Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/8ab2a3-088e-4e0c-be9a-4a946c52fbc2/1/D8lnTtVfCnZcpdocb6-k3SXioXg.mft
File: D8lnTtVfCnZcpdocb6-k3SXioXg.mft (raw, json)
Hash identifier: JdI2j1kP3yrQ9ZF7BWHSATk/FlR3n+hY8/pAnyDGC24=
Subject key identifier: 39:45:64:C3:57:46:AF:DE:B4:40:C1:E7:7B:A5:EF:E8:5B:73:3C:BE
Authority key identifier: 0F:C9:67:4E:D5:5F:0A:76:5C:A5:DA:1C:6F:AF:A4:DD:25:E2:A1:78
Certificate issuer: /CN=0fc9674ed55f0a765ca5da1c6fafa4dd25e2a178
Certificate serial: 019E1CEB91A247D056FE1DC4C9D456DACD93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D8lnTtVfCnZcpdocb6-k3SXioXg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/8ab2a3-088e-4e0c-be9a-4a946c52fbc2/1/D8lnTtVfCnZcpdocb6-k3SXioXg.mft
Manifest number: 09EA
Signing time: Tue 12 May 2026 16:01:00 +0000
Manifest this update: Tue 12 May 2026 16:01:00 +0000
Manifest next update: Wed 13 May 2026 16:01:00 +0000
Files and hashes: 1: D8lnTtVfCnZcpdocb6-k3SXioXg.crl (hash: RGzTLY4OHfnwaukXpGJFdxkZu7sW06FaWpMOS+1iJrc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/8ab2a3-088e-4e0c-be9a-4a946c52fbc2/1/D8lnTtVfCnZcpdocb6-k3SXioXg.crl
rsync://rpki.ripe.net/repository/DEFAULT/f4/8ab2a3-088e-4e0c-be9a-4a946c52fbc2/1/D8lnTtVfCnZcpdocb6-k3SXioXg.mft
rsync://rpki.ripe.net/repository/DEFAULT/D8lnTtVfCnZcpdocb6-k3SXioXg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:1c:eb:91:a2:47:d0:56:fe:1d:c4:c9:d4:56:da:cd:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0fc9674ed55f0a765ca5da1c6fafa4dd25e2a178
Validity
Not Before: May 12 16:01:00 2026 GMT
Not After : May 13 16:01:00 2026 GMT
Subject: CN=394564c35746afdeb440c1e77ba5efe85b733cbe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:60:2f:9f:b4:06:c8:4e:41:ab:50:52:f5:6c:
f4:1b:9e:9d:27:b3:00:89:1b:32:75:26:5d:3f:c3:
fc:d2:eb:1c:c4:90:0e:ad:1d:7a:ff:4a:a2:6e:98:
b8:e3:54:98:18:0e:f7:89:38:c6:21:e1:67:f6:e0:
e1:aa:09:59:0b:f3:75:35:8f:61:64:11:91:84:f3:
d0:9e:80:21:48:17:51:c2:3d:1d:5d:86:ab:48:15:
58:82:9a:c5:16:7e:d7:bc:98:88:c7:b1:cd:4b:f2:
b3:9c:32:41:38:78:73:d9:73:7a:5a:c8:18:60:44:
59:a0:2a:ec:6a:5b:07:98:98:02:d3:e2:0e:fc:10:
27:fd:22:56:9c:85:c2:87:c4:0e:fb:08:e8:d0:fd:
34:e4:b3:bc:6f:d1:00:eb:b2:e5:84:ed:a0:01:32:
8d:34:9e:25:9b:a4:60:7e:1f:c2:72:d0:f0:46:ba:
c7:30:11:1c:11:32:45:28:49:88:6d:75:bd:62:56:
99:3a:c0:5e:14:c9:0c:c6:f3:4c:97:ed:b3:91:d5:
5a:89:3c:41:72:e0:8b:6a:9d:90:cc:19:8e:61:37:
de:3f:84:40:f6:78:6e:17:55:6b:8b:46:a7:7c:d2:
a9:a7:29:ca:9b:55:84:11:71:af:9c:03:59:1e:0f:
0d:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:45:64:C3:57:46:AF:DE:B4:40:C1:E7:7B:A5:EF:E8:5B:73:3C:BE
X509v3 Authority Key Identifier:
keyid:0F:C9:67:4E:D5:5F:0A:76:5C:A5:DA:1C:6F:AF:A4:DD:25:E2:A1:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D8lnTtVfCnZcpdocb6-k3SXioXg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/8ab2a3-088e-4e0c-be9a-4a946c52fbc2/1/D8lnTtVfCnZcpdocb6-k3SXioXg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/8ab2a3-088e-4e0c-be9a-4a946c52fbc2/1/D8lnTtVfCnZcpdocb6-k3SXioXg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
59:8d:cd:16:a7:2d:fb:e9:97:4b:4d:25:bb:d2:c0:3c:fc:40:
51:87:5e:a8:7d:a1:28:11:41:da:10:e9:ed:1a:c2:78:b2:df:
6a:05:5a:3b:08:4a:ea:9d:cf:d4:b5:96:f4:5a:1c:3c:05:54:
85:72:2b:22:17:ec:a8:e6:03:f5:70:d0:3e:89:eb:b9:0b:6c:
31:d2:7f:d9:b4:38:8f:33:05:ed:94:bb:dd:64:14:74:01:64:
79:42:b6:74:4a:63:70:35:73:fb:29:9c:22:b8:24:f8:8a:83:
8f:bb:a5:17:04:e0:f2:21:01:a3:4f:d4:fa:11:d3:6b:a2:76:
93:bf:48:fa:b7:5c:db:3f:98:da:ee:d7:81:6f:56:c5:a9:94:
71:3a:ed:5d:af:bf:ca:fa:c7:6c:b5:44:df:09:d2:4e:19:95:
86:35:df:b5:83:42:19:01:0e:98:8b:76:93:f3:a3:c5:14:5c:
05:76:aa:c6:5f:f8:59:46:8b:f0:26:30:24:ab:7d:ec:01:ff:
b5:36:ab:0b:de:b1:5d:3f:47:5c:bb:f3:0a:79:c0:0c:c3:de:
5e:51:19:2d:df:7d:9d:a8:8b:53:40:8e:62:3d:59:69:d2:5b:
c6:da:08:98:0b:6c:87:ef:de:08:be:96:c0:f9:e7:de:8f:c2:
c9:46:98:8a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4c65GiR9BW/h3EydRW2s2TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmYzk2NzRlZDU1ZjBhNzY1Y2E1ZGExYzZmYWZhNGRkMjVl
MmExNzgwHhcNMjYwNTEyMTYwMTAwWhcNMjYwNTEzMTYwMTAwWjAzMTEwLwYDVQQD
EygzOTQ1NjRjMzU3NDZhZmRlYjQ0MGMxZTc3YmE1ZWZlODViNzMzY2JlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr2Avn7QGyE5Bq1BS9Wz0G56dJ7MA
iRsydSZdP8P80uscxJAOrR16/0qibpi441SYGA73iTjGIeFn9uDhqglZC/N1NY9h
ZBGRhPPQnoAhSBdRwj0dXYarSBVYgprFFn7XvJiIx7HNS/KznDJBOHhz2XN6WsgY
YERZoCrsalsHmJgC0+IO/BAn/SJWnIXCh8QO+wjo0P005LO8b9EA67LlhO2gATKN
NJ4lm6Rgfh/CctDwRrrHMBEcETJFKEmIbXW9YlaZOsBeFMkMxvNMl+2zkdVaiTxB
cuCLap2QzBmOYTfeP4RA9nhuF1Vri0anfNKppynKm1WEEXGvnANZHg8N8QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDlFZMNXRq/etEDB53ul7+hbczy+MB8GA1UdIwQY
MBaAFA/JZ07VXwp2XKXaHG+vpN0l4qF4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDhsblR0VmZDblpjcGRvY2I2LWszU1hpb1hnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC84YWIyYTMtMDg4ZS00ZTBjLWJlOWEt
NGE5NDZjNTJmYmMyLzEvRDhsblR0VmZDblpjcGRvY2I2LWszU1hpb1hnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC84YWIyYTMtMDg4ZS00ZTBjLWJlOWEtNGE5NDZjNTJmYmMy
LzEvRDhsblR0VmZDblpjcGRvY2I2LWszU1hpb1hnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWY3NFqct
++mXS00lu9LAPPxAUYdeqH2hKBFB2hDp7RrCeLLfagVaOwhK6p3P1LWW9FocPAVU
hXIrIhfsqOYD9XDQPonruQtsMdJ/2bQ4jzMF7ZS73WQUdAFkeUK2dEpjcDVz+ymc
Irgk+IqDj7ulFwTg8iEBo0/U+hHTa6J2k79I+rdc2z+Y2u7XgW9WxamUcTrtXa+/
yvrHbLVE3wnSThmVhjXftYNCGQEOmIt2k/OjxRRcBXaqxl/4WUaL8CYwJKt97AH/
tTarC96xXT9HXLvzCnnADMPeXlEZLd99naiLU0COYj1ZadJbxtoImAtsh+/eCL6W
wPnn3o/CyUaYig==
-----END CERTIFICATE-----
Generated at Wed May 13 00:53:20 2026 by rpki-client