Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/5f153d-71d9-470a-ba27-971139514bb1/1/CKKX-M-hzm0_4sUmkRxGippjGNA.mft
File: CKKX-M-hzm0_4sUmkRxGippjGNA.mft (raw, json)
Hash identifier: COrdOl7rDVzA1su/p9g80J6ETTsh1Rq9ucE8Z861qvA=
Subject key identifier: 0A:F8:8F:4C:14:7D:C4:EC:B5:7A:06:A5:0D:68:C5:FA:01:5C:F6:19
Authority key identifier: 08:A2:97:F8:CF:A1:CE:6D:3F:E2:C5:26:91:1C:46:8A:9A:63:18:D0
Certificate issuer: /CN=08a297f8cfa1ce6d3fe2c526911c468a9a6318d0
Certificate serial: 019D29CDB41A267675F21ECCB5BACFAC7F00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CKKX-M-hzm0_4sUmkRxGippjGNA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/5f153d-71d9-470a-ba27-971139514bb1/1/CKKX-M-hzm0_4sUmkRxGippjGNA.mft
Manifest number: 188A
Signing time: Thu 26 Mar 2026 11:00:39 +0000
Manifest this update: Thu 26 Mar 2026 11:00:39 +0000
Manifest next update: Fri 27 Mar 2026 11:00:39 +0000
Files and hashes: 1: 5dqgcQc20DZK2fFn6bpH-A8uyQ8.roa (hash: eVKJis7Ad9o9z5jyjcFOLQfOP7WhBCGivw8hyFer3JM=)
2: CKKX-M-hzm0_4sUmkRxGippjGNA.crl (hash: uX6oy4XyTvRZcVn5SJu6Uzks3IPhe5rD23kyAeSiE00=)
3: RMuTV-vXrFsXAt5l344yDIEdodg.roa (hash: 4Y7+XsWOTPcRpIgGXMuxA5FSDFIupn4tgYoKEVmPgqU=)
4: UL14P1AhHlUZzAIOnswglPjo1V8.roa (hash: oIVyB68rjWbYMJyZsMbtBMTHDcN1LK+tN3ZZZFRb1s4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/71/5f153d-71d9-470a-ba27-971139514bb1/1/CKKX-M-hzm0_4sUmkRxGippjGNA.crl
rsync://rpki.ripe.net/repository/DEFAULT/71/5f153d-71d9-470a-ba27-971139514bb1/1/CKKX-M-hzm0_4sUmkRxGippjGNA.mft
rsync://rpki.ripe.net/repository/DEFAULT/CKKX-M-hzm0_4sUmkRxGippjGNA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:29:cd:b4:1a:26:76:75:f2:1e:cc:b5:ba:cf:ac:7f:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08a297f8cfa1ce6d3fe2c526911c468a9a6318d0
Validity
Not Before: Mar 26 11:00:39 2026 GMT
Not After : Mar 27 11:00:39 2026 GMT
Subject: CN=0af88f4c147dc4ecb57a06a50d68c5fa015cf619
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:9a:91:1f:53:c1:ef:a4:df:28:e3:b6:2f:da:
a1:2f:bb:90:98:05:fb:8e:a1:0a:36:a6:6e:0d:81:
d4:dc:b2:88:c9:40:8a:2e:d1:ff:05:b8:ea:e6:4c:
11:b4:22:88:29:11:60:c6:a1:77:ef:29:42:b3:ac:
09:b4:b6:f4:3c:d3:60:ca:6c:ed:2c:af:97:eb:ff:
82:43:ca:a3:48:39:06:ca:a3:86:9d:de:79:d2:d4:
85:3c:86:b0:df:29:09:49:13:ca:e6:56:3c:af:a8:
05:25:53:a6:00:0e:81:3d:16:27:09:01:df:0d:e3:
ee:cf:ac:f2:43:d9:6a:30:77:2d:1a:3d:4e:a7:db:
d6:0c:8e:49:7e:60:76:b5:0b:4d:59:9b:14:10:95:
88:c9:89:81:01:57:13:c2:a9:86:c2:04:eb:d5:54:
99:ff:df:c6:fe:79:6c:43:cf:2d:68:09:86:af:dd:
50:3c:85:bd:29:d8:0d:13:8b:37:f8:6c:b2:94:a8:
21:b1:4a:67:d2:04:48:36:2e:9d:ba:d8:b4:02:cd:
aa:bc:14:2d:56:a2:45:5e:76:b5:ee:8d:d2:fd:a7:
7d:72:58:72:62:aa:11:4b:1e:2f:86:df:b5:48:f4:
53:ec:9c:ce:24:d6:bb:69:38:9a:18:12:e2:78:3d:
fa:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:F8:8F:4C:14:7D:C4:EC:B5:7A:06:A5:0D:68:C5:FA:01:5C:F6:19
X509v3 Authority Key Identifier:
