Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/a0083c-d0a8-4d8a-94b4-735625e0d297/1/h8CntD1CkkkXpZBZi0QyXkzJLuQ.mft
File: h8CntD1CkkkXpZBZi0QyXkzJLuQ.mft (raw, json)
Hash identifier: SZaLTAFX6I91ErFrwSV8vZPWa3BCDOgKwrlS3RV1STI=
Subject key identifier: 81:62:A9:CD:68:12:39:2A:93:32:F4:66:AC:E0:36:09:29:89:0A:86
Authority key identifier: 87:C0:A7:B4:3D:42:92:49:17:A5:90:59:8B:44:32:5E:4C:C9:2E:E4
Certificate issuer: /CN=87c0a7b43d42924917a590598b44325e4cc92ee4
Certificate serial: 019D394127B6C8713AA0D297717489188192
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h8CntD1CkkkXpZBZi0QyXkzJLuQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/a0083c-d0a8-4d8a-94b4-735625e0d297/1/h8CntD1CkkkXpZBZi0QyXkzJLuQ.mft
Manifest number: 0C63
Signing time: Sun 29 Mar 2026 11:01:04 +0000
Manifest this update: Sun 29 Mar 2026 11:01:04 +0000
Manifest next update: Mon 30 Mar 2026 11:01:04 +0000
Files and hashes: 1: h8CntD1CkkkXpZBZi0QyXkzJLuQ.crl (hash: rIZ7CANDawB9o3fOibjXdTgut1JkKpH13fe87YQXF1s=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ba/a0083c-d0a8-4d8a-94b4-735625e0d297/1/h8CntD1CkkkXpZBZi0QyXkzJLuQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/ba/a0083c-d0a8-4d8a-94b4-735625e0d297/1/h8CntD1CkkkXpZBZi0QyXkzJLuQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/h8CntD1CkkkXpZBZi0QyXkzJLuQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:41:27:b6:c8:71:3a:a0:d2:97:71:74:89:18:81:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87c0a7b43d42924917a590598b44325e4cc92ee4
Validity
Not Before: Mar 29 11:01:04 2026 GMT
Not After : Mar 30 11:01:04 2026 GMT
Subject: CN=8162a9cd6812392a9332f466ace0360929890a86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:92:49:88:4c:7d:a3:7e:86:f5:14:26:6f:c3:
2c:93:3f:6d:fa:09:d3:52:d9:f4:83:7d:87:61:21:
de:11:0e:c0:1a:c7:f5:b1:7a:62:8d:9c:b8:56:ac:
6f:5b:0e:01:e7:28:ec:63:59:69:5a:d4:e7:14:00:
65:c0:8a:8b:a5:0e:18:87:ca:4a:34:1b:72:5b:75:
6c:c4:e0:ec:3a:2c:43:da:04:64:a0:d6:43:0b:3c:
f2:f8:ff:88:52:c5:0e:07:18:09:88:13:0f:b3:01:
17:61:b9:d6:45:61:ba:28:e6:da:1d:90:04:55:6e:
18:72:a4:c6:ad:82:7e:9f:a3:59:12:91:2a:67:2d:
d6:f8:9a:de:01:69:aa:9f:4e:8e:44:40:3f:85:44:
61:34:cc:95:66:b5:41:1d:38:95:c3:c4:12:0a:c8:
bc:9c:a1:c2:6f:5c:11:dc:e7:9f:fd:20:55:5d:5d:
03:f5:7b:a9:92:23:23:bc:0f:14:91:8d:f4:c5:5d:
65:81:0b:7e:18:bc:19:1e:c1:4a:e4:4e:e6:03:47:
3a:72:ec:f2:32:86:fd:e0:44:6f:4d:b9:c9:8f:d4:
e2:c8:13:7d:c6:c7:4b:55:c5:8c:4e:8f:9b:db:44:
8e:2a:56:b9:46:df:89:34:76:32:f9:6d:4f:fb:10:
8b:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:62:A9:CD:68:12:39:2A:93:32:F4:66:AC:E0:36:09:29:89:0A:86
X509v3 Authority Key Identifier:
