Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/f08d45-543c-49f7-9e78-903c198590fa/1/8hWid5SXEbLAHNxmnkDhcTlYVbs.mft
File: 8hWid5SXEbLAHNxmnkDhcTlYVbs.mft (raw, json)
Hash identifier: AhcUbqiDw9YtMst1KrMt8WXzv/hnJIy7N2Tqef1WCVQ=
Subject key identifier: 2C:4E:1A:91:B0:EB:06:45:C7:12:7B:68:71:14:89:E1:66:F9:22:FC
Authority key identifier: F2:15:A2:77:94:97:11:B2:C0:1C:DC:66:9E:40:E1:71:39:58:55:BB
Certificate issuer: /CN=f215a277949711b2c01cdc669e40e171395855bb
Certificate serial: 019D38D33068F742C7ED1DA86552BCE6CD4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8hWid5SXEbLAHNxmnkDhcTlYVbs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/f08d45-543c-49f7-9e78-903c198590fa/1/8hWid5SXEbLAHNxmnkDhcTlYVbs.mft
Manifest number: 1891
Signing time: Sun 29 Mar 2026 09:00:57 +0000
Manifest this update: Sun 29 Mar 2026 09:00:57 +0000
Manifest next update: Mon 30 Mar 2026 09:00:57 +0000
Files and hashes: 1: 1-c2ltkv81E7EaN3If-RGRVyYa_4.roa (hash: qSMZzei9N2ZpotVQ68DijxfquLxjFkRKA3l/57HyNug=)
2: 8hWid5SXEbLAHNxmnkDhcTlYVbs.crl (hash: yU97B+qRzwH8EeeiE1TE7B2kHg2WyvxltKfqKr+V2Q4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/f08d45-543c-49f7-9e78-903c198590fa/1/8hWid5SXEbLAHNxmnkDhcTlYVbs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d5/f08d45-543c-49f7-9e78-903c198590fa/1/8hWid5SXEbLAHNxmnkDhcTlYVbs.mft
rsync://rpki.ripe.net/repository/DEFAULT/8hWid5SXEbLAHNxmnkDhcTlYVbs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:d3:30:68:f7:42:c7:ed:1d:a8:65:52:bc:e6:cd:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f215a277949711b2c01cdc669e40e171395855bb
Validity
Not Before: Mar 29 09:00:57 2026 GMT
Not After : Mar 30 09:00:57 2026 GMT
Subject: CN=2c4e1a91b0eb0645c7127b68711489e166f922fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:51:39:aa:4a:f0:aa:d7:9b:38:d7:29:7d:34:
f6:d9:60:11:32:e0:86:40:bf:4b:5b:30:4f:e6:52:
ef:4b:1e:d6:cc:66:42:e4:8e:85:1f:ef:cf:4f:31:
f8:64:4d:48:aa:f8:a0:0a:18:98:d9:f8:09:e0:7c:
46:4a:ce:9d:71:0b:c1:82:f7:bc:92:f7:9b:31:0c:
02:70:83:6b:b3:ec:af:a4:f1:d3:f2:c6:3a:67:b8:
50:50:87:ef:32:44:46:9d:3c:f8:85:a7:47:6e:88:
43:95:d0:95:b8:af:ff:4e:de:59:b4:98:ea:de:19:
88:c0:d1:19:5f:0c:d9:8d:b5:54:a7:f5:fd:78:b8:
ac:5b:71:d4:60:f4:fc:c9:09:7e:5d:10:ac:05:95:
dd:7a:f1:e8:96:42:1f:25:60:01:62:cb:a2:3f:04:
2c:a3:50:3c:92:c0:64:52:75:86:43:11:66:f9:83:
2f:71:03:c2:3c:50:d4:27:a4:92:af:ee:3b:1a:f1:
5f:5a:5e:ef:0f:1a:85:5c:1a:df:b8:a8:36:27:2a:
ad:be:c1:8d:3b:42:7c:6c:4c:02:a0:43:e5:fb:bb:
75:27:e3:45:2b:96:67:35:b8:18:2f:ba:89:4b:79:
7b:db:88:36:c8:d2:7a:67:5f:17:a5:4a:3d:cf:e4:
38:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:4E:1A:91:B0:EB:06:45:C7:12:7B:68:71:14:89:E1:66:F9:22:FC
X509v3 Authority Key Identifier:
