Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/5faf76-1bc2-4721-9498-a1ae59e16873/1/bIlKsevTD7N84imjdNPjE52QUY8.mft
File: bIlKsevTD7N84imjdNPjE52QUY8.mft (raw, json)
Hash identifier: lxEia3p/950P8VJVqZ0+LeyUfp2nSOHwpCFMGH2TJtw=
Subject key identifier: 8D:1F:40:6B:A0:06:5D:A2:09:32:ED:13:A7:13:CD:8B:B8:DE:56:32
Authority key identifier: 6C:89:4A:B1:EB:D3:0F:B3:7C:E2:29:A3:74:D3:E3:13:9D:90:51:8F
Certificate issuer: /CN=6c894ab1ebd30fb37ce229a374d3e3139d90518f
Certificate serial: 019D3865DB582C8B8E4DAB0F71E0FDD04177
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bIlKsevTD7N84imjdNPjE52QUY8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/5faf76-1bc2-4721-9498-a1ae59e16873/1/bIlKsevTD7N84imjdNPjE52QUY8.mft
Manifest number: 08CF
Signing time: Sun 29 Mar 2026 07:01:32 +0000
Manifest this update: Sun 29 Mar 2026 07:01:32 +0000
Manifest next update: Mon 30 Mar 2026 07:01:32 +0000
Files and hashes: 1: HMK0XQoxdRxzLrSbOk3nRa3LDfU.roa (hash: ULrE37Ak3LEpHtIRIUxe40WhUc8sSXQeL2cSCTuAsyw=)
2: bIlKsevTD7N84imjdNPjE52QUY8.crl (hash: mFCup51ee9B/svMqSYz6wNatRMUGyxJNNVmZrm0WJUA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/5faf76-1bc2-4721-9498-a1ae59e16873/1/bIlKsevTD7N84imjdNPjE52QUY8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/5faf76-1bc2-4721-9498-a1ae59e16873/1/bIlKsevTD7N84imjdNPjE52QUY8.mft
rsync://rpki.ripe.net/repository/DEFAULT/bIlKsevTD7N84imjdNPjE52QUY8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:65:db:58:2c:8b:8e:4d:ab:0f:71:e0:fd:d0:41:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c894ab1ebd30fb37ce229a374d3e3139d90518f
Validity
Not Before: Mar 29 07:01:32 2026 GMT
Not After : Mar 30 07:01:32 2026 GMT
Subject: CN=8d1f406ba0065da20932ed13a713cd8bb8de5632
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:e8:34:c6:aa:58:01:8f:6e:6c:47:5d:60:99:
c1:cb:43:ee:98:8b:ca:63:e2:f2:35:c8:78:2e:b5:
1f:1d:f1:4a:ce:c8:84:32:9b:5e:7e:ad:d0:fa:0d:
a1:0c:9c:fd:9c:b0:92:f5:bd:ad:64:d9:cd:6f:96:
81:f9:a5:a3:86:7a:ea:b8:ec:46:ea:80:d4:ad:43:
ec:04:fd:cc:3f:49:1d:89:5a:70:8e:5b:91:4a:30:
be:ff:52:16:35:aa:45:1c:79:56:9c:52:cf:a3:47:
49:1f:76:0b:5f:12:7a:95:11:9e:b6:bc:6b:73:2f:
0a:65:e2:45:e8:78:f8:c5:3f:f8:5e:76:e8:ec:05:
94:5a:75:7c:1c:80:9d:49:a9:03:57:c8:15:3c:e3:
3d:0e:a6:56:42:e0:96:51:f6:7c:16:79:aa:d4:ea:
87:4e:02:21:a6:aa:30:59:34:37:b2:1e:7b:69:16:
90:4b:5c:74:c2:45:42:be:bd:0e:db:00:e2:88:2b:
b1:d6:29:f6:18:d2:7b:fe:1a:ce:b5:08:10:89:e5:
3f:9a:1d:50:43:e3:a5:a8:74:6b:6e:a3:7c:d2:27:
ec:06:cd:90:a1:6d:86:23:4a:c3:61:21:82:cb:e8:
e2:00:da:df:e1:7a:5d:fb:fa:a7:28:0b:61:ce:44:
0d:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:1F:40:6B:A0:06:5D:A2:09:32:ED:13:A7:13:CD:8B:B8:DE:56:32
X509v3 Authority Key Identifier:
keyid:6C:89:4A:B1:EB:D3:0F:B3:7C:E2:29:A3:74:D3:E3:13:9D:90:51:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bIlKsevTD7N84imjdNPjE52QUY8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/5faf76-1bc2-4721-9498-a1ae59e16873/1/bIlKsevTD7N84imjdNPjE52QUY8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/5faf76-1bc2-4721-9498-a1ae59e16873/1/bIlKsevTD7N84imjdNPjE52QUY8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4b:1a:c2:09:2a:5e:8b:8a:c5:c0:c8:3f:a5:ac:40:a9:e5:d1:
cd:76:4d:73:f3:bc:f5:c1:6f:48:01:f1:8f:25:11:e1:e2:71:
7f:bf:ad:55:d5:c4:08:e1:77:bb:a8:17:72:db:f4:59:85:c3:
b1:68:c9:6f:8a:f0:c0:40:17:5c:14:52:78:b5:11:d6:14:5f:
97:25:8f:8c:94:2d:73:a1:4e:72:c7:d0:fc:95:1a:02:ae:7d:
34:a0:0d:3d:79:e6:9d:10:95:46:0d:4d:8b:b2:ac:5d:58:89:
a2:8e:30:4a:d4:34:66:d6:0f:74:9d:62:89:69:11:e1:05:b1:
fb:d6:02:44:c1:41:e1:d6:6d:33:38:02:fc:63:f5:a2:e1:79:
17:6c:57:fe:6d:c4:15:b1:d0:f1:c8:75:af:2a:1e:f0:2c:80:
6f:46:22:fd:65:4a:33:4b:72:af:b6:67:c3:c5:d9:f7:0e:a0:
0d:55:ae:f3:a5:58:42:bb:56:73:e2:64:93:42:ba:dd:79:26:
3d:30:84:bc:0c:2d:0d:38:3f:46:8a:51:2b:31:37:3f:4d:2c:
8c:09:d4:a9:fe:88:40:85:d0:a7:f9:c5:09:6d:49:aