Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/1aa875-03b5-4c17-bb39-b0c1e3304e74/1/8iL76FrkCNN3shfU66eziyS69d0.mft
File: 8iL76FrkCNN3shfU66eziyS69d0.mft (raw, json)
Hash identifier: gQ3mw6xyk6l43qO0Xx9ZB3zS1z1ia3tqnCMjdwR8ATQ=
Subject key identifier: FA:2B:61:F2:53:3C:0C:51:85:8A:62:5F:40:76:8E:D1:E4:B8:3B:9F
Authority key identifier: F2:22:FB:E8:5A:E4:08:D3:77:B2:17:D4:EB:A7:B3:8B:24:BA:F5:DD
Certificate issuer: /CN=f222fbe85ae408d377b217d4eba7b38b24baf5dd
Certificate serial: 019D2703D49EF647BBB957DC59AB6616C172
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8iL76FrkCNN3shfU66eziyS69d0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/1aa875-03b5-4c17-bb39-b0c1e3304e74/1/8iL76FrkCNN3shfU66eziyS69d0.mft
Manifest number: 0F36
Signing time: Wed 25 Mar 2026 22:00:55 +0000
Manifest this update: Wed 25 Mar 2026 22:00:55 +0000
Manifest next update: Thu 26 Mar 2026 22:00:55 +0000
Files and hashes: 1: 8iL76FrkCNN3shfU66eziyS69d0.crl (hash: czFlW21kG1kACVx677ljjoShFWqZhAKdocArceojFvQ=)
2: RAC2EIsVMHG6hRns7HbMn17gGls.roa (hash: FF3H1038Rgf//9+NtLOprCe/ZirTllG7HflUAk9dINQ=)
3: nxP6oV7FFuyKT5VZI8Lr0S_v3YA.roa (hash: iN63qFqYR+Oirh/aAc/OhTjdpHDfVt7KEG3Iws+eD0c=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f2/1aa875-03b5-4c17-bb39-b0c1e3304e74/1/8iL76FrkCNN3shfU66eziyS69d0.crl
rsync://rpki.ripe.net/repository/DEFAULT/f2/1aa875-03b5-4c17-bb39-b0c1e3304e74/1/8iL76FrkCNN3shfU66eziyS69d0.mft
rsync://rpki.ripe.net/repository/DEFAULT/8iL76FrkCNN3shfU66eziyS69d0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:27:03:d4:9e:f6:47:bb:b9:57:dc:59:ab:66:16:c1:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f222fbe85ae408d377b217d4eba7b38b24baf5dd
Validity
Not Before: Mar 25 22:00:55 2026 GMT
Not After : Mar 26 22:00:55 2026 GMT
Subject: CN=fa2b61f2533c0c51858a625f40768ed1e4b83b9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:09:f6:a8:cf:01:44:75:9a:a1:7e:7f:5f:ab:
28:16:6e:39:3b:37:a3:cf:af:c1:63:96:26:32:ad:
2e:62:93:d5:b7:f6:0a:01:ea:d2:c6:00:94:51:d9:
d7:f1:1d:26:d9:2d:e1:22:3c:12:92:8e:5e:93:23:
ee:42:8f:c0:f9:92:6a:ba:94:46:65:b1:d9:7d:9a:
f3:c5:57:c3:92:82:f8:4f:05:6f:9c:0a:61:4e:34:
1a:27:6c:f6:e1:0c:fa:48:6a:0c:5f:24:33:91:81:
ef:e6:9c:d7:ee:3a:dc:98:b5:76:a6:72:35:1b:7a:
dd:13:6a:3a:52:db:c0:bf:aa:9c:c2:a8:e2:bf:83:
f0:c9:fa:7b:f7:85:88:54:d8:1d:f2:06:b2:00:d4:
c8:a6:5b:b8:5b:01:7c:a0:ac:ca:29:8f:78:32:d2:
8c:69:da:dd:38:a0:94:ce:30:f8:8f:a2:6a:ec:ba:
fa:f8:99:8f:b3:ff:4e:d2:4e:c5:6a:7a:2f:2f:4c:
68:5d:20:ac:16:c9:f3:f0:6c:93:8b:c3:4e:b9:4c:
57:46:6c:a6:50:3e:95:03:95:ab:9b:a1:15:c6:a4:
fa:ff:95:9d:d5:7a:57:9e:22:4b:96:3e:bf:26:3e:
9b:16:25:70:a5:d5:3e:f0:a4:42:25:44:36:04:9e:
93:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:2B:61:F2:53:3C:0C:51:85:8A:62:5F:40:76:8E:D1:E4:B8:3B:9F
X509v3 Authority Key Identifier:
keyid:F2:22:FB:E8:5A:E4:08:D3:77:B2:17:D4:EB:A7:B3:8B:24:BA:F5:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8iL76FrkCNN3shfU66eziyS69d0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/1aa875-03b5-4c17-bb39-b0c1e3304e74/1/8iL76FrkCNN3shfU66eziyS69d0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/1aa875-03b5-4c17-bb39-b0c1e3304e74/1/8iL76FrkCNN3shfU66eziyS69d0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2e:99:83:dd:16:3a:93:0d:a5:b6:4b:d1:17:81:6b:6d:bd:d4:
ee:af:5a:93:2b:1f:f5:c1:6c:6b:bf:4b:53:74:7a:d0:fb:0d:
6b:1d:4e:af:28:88:b4:c8:4f:fd:4e:a4:88:ed:c5:3c:bc:4e:
02:e6:89:dd:d1:c8:6c:f0:9e:22:71:63:81:54:b8:a7:40:c1:
0a:db:a3:a5:a6:a4:f8:0b:d5:b7:e6:ed:d3:f4:39:b2:fd:3a:
c9:ff:65:00:6e:45:77:86:e5:2e:15:81:e2:09:de:2e:68:c1:
6a:11:20:07:fc:5a:ec:2a:b0:fb:54:65:92:90:c4:55:ef:c9:
79:6e:92:19:66:3b:0f:99:f6:b2:ca:08:59:2a:8a:56:5d:0c:
ef:d3:32:95:25:84:72:b3:3c:a1:fa:8e:ae:18:c1:e8:01:87:
ac:48:96:5d:98:bb:41:36:aa:f8:c7:3b:88:3d:dd:e2:81:ea:
c9:93:69:75:4e:6c:c5:23:28:e3:52:81:9a:dc:74:a6:a7:5e:
5e:43:b8:15:88:4d:e3:3c:ea:68:30:16:87:37:19:4d:e2:37:
37:d2:30:12:d7:08:91:fe:fa:2e:9a:8c:8d:d1:e6:1e:29:c5:
b3:f4:73:97:b0:cc:35:ea:08:04:d6:6a:61:d0:cd:dd:82:f1:
a1:e0:2f:04
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nA9Se9ke7uVfcWatmFsFyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyMjJmYmU4NWFlNDA4ZDM3N2IyMTdkNGViYTdiMzhiMjRi
YWY1ZGQwHhcNMjYwMzI1MjIwMDU1WhcNMjYwMzI2MjIwMDU1WjAzMTEwLwYDVQQD
EyhmYTJiNjFmMjUzM2MwYzUxODU4YTYyNWY0MDc2OGVkMWU0YjgzYjlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1An2qM8BRHWaoX5/X6soFm45Ozej
z6/BY5YmMq0uYpPVt/YKAerSxgCUUdnX8R0m2S3hIjwSko5ekyPuQo/A+ZJqupRG
ZbHZfZrzxVfDkoL4TwVvnAphTjQaJ2z24Qz6SGoMXyQzkYHv5pzX7jrcmLV2pnI1
G3rdE2o6UtvAv6qcwqjiv4Pwyfp794WIVNgd8gayANTIplu4WwF8oKzKKY94MtKM
adrdOKCUzjD4j6Jq7Lr6+JmPs/9O0k7FanovL0xoXSCsFsnz8GyTi8NOuUxXRmym
UD6VA5Wrm6EVxqT6/5Wd1XpXniJLlj6/Jj6bFiVwpdU+8KRCJUQ2BJ6TcQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPorYfJTPAxRhYpiX0B2jtHkuDufMB8GA1UdIwQY
MBaAFPIi++ha5AjTd7IX1Ouns4skuvXdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGlMNzZGcmtDTk4zc2hmVTY2ZXppeVM2OWQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi8xYWE4NzUtMDNiNS00YzE3LWJiMzkt
YjBjMWUzMzA0ZTc0LzEvOGlMNzZGcmtDTk4zc2hmVTY2ZXppeVM2OWQwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi8xYWE4NzUtMDNiNS00YzE3LWJiMzktYjBjMWUzMzA0ZTc0
LzEvOGlMNzZGcmtDTk4zc2hmVTY2ZXppeVM2OWQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALpmD3RY6
kw2ltkvRF4Frbb3U7q9akysf9cFsa79LU3R60PsNax1OryiItMhP/U6kiO3FPLxO
AuaJ3dHIbPCeInFjgVS4p0DBCtujpaak+AvVt+bt0/Q5sv06yf9lAG5Fd4blLhWB
4gneLmjBahEgB/xa7Cqw+1RlkpDEVe/JeW6SGWY7D5n2ssoIWSqKVl0M79MylSWE
crM8ofqOrhjB6AGHrEiWXZi7QTaq+Mc7iD3d4oHqyZNpdU5sxSMo41KBmtx0pqde
XkO4FYhN4zzqaDAWhzcZTeI3N9IwEtcIkf76LpqMjdHmHinFs/Rzl7DMNeoIBNZq
YdDN3YLxoeAvBA==
-----END CERTIFICATE-----
Generated at Thu Mar 26 02:06:13 2026 by rpki-client