keyid:F2:15:A2:77:94:97:11:B2:C0:1C:DC:66:9E:40:E1:71:39:58:55:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8hWid5SXEbLAHNxmnkDhcTlYVbs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/f08d45-543c-49f7-9e78-903c198590fa/1/8hWid5SXEbLAHNxmnkDhcTlYVbs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/f08d45-543c-49f7-9e78-903c198590fa/1/8hWid5SXEbLAHNxmnkDhcTlYVbs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1a:77:ab:df:7f:bd:09:b0:57:d4:16:cb:34:d5:d6:22:de:8e:
66:cb:d0:3d:2b:b0:d8:8a:bb:b0:3b:80:d4:4b:36:74:36:9f:
1c:20:8d:57:fa:8d:81:7b:e9:c4:07:92:86:18:a6:9a:6b:b6:
55:4c:f3:a9:16:a1:d2:6c:55:4e:51:11:84:f6:36:9f:18:9d:
24:28:24:1e:7d:3e:04:d8:c3:d0:19:29:ab:c3:fe:2a:38:a5:
1a:f0:bb:d2:0d:d5:93:85:f3:c8:38:3a:f3:d4:9d:56:a1:52:
16:22:a6:03:7c:69:24:12:24:f0:16:09:be:9d:44:40:61:0f:
62:0e:41:3a:e8:a6:25:59:22:06:d8:5e:70:4f:79:51:59:e8:
ad:81:d8:ed:2b:fd:29:37:bf:d4:a2:a3:e2:7b:98:8a:a1:db:
c0:90:ae:7f:81:b0:c7:f1:b2:ae:fd:c8:2a:c7:48:2d:81:9d:
31:1d:54:5b:5c:6e:b5:c8:46:0d:ae:ce:2b:b9:95:ab:20:64:
4b:dd:e5:a0:d8:85:9e:b0:8e:0b:60:e0:bc:4c:c4:9a:b9:14:
fd:d0:02:ad:af:e8:4a:01:e6:d0:13:b8:8c:f5:63:b0:f3:94:
24:51:cf:f5:c9:5c:b3:df:e7:2b:7e:f6:ae:bf:36:a4:b7:0f:
03:ff:40:1e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ040zBo90LH7R2oZVK85s1NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyMTVhMjc3OTQ5NzExYjJjMDFjZGM2NjllNDBlMTcxMzk1
ODU1YmIwHhcNMjYwMzI5MDkwMDU3WhcNMjYwMzMwMDkwMDU3WjAzMTEwLwYDVQQD
EygyYzRlMWE5MWIwZWIwNjQ1YzcxMjdiNjg3MTE0ODllMTY2ZjkyMmZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxFE5qkrwqtebONcpfTT22WARMuCG
QL9LWzBP5lLvSx7WzGZC5I6FH+/PTzH4ZE1IqvigChiY2fgJ4HxGSs6dcQvBgve8
kvebMQwCcINrs+yvpPHT8sY6Z7hQUIfvMkRGnTz4hadHbohDldCVuK//Tt5ZtJjq
3hmIwNEZXwzZjbVUp/X9eLisW3HUYPT8yQl+XRCsBZXdevHolkIfJWABYsuiPwQs
o1A8ksBkUnWGQxFm+YMvcQPCPFDUJ6SSr+47GvFfWl7vDxqFXBrfuKg2JyqtvsGN
O0J8bEwCoEPl+7t1J+NFK5ZnNbgYL7qJS3l724g2yNJ6Z18XpUo9z+Q46QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCxOGpGw6wZFxxJ7aHEUieFm+SL8MB8GA1UdIwQY
MBaAFPIVoneUlxGywBzcZp5A4XE5WFW7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGhXaWQ1U1hFYkxBSE54bW5rRGhjVGxZVmJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9mMDhkNDUtNTQzYy00OWY3LTllNzgt
OTAzYzE5ODU5MGZhLzEvOGhXaWQ1U1hFYkxBSE54bW5rRGhjVGxZVmJzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9mMDhkNDUtNTQzYy00OWY3LTllNzgtOTAzYzE5ODU5MGZh
LzEvOGhXaWQ1U1hFYkxBSE54bW5rRGhjVGxZVmJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGner33+9
CbBX1BbLNNXWIt6OZsvQPSuw2Iq7sDuA1Es2dDafHCCNV/qNgXvpxAeShhimmmu2
VUzzqRah0mxVTlERhPY2nxidJCgkHn0+BNjD0Bkpq8P+KjilGvC70g3Vk4XzyDg6
89SdVqFSFiKmA3xpJBIk8BYJvp1EQGEPYg5BOuimJVkiBthecE95UVnorYHY7Sv9
KTe/1KKj4nuYiqHbwJCuf4Gwx/Gyrv3IKsdILYGdMR1UW1xutchGDa7OK7mVqyBk
S93loNiFnrCOC2DgvEzEmrkU/dACra/oSgHm0BO4jPVjsPOUJFHP9clcs9/nK372
rr82pLcPA/9AHg==
-----END CERTIFICATE-----
Generated at Sun Mar 29 14:55:44 2026 by rpki-client