Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/00725a-19ef-4244-8897-78cb59b78a4f/1/8HHkN5gsw0b26BfKZIknI-21QZo.mft
File: 8HHkN5gsw0b26BfKZIknI-21QZo.mft (raw, json)
Hash identifier: xEMF4VC4YSejlyb1pSj5VODrD7t5BxgqKDpBfDQrHd0=
Subject key identifier: B5:9B:63:0E:92:D8:6A:6F:DC:FB:AE:A9:B1:FE:E1:8D:ED:58:FB:88
Authority key identifier: F0:71:E4:37:98:2C:C3:46:F6:E8:17:CA:64:89:27:23:ED:B5:41:9A
Certificate issuer: /CN=f071e437982cc346f6e817ca64892723edb5419a
Certificate serial: 019D299724225EF78E522FB85E39C192591A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8HHkN5gsw0b26BfKZIknI-21QZo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/00725a-19ef-4244-8897-78cb59b78a4f/1/8HHkN5gsw0b26BfKZIknI-21QZo.mft
Manifest number: 11E9
Signing time: Thu 26 Mar 2026 10:01:04 +0000
Manifest this update: Thu 26 Mar 2026 10:01:04 +0000
Manifest next update: Fri 27 Mar 2026 10:01:04 +0000
Files and hashes: 1: 4dTiivW_bvCIIr9OKslRJ2ttAH0.roa (hash: nywsABEuvSZWyJVu4fBV0raW88OjCnUfbkwJDiN85oo=)
2: 8HHkN5gsw0b26BfKZIknI-21QZo.crl (hash: bReW11Ljq7ZbVFFZxWnpX7e0Bh9bmDxIXXjSmLazGpQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/00725a-19ef-4244-8897-78cb59b78a4f/1/8HHkN5gsw0b26BfKZIknI-21QZo.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/00725a-19ef-4244-8897-78cb59b78a4f/1/8HHkN5gsw0b26BfKZIknI-21QZo.mft
rsync://rpki.ripe.net/repository/DEFAULT/8HHkN5gsw0b26BfKZIknI-21QZo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:29:97:24:22:5e:f7:8e:52:2f:b8:5e:39:c1:92:59:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f071e437982cc346f6e817ca64892723edb5419a
Validity
Not Before: Mar 26 10:01:04 2026 GMT
Not After : Mar 27 10:01:04 2026 GMT
Subject: CN=b59b630e92d86a6fdcfbaea9b1fee18ded58fb88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:df:ea:e4:d0:05:9f:b6:c4:88:1a:34:89:56:
5f:12:62:21:91:44:22:52:5d:12:b4:28:b1:44:3e:
fe:80:cc:ef:63:c4:4f:dc:a0:d9:6d:80:e2:48:bd:
59:2b:b6:0e:97:d3:b6:71:0c:66:ec:e9:96:60:fc:
ed:9d:3d:a8:05:a2:ef:f4:dd:c9:04:df:67:7f:85:
1f:20:21:13:f5:29:8a:e8:ff:79:19:aa:2e:4d:05:
23:84:d5:cd:ce:3a:1a:ba:9b:4c:44:3d:92:94:78:
68:92:06:f8:96:b9:f3:94:75:aa:2c:51:7a:ac:ee:
24:28:b8:a9:79:7a:c9:2a:a2:69:04:fc:22:28:3a:
3c:3a:2b:88:5d:39:5b:1c:f8:15:36:5b:90:58:ce:
50:12:8b:9b:24:41:1a:b6:1b:71:86:58:8b:61:15:
ec:59:bb:d8:29:8d:f0:3e:8e:73:9d:47:46:47:28:
5d:b3:aa:94:98:5a:e2:dd:82:95:61:f7:fc:b3:d7:
41:3c:c3:41:d0:a7:9e:c3:7a:ea:bf:59:35:fe:87:
d8:e9:63:41:a2:74:6f:22:3d:5e:85:95:d0:d0:67:
db:c1:da:78:e9:27:3a:02:90:4e:b3:55:b9:b1:cd:
41:0f:c7:b7:60:bb:9d:c4:30:a4:0c:72:ff:b6:5b:
e0:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:9B:63:0E:92:D8:6A:6F:DC:FB:AE:A9:B1:FE:E1:8D:ED:58:FB:88
X509v3 Authority Key Identifier:
keyid:F0:71:E4:37:98:2C:C3:46:F6:E8:17:CA:64:89:27:23:ED:B5:41:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8HHkN5gsw0b26BfKZIknI-21QZo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/00725a-19ef-4244-8897-78cb59b78a4f/1/8HHkN5gsw0b26BfKZIknI-21QZo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/00725a-19ef-4244-8897-78cb59b78a4f/1/8HHkN5gsw0b26BfKZIknI-21QZo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
07:11:04:c1:e1:06:c9:0f:b6:b4:dd:de:2e:f7:45:2a:4b:2f:
83:0c:77:c7:4e:b9:0c:c2:5d:e4:ce:c4:a6:72:22:25:28:56:
94:a6:4e:fe:23:d3:52:f6:fd:f7:bd:2c:56:08:b5:8c:42:7b:
4f:64:75:05:ee:11:58:a4:c6:c7:f6:c1:a6:29:51:a6:06:0b:
72:8f:bc:7b:93:fd:92:4e:6b:c8:6f:f6:08:19:5e:52:ae:0a:
94:8e:c2:9b:e9:26:d0:1a:ef:e1:94:db:7d:8b:c2:ff:2d:a3:
eb:49:cd:7f:2c:4f:ca:48:0d:5f:2c:1c:97:75:49:64:94:9d:
48:05:3d:9b:39:29:f2:c4:8d:28:68:d5:d4:33:21:d7:f9:d8:
34:71:ee:d3:92:c9:19:d8:2e:8e:bb:46:c4:11:17:e6:5d:40:
c3:1c:b3:8b:f2:46:a7:27:24:db:0e:4e:a6:ff:56:5f:ec:63:
ab:88:15:16:40:00:c9:50:d2:59:51:d8:cc:64:aa:4b:eb:ce:
8f:a0:fb:e5:73:75:71:95:1c:98:9a:ac:dd:03:3a:d8:ca:05:
1e:02:db:54:4e:85:1b:75:59:a1:09:ff:9b:c6:6e:e9:51:67:
fe:3f:7e:88:03:87:5d:28:01:eb:70:a5:ee:00:6a:cb:13:34:
d0:3c:7b:c5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0plyQiXveOUi+4XjnBklkaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNzFlNDM3OTgyY2MzNDZmNmU4MTdjYTY0ODkyNzIzZWRi
NTQxOWEwHhcNMjYwMzI2MTAwMTA0WhcNMjYwMzI3MTAwMTA0WjAzMTEwLwYDVQQD
EyhiNTliNjMwZTkyZDg2YTZmZGNmYmFlYTliMWZlZTE4ZGVkNThmYjg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5t/q5NAFn7bEiBo0iVZfEmIhkUQi
Ul0StCixRD7+gMzvY8RP3KDZbYDiSL1ZK7YOl9O2cQxm7OmWYPztnT2oBaLv9N3J
BN9nf4UfICET9SmK6P95GaouTQUjhNXNzjoauptMRD2SlHhokgb4lrnzlHWqLFF6
rO4kKLipeXrJKqJpBPwiKDo8OiuIXTlbHPgVNluQWM5QEoubJEEathtxhliLYRXs
WbvYKY3wPo5znUdGRyhds6qUmFri3YKVYff8s9dBPMNB0Keew3rqv1k1/ofY6WNB
onRvIj1ehZXQ0Gfbwdp46Sc6ApBOs1W5sc1BD8e3YLudxDCkDHL/tlvg+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLWbYw6S2Gpv3PuuqbH+4Y3tWPuIMB8GA1UdIwQY
MBaAFPBx5DeYLMNG9ugXymSJJyPttUGaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEhIa041Z3N3MGIyNkJmS1pJa25JLTIxUVpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi8wMDcyNWEtMTllZi00MjQ0LTg4OTct
NzhjYjU5Yjc4YTRmLzEvOEhIa041Z3N3MGIyNkJmS1pJa25JLTIxUVpvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi8wMDcyNWEtMTllZi00MjQ0LTg4OTctNzhjYjU5Yjc4YTRm
LzEvOEhIa041Z3N3MGIyNkJmS1pJa25JLTIxUVpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABxEEweEG
yQ+2tN3eLvdFKksvgwx3x065DMJd5M7EpnIiJShWlKZO/iPTUvb9970sVgi1jEJ7
T2R1Be4RWKTGx/bBpilRpgYLco+8e5P9kk5ryG/2CBleUq4KlI7Cm+km0Brv4ZTb
fYvC/y2j60nNfyxPykgNXywcl3VJZJSdSAU9mzkp8sSNKGjV1DMh1/nYNHHu05LJ
GdgujrtGxBEX5l1Awxyzi/JGpyck2w5Opv9WX+xjq4gVFkAAyVDSWVHYzGSqS+vO
j6D75XN1cZUcmJqs3QM62MoFHgLbVE6FG3VZoQn/m8Zu6VFn/j9+iAOHXSgB63Cl
7gBqyxM00Dx7xQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 14:42:30 2026 by rpki-client