Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/a0083c-d0a8-4d8a-94b4-735625e0d297/1/h8CntD1CkkkXpZBZi0QyXkzJLuQ.mft
File: h8CntD1CkkkXpZBZi0QyXkzJLuQ.mft (raw, json)
Hash identifier: IqRs8CmeZx/acBCIghQLv7YhpGlixG4St05Srp0EG5c=
Subject key identifier: BB:EA:55:2B:A7:56:22:38:A4:5C:DF:9C:07:F8:96:B5:8C:58:0B:B6
Authority key identifier: 87:C0:A7:B4:3D:42:92:49:17:A5:90:59:8B:44:32:5E:4C:C9:2E:E4
Certificate issuer: /CN=87c0a7b43d42924917a590598b44325e4cc92ee4
Certificate serial: 019D25F10B7DE0E4CA26D428B0C6AB1964B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h8CntD1CkkkXpZBZi0QyXkzJLuQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/a0083c-d0a8-4d8a-94b4-735625e0d297/1/h8CntD1CkkkXpZBZi0QyXkzJLuQ.mft
Manifest number: 0C59
Signing time: Wed 25 Mar 2026 17:00:46 +0000
Manifest this update: Wed 25 Mar 2026 17:00:46 +0000
Manifest next update: Thu 26 Mar 2026 17:00:46 +0000
Files and hashes: 1: h8CntD1CkkkXpZBZi0QyXkzJLuQ.crl (hash: QDLpJGoIR3mtwifn+ve+lkKhQBhAR6/kPyHXHKJeA6U=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ba/a0083c-d0a8-4d8a-94b4-735625e0d297/1/h8CntD1CkkkXpZBZi0QyXkzJLuQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/ba/a0083c-d0a8-4d8a-94b4-735625e0d297/1/h8CntD1CkkkXpZBZi0QyXkzJLuQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/h8CntD1CkkkXpZBZi0QyXkzJLuQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:25:f1:0b:7d:e0:e4:ca:26:d4:28:b0:c6:ab:19:64:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87c0a7b43d42924917a590598b44325e4cc92ee4
Validity
Not Before: Mar 25 17:00:46 2026 GMT
Not After : Mar 26 17:00:46 2026 GMT
Subject: CN=bbea552ba7562238a45cdf9c07f896b58c580bb6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:3c:37:b9:e4:4a:ec:61:e5:d8:e5:99:14:94:
e2:23:8f:2a:81:ea:9d:0a:2a:1f:4d:f4:7a:e1:da:
83:cc:da:d5:9b:fb:d9:d5:a1:7d:37:d4:b8:40:3a:
f1:df:49:a5:95:9f:37:c5:77:ba:f8:55:40:57:1a:
93:ed:ff:ce:99:e7:c7:ad:66:77:fa:4f:d4:6b:3f:
a0:dd:af:22:17:3d:0f:19:b4:20:65:41:aa:30:f9:
e8:3a:4b:5f:48:f2:71:a7:f8:fd:0a:2a:18:be:71:
0e:c0:55:8a:40:0b:19:b7:18:d6:98:02:02:4e:d9:
8d:e9:62:fb:1f:17:91:18:4f:68:eb:79:30:71:e6:
03:9b:1e:a8:7d:e7:71:4f:bc:bf:6b:38:23:5f:06:
dc:ff:85:2e:44:3a:ca:04:4a:72:8a:bf:6b:52:28:
7e:cc:5e:39:c9:6f:9d:05:3f:9b:b8:65:22:2d:7e:
a3:7f:c0:29:c0:c3:0a:86:72:3b:c7:95:21:01:cc:
0e:3c:b4:b4:ee:23:d4:fb:f0:e6:2e:75:72:25:6b:
f3:f6:93:14:dc:0c:2e:fb:05:6d:74:9d:a7:0c:87:
3c:1a:77:09:21:4f:de:58:07:44:fd:3a:2f:34:0f:
07:a8:56:55:8c:b4:47:66:ec:1f:55:d1:7d:ad:63:
b8:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:EA:55:2B:A7:56:22:38:A4:5C:DF:9C:07:F8:96:B5:8C:58:0B:B6
X509v3 Authority Key Identifier:
