Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/7dde44-d7b5-48da-bc68-2c5bac35c344/1/CKkhe9gwYnyz5lfAuQY8giNN28s.mft
File: CKkhe9gwYnyz5lfAuQY8giNN28s.mft (raw, json)
Hash identifier: 8lGpDh6Jsg6H3XBTv6SmnizQc6ffeNmjrVi3OGZYPSU=
Subject key identifier: AD:ED:06:D0:55:1E:25:77:84:1F:6E:48:4C:DD:1F:26:32:71:31:24
Authority key identifier: 08:A9:21:7B:D8:30:62:7C:B3:E6:57:C0:B9:06:3C:82:23:4D:DB:CB
Certificate issuer: /CN=08a9217bd830627cb3e657c0b9063c82234ddbcb
Certificate serial: 019D25843D4C3EA47DC33186796BE1268E69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CKkhe9gwYnyz5lfAuQY8giNN28s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/7dde44-d7b5-48da-bc68-2c5bac35c344/1/CKkhe9gwYnyz5lfAuQY8giNN28s.mft
Manifest number: 1889
Signing time: Wed 25 Mar 2026 15:01:56 +0000
Manifest this update: Wed 25 Mar 2026 15:01:56 +0000
Manifest next update: Thu 26 Mar 2026 15:01:56 +0000
Files and hashes: 1: CKkhe9gwYnyz5lfAuQY8giNN28s.crl (hash: z3mKXAPe9cGF5evQfGnLH4GsjDz3IdfV0I5Ln1xUsXg=)
2: r2staIGPnAB2fC8C0axIG4AKOBk.roa (hash: uFZHYgrj8p1JmsefAGSYoXv3EhDU7aOqOew1OyVD1rc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/7dde44-d7b5-48da-bc68-2c5bac35c344/1/CKkhe9gwYnyz5lfAuQY8giNN28s.crl
rsync://rpki.ripe.net/repository/DEFAULT/90/7dde44-d7b5-48da-bc68-2c5bac35c344/1/CKkhe9gwYnyz5lfAuQY8giNN28s.mft
rsync://rpki.ripe.net/repository/DEFAULT/CKkhe9gwYnyz5lfAuQY8giNN28s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:01:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:25:84:3d:4c:3e:a4:7d:c3:31:86:79:6b:e1:26:8e:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08a9217bd830627cb3e657c0b9063c82234ddbcb
Validity
Not Before: Mar 25 15:01:56 2026 GMT
Not After : Mar 26 15:01:56 2026 GMT
Subject: CN=aded06d0551e2577841f6e484cdd1f2632713124
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:b0:43:e2:f4:c2:ce:40:9a:35:6e:ff:db:09:
0e:22:44:ab:3f:b6:a2:be:a4:4d:5d:f0:4f:77:94:
bb:ab:cd:d0:90:b8:33:fe:83:13:ac:52:fe:3b:f1:
96:0e:90:d3:74:0c:d6:75:d9:0a:86:4c:79:72:87:
30:74:38:90:53:87:2e:a6:81:f3:82:5c:5b:91:08:
39:8c:8d:6b:c5:5e:5f:18:8d:1c:24:f3:04:89:78:
53:7d:61:fe:fa:d4:5b:2e:df:10:11:63:58:9f:d6:
14:3a:20:2e:f8:5c:81:5e:b4:35:72:2f:d6:15:51:
16:82:b5:e6:fd:16:22:b6:1a:b1:66:77:44:55:ff:
35:69:b1:f1:11:44:ce:6f:78:54:79:28:aa:a0:03:
de:08:4c:8c:b2:fc:6f:3d:50:d3:75:6d:48:70:6a:
64:6f:c1:b4:b7:44:e2:42:3b:d8:e4:67:e4:07:37:
27:d5:e6:e6:7f:14:3f:10:6f:59:59:3c:21:2a:e0:
19:b1:41:5f:50:38:85:b8:bb:1b:de:3d:04:57:2a:
d9:46:8f:65:ec:14:af:fc:ea:e1:2a:1b:37:b4:c7:
e5:11:4e:c8:d1:7c:03:86:a8:4d:17:53:c8:e4:c9:
ac:47:f0:4c:0c:9a:fd:7a:b7:6f:1c:3e:91:53:73:
63:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:ED:06:D0:55:1E:25:77:84:1F:6E:48:4C:DD:1F:26:32:71:31:24
X509v3 Authority Key Identifier:
keyid:08:A9:21:7B:D8:30:62:7C:B3:E6:57:C0:B9:06:3C:82:23:4D:DB:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CKkhe9gwYnyz5lfAuQY8giNN28s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/7dde44-d7b5-48da-bc68-2c5bac35c344/1/CKkhe9gwYnyz5lfAuQY8giNN28s.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/7dde44-d7b5-48da-bc68-2c5bac35c344/1/CKkhe9gwYnyz5lfAuQY8giNN28s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
52:29:8d:79:b2:b4:a7:8e:f1:11:96:ae:b9:e2:44:17:70:95:
12:5d:a2:5a:e6:75:30:0d:93:51:1a:58:0d:de:5d:ce:5f:fb:
c3:87:2e:4f:30:91:2a:62:c5:f1:6a:0d:69:47:8a:54:26:04:
3f:46:e8:3e:3f:b0:cc:98:e2:b7:a7:24:a5:78:1e:6e:e4:dd:
e2:e3:47:5c:6e:08:da:5e:f2:f6:92:b8:1d:fd:2d:15:a2:0b:
b8:e8:ad:97:a3:87:8c:e1:ba:a7:6d:eb:ac:4f:b8:a8:6a:51:
d4:75:26:a2:4a:f6:3a:6e:72:84:b4:c4:df:56:0b:7c:d7:68:
71:c1:b1:e2:12:9d:97:58:32:55:e9:ec:d7:8b:97:fd:df:c3:
a8:4b:b0:26:4e:e9:4c:f9:69:f6:a6:79:0d:0f:dc:f6:b7:e4:
fa:19:2c:6e:01:79:87:ec:d6:31:95:bc:65:19:71:31:04:96:
07:92:31:56:75:1e:f9:5f:1f:ed:61:91:2b:ee:4a:4d:6f:a7:
2b:0c:22:2d:b1:9a:e9:89:f3:54:68:57:5a:45:46:c2:4a:f6:
65:85:6d:69:d5:82:3e:77:ec:cc:a1:3e:82:c9:f8:23:01:de:
ed:32:5d:76:8f:21:21:b1:a2:e1:35:6a:ee:89:a9:ba:95:d1:
cd:b7:37:ba
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0lhD1MPqR9wzGGeWvhJo5pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4YTkyMTdiZDgzMDYyN2NiM2U2NTdjMGI5MDYzYzgyMjM0
ZGRiY2IwHhcNMjYwMzI1MTUwMTU2WhcNMjYwMzI2MTUwMTU2WjAzMTEwLwYDVQQD
EyhhZGVkMDZkMDU1MWUyNTc3ODQxZjZlNDg0Y2RkMWYyNjMyNzEzMTI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwrBD4vTCzkCaNW7/2wkOIkSrP7ai
vqRNXfBPd5S7q83QkLgz/oMTrFL+O/GWDpDTdAzWddkKhkx5cocwdDiQU4cupoHz
glxbkQg5jI1rxV5fGI0cJPMEiXhTfWH++tRbLt8QEWNYn9YUOiAu+FyBXrQ1ci/W
FVEWgrXm/RYithqxZndEVf81abHxEUTOb3hUeSiqoAPeCEyMsvxvPVDTdW1IcGpk
b8G0t0TiQjvY5GfkBzcn1ebmfxQ/EG9ZWTwhKuAZsUFfUDiFuLsb3j0EVyrZRo9l
7BSv/OrhKhs3tMflEU7I0XwDhqhNF1PI5MmsR/BMDJr9erdvHD6RU3NjRwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK3tBtBVHiV3hB9uSEzdHyYycTEkMB8GA1UdIwQY
MBaAFAipIXvYMGJ8s+ZXwLkGPIIjTdvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0traGU5Z3dZbnl6NWxmQXVRWThnaU5OMjhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC83ZGRlNDQtZDdiNS00OGRhLWJjNjgt
MmM1YmFjMzVjMzQ0LzEvQ0traGU5Z3dZbnl6NWxmQXVRWThnaU5OMjhzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC83ZGRlNDQtZDdiNS00OGRhLWJjNjgtMmM1YmFjMzVjMzQ0
LzEvQ0traGU5Z3dZbnl6NWxmQXVRWThnaU5OMjhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUimNebK0
p47xEZauueJEF3CVEl2iWuZ1MA2TURpYDd5dzl/7w4cuTzCRKmLF8WoNaUeKVCYE
P0boPj+wzJjit6ckpXgebuTd4uNHXG4I2l7y9pK4Hf0tFaILuOitl6OHjOG6p23r
rE+4qGpR1HUmokr2Om5yhLTE31YLfNdoccGx4hKdl1gyVens14uX/d/DqEuwJk7p
TPlp9qZ5DQ/c9rfk+hksbgF5h+zWMZW8ZRlxMQSWB5IxVnUe+V8f7WGRK+5KTW+n
KwwiLbGa6YnzVGhXWkVGwkr2ZYVtadWCPnfszKE+gsn4IwHe7TJddo8hIbGi4TVq
7ompupXRzbc3ug==
-----END CERTIFICATE-----
Generated at Thu Mar 26 02:32:51 2026 by rpki-client