Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/3d2141-ecb8-4289-9669-fd55c58edaf7/1/h9OLoS9GKcITH8YOiVDWwwO-fSI.mft
File: h9OLoS9GKcITH8YOiVDWwwO-fSI.mft (raw, json)
Hash identifier: 29BoPPPGASrkqlQcZQu1VTL26SkrRNAxRB7XO1vPrdk=
Subject key identifier: 65:E1:04:8C:01:C5:28:DF:7A:AF:1F:FC:62:96:BF:CF:60:25:87:AB
Authority key identifier: 87:D3:8B:A1:2F:46:29:C2:13:1F:C6:0E:89:50:D6:C3:03:BE:7D:22
Certificate issuer: /CN=87d38ba12f4629c2131fc60e8950d6c303be7d22
Certificate serial: 019D2A72B0E55976DC88B0B00FF119D1F014
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h9OLoS9GKcITH8YOiVDWwwO-fSI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/3d2141-ecb8-4289-9669-fd55c58edaf7/1/h9OLoS9GKcITH8YOiVDWwwO-fSI.mft
Manifest number: 09EA
Signing time: Thu 26 Mar 2026 14:00:52 +0000
Manifest this update: Thu 26 Mar 2026 14:00:52 +0000
Manifest next update: Fri 27 Mar 2026 14:00:52 +0000
Files and hashes: 1: P9OMN6vgdLJtD09eskr6MgjyHfg.roa (hash: SopYEJD5bVxHlDcqx6I2t8+qQOHpKjNg8JsM2U0RHno=)
2: h9OLoS9GKcITH8YOiVDWwwO-fSI.crl (hash: 1dFkRC1wzbgmwaeqp1jv5uqxD5vme1bzNlyGi53//JY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8b/3d2141-ecb8-4289-9669-fd55c58edaf7/1/h9OLoS9GKcITH8YOiVDWwwO-fSI.crl
rsync://rpki.ripe.net/repository/DEFAULT/8b/3d2141-ecb8-4289-9669-fd55c58edaf7/1/h9OLoS9GKcITH8YOiVDWwwO-fSI.mft
rsync://rpki.ripe.net/repository/DEFAULT/h9OLoS9GKcITH8YOiVDWwwO-fSI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:2a:72:b0:e5:59:76:dc:88:b0:b0:0f:f1:19:d1:f0:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87d38ba12f4629c2131fc60e8950d6c303be7d22
Validity
Not Before: Mar 26 14:00:52 2026 GMT
Not After : Mar 27 14:00:52 2026 GMT
Subject: CN=65e1048c01c528df7aaf1ffc6296bfcf602587ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:d0:5c:26:fa:2c:65:c6:d6:ce:92:2b:40:e5:
dc:0a:b6:f0:75:5d:4f:36:2c:2b:8f:d9:70:7b:0b:
a7:46:f2:df:73:13:ce:31:1b:15:ef:b4:20:9a:a4:
e1:d3:ea:fa:58:b9:8b:e5:51:5c:4e:09:5e:d3:ea:
62:3f:71:c9:4e:5d:97:8e:b8:81:e3:1c:26:69:35:
66:b6:96:ff:bc:7f:da:47:c0:ac:99:ef:dc:08:6b:
f7:99:73:25:90:0f:87:a7:c1:8c:39:72:91:e0:27:
9b:3d:eb:53:46:f4:a2:91:8e:0a:4a:0b:5a:d8:ea:
e1:7f:b3:33:a7:e5:e3:84:fe:e5:89:90:04:3f:39:
96:ba:6f:0f:e1:2a:55:1d:ba:0b:cc:15:46:c9:7f:
89:30:fd:2b:83:f7:a2:c3:d1:c5:6d:47:07:2e:09:
e3:3a:cd:c9:8d:5d:f5:01:be:a5:8c:2f:00:6d:42:
7b:ef:a3:49:1d:6e:e9:c1:d8:7d:e7:ba:dc:33:c7:
b4:c7:47:38:49:58:be:0f:d8:70:57:28:30:82:98:
18:d1:cf:7a:00:83:a3:40:e8:e1:ca:32:c2:73:a2:
50:1d:9f:5e:65:e1:58:2e:cb:54:10:11:81:77:30:
f4:ec:6f:52:69:21:a9:ee:b5:7e:0a:af:51:4b:4e:
93:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:E1:04:8C:01:C5:28:DF:7A:AF:1F:FC:62:96:BF:CF:60:25:87:AB
X509v3 Authority Key Identifier:
