Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/5151e1-36b7-4205-9af7-74e84967168b/1/8R8omgChsRW386TRuAEb-Q0aL3I.mft
File: 8R8omgChsRW386TRuAEb-Q0aL3I.mft (raw, json)
Hash identifier: 3Dod3DzCX/6cEgVPM0Ld4fBfvqlWGneW58nyMvDZ0UI=
Subject key identifier: E1:9D:65:83:5D:C6:1E:23:DF:85:CF:06:D1:2A:0B:DF:3E:83:3F:20
Authority key identifier: F1:1F:28:9A:00:A1:B1:15:B7:F3:A4:D1:B8:01:1B:F9:0D:1A:2F:72
Certificate issuer: /CN=f11f289a00a1b115b7f3a4d1b8011bf90d1a2f72
Certificate serial: 019D3909BA3B712423C6FAF5A34013A7F973
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8R8omgChsRW386TRuAEb-Q0aL3I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/5151e1-36b7-4205-9af7-74e84967168b/1/8R8omgChsRW386TRuAEb-Q0aL3I.mft
Manifest number: 0C5F
Signing time: Sun 29 Mar 2026 10:00:31 +0000
Manifest this update: Sun 29 Mar 2026 10:00:31 +0000
Manifest next update: Mon 30 Mar 2026 10:00:31 +0000
Files and hashes: 1: 8R8omgChsRW386TRuAEb-Q0aL3I.crl (hash: 0haZ1UYum/mg70nKGZOdSFdHzbur/ZJKlocXFu/f9Xc=)
2: n0kXXQBuQDCSgjPwmN3Gr_8c6qI.roa (hash: yccqhpLjnyFJP4HXHx8COGOAuzdsePkEiMVFsxk8r48=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9e/5151e1-36b7-4205-9af7-74e84967168b/1/8R8omgChsRW386TRuAEb-Q0aL3I.crl
rsync://rpki.ripe.net/repository/DEFAULT/9e/5151e1-36b7-4205-9af7-74e84967168b/1/8R8omgChsRW386TRuAEb-Q0aL3I.mft
rsync://rpki.ripe.net/repository/DEFAULT/8R8omgChsRW386TRuAEb-Q0aL3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:09:ba:3b:71:24:23:c6:fa:f5:a3:40:13:a7:f9:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f11f289a00a1b115b7f3a4d1b8011bf90d1a2f72
Validity
Not Before: Mar 29 10:00:31 2026 GMT
Not After : Mar 30 10:00:31 2026 GMT
Subject: CN=e19d65835dc61e23df85cf06d12a0bdf3e833f20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:6f:bc:bc:af:d6:5b:5a:1a:61:0b:1f:c7:75:
0d:dc:37:42:d2:55:a5:cd:25:c6:d7:29:c1:09:0e:
42:5c:1f:39:a8:bd:c6:51:cd:e2:cc:8c:a1:46:da:
96:44:86:77:39:c6:79:33:34:d5:b7:31:57:78:3d:
98:77:f8:bf:63:2b:b0:6c:fd:07:24:ab:86:b0:36:
ce:ea:42:17:1c:d7:80:f6:ea:a2:50:88:f0:e8:5f:
44:30:de:c5:65:e4:f9:a7:7e:4d:81:ad:3b:09:cf:
51:6c:8b:b2:23:86:22:99:19:b1:85:53:8b:7d:16:
25:82:e1:13:b7:06:26:dd:f9:4d:84:68:38:d6:84:
56:54:df:22:f6:81:ba:b3:73:64:ab:5a:69:b6:cd:
84:9c:46:a9:6f:d7:df:55:87:a9:70:10:5e:41:aa:
42:b8:39:6a:b3:23:35:7c:34:35:89:6f:0d:51:b6:
2c:a2:c0:51:84:0c:7f:75:cf:19:e3:5a:bc:1c:2f:
6f:ae:f7:fb:5c:43:05:a2:8e:e7:3d:5a:ac:c4:dc:
3d:d0:63:6e:5b:7d:b3:50:31:13:f7:0d:3c:35:c6:
51:d9:1f:5c:d0:da:12:cd:c6:86:d9:64:c5:ca:b9:
ae:3e:df:6c:7c:b7:f8:47:aa:09:82:e4:ab:30:90:
cd:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:9D:65:83:5D:C6:1E:23:DF:85:CF:06:D1:2A:0B:DF:3E:83:3F:20
X509v3 Authority Key Identifier:
