Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/ef6277-70b5-4348-a582-904a08031a9f/1/h9tx9pGbDvmO78mWSSiodRAjagM.mft
File: h9tx9pGbDvmO78mWSSiodRAjagM.mft (raw, json)
Hash identifier: +296KJNJJvOa0i401tHkTJ8LzYh8jZzpMpFkjXSmOag=
Subject key identifier: 08:D1:0D:FC:F7:DE:A0:64:89:74:9F:AF:71:CB:2A:5B:14:CE:C9:9C
Authority key identifier: 87:DB:71:F6:91:9B:0E:F9:8E:EF:C9:96:49:28:A8:75:10:23:6A:03
Certificate issuer: /CN=87db71f6919b0ef98eefc9964928a87510236a03
Certificate serial: 019D389BF6790CCE237A5FE3D3C66C4C5C36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h9tx9pGbDvmO78mWSSiodRAjagM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/ef6277-70b5-4348-a582-904a08031a9f/1/h9tx9pGbDvmO78mWSSiodRAjagM.mft
Manifest number: 0D43
Signing time: Sun 29 Mar 2026 08:00:38 +0000
Manifest this update: Sun 29 Mar 2026 08:00:38 +0000
Manifest next update: Mon 30 Mar 2026 08:00:38 +0000
Files and hashes: 1: h9tx9pGbDvmO78mWSSiodRAjagM.crl (hash: /ElZiUXCqhXCRvWtrxVHOnVMppZvm5UDWYg0KdVX8CI=)
2: ptikDTRhjTNxZI8dkI54eJbGFTA.roa (hash: 3SdSmJMo+FOvr1IMdnku5tDe7K6GsQTnPIBl17tgA08=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/ef6277-70b5-4348-a582-904a08031a9f/1/h9tx9pGbDvmO78mWSSiodRAjagM.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/ef6277-70b5-4348-a582-904a08031a9f/1/h9tx9pGbDvmO78mWSSiodRAjagM.mft
rsync://rpki.ripe.net/repository/DEFAULT/h9tx9pGbDvmO78mWSSiodRAjagM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:9b:f6:79:0c:ce:23:7a:5f:e3:d3:c6:6c:4c:5c:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87db71f6919b0ef98eefc9964928a87510236a03
Validity
Not Before: Mar 29 08:00:38 2026 GMT
Not After : Mar 30 08:00:38 2026 GMT
Subject: CN=08d10dfcf7dea06489749faf71cb2a5b14cec99c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:5f:55:71:41:18:0c:9f:72:06:ff:67:e0:45:
a2:38:6e:17:47:1a:11:d9:cc:10:9f:18:79:7b:b0:
9d:88:ff:01:b3:9c:fe:a4:b0:ca:b6:a7:67:6e:4d:
14:dc:6a:dc:32:f5:6c:38:1a:f9:0b:bf:2e:2c:47:
83:e7:d4:ba:a2:31:1e:3c:4a:0d:14:d0:d6:db:3c:
0a:32:4f:fc:b1:bc:3b:6e:dc:88:12:ed:72:74:e3:
ff:52:a4:67:64:71:54:72:29:c8:9c:12:52:16:87:
df:7b:ef:7d:a1:99:e0:ee:a4:24:b6:e6:8d:ec:5d:
e0:6f:e9:d4:40:50:07:ba:ed:87:04:4e:22:6a:92:
66:57:67:3b:f3:14:c5:5b:24:67:b0:04:07:3a:2d:
d3:fe:61:0d:44:c3:d0:95:39:bd:5f:6d:62:7c:9c:
14:a5:76:bc:03:f1:6a:ec:b6:49:96:7b:20:fb:26:
fb:66:77:4a:ce:45:04:ef:2b:ff:94:f9:b0:77:75:
b6:67:fa:b8:27:52:1c:32:7f:b9:ee:59:dc:10:e2:
a2:29:b2:4a:39:15:b2:18:48:4c:7a:67:91:2d:02:
33:81:d2:f9:05:c9:4c:92:37:24:10:4e:74:cf:eb:
e0:c3:b1:e1:93:40:95:cb:56:40:32:bf:a5:7d:3a:
7c:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:D1:0D:FC:F7:DE:A0:64:89:74:9F:AF:71:CB:2A:5B:14:CE:C9:9C
X509v3 Authority Key Identifier:
keyid:87:DB:71:F6:91:9B:0E:F9:8E:EF:C9:96:49:28:A8:75:10:23:6A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h9tx9pGbDvmO78mWSSiodRAjagM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/ef6277-70b5-4348-a582-904a08031a9f/1/h9tx9pGbDvmO78mWSSiodRAjagM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/ef6277-70b5-4348-a582-904a08031a9f/1/h9tx9pGbDvmO78mWSSiodRAjagM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
11:60:a9:be:dd:00:d2:13:74:3d:11:28:d6:97:b7:85:9c:5b:
42:14:3a:e2:a4:e5:d5:d7:80:2b:68:13:66:93:bc:22:de:5a:
f4:d3:37:1a:cf:0a:35:c2:1b:ad:ba:54:93:4f:b2:c4:c8:c0:
e3:0e:5e:c4:41:87:05:d7:35:cc:80:0e:45:8d:0b:2a:c3:a5:
6c:48:2c:99:9b:f1:94:8b:5a:52:7a:cd:a9:cd:08:be:9d:a8:
26:b5:88:d1:5a:11:fc:ab:68:11:6b:e9:be:e6:94:86:a2:f8:
a2:e3:1c:98:db:fc:98:5d:39:20:20:81:d0:39:5c:f9:3b:c1:
55:cf:fa:53:bc:19:55:8c:7e:07:c7:71:c6:f4:95:38:39:32:
37:bb:60:6f:a8:db:e7:06:8e:fa:18:9e:0b:93:bb:ad:0d:35:
c6:da:23:65:d3:2d:94:14:32:76:c6:51:ff:c0:8c:49:24:bd:
4b:26:bf:1e:3a:66:2d:a9:16:af:c6:b4:88:ae:7d:94:7e:b9:
bf:aa:c1:43:d2:d2:90:91:6d:a4:17:fa:dc:88:93:66:6a:07:
c8:29:af:e3:0f:89:50:f8:c4:53:fa:5e:e9:06:1d:81:0c:48:
e6:0d:25:f1:c8:c4:58:df:61:2b:a3:23:11:9f:2b:39:00:e2:
17:be:84:4d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04m/Z5DM4jel/j08ZsTFw2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3ZGI3MWY2OTE5YjBlZjk4ZWVmYzk5NjQ5MjhhODc1MTAy
MzZhMDMwHhcNMjYwMzI5MDgwMDM4WhcNMjYwMzMwMDgwMDM4WjAzMTEwLwYDVQQD
EygwOGQxMGRmY2Y3ZGVhMDY0ODk3NDlmYWY3MWNiMmE1YjE0Y2VjOTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo19VcUEYDJ9yBv9n4EWiOG4XRxoR
2cwQnxh5e7CdiP8Bs5z+pLDKtqdnbk0U3GrcMvVsOBr5C78uLEeD59S6ojEePEoN
FNDW2zwKMk/8sbw7btyIEu1ydOP/UqRnZHFUcinInBJSFoffe+99oZng7qQktuaN
7F3gb+nUQFAHuu2HBE4iapJmV2c78xTFWyRnsAQHOi3T/mENRMPQlTm9X21ifJwU
pXa8A/Fq7LZJlnsg+yb7ZndKzkUE7yv/lPmwd3W2Z/q4J1IcMn+57lncEOKiKbJK
ORWyGEhMemeRLQIzgdL5BclMkjckEE50z+vgw7Hhk0CVy1ZAMr+lfTp84QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAjRDfz33qBkiXSfr3HLKlsUzsmcMB8GA1UdIwQY
MBaAFIfbcfaRmw75ju/JlkkoqHUQI2oDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDl0eDlwR2JEdm1PNzhtV1NTaW9kUkFqYWdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9lZjYyNzctNzBiNS00MzQ4LWE1ODIt
OTA0YTA4MDMxYTlmLzEvaDl0eDlwR2JEdm1PNzhtV1NTaW9kUkFqYWdNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9lZjYyNzctNzBiNS00MzQ4LWE1ODItOTA0YTA4MDMxYTlm
LzEvaDl0eDlwR2JEdm1PNzhtV1NTaW9kUkFqYWdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEWCpvt0A
0hN0PREo1pe3hZxbQhQ64qTl1deAK2gTZpO8It5a9NM3Gs8KNcIbrbpUk0+yxMjA
4w5exEGHBdc1zIAORY0LKsOlbEgsmZvxlItaUnrNqc0Ivp2oJrWI0VoR/KtoEWvp
vuaUhqL4ouMcmNv8mF05ICCB0Dlc+TvBVc/6U7wZVYx+B8dxxvSVODkyN7tgb6jb
5waO+hieC5O7rQ01xtojZdMtlBQydsZR/8CMSSS9Sya/HjpmLakWr8a0iK59lH65
v6rBQ9LSkJFtpBf63IiTZmoHyCmv4w+JUPjEU/pe6QYdgQxI5g0l8cjEWN9hK6Mj
EZ8rOQDiF76ETQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:13:59 2026 by rpki-client