keyid:08:A2:97:F8:CF:A1:CE:6D:3F:E2:C5:26:91:1C:46:8A:9A:63:18:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CKKX-M-hzm0_4sUmkRxGippjGNA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/5f153d-71d9-470a-ba27-971139514bb1/1/CKKX-M-hzm0_4sUmkRxGippjGNA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/5f153d-71d9-470a-ba27-971139514bb1/1/CKKX-M-hzm0_4sUmkRxGippjGNA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
37:4a:06:e5:f0:bd:c3:61:95:ab:6b:2f:94:7b:d9:d9:5e:55:
0e:2b:69:0f:f1:bd:f7:ad:4d:be:b8:e7:b7:80:da:7a:dd:b6:
c3:e2:89:34:b4:09:9f:27:60:bc:1e:f5:17:80:20:93:48:ef:
d2:be:4f:ae:aa:ca:bb:87:4e:ed:dd:52:65:5f:79:b1:02:ac:
e1:f9:d8:74:37:a4:15:46:7f:d9:a5:63:23:40:98:1f:03:fc:
24:a9:65:72:36:8e:8b:6d:e9:af:ae:24:39:4c:2a:cd:49:54:
5d:5f:04:e9:c5:84:72:ed:55:1d:94:91:d2:58:9f:a8:7c:af:
ed:e0:f0:3a:f8:1c:f3:7e:40:53:58:2f:bb:ca:87:e5:6f:a2:
18:1b:12:b0:dc:0e:72:0d:06:82:29:bd:11:4a:93:3f:85:7e:
e1:28:09:82:17:3d:b3:67:01:e4:19:19:e5:47:ae:69:f8:44:
74:85:4d:a8:5f:e1:bc:a4:69:0f:3e:ed:3e:f3:f7:d9:50:be:
8b:2a:2d:c1:ad:1a:80:1f:8f:93:c1:18:fc:88:7a:af:61:d4:
27:70:04:2e:32:2c:67:85:4d:bf:10:e9:15:a7:ce:4b:8e:aa:
c3:82:5f:cd:ed:9c:e8:26:1a:17:75:eb:fd:34:0d:25:9d:2e:
d8:78:b6:af
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pzbQaJnZ18h7MtbrPrH8AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4YTI5N2Y4Y2ZhMWNlNmQzZmUyYzUyNjkxMWM0NjhhOWE2
MzE4ZDAwHhcNMjYwMzI2MTEwMDM5WhcNMjYwMzI3MTEwMDM5WjAzMTEwLwYDVQQD
EygwYWY4OGY0YzE0N2RjNGVjYjU3YTA2YTUwZDY4YzVmYTAxNWNmNjE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm5qRH1PB76TfKOO2L9qhL7uQmAX7
jqEKNqZuDYHU3LKIyUCKLtH/Bbjq5kwRtCKIKRFgxqF37ylCs6wJtLb0PNNgymzt
LK+X6/+CQ8qjSDkGyqOGnd550tSFPIaw3ykJSRPK5lY8r6gFJVOmAA6BPRYnCQHf
DePuz6zyQ9lqMHctGj1Op9vWDI5JfmB2tQtNWZsUEJWIyYmBAVcTwqmGwgTr1VSZ
/9/G/nlsQ88taAmGr91QPIW9KdgNE4s3+GyylKghsUpn0gRINi6duti0As2qvBQt
VqJFXna17o3S/ad9clhyYqoRSx4vht+1SPRT7JzOJNa7aTiaGBLieD36zwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAr4j0wUfcTstXoGpQ1oxfoBXPYZMB8GA1UdIwQY
MBaAFAiil/jPoc5tP+LFJpEcRoqaYxjQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0tLWC1NLWh6bTBfNHNVbWtSeEdpcHBqR05BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS81ZjE1M2QtNzFkOS00NzBhLWJhMjct
OTcxMTM5NTE0YmIxLzEvQ0tLWC1NLWh6bTBfNHNVbWtSeEdpcHBqR05BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS81ZjE1M2QtNzFkOS00NzBhLWJhMjctOTcxMTM5NTE0YmIx
LzEvQ0tLWC1NLWh6bTBfNHNVbWtSeEdpcHBqR05BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAN0oG5fC9
w2GVq2svlHvZ2V5VDitpD/G9961Nvrjnt4Daet22w+KJNLQJnydgvB71F4Agk0jv
0r5PrqrKu4dO7d1SZV95sQKs4fnYdDekFUZ/2aVjI0CYHwP8JKllcjaOi23pr64k
OUwqzUlUXV8E6cWEcu1VHZSR0lifqHyv7eDwOvgc835AU1gvu8qH5W+iGBsSsNwO
cg0Ggim9EUqTP4V+4SgJghc9s2cB5BkZ5UeuafhEdIVNqF/hvKRpDz7tPvP32VC+
iyotwa0agB+Pk8EY/Ih6r2HUJ3AELjIsZ4VNvxDpFafOS46qw4Jfze2c6CYaF3Xr
/TQNJZ0u2Hi2rw==
-----END CERTIFICATE-----
Generated at Thu Mar 26 18:31:37 2026 by rpki-client