Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/3edb8c-1850-488f-afdf-5c2abe5394e6/1/i9lSvUDOCXP5EEEfWS426QE2wuo.mft
File: i9lSvUDOCXP5EEEfWS426QE2wuo.mft (raw, json)
Hash identifier: sJF8f6G8ehw5pLvfnhdPsV60zwF1gw4pVtbBEggCTCE=
Subject key identifier: DF:72:E2:17:B2:0F:F1:FC:A0:A3:03:B7:0D:0A:1A:12:76:8E:56:EA
Authority key identifier: 8B:D9:52:BD:40:CE:09:73:F9:10:41:1F:59:2E:36:E9:01:36:C2:EA
Certificate issuer: /CN=8bd952bd40ce0973f910411f592e36e90136c2ea
Certificate serial: 019D2A3BD9635FD5FA2799F4B330D099385A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i9lSvUDOCXP5EEEfWS426QE2wuo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/3edb8c-1850-488f-afdf-5c2abe5394e6/1/i9lSvUDOCXP5EEEfWS426QE2wuo.mft
Manifest number: 0A07
Signing time: Thu 26 Mar 2026 13:00:58 +0000
Manifest this update: Thu 26 Mar 2026 13:00:58 +0000
Manifest next update: Fri 27 Mar 2026 13:00:58 +0000
Files and hashes: 1: i9lSvUDOCXP5EEEfWS426QE2wuo.crl (hash: cijNgOlKpCHrym6o3zAz2Um0GkLgzRUUmfu6h9qguls=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/3edb8c-1850-488f-afdf-5c2abe5394e6/1/i9lSvUDOCXP5EEEfWS426QE2wuo.crl
rsync://rpki.ripe.net/repository/DEFAULT/09/3edb8c-1850-488f-afdf-5c2abe5394e6/1/i9lSvUDOCXP5EEEfWS426QE2wuo.mft
rsync://rpki.ripe.net/repository/DEFAULT/i9lSvUDOCXP5EEEfWS426QE2wuo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:2a:3b:d9:63:5f:d5:fa:27:99:f4:b3:30:d0:99:38:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bd952bd40ce0973f910411f592e36e90136c2ea
Validity
Not Before: Mar 26 13:00:58 2026 GMT
Not After : Mar 27 13:00:58 2026 GMT
Subject: CN=df72e217b20ff1fca0a303b70d0a1a12768e56ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:76:43:76:2c:e8:b0:56:cc:34:3f:aa:44:8b:
2f:f4:c4:e5:05:4a:53:ef:39:5f:c7:79:2e:5f:4d:
2d:e7:2f:5c:f6:87:79:df:5f:0e:bc:d7:d8:45:02:
85:23:3f:5e:eb:4a:37:3f:4f:27:ed:63:8f:88:24:
33:91:bf:8d:f5:f7:3f:53:ea:ef:b3:be:cc:4b:cb:
6d:df:ac:f7:9b:52:51:7f:83:29:96:37:9b:d2:50:
1d:fb:c9:47:10:90:d8:58:13:31:33:f6:96:75:42:
73:75:be:6c:81:5b:63:5a:51:f3:d6:78:1f:87:6b:
fa:58:67:95:16:a7:7c:96:d6:7c:20:bb:28:65:d8:
c7:d5:9a:0e:7c:42:62:c6:48:fb:3f:b2:38:c4:87:
55:8f:83:a2:8b:bb:8f:78:25:09:cd:c2:71:84:23:
66:fd:5f:4e:47:90:96:b4:0a:79:e4:60:9b:41:40:
6a:54:fc:c2:be:cb:26:c6:c8:a6:04:ce:0a:e3:33:
2f:18:59:58:ad:9c:dd:9b:25:8c:dd:10:f0:72:17:
da:4d:65:df:87:bb:8f:71:8a:4d:55:39:55:9a:87:
d6:85:13:75:9b:0c:11:a7:db:ac:91:13:f7:74:c8:
db:4f:70:f4:8b:e3:ca:f6:db:5f:b5:a5:c6:bc:b3:
af:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:72:E2:17:B2:0F:F1:FC:A0:A3:03:B7:0D:0A:1A:12:76:8E:56:EA
X509v3 Authority Key Identifier:
