Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/135a03-e11a-470a-846c-66d49df53ef1/1/8QMX8k1xpRbXUEO-kPWr4_ocklk.mft
File: 8QMX8k1xpRbXUEO-kPWr4_ocklk.mft (raw, json)
Hash identifier: +UjRnozEC3+lNVxF+1kDdYH9ChscypWDCu0GFjGZPLQ=
Subject key identifier: 0C:2C:8B:04:0B:1D:83:D7:4F:87:EE:CA:8A:0A:4F:BB:60:E6:2C:FD
Authority key identifier: F1:03:17:F2:4D:71:A5:16:D7:50:43:BE:90:F5:AB:E3:FA:1C:92:59
Certificate issuer: /CN=f10317f24d71a516d75043be90f5abe3fa1c9259
Certificate serial: 019E1CB523A68203DFC4800B8F8520C6A26C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8QMX8k1xpRbXUEO-kPWr4_ocklk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/135a03-e11a-470a-846c-66d49df53ef1/1/8QMX8k1xpRbXUEO-kPWr4_ocklk.mft
Manifest number: 14B9
Signing time: Tue 12 May 2026 15:01:33 +0000
Manifest this update: Tue 12 May 2026 15:01:33 +0000
Manifest next update: Wed 13 May 2026 15:01:33 +0000
Files and hashes: 1: 8QMX8k1xpRbXUEO-kPWr4_ocklk.crl (hash: q0u/+P2uOWnx3qYij+c5edd2hoSi+kW2qGT508HTC7I=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/135a03-e11a-470a-846c-66d49df53ef1/1/8QMX8k1xpRbXUEO-kPWr4_ocklk.crl
rsync://rpki.ripe.net/repository/DEFAULT/21/135a03-e11a-470a-846c-66d49df53ef1/1/8QMX8k1xpRbXUEO-kPWr4_ocklk.mft
rsync://rpki.ripe.net/repository/DEFAULT/8QMX8k1xpRbXUEO-kPWr4_ocklk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:1c:b5:23:a6:82:03:df:c4:80:0b:8f:85:20:c6:a2:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f10317f24d71a516d75043be90f5abe3fa1c9259
Validity
Not Before: May 12 15:01:33 2026 GMT
Not After : May 13 15:01:33 2026 GMT
Subject: CN=0c2c8b040b1d83d74f87eeca8a0a4fbb60e62cfd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:63:b0:5a:bf:56:de:04:13:52:09:23:b9:9e:
f1:36:b9:df:d5:d2:30:ac:e9:ab:b0:62:e3:85:12:
64:7b:68:62:54:ba:2e:16:5f:e4:c4:69:95:7b:19:
4a:53:f8:db:50:aa:8a:a2:27:49:5d:24:e0:38:28:
e6:6d:32:09:29:0b:f9:ea:2c:70:21:b6:d9:ce:0b:
3d:f2:4c:ed:e3:ef:30:0d:f4:3e:26:d7:5b:df:08:
7b:58:84:cd:3f:bb:e4:58:1a:8b:9a:07:1f:72:2e:
9f:f3:48:22:fb:51:bc:e9:26:74:d1:23:43:f4:04:
c3:d5:b2:8a:7d:d8:42:21:35:a8:7c:64:24:e1:85:
a3:6a:51:18:b3:0c:60:f6:24:c6:c2:13:ee:8d:b9:
e8:e7:55:af:52:31:07:a8:6b:c5:62:89:59:66:f1:
4e:b3:9d:5e:80:89:14:d4:3a:a2:95:fa:a8:37:59:
ff:d5:23:8d:58:54:ec:4d:6d:9a:ca:69:d6:92:c0:
89:16:6e:2f:00:56:b9:ae:24:d0:c8:cd:da:c2:c9:
3c:91:eb:d8:aa:98:c1:bd:f7:18:59:9f:92:cf:d6:
fe:95:96:6d:c7:ac:69:da:6e:ab:3a:74:31:20:ff:
bc:1c:bc:73:65:b6:1e:63:cd:be:4c:18:b7:47:1d:
3f:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:2C:8B:04:0B:1D:83:D7:4F:87:EE:CA:8A:0A:4F:BB:60:E6:2C:FD
X509v3 Authority Key Identifier:
keyid:F1:03:17:F2:4D:71:A5:16:D7:50:43:BE:90:F5:AB:E3:FA:1C:92:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8QMX8k1xpRbXUEO-kPWr4_ocklk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/135a03-e11a-470a-846c-66d49df53ef1/1/8QMX8k1xpRbXUEO-kPWr4_ocklk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/135a03-e11a-470a-846c-66d49df53ef1/1/8QMX8k1xpRbXUEO-kPWr4_ocklk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
64:18:8a:46:7c:8a:c2:11:ab:61:b9:9a:6a:3e:85:bb:d1:65:
c0:29:29:90:ec:34:f1:81:b2:81:ce:fa:3d:ae:f1:2d:72:5a:
c2:14:7a:af:8e:02:90:73:4a:fd:08:01:f6:be:ee:0c:76:56:
d5:77:d4:d1:10:33:4c:03:dd:9b:02:37:5d:04:2c:13:45:54:
6e:71:9d:f7:2c:7c:b1:01:04:50:7e:80:5e:57:db:dc:78:d7:
97:9a:14:03:06:04:a9:c8:ae:44:13:fe:ef:69:06:e2:c0:f4:
b8:43:53:9f:ec:a5:ea:a0:e2:f4:92:ed:12:4b:16:0a:f7:9d:
34:7a:54:98:2c:c3:84:15:a9:89:1e:41:b4:82:43:e2:2d:69:
87:03:37:83:9c:0f:33:86:ac:77:dc:68:07:42:5f:09:70:85:
9e:da:46:1e:64:0e:99:d4:b2:36:b9:eb:3b:e0:00:20:2b:4b:
34:da:81:3c:29:09:74:50:b1:29:65:64:9a:cf:d6:0b:14:33:
90:5a:fb:cb:7c:7c:fe:20:58:a6:6b:c2:69:87:c4:73:fd:e5:
cb:1c:29:28:ba:98:dc:cb:e1:a1:eb:fb:dc:06:fa:7e:48:fb:
d6:63:79:c7:40:bf:53:c0:a5:7e:b4:d2:91:2d:bf:3d:61:40:
13:a6:f6:94
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4ctSOmggPfxIALj4UgxqJsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxMDMxN2YyNGQ3MWE1MTZkNzUwNDNiZTkwZjVhYmUzZmEx
YzkyNTkwHhcNMjYwNTEyMTUwMTMzWhcNMjYwNTEzMTUwMTMzWjAzMTEwLwYDVQQD
EygwYzJjOGIwNDBiMWQ4M2Q3NGY4N2VlY2E4YTBhNGZiYjYwZTYyY2ZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoWOwWr9W3gQTUgkjuZ7xNrnf1dIw
rOmrsGLjhRJke2hiVLouFl/kxGmVexlKU/jbUKqKoidJXSTgOCjmbTIJKQv56ixw
IbbZzgs98kzt4+8wDfQ+Jtdb3wh7WITNP7vkWBqLmgcfci6f80gi+1G86SZ00SND
9ATD1bKKfdhCITWofGQk4YWjalEYswxg9iTGwhPujbno51WvUjEHqGvFYolZZvFO
s51egIkU1DqilfqoN1n/1SONWFTsTW2aymnWksCJFm4vAFa5riTQyM3awsk8kevY
qpjBvfcYWZ+Sz9b+lZZtx6xp2m6rOnQxIP+8HLxzZbYeY82+TBi3Rx0/+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAwsiwQLHYPXT4fuyooKT7tg5iz9MB8GA1UdIwQY
MBaAFPEDF/JNcaUW11BDvpD1q+P6HJJZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFFNWDhrMXhwUmJYVUVPLWtQV3I0X29ja2xrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8xMzVhMDMtZTExYS00NzBhLTg0NmMt
NjZkNDlkZjUzZWYxLzEvOFFNWDhrMXhwUmJYVUVPLWtQV3I0X29ja2xrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS8xMzVhMDMtZTExYS00NzBhLTg0NmMtNjZkNDlkZjUzZWYx
LzEvOFFNWDhrMXhwUmJYVUVPLWtQV3I0X29ja2xrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZBiKRnyK
whGrYbmaaj6Fu9FlwCkpkOw08YGygc76Pa7xLXJawhR6r44CkHNK/QgB9r7uDHZW
1XfU0RAzTAPdmwI3XQQsE0VUbnGd9yx8sQEEUH6AXlfb3HjXl5oUAwYEqciuRBP+
72kG4sD0uENTn+yl6qDi9JLtEksWCvedNHpUmCzDhBWpiR5BtIJD4i1phwM3g5wP
M4asd9xoB0JfCXCFntpGHmQOmdSyNrnrO+AAICtLNNqBPCkJdFCxKWVkms/WCxQz
kFr7y3x8/iBYpmvCaYfEc/3lyxwpKLqY3Mvhoev73Ab6fkj71mN5x0C/U8ClfrTS
kS2/PWFAE6b2lA==
-----END CERTIFICATE-----
Generated at Tue May 12 21:59:25 2026 by rpki-client