keyid:F1:1F:28:9A:00:A1:B1:15:B7:F3:A4:D1:B8:01:1B:F9:0D:1A:2F:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8R8omgChsRW386TRuAEb-Q0aL3I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/5151e1-36b7-4205-9af7-74e84967168b/1/8R8omgChsRW386TRuAEb-Q0aL3I.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/5151e1-36b7-4205-9af7-74e84967168b/1/8R8omgChsRW386TRuAEb-Q0aL3I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
05:30:b8:14:e6:e5:4f:44:9e:08:c1:d9:22:74:6c:b7:84:75:
d1:00:20:8a:82:32:9a:65:f9:21:e3:3b:c1:ad:0b:07:4f:60:
51:90:83:f7:27:51:df:83:d6:a4:c1:76:26:69:43:cd:60:6a:
10:a5:00:c9:ca:3b:fa:eb:25:bf:29:97:3c:f1:32:54:5a:02:
f4:f2:f4:78:f7:ca:a3:d0:05:48:3c:e8:c1:44:cc:ce:88:04:
b1:9a:aa:99:19:97:ce:27:d4:cd:e1:63:d1:0f:2f:88:d6:30:
40:50:d6:1e:e8:6a:f2:48:37:e8:40:a4:d5:b9:c8:84:54:0d:
7e:7f:93:a8:22:9b:e7:ff:84:94:db:99:ef:d6:d2:df:db:c7:
ab:fc:02:0e:1f:cc:00:cb:5f:17:7b:c7:17:77:f2:1b:35:99:
2a:cf:39:7f:87:fc:5e:43:79:e9:55:33:91:9b:03:6d:6a:1d:
93:4f:5b:73:a7:dc:11:25:b3:b3:6f:3a:bd:57:3b:f2:25:7b:
d2:99:2b:02:e5:6e:75:f6:da:31:cc:bb:f2:82:c7:a3:aa:73:
ed:3d:e6:da:7d:07:75:91:86:d7:0c:76:dd:fc:98:16:3c:6a:
8f:56:af:d3:b2:df:dc:af:0a:a6:84:5f:6c:fe:db:82:c0:42:
a7:30:f1:62
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05Cbo7cSQjxvr1o0ATp/lzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxMWYyODlhMDBhMWIxMTViN2YzYTRkMWI4MDExYmY5MGQx
YTJmNzIwHhcNMjYwMzI5MTAwMDMxWhcNMjYwMzMwMTAwMDMxWjAzMTEwLwYDVQQD
EyhlMTlkNjU4MzVkYzYxZTIzZGY4NWNmMDZkMTJhMGJkZjNlODMzZjIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsG+8vK/WW1oaYQsfx3UN3DdC0lWl
zSXG1ynBCQ5CXB85qL3GUc3izIyhRtqWRIZ3OcZ5MzTVtzFXeD2Yd/i/YyuwbP0H
JKuGsDbO6kIXHNeA9uqiUIjw6F9EMN7FZeT5p35Nga07Cc9RbIuyI4YimRmxhVOL
fRYlguETtwYm3flNhGg41oRWVN8i9oG6s3Nkq1ppts2EnEapb9ffVYepcBBeQapC
uDlqsyM1fDQ1iW8NUbYsosBRhAx/dc8Z41q8HC9vrvf7XEMFoo7nPVqsxNw90GNu
W32zUDET9w08NcZR2R9c0NoSzcaG2WTFyrmuPt9sfLf4R6oJguSrMJDNPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOGdZYNdxh4j34XPBtEqC98+gz8gMB8GA1UdIwQY
MBaAFPEfKJoAobEVt/Ok0bgBG/kNGi9yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFI4b21nQ2hzUlczODZUUnVBRWItUTBhTDNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS81MTUxZTEtMzZiNy00MjA1LTlhZjct
NzRlODQ5NjcxNjhiLzEvOFI4b21nQ2hzUlczODZUUnVBRWItUTBhTDNJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS81MTUxZTEtMzZiNy00MjA1LTlhZjctNzRlODQ5NjcxNjhi
LzEvOFI4b21nQ2hzUlczODZUUnVBRWItUTBhTDNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABTC4FObl
T0SeCMHZInRst4R10QAgioIymmX5IeM7wa0LB09gUZCD9ydR34PWpMF2JmlDzWBq
EKUAyco7+uslvymXPPEyVFoC9PL0ePfKo9AFSDzowUTMzogEsZqqmRmXzifUzeFj
0Q8viNYwQFDWHuhq8kg36ECk1bnIhFQNfn+TqCKb5/+ElNuZ79bS39vHq/wCDh/M
AMtfF3vHF3fyGzWZKs85f4f8XkN56VUzkZsDbWodk09bc6fcESWzs286vVc78iV7
0pkrAuVudfbaMcy78oLHo6pz7T3m2n0HdZGG1wx23fyYFjxqj1av07Lf3K8KpoRf
bP7bgsBCpzDxYg==
-----END CERTIFICATE-----
Generated at Sun Mar 29 13:53:47 2026 by rpki-client