keyid:87:C0:A7:B4:3D:42:92:49:17:A5:90:59:8B:44:32:5E:4C:C9:2E:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h8CntD1CkkkXpZBZi0QyXkzJLuQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/a0083c-d0a8-4d8a-94b4-735625e0d297/1/h8CntD1CkkkXpZBZi0QyXkzJLuQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/a0083c-d0a8-4d8a-94b4-735625e0d297/1/h8CntD1CkkkXpZBZi0QyXkzJLuQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
83:71:6c:30:d1:a0:66:ff:6b:a5:44:db:b4:1c:ed:55:4a:61:
f6:df:e8:05:c3:88:0d:f9:7e:09:b5:56:6b:c0:30:f3:d7:82:
58:48:7e:ff:cf:39:0b:df:27:2f:40:1e:6e:af:05:33:55:52:
81:76:e7:ac:5f:15:1b:c4:c3:29:7d:13:11:07:e7:04:06:6e:
4f:2f:29:d7:6e:7d:8b:44:fe:63:82:97:35:65:73:56:19:88:
af:38:7c:24:77:51:c3:c0:87:b1:09:e9:1d:9a:57:d6:91:f0:
43:a0:7b:27:59:bf:81:01:7a:1b:4c:ca:b2:8e:a7:5c:d7:66:
8c:58:c4:33:46:9f:8b:5b:6f:cb:23:23:0c:ef:0a:31:bc:d1:
fe:6a:a1:68:01:c1:78:39:d5:2d:7d:26:c9:60:a8:a5:23:19:
f8:51:99:b7:d8:6b:f7:8e:7c:50:98:3c:86:fb:e8:bf:cb:43:
4e:ba:d5:00:c3:39:fa:c9:74:ac:bd:37:f3:f9:85:8a:81:ae:
d5:db:77:9a:a4:79:cd:1e:67:50:d6:3a:0b:3d:22:d2:c7:8e:
0a:e9:ad:83:af:17:0c:15:b7:e5:8a:55:a1:67:b0:07:24:69:
1c:e8:6e:b5:b2:5c:41:56:d6:0f:67:3c:fb:65:03:e9:1b:ce:
0e:b0:90:db
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05QSe2yHE6oNKXcXSJGIGSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3YzBhN2I0M2Q0MjkyNDkxN2E1OTA1OThiNDQzMjVlNGNj
OTJlZTQwHhcNMjYwMzI5MTEwMTA0WhcNMjYwMzMwMTEwMTA0WjAzMTEwLwYDVQQD
Eyg4MTYyYTljZDY4MTIzOTJhOTMzMmY0NjZhY2UwMzYwOTI5ODkwYTg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnJJJiEx9o36G9RQmb8Mskz9t+gnT
Utn0g32HYSHeEQ7AGsf1sXpijZy4VqxvWw4B5yjsY1lpWtTnFABlwIqLpQ4Yh8pK
NBtyW3VsxODsOixD2gRkoNZDCzzy+P+IUsUOBxgJiBMPswEXYbnWRWG6KObaHZAE
VW4YcqTGrYJ+n6NZEpEqZy3W+JreAWmqn06OREA/hURhNMyVZrVBHTiVw8QSCsi8
nKHCb1wR3Oef/SBVXV0D9XupkiMjvA8UkY30xV1lgQt+GLwZHsFK5E7mA0c6cuzy
Mob94ERvTbnJj9TiyBN9xsdLVcWMTo+b20SOKla5Rt+JNHYy+W1P+xCLuwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIFiqc1oEjkqkzL0ZqzgNgkpiQqGMB8GA1UdIwQY
MBaAFIfAp7Q9QpJJF6WQWYtEMl5MyS7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDhDbnREMUNra2tYcFpCWmkwUXlYa3pKTHVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS9hMDA4M2MtZDBhOC00ZDhhLTk0YjQt
NzM1NjI1ZTBkMjk3LzEvaDhDbnREMUNra2tYcFpCWmkwUXlYa3pKTHVRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS9hMDA4M2MtZDBhOC00ZDhhLTk0YjQtNzM1NjI1ZTBkMjk3
LzEvaDhDbnREMUNra2tYcFpCWmkwUXlYa3pKTHVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAg3FsMNGg
Zv9rpUTbtBztVUph9t/oBcOIDfl+CbVWa8Aw89eCWEh+/885C98nL0Aebq8FM1VS
gXbnrF8VG8TDKX0TEQfnBAZuTy8p1259i0T+Y4KXNWVzVhmIrzh8JHdRw8CHsQnp
HZpX1pHwQ6B7J1m/gQF6G0zKso6nXNdmjFjEM0afi1tvyyMjDO8KMbzR/mqhaAHB
eDnVLX0myWCopSMZ+FGZt9hr9458UJg8hvvov8tDTrrVAMM5+sl0rL038/mFioGu
1dt3mqR5zR5nUNY6Cz0i0seOCumtg68XDBW35YpVoWewByRpHOhutbJcQVbWD2c8
+2UD6RvODrCQ2w==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:56:10 2026 by rpki-client