keyid:8B:D9:52:BD:40:CE:09:73:F9:10:41:1F:59:2E:36:E9:01:36:C2:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i9lSvUDOCXP5EEEfWS426QE2wuo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/3edb8c-1850-488f-afdf-5c2abe5394e6/1/i9lSvUDOCXP5EEEfWS426QE2wuo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/3edb8c-1850-488f-afdf-5c2abe5394e6/1/i9lSvUDOCXP5EEEfWS426QE2wuo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2e:3f:0a:ce:c1:6b:22:10:9e:1f:62:e5:29:ca:f2:04:92:d2:
75:28:58:cb:39:1f:6e:6e:bc:70:a6:f2:10:29:a5:7f:fd:f4:
5b:49:66:30:93:6b:54:9d:69:60:08:d6:2d:9c:45:93:3f:0b:
25:61:ff:40:47:a2:84:8a:e5:ed:c6:be:1f:59:2a:ce:a2:60:
84:92:41:2e:1f:5b:cf:2b:26:46:4e:3d:4d:d1:fb:a1:2a:5f:
f5:21:6a:02:07:05:c0:03:98:7b:6c:1d:cb:2e:1e:67:be:09:
88:cc:57:ab:b2:be:29:f7:87:01:8a:39:34:40:32:40:16:05:
31:3f:f4:7e:a3:e2:5d:d4:11:cc:ad:64:fb:ff:d5:77:03:2b:
03:aa:1d:3e:41:d9:51:8c:9f:57:91:b1:cb:40:25:d4:9f:97:
ad:61:40:01:e3:76:f3:fd:30:66:be:96:47:71:1d:8a:74:00:
f0:c8:5c:38:5b:c7:35:1f:68:68:27:2e:79:21:e5:37:b0:0d:
87:08:bb:a2:a2:8e:6f:4d:ad:f0:6a:23:ac:22:7c:9e:8e:26:
d6:44:ae:0a:5e:e3:46:f0:18:c1:c3:99:64:8e:e1:e0:2f:a4:
45:4d:b7:a0:0f:ea:03:ef:29:75:71:a7:3f:8d:73:e5:cb:3e:
e9:ec:16:ee
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0qO9ljX9X6J5n0szDQmThaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiZDk1MmJkNDBjZTA5NzNmOTEwNDExZjU5MmUzNmU5MDEz
NmMyZWEwHhcNMjYwMzI2MTMwMDU4WhcNMjYwMzI3MTMwMDU4WjAzMTEwLwYDVQQD
EyhkZjcyZTIxN2IyMGZmMWZjYTBhMzAzYjcwZDBhMWExMjc2OGU1NmVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4HZDdizosFbMND+qRIsv9MTlBUpT
7zlfx3kuX00t5y9c9od5318OvNfYRQKFIz9e60o3P08n7WOPiCQzkb+N9fc/U+rv
s77MS8tt36z3m1JRf4Mpljeb0lAd+8lHEJDYWBMxM/aWdUJzdb5sgVtjWlHz1ngf
h2v6WGeVFqd8ltZ8ILsoZdjH1ZoOfEJixkj7P7I4xIdVj4Oii7uPeCUJzcJxhCNm
/V9OR5CWtAp55GCbQUBqVPzCvssmxsimBM4K4zMvGFlYrZzdmyWM3RDwchfaTWXf
h7uPcYpNVTlVmofWhRN1mwwRp9uskRP3dMjbT3D0i+PK9ttftaXGvLOvuQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN9y4heyD/H8oKMDtw0KGhJ2jlbqMB8GA1UdIwQY
MBaAFIvZUr1Azglz+RBBH1kuNukBNsLqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTlsU3ZVRE9DWFA1RUVFZldTNDI2UUUyd3VvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS8zZWRiOGMtMTg1MC00ODhmLWFmZGYt
NWMyYWJlNTM5NGU2LzEvaTlsU3ZVRE9DWFA1RUVFZldTNDI2UUUyd3VvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS8zZWRiOGMtMTg1MC00ODhmLWFmZGYtNWMyYWJlNTM5NGU2
LzEvaTlsU3ZVRE9DWFA1RUVFZldTNDI2UUUyd3VvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALj8KzsFr
IhCeH2LlKcryBJLSdShYyzkfbm68cKbyECmlf/30W0lmMJNrVJ1pYAjWLZxFkz8L
JWH/QEeihIrl7ca+H1kqzqJghJJBLh9bzysmRk49TdH7oSpf9SFqAgcFwAOYe2wd
yy4eZ74JiMxXq7K+KfeHAYo5NEAyQBYFMT/0fqPiXdQRzK1k+//VdwMrA6odPkHZ
UYyfV5Gxy0Al1J+XrWFAAeN28/0wZr6WR3EdinQA8MhcOFvHNR9oaCcueSHlN7AN
hwi7oqKOb02t8GojrCJ8no4m1kSuCl7jRvAYwcOZZI7h4C+kRU23oA/qA+8pdXGn
P41z5cs+6ewW7g==
-----END CERTIFICATE-----
Generated at Thu Mar 26 18:17:01 2026 by rpki-client