Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.mft
File: gh8Shdd1qfWJJD6shErcWridl8k.mft (raw, json)
Hash identifier: z9Xl5cYUwOG9jsqTjp0S3Zhsm0AYDOBefLZjmwrQ78Y=
Subject key identifier: 03:23:20:E6:B7:18:24:3C:45:BB:27:97:88:F4:04:1A:2A:43:4B:7C
Authority key identifier: 82:1F:12:85:D7:75:A9:F5:89:24:3E:AC:84:4A:DC:5A:B8:9D:97:C9
Certificate issuer: /CN=821f1285d775a9f589243eac844adc5ab89d97c9
Certificate serial: 019E1E35378D91FD107B36D099DF5E7DE9E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gh8Shdd1qfWJJD6shErcWridl8k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.mft
Manifest number: 0DAB
Signing time: Tue 12 May 2026 22:01:04 +0000
Manifest this update: Tue 12 May 2026 22:01:04 +0000
Manifest next update: Wed 13 May 2026 22:01:04 +0000
Files and hashes: 1: Ken1-UyKUV7K-ivTPRx21HrB1go.roa (hash: SzlYiDowE9Ts27wto98BsM6+plGlLtF6xf2nTMUOAKI=)
2: dGmTMuCLcokZ_dpzsnFglotPhbE.roa (hash: xS9B/n1G06zo3aHFhFfNBhI/mXvOeeGrRH7j7PtD+Q0=)
3: gh8Shdd1qfWJJD6shErcWridl8k.crl (hash: W0hY8FJGps8iu7IKW4auuXtyGVf+2BsPTSeWudh2FRI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.mft
rsync://rpki.ripe.net/repository/DEFAULT/gh8Shdd1qfWJJD6shErcWridl8k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 22:01:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:1e:35:37:8d:91:fd:10:7b:36:d0:99:df:5e:7d:e9:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=821f1285d775a9f589243eac844adc5ab89d97c9
Validity
Not Before: May 12 22:01:04 2026 GMT
Not After : May 13 22:01:04 2026 GMT
Subject: CN=032320e6b718243c45bb279788f4041a2a434b7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:6a:ae:7c:d5:a2:05:45:29:78:c6:56:c3:55:
c5:bf:68:cb:33:44:46:32:ae:b5:d8:89:3f:a7:70:
c3:68:ac:d4:2c:da:06:db:9a:c5:eb:cc:88:75:3a:
dd:0e:f1:3e:5d:d6:05:e9:01:0d:df:c6:85:6f:eb:
c3:d8:50:68:cf:fb:60:15:12:a2:cb:8d:14:55:d4:
0b:23:92:c8:5d:33:2a:ef:26:12:95:fe:6b:d6:3f:
4c:ac:84:32:cf:1b:0b:46:e2:b3:03:c2:e2:f7:94:
1e:43:be:23:bb:6b:8d:51:d9:e9:06:06:6d:ab:b4:
e2:57:06:f3:65:13:9a:85:0e:24:d9:f6:db:16:ef:
fe:c2:5c:ca:4d:12:56:12:fe:44:de:4e:37:bb:44:
fb:0b:8c:4e:b3:ca:3c:b2:46:d1:74:fc:22:2a:7b:
f7:bf:33:0b:01:2d:aa:43:22:3d:99:fb:07:ec:5a:
80:69:1a:26:39:f2:84:a7:4f:37:9f:46:2a:a3:d3:
22:19:4e:a1:9b:ab:37:8c:a4:76:b4:b3:97:d0:46:
1f:ba:12:46:9b:8e:a3:cd:a0:f6:de:c0:b8:17:d3:
94:a0:89:a1:ed:cb:54:f9:c7:92:4c:7b:20:6e:32:
c2:7d:ff:1c:a1:a4:c6:ed:99:86:54:33:e4:4b:da:
51:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:23:20:E6:B7:18:24:3C:45:BB:27:97:88:F4:04:1A:2A:43:4B:7C
X509v3 Authority Key Identifier:
