Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/8e16cc-821f-4bd5-9fed-ab810d534bdd/1/0nHk7YQlOD9sgcIaSJSkN2NnXvw.mft
File: 0nHk7YQlOD9sgcIaSJSkN2NnXvw.mft (raw, json)
Hash identifier: BTV8/t5+xkedo8OhtNN2z6QjxdzRz6aq8Wg+WHTpY2Q=
Subject key identifier: 88:FD:C4:4A:07:1D:5F:4A:07:FA:96:13:E2:B2:A4:DD:2A:A6:82:2A
Authority key identifier: D2:71:E4:ED:84:25:38:3F:6C:81:C2:1A:48:94:A4:37:63:67:5E:FC
Certificate issuer: /CN=d271e4ed8425383f6c81c21a4894a43763675efc
Certificate serial: 019D37C047B2415847C6688FC35E696F5DFB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0nHk7YQlOD9sgcIaSJSkN2NnXvw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/8e16cc-821f-4bd5-9fed-ab810d534bdd/1/0nHk7YQlOD9sgcIaSJSkN2NnXvw.mft
Manifest number: 0396
Signing time: Sun 29 Mar 2026 04:00:41 +0000
Manifest this update: Sun 29 Mar 2026 04:00:41 +0000
Manifest next update: Mon 30 Mar 2026 04:00:41 +0000
Files and hashes: 1: 0nHk7YQlOD9sgcIaSJSkN2NnXvw.crl (hash: szfRd+FWKfre04/sQVNP7ohmqOvwgZKG2qgdoDg1QE4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/8e16cc-821f-4bd5-9fed-ab810d534bdd/1/0nHk7YQlOD9sgcIaSJSkN2NnXvw.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/8e16cc-821f-4bd5-9fed-ab810d534bdd/1/0nHk7YQlOD9sgcIaSJSkN2NnXvw.mft
rsync://rpki.ripe.net/repository/DEFAULT/0nHk7YQlOD9sgcIaSJSkN2NnXvw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 04:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:c0:47:b2:41:58:47:c6:68:8f:c3:5e:69:6f:5d:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d271e4ed8425383f6c81c21a4894a43763675efc
Validity
Not Before: Mar 29 04:00:41 2026 GMT
Not After : Mar 30 04:00:41 2026 GMT
Subject: CN=88fdc44a071d5f4a07fa9613e2b2a4dd2aa6822a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:af:96:bb:b2:19:01:3e:3a:11:79:23:4d:59:
58:87:c1:b6:e7:c5:4d:5e:57:67:35:a9:7d:2e:61:
91:32:f3:fa:c7:fa:c6:01:9f:b4:01:6d:9b:b7:a3:
88:e3:cb:3e:e1:d5:1a:08:9d:1d:d6:e3:a5:05:f7:
1e:4b:63:da:91:7e:e6:46:61:5d:a1:32:c0:ea:99:
49:5d:08:36:5a:f7:01:7a:44:80:4b:f8:88:e1:2c:
37:7f:d2:50:56:9c:18:41:e1:41:8a:e9:25:cd:4e:
2a:34:aa:c9:b5:8b:e9:99:c9:33:fc:1d:9d:da:5a:
a1:a5:dc:54:e3:65:79:69:6c:4e:bb:84:ba:a3:41:
5f:dc:26:b0:f8:d4:ba:73:a1:54:36:c5:eb:0a:44:
0f:7b:05:0e:92:eb:51:c2:5a:93:be:59:fe:de:2e:
96:29:ce:eb:06:2b:f8:a6:93:1b:2c:ca:97:e0:0b:
21:7d:97:63:8b:37:fc:53:ec:8d:c9:70:cd:6d:87:
95:fd:89:58:4c:a4:60:55:c9:13:50:ab:1a:0b:26:
c1:a0:a8:68:9c:02:7e:01:f7:e5:e9:4f:9d:82:42:
32:b2:43:53:98:7a:62:a7:43:84:67:be:65:66:b0:
e7:5b:c9:38:8e:6b:cd:0d:48:8a:63:fe:93:0f:b9:
97:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:FD:C4:4A:07:1D:5F:4A:07:FA:96:13:E2:B2:A4:DD:2A:A6:82:2A
X509v3 Authority Key Identifier:
keyid:D2:71:E4:ED:84:25:38:3F:6C:81:C2:1A:48:94:A4:37:63:67:5E:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0nHk7YQlOD9sgcIaSJSkN2NnXvw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/8e16cc-821f-4bd5-9fed-ab810d534bdd/1/0nHk7YQlOD9sgcIaSJSkN2NnXvw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/8e16cc-821f-4bd5-9fed-ab810d534bdd/1/0nHk7YQlOD9sgcIaSJSkN2NnXvw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5d:e5:80:59:49:d2:d3:1b:56:8c:2f:b8:95:99:fa:33:e1:fd:
fb:56:77:b8:ab:f8:52:42:d8:08:2c:ed:37:4c:6e:9b:58:1c:
f8:bc:05:bf:96:53:69:ca:6b:77:b6:62:83:ce:2b:46:aa:c8:
35:49:c8:07:d1:ff:0d:ba:7e:2c:7e:f0:98:c5:df:a7:7c:c9:
7f:b4:bd:c5:83:70:41:8d:99:1f:10:d7:17:7f:4f:0e:71:b9:
05:43:43:09:bc:ff:e5:6b:5f:d5:a9:fc:c1:38:0f:79:73:ec:
89:93:6f:fb:5f:9a:fe:fc:c4:2e:f7:03:31:b4:01:63:63:02:
82:95:07:84:50:4b:11:45:a2:4a:d9:7f:26:ea:46:a1:8f:d9:
e0:95:3e:ce:db:0f:47:93:e0:c7:d7:2e:6a:c1:0e:8d:da:1f:
02:c9:64:ba:95:21:50:6e:53:25:cf:e9:0a:11:23:d8:97:8a:
2f:57:48:af:97:81:36:55:e8:f0:b8:b5:32:f1:9c:20:3e:a7:
d1:96:85:8a:c9:55:5f:dc:10:f9:9f:33:7a:ae:ee:75:58:05:
35:5a:21:26:b8:a1:23:76:08:3a:4c:0c:91:22:ab:77:e6:08:
da:bd:d0:0c:13:52:ad:49:0d:3d:6f:a5:f9:28:4a:a1:ac:e1:
0b:22:2b:f9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03wEeyQVhHxmiPw15pb137MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyNzFlNGVkODQyNTM4M2Y2YzgxYzIxYTQ4OTRhNDM3NjM2
NzVlZmMwHhcNMjYwMzI5MDQwMDQxWhcNMjYwMzMwMDQwMDQxWjAzMTEwLwYDVQQD
Eyg4OGZkYzQ0YTA3MWQ1ZjRhMDdmYTk2MTNlMmIyYTRkZDJhYTY4MjJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApq+Wu7IZAT46EXkjTVlYh8G258VN
XldnNal9LmGRMvP6x/rGAZ+0AW2bt6OI48s+4dUaCJ0d1uOlBfceS2PakX7mRmFd
oTLA6plJXQg2WvcBekSAS/iI4Sw3f9JQVpwYQeFBiuklzU4qNKrJtYvpmckz/B2d
2lqhpdxU42V5aWxOu4S6o0Ff3Caw+NS6c6FUNsXrCkQPewUOkutRwlqTvln+3i6W
Kc7rBiv4ppMbLMqX4AshfZdjizf8U+yNyXDNbYeV/YlYTKRgVckTUKsaCybBoKho
nAJ+Affl6U+dgkIyskNTmHpip0OEZ75lZrDnW8k4jmvNDUiKY/6TD7mX/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIj9xEoHHV9KB/qWE+KypN0qpoIqMB8GA1UdIwQY
MBaAFNJx5O2EJTg/bIHCGkiUpDdjZ178MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMG5IazdZUWxPRDlzZ2NJYVNKU2tOMk5uWHZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS84ZTE2Y2MtODIxZi00YmQ1LTlmZWQt
YWI4MTBkNTM0YmRkLzEvMG5IazdZUWxPRDlzZ2NJYVNKU2tOMk5uWHZ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS84ZTE2Y2MtODIxZi00YmQ1LTlmZWQtYWI4MTBkNTM0YmRk
LzEvMG5IazdZUWxPRDlzZ2NJYVNKU2tOMk5uWHZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXeWAWUnS
0xtWjC+4lZn6M+H9+1Z3uKv4UkLYCCztN0xum1gc+LwFv5ZTacprd7Zig84rRqrI
NUnIB9H/Dbp+LH7wmMXfp3zJf7S9xYNwQY2ZHxDXF39PDnG5BUNDCbz/5Wtf1an8
wTgPeXPsiZNv+1+a/vzELvcDMbQBY2MCgpUHhFBLEUWiStl/JupGoY/Z4JU+ztsP
R5Pgx9cuasEOjdofAslkupUhUG5TJc/pChEj2JeKL1dIr5eBNlXo8Li1MvGcID6n
0ZaFislVX9wQ+Z8zeq7udVgFNVohJrihI3YIOkwMkSKrd+YI2r3QDBNSrUkNPW+l
+ShKoazhCyIr+Q==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:27:35 2026 by rpki-client