Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/095d5f-2693-4182-9397-cda94fb796d1/1/8lizqXQbQx177NZChrnmvODpddo.mft
File: 8lizqXQbQx177NZChrnmvODpddo.mft (raw, json)
Hash identifier: 1djmCX+IAuUKlrAaQzTiQLfp+7TD41zDKfzRQHrZtTg=
Subject key identifier: 94:97:F0:1E:6D:8F:CB:2C:A8:36:3E:CE:03:83:06:A8:01:24:F9:A9
Authority key identifier: F2:58:B3:A9:74:1B:43:1D:7B:EC:D6:42:86:B9:E6:BC:E0:E9:75:DA
Certificate issuer: /CN=f258b3a9741b431d7becd64286b9e6bce0e975da
Certificate serial: 019D33E32E904218305BF2955949531CDC7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8lizqXQbQx177NZChrnmvODpddo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/095d5f-2693-4182-9397-cda94fb796d1/1/8lizqXQbQx177NZChrnmvODpddo.mft
Manifest number: 185C
Signing time: Sat 28 Mar 2026 10:00:19 +0000
Manifest this update: Sat 28 Mar 2026 10:00:19 +0000
Manifest next update: Sun 29 Mar 2026 10:00:19 +0000
Files and hashes: 1: 8lizqXQbQx177NZChrnmvODpddo.crl (hash: Mv51MpFLRj3nzOyxygaYj3XVlhpL4ubpjnd7i8rWxTg=)
2: 9vmezDMgMLAYgubj0dZwQBpw7Zo.roa (hash: QLo0rxDXf9m7rqbC9zynXdEyUGpcYsQ8wFalcr82vIw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/095d5f-2693-4182-9397-cda94fb796d1/1/8lizqXQbQx177NZChrnmvODpddo.crl
rsync://rpki.ripe.net/repository/DEFAULT/af/095d5f-2693-4182-9397-cda94fb796d1/1/8lizqXQbQx177NZChrnmvODpddo.mft
rsync://rpki.ripe.net/repository/DEFAULT/8lizqXQbQx177NZChrnmvODpddo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Mar 2026 09:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:33:e3:2e:90:42:18:30:5b:f2:95:59:49:53:1c:dc:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f258b3a9741b431d7becd64286b9e6bce0e975da
Validity
Not Before: Mar 28 10:00:19 2026 GMT
Not After : Mar 29 10:00:19 2026 GMT
Subject: CN=9497f01e6d8fcb2ca8363ece038306a80124f9a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:ae:16:bc:ed:43:21:38:75:1a:25:0e:64:83:
c6:dc:91:f1:16:3b:ee:3b:12:ca:3c:82:de:71:c4:
d7:f5:75:dc:13:54:2e:2a:38:76:09:25:a3:ea:78:
f3:b3:f9:f3:d0:eb:d3:f3:b7:d9:5d:f1:53:e6:30:
56:b9:51:7d:89:0e:86:f8:91:c0:c5:09:2c:38:35:
c8:fe:ca:a3:d6:12:0e:33:db:28:ee:eb:7e:94:ce:
93:33:49:bc:b7:eb:46:d3:58:5f:6e:d9:96:7b:2f:
15:32:8a:d8:13:67:4f:8f:19:55:ed:4a:26:ca:35:
79:64:e6:82:69:13:d5:eb:0a:ae:b5:4e:ee:87:90:
49:af:b5:73:e3:0e:8a:14:ad:c4:49:07:db:a3:ee:
c5:f0:f3:20:71:d5:2f:25:f7:12:94:a2:01:e9:03:
3b:15:4f:a5:60:0c:0d:83:be:21:78:dd:3f:f1:19:
4a:25:89:89:b5:d7:49:22:bb:78:26:63:bb:22:81:
f3:3a:50:ba:72:73:d7:d6:90:41:dd:57:7e:5e:01:
de:0b:91:19:7a:27:42:21:d2:a3:f1:69:fb:de:0b:
1e:4c:98:66:2f:ec:ad:f5:9b:72:b2:2c:c0:02:ab:
3a:46:5c:f1:f7:92:30:fa:a7:d3:5e:87:e4:cc:78:
38:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:97:F0:1E:6D:8F:CB:2C:A8:36:3E:CE:03:83:06:A8:01:24:F9:A9
X509v3 Authority Key Identifier:
keyid:F2:58:B3:A9:74:1B:43:1D:7B:EC:D6:42:86:B9:E6:BC:E0:E9:75:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8lizqXQbQx177NZChrnmvODpddo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/095d5f-2693-4182-9397-cda94fb796d1/1/8lizqXQbQx177NZChrnmvODpddo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/095d5f-2693-4182-9397-cda94fb796d1/1/8lizqXQbQx177NZChrnmvODpddo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
63:65:f8:ab:8b:c9:d3:ac:d6:a4:51:f9:7b:43:bb:77:2b:8c:
71:93:aa:93:15:20:e6:ee:6b:5c:aa:c4:55:34:05:bb:5b:33:
6b:2e:ae:3a:7c:a1:89:5b:16:df:f6:01:de:36:ea:2b:ec:d5:
e8:82:35:c9:69:7f:a8:70:22:7a:f8:9a:ad:72:0b:9a:ee:9f:
5d:96:d4:34:52:b8:a6:19:56:1e:93:d2:b8:b4:9f:2e:e7:72:
8f:30:27:d2:7a:0e:6b:92:7d:17:a0:f0:0c:5b:35:98:07:a4:
4a:8c:3b:17:3f:ab:bd:49:95:55:a0:53:1a:22:9c:55:2b:e3:
16:a0:0e:be:e6:25:a4:ae:f8:71:0e:63:41:4d:92:dc:60:4f:
b1:5d:07:9c:e4:b0:1e:80:38:87:a5:e6:82:cb:9a:60:56:1a:
aa:64:b6:36:1c:7c:f4:68:30:a6:f5:1a:75:fc:3d:90:d4:19:
b4:1d:b6:cd:3a:40:a8:a7:71:69:95:a6:20:de:a6:d0:d7:09:
37:cb:14:c2:e4:9d:22:5d:3e:9b:1e:3d:9c:4e:a0:9c:5f:ad:
45:0d:a1:c7:d9:f4:7a:1b:e4:2b:01:5f:78:82:04:b8:99:6a:
9f:78:5f:1a:d0:ea:31:a0:39:10:f9:dd:5a:40:c7:5a:db:d9:
9c:b0:79:08
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0z4y6QQhgwW/KVWUlTHNx7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyNThiM2E5NzQxYjQzMWQ3YmVjZDY0Mjg2YjllNmJjZTBl
OTc1ZGEwHhcNMjYwMzI4MTAwMDE5WhcNMjYwMzI5MTAwMDE5WjAzMTEwLwYDVQQD
Eyg5NDk3ZjAxZTZkOGZjYjJjYTgzNjNlY2UwMzgzMDZhODAxMjRmOWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjq4WvO1DITh1GiUOZIPG3JHxFjvu
OxLKPILeccTX9XXcE1QuKjh2CSWj6njzs/nz0OvT87fZXfFT5jBWuVF9iQ6G+JHA
xQksODXI/sqj1hIOM9so7ut+lM6TM0m8t+tG01hfbtmWey8VMorYE2dPjxlV7Uom
yjV5ZOaCaRPV6wqutU7uh5BJr7Vz4w6KFK3ESQfbo+7F8PMgcdUvJfcSlKIB6QM7
FU+lYAwNg74heN0/8RlKJYmJtddJIrt4JmO7IoHzOlC6cnPX1pBB3Vd+XgHeC5EZ
eidCIdKj8Wn73gseTJhmL+yt9ZtysizAAqs6Rlzx95Iw+qfTXofkzHg4HwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJSX8B5tj8ssqDY+zgODBqgBJPmpMB8GA1UdIwQY
MBaAFPJYs6l0G0Mde+zWQoa55rzg6XXaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGxpenFYUWJReDE3N05aQ2hybm12T0RwZGRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi8wOTVkNWYtMjY5My00MTgyLTkzOTct
Y2RhOTRmYjc5NmQxLzEvOGxpenFYUWJReDE3N05aQ2hybm12T0RwZGRvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi8wOTVkNWYtMjY5My00MTgyLTkzOTctY2RhOTRmYjc5NmQx
LzEvOGxpenFYUWJReDE3N05aQ2hybm12T0RwZGRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAY2X4q4vJ
06zWpFH5e0O7dyuMcZOqkxUg5u5rXKrEVTQFu1szay6uOnyhiVsW3/YB3jbqK+zV
6II1yWl/qHAieviarXILmu6fXZbUNFK4phlWHpPSuLSfLudyjzAn0noOa5J9F6Dw
DFs1mAekSow7Fz+rvUmVVaBTGiKcVSvjFqAOvuYlpK74cQ5jQU2S3GBPsV0HnOSw
HoA4h6XmgsuaYFYaqmS2Nhx89GgwpvUadfw9kNQZtB22zTpAqKdxaZWmIN6m0NcJ
N8sUwuSdIl0+mx49nE6gnF+tRQ2hx9n0ehvkKwFfeIIEuJlqn3hfGtDqMaA5EPnd
WkDHWtvZnLB5CA==
-----END CERTIFICATE-----
Generated at Sat Mar 28 15:56:21 2026 by rpki-client