keyid:82:1F:12:85:D7:75:A9:F5:89:24:3E:AC:84:4A:DC:5A:B8:9D:97:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gh8Shdd1qfWJJD6shErcWridl8k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/17d81d-173d-4486-955d-48eea8d5fef1/1/gh8Shdd1qfWJJD6shErcWridl8k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
49:3d:c1:ee:ed:9a:5e:29:a2:1a:c3:73:3e:12:12:25:e5:3d:
cc:13:19:8d:ea:84:22:54:c2:79:97:c9:bc:2a:08:61:c6:8e:
38:dd:99:6c:33:26:77:78:cb:dc:90:5d:96:12:9f:ee:e7:09:
a9:3e:69:b8:d1:2d:e5:c3:18:d1:20:22:87:f3:a0:99:b4:7b:
89:53:07:80:84:1e:cd:13:ab:3f:eb:77:9f:be:f0:51:37:b1:
6b:db:9f:6f:80:cd:75:08:15:f5:74:56:ef:63:1e:59:ac:a6:
24:c1:03:8a:37:2e:7c:2c:7e:35:85:60:e1:89:9d:4d:fa:0a:
07:d2:a3:e5:74:1b:d4:93:8a:17:b4:25:ec:83:ac:34:2b:4a:
e4:89:b7:fe:73:43:71:ef:b4:aa:8d:97:28:88:ed:8a:c3:77:
c8:f7:0d:65:87:26:d5:26:94:b2:e2:77:d7:25:16:17:37:6a:
69:46:b2:40:6f:9d:d6:42:2d:75:dc:fd:52:7b:dc:1e:7b:e1:
1c:f7:70:7f:44:ad:00:25:2a:be:95:2e:71:fe:3a:c3:66:8b:
5d:b5:44:7a:25:cb:c9:ce:59:7a:7b:33:be:2e:a3:2f:a5:f0:
2b:48:3c:a2:57:20:81:86:83:90:bf:ef:1c:64:09:d1:82:3b:
63:b3:b0:aa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4eNTeNkf0QezbQmd9efenlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyMWYxMjg1ZDc3NWE5ZjU4OTI0M2VhYzg0NGFkYzVhYjg5
ZDk3YzkwHhcNMjYwNTEyMjIwMTA0WhcNMjYwNTEzMjIwMTA0WjAzMTEwLwYDVQQD
EygwMzIzMjBlNmI3MTgyNDNjNDViYjI3OTc4OGY0MDQxYTJhNDM0YjdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqWqufNWiBUUpeMZWw1XFv2jLM0RG
Mq612Ik/p3DDaKzULNoG25rF68yIdTrdDvE+XdYF6QEN38aFb+vD2FBoz/tgFRKi
y40UVdQLI5LIXTMq7yYSlf5r1j9MrIQyzxsLRuKzA8Li95QeQ74ju2uNUdnpBgZt
q7TiVwbzZROahQ4k2fbbFu/+wlzKTRJWEv5E3k43u0T7C4xOs8o8skbRdPwiKnv3
vzMLAS2qQyI9mfsH7FqAaRomOfKEp083n0Yqo9MiGU6hm6s3jKR2tLOX0EYfuhJG
m46jzaD23sC4F9OUoImh7ctU+ceSTHsgbjLCff8coaTG7ZmGVDPkS9pRawIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAMjIOa3GCQ8Rbsnl4j0BBoqQ0t8MB8GA1UdIwQY
MBaAFIIfEoXXdan1iSQ+rIRK3Fq4nZfJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2g4U2hkZDFxZldKSkQ2c2hFcmNXcmlkbDhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8xN2Q4MWQtMTczZC00NDg2LTk1NWQt
NDhlZWE4ZDVmZWYxLzEvZ2g4U2hkZDFxZldKSkQ2c2hFcmNXcmlkbDhrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi8xN2Q4MWQtMTczZC00NDg2LTk1NWQtNDhlZWE4ZDVmZWYx
LzEvZ2g4U2hkZDFxZldKSkQ2c2hFcmNXcmlkbDhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAST3B7u2a
XimiGsNzPhISJeU9zBMZjeqEIlTCeZfJvCoIYcaOON2ZbDMmd3jL3JBdlhKf7ucJ
qT5puNEt5cMY0SAih/OgmbR7iVMHgIQezROrP+t3n77wUTexa9ufb4DNdQgV9XRW
72MeWaymJMEDijcufCx+NYVg4YmdTfoKB9Kj5XQb1JOKF7Ql7IOsNCtK5Im3/nND
ce+0qo2XKIjtisN3yPcNZYcm1SaUsuJ31yUWFzdqaUayQG+d1kItddz9UnvcHnvh
HPdwf0StACUqvpUucf46w2aLXbVEeiXLyc5Zenszvi6jL6XwK0g8olcggYaDkL/v
HGQJ0YI7Y7Owqg==
-----END CERTIFICATE-----
Generated at Wed May 13 04:06:51 2026 by rpki-client