keyid:87:C0:A7:B4:3D:42:92:49:17:A5:90:59:8B:44:32:5E:4C:C9:2E:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h8CntD1CkkkXpZBZi0QyXkzJLuQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/a0083c-d0a8-4d8a-94b4-735625e0d297/1/h8CntD1CkkkXpZBZi0QyXkzJLuQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/a0083c-d0a8-4d8a-94b4-735625e0d297/1/h8CntD1CkkkXpZBZi0QyXkzJLuQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
67:c0:2d:8e:88:d7:07:55:fc:7c:67:55:31:72:10:e4:87:36:
f4:83:1a:cf:af:32:e5:48:17:82:ee:2c:15:69:b3:e3:47:56:
4b:15:e9:b6:48:b7:93:32:e0:58:e2:1d:60:f2:6c:78:87:f7:
a0:cc:e2:52:69:c0:33:4b:15:9f:51:63:b4:f3:b6:d5:19:10:
d1:df:d2:63:01:66:9a:30:31:3b:27:1b:85:b5:b1:59:28:78:
b7:34:15:96:23:84:28:9d:e4:f6:39:1e:05:b8:c1:d9:8d:49:
f9:a8:93:05:69:b9:3b:14:d5:f4:9b:68:b3:fe:32:2a:91:46:
82:f7:6f:fd:87:c0:fd:b5:f3:b5:ca:4c:94:f6:fd:13:7e:95:
81:e3:de:59:84:80:a0:8f:e5:a8:cb:e8:34:32:f3:47:8b:16:
dc:44:46:02:6a:f0:3a:11:14:2c:d7:29:09:c4:4d:de:a9:57:
fd:b9:14:65:60:be:c7:74:a9:56:7c:7a:d5:7f:5c:7a:a6:29:
34:6a:d4:64:f3:11:16:a6:d4:3a:c4:e3:8b:4d:7a:dc:1c:63:
b2:aa:fc:72:a6:97:6c:d7:b9:5c:81:e5:e0:f1:21:01:1b:a8:
97:61:a1:f9:53:fa:f1:34:b9:c8:ee:03:79:c1:00:b2:42:66:
03:ba:0b:f8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0l8Qt94OTKJtQosMarGWS0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3YzBhN2I0M2Q0MjkyNDkxN2E1OTA1OThiNDQzMjVlNGNj
OTJlZTQwHhcNMjYwMzI1MTcwMDQ2WhcNMjYwMzI2MTcwMDQ2WjAzMTEwLwYDVQQD
EyhiYmVhNTUyYmE3NTYyMjM4YTQ1Y2RmOWMwN2Y4OTZiNThjNTgwYmI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Dw3ueRK7GHl2OWZFJTiI48qgeqd
CiofTfR64dqDzNrVm/vZ1aF9N9S4QDrx30mllZ83xXe6+FVAVxqT7f/OmefHrWZ3
+k/Uaz+g3a8iFz0PGbQgZUGqMPnoOktfSPJxp/j9CioYvnEOwFWKQAsZtxjWmAIC
TtmN6WL7HxeRGE9o63kwceYDmx6ofedxT7y/azgjXwbc/4UuRDrKBEpyir9rUih+
zF45yW+dBT+buGUiLX6jf8ApwMMKhnI7x5UhAcwOPLS07iPU+/DmLnVyJWvz9pMU
3Awu+wVtdJ2nDIc8GncJIU/eWAdE/TovNA8HqFZVjLRHZuwfVdF9rWO48QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLvqVSunViI4pFzfnAf4lrWMWAu2MB8GA1UdIwQY
MBaAFIfAp7Q9QpJJF6WQWYtEMl5MyS7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDhDbnREMUNra2tYcFpCWmkwUXlYa3pKTHVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS9hMDA4M2MtZDBhOC00ZDhhLTk0YjQt
NzM1NjI1ZTBkMjk3LzEvaDhDbnREMUNra2tYcFpCWmkwUXlYa3pKTHVRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS9hMDA4M2MtZDBhOC00ZDhhLTk0YjQtNzM1NjI1ZTBkMjk3
LzEvaDhDbnREMUNra2tYcFpCWmkwUXlYa3pKTHVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZ8AtjojX
B1X8fGdVMXIQ5Ic29IMaz68y5UgXgu4sFWmz40dWSxXptki3kzLgWOIdYPJseIf3
oMziUmnAM0sVn1FjtPO21RkQ0d/SYwFmmjAxOycbhbWxWSh4tzQVliOEKJ3k9jke
BbjB2Y1J+aiTBWm5OxTV9Jtos/4yKpFGgvdv/YfA/bXztcpMlPb9E36VgePeWYSA
oI/lqMvoNDLzR4sW3ERGAmrwOhEULNcpCcRN3qlX/bkUZWC+x3SpVnx61X9ceqYp
NGrUZPMRFqbUOsTji0163Bxjsqr8cqaXbNe5XIHl4PEhARuol2Gh+VP68TS5yO4D
ecEAskJmA7oL+A==
-----END CERTIFICATE-----
Generated at Thu Mar 26 00:57:52 2026 by rpki-client