keyid:87:D3:8B:A1:2F:46:29:C2:13:1F:C6:0E:89:50:D6:C3:03:BE:7D:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h9OLoS9GKcITH8YOiVDWwwO-fSI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/3d2141-ecb8-4289-9669-fd55c58edaf7/1/h9OLoS9GKcITH8YOiVDWwwO-fSI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/3d2141-ecb8-4289-9669-fd55c58edaf7/1/h9OLoS9GKcITH8YOiVDWwwO-fSI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
ae:f5:7c:65:72:a2:f7:5c:c0:8d:73:a5:b2:de:0b:1f:c7:fb:
9d:d0:53:39:5e:3a:11:11:22:6e:77:2b:e5:3a:28:d2:91:b8:
33:ef:40:36:11:43:c3:09:b5:1c:e7:cb:32:47:51:eb:83:ff:
3d:39:3d:ef:d4:1e:cc:05:42:10:91:ad:73:3f:8e:6d:6e:98:
a7:51:3c:8e:4a:ba:51:9d:fc:79:50:7b:42:0c:0e:23:a8:9b:
bd:88:ef:41:e2:52:16:9d:ed:9c:c4:a8:a8:66:0d:64:0d:7a:
28:c0:d6:6c:6f:57:a8:55:7c:e6:3e:8f:fe:d1:ec:03:66:53:
c3:ac:4f:c3:95:19:52:42:a0:9f:1f:a0:2d:b4:a1:f1:e9:22:
d5:d0:1b:13:87:ac:f2:0c:ce:b9:9f:8a:7d:ba:6f:3b:74:25:
38:f7:a0:f0:e8:45:c8:ab:6c:b2:6a:cf:ec:86:14:c7:01:ad:
83:11:d7:de:a5:6d:b3:0d:4f:a3:4c:c3:7d:ac:89:a3:2e:52:
d6:2e:43:2f:fd:41:9a:44:b4:38:66:41:80:94:0e:a0:0e:f5:
bf:d1:9f:b6:05:5e:29:96:c5:ed:38:08:a5:58:00:9e:fb:dd:
50:9c:c5:c6:eb:bd:44:ee:24:eb:18:09:c7:8c:74:db:e2:b7:
78:27:07:31
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0qcrDlWXbciLCwD/EZ0fAUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3ZDM4YmExMmY0NjI5YzIxMzFmYzYwZTg5NTBkNmMzMDNi
ZTdkMjIwHhcNMjYwMzI2MTQwMDUyWhcNMjYwMzI3MTQwMDUyWjAzMTEwLwYDVQQD
Eyg2NWUxMDQ4YzAxYzUyOGRmN2FhZjFmZmM2Mjk2YmZjZjYwMjU4N2FiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3tBcJvosZcbWzpIrQOXcCrbwdV1P
Niwrj9lwewunRvLfcxPOMRsV77QgmqTh0+r6WLmL5VFcTgle0+piP3HJTl2XjriB
4xwmaTVmtpb/vH/aR8Csme/cCGv3mXMlkA+Hp8GMOXKR4CebPetTRvSikY4KSgta
2Orhf7Mzp+XjhP7liZAEPzmWum8P4SpVHboLzBVGyX+JMP0rg/eiw9HFbUcHLgnj
Os3JjV31Ab6ljC8AbUJ776NJHW7pwdh957rcM8e0x0c4SVi+D9hwVygwgpgY0c96
AIOjQOjhyjLCc6JQHZ9eZeFYLstUEBGBdzD07G9SaSGp7rV+Cq9RS06TGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGXhBIwBxSjfeq8f/GKWv89gJYerMB8GA1UdIwQY
MBaAFIfTi6EvRinCEx/GDolQ1sMDvn0iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDlPTG9TOUdLY0lUSDhZT2lWRFd3d08tZlNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi8zZDIxNDEtZWNiOC00Mjg5LTk2Njkt
ZmQ1NWM1OGVkYWY3LzEvaDlPTG9TOUdLY0lUSDhZT2lWRFd3d08tZlNJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi8zZDIxNDEtZWNiOC00Mjg5LTk2NjktZmQ1NWM1OGVkYWY3
LzEvaDlPTG9TOUdLY0lUSDhZT2lWRFd3d08tZlNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArvV8ZXKi
91zAjXOlst4LH8f7ndBTOV46EREibncr5Too0pG4M+9ANhFDwwm1HOfLMkdR64P/
PTk979QezAVCEJGtcz+ObW6Yp1E8jkq6UZ38eVB7QgwOI6ibvYjvQeJSFp3tnMSo
qGYNZA16KMDWbG9XqFV85j6P/tHsA2ZTw6xPw5UZUkKgnx+gLbSh8eki1dAbE4es
8gzOuZ+KfbpvO3QlOPeg8OhFyKtssmrP7IYUxwGtgxHX3qVtsw1Po0zDfayJoy5S
1i5DL/1BmkS0OGZBgJQOoA71v9GftgVeKZbF7TgIpVgAnvvdUJzFxuu9RO4k6xgJ
x4x02+K3eCcHMQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 17:23:29 2026 by rpki-client