (hash: xS9B/n1G06zo3aHFhFfNBhI/mXvOeeGrRH7j7PtD+Q0=)
3: gh8Shdd1qfWJJD6shErcWridl8k.crl (hash: yQ1ejP+i5hVw9yfnzKaUP6+cUpOqAUm73Q+2GfUgHcA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.mft
rsync://rpki.ripe.net/repository/DEFAULT/gh8Shdd1qfWJJD6shErcWridl8k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:28:f3:2e:0a:ba:8c:21:ea:e2:cc:f4:34:35:1f:9b:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=821f1285d775a9f589243eac844adc5ab89d97c9
Validity
Not Before: Mar 26 07:01:58 2026 GMT
Not After : Mar 27 07:01:58 2026 GMT
Subject: CN=5c3f27e9d5b8e89d4bf804cde17862e12c60459f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:05:86:ae:8c:dc:c1:70:fc:b0:cf:51:05:62:
54:36:06:cf:0f:9d:40:78:28:ed:05:6f:6f:35:6e:
b0:7e:61:a6:25:65:2d:b4:be:a3:be:f2:7f:98:ed:
79:85:90:7d:00:19:c3:ec:d2:7c:0a:d0:7c:c2:09:
18:f7:e0:8e:7b:57:14:4a:81:43:a2:e4:f5:d7:38:
bb:72:79:d7:c6:62:99:62:1d:24:bd:70:bd:cc:5d:
88:f5:f9:10:43:50:52:6b:29:c2:8c:d8:d3:2f:6b:
81:59:e0:13:81:28:91:c6:0f:bf:a0:b8:05:1b:0a:
b4:77:29:6f:b6:97:c9:5e:f2:c3:68:3c:82:9c:de:
0d:49:86:da:a4:d9:02:57:0a:d6:6f:d7:09:a5:16:
27:15:a8:9e:86:ac:30:81:58:2f:d7:21:35:82:cf:
66:b1:6e:6a:b1:56:c9:77:49:95:e8:dc:12:5a:a3:
88:59:6f:60:30:5b:d2:59:0f:b1:f8:71:1b:92:a2:
ee:5b:6c:84:27:28:02:58:8e:d1:90:be:0a:82:f0:
56:89:88:d0:78:a6:aa:11:9c:e1:00:35:4d:4c:b3:
72:48:29:c7:4d:3c:d5:38:0b:d1:1e:93:40:fe:8a:
ad:5d:1c:52:c7:76:ea:23:e8:00:6f:73:9d:f6:a7:
fe:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:3F:27:E9:D5:B8:E8:9D:4B:F8:04:CD:E1:78:62:E1:2C:60:45:9F
X509v3 Authority Key Identifier:
keyid:82:1F:12:85:D7:75:A9:F5:89:24:3E:AC:84:4A:DC:5A:B8:9D:97:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gh8Shdd1qfWJJD6shErcWridl8k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b4:95:54:c3:a3:33:68:f3:b3:79:e8:29:bc:44:b7:a2:9f:3b:
57:74:a6:9b:3e:d6:32:31:ed:43:30:78:23:61:42:e7:5b:2b:
4e:f9:91:b7:10:f5:3e:e0:a1:41:45:2b:6a:0b:6e:f0:3f:4a:
cd:99:65:08:e4:01:5a:9a:dc:3b:8b:7c:a0:3b:a6:54:6b:71:
57:ea:d1:8f:04:bd:e6:67:14:6a:9a:8a:48:44:19:f8:3b:31:
bb:ab:b4:9e:f1:49:22:21:31:bb:4d:11:2e:2f:d3:49:5e:69:
ad:aa:70:31:cb:f4:df:fe:cc:77:a6:37:53:e5:47:83:1e:d2:
e2:81:96:c4:5d:91:45:44:8b:d1:30:2f:3d:d3:e0:00:29:84:
5e:9d:30:92:2c:d3:65:3c:df:01:70:b6:7e:66:0f:2b:98:d0:
a0:6d:55:d8:b3:73:b8:4e:15:e4:24:73:3d:87:13:17:1f:ba:
1c:d0:3d:00:7c:97:92:7b:41:a8:b3:84:07:4f:b0:d1:d7:0e:
ee:87:ab:b0:19:90:14:6b:5e:49:21:3a:6c:cb:4b:48:e0:85:
45:c5:d5:0b:58:f4:9d:b0:69:8a:05:5b:b0:d2:35:65:0d:aa:
53:9e:bb:1a:ed:e7:89:d4:c2:66:af:a4:f2:c9:c5:b2:7a:bf:
86:d7:8d:02
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0o8y4Kuowh6uLM9DQ1H5spMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyMWYxMjg1ZDc3NWE5ZjU4OTI0M2VhYzg0NGFkYzVhYjg5
ZDk3YzkwHhcNMjYwMzI2MDcwMTU4WhcNMjYwMzI3MDcwMTU4WjAzMTEwLwYDVQQD
Eyg1YzNmMjdlOWQ1YjhlODlkNGJmODA0Y2RlMTc4NjJlMTJjNjA0NTlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2QWGrozcwXD8sM9RBWJUNgbPD51A
eCjtBW9vNW6wfmGmJWUttL6jvvJ/mO15hZB9ABnD7NJ8CtB8wgkY9+COe1cUSoFD
ouT11zi7cnnXxmKZYh0kvXC9zF2I9fkQQ1BSaynCjNjTL2uBWeATgSiRxg+/oLgF
Gwq0dylvtpfJXvLDaDyCnN4NSYbapNkCVwrWb9cJpRYnFaiehqwwgVgv1yE1gs9m
sW5qsVbJd0mV6NwSWqOIWW9gMFvSWQ+x+HEbkqLuW2yEJygCWI7RkL4KgvBWiYjQ
eKaqEZzhADVNTLNySCnHTTzVOAvRHpNA/oqtXRxSx3bqI+gAb3Od9qf+QwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFw/J+nVuOidS/gEzeF4YuEsYEWfMB8GA1UdIwQY
MBaAFIIfEoXXdan1iSQ+rIRK3Fq4nZfJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2g4U2hkZDFxZldKSkQ2c2hFcmNXcmlkbDhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8xN2Q4MWQtMTczZC00NDg2LTk1NWQt
NDhlZWE4ZDVmZWYxLzEvZ2g4U2hkZDFxZldKSkQ2c2hFcmNXcmlkbDhrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi8xN2Q4MWQtMTczZC00NDg2LTk1NWQtNDhlZWE4ZDVmZWYx
LzEvZ2g4U2hkZDFxZldKSkQ2c2hFcmNXcmlkbDhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtJVUw6Mz
aPOzeegpvES3op87V3Smmz7WMjHtQzB4I2FC51srTvmRtxD1PuChQUUragtu8D9K
zZllCOQBWprcO4t8oDumVGtxV+rRjwS95mcUapqKSEQZ+Dsxu6u0nvFJIiExu00R
Li/TSV5prapwMcv03/7Md6Y3U+VHgx7S4oGWxF2RRUSL0TAvPdPgACmEXp0wkizT
ZTzfAXC2fmYPK5jQoG1V2LNzuE4V5CRzPYcTFx+6HNA9AHyXkntBqLOEB0+w0dcO
7oersBmQFGteSSE6bMtLSOCFRcXVC1j0nbBpigVbsNI1ZQ2qU567Gu3nidTCZq+k
8snFsnq/hteNAg==
-----END CERTIFICATE-----
Generated at Thu Mar 26 10:50:26 2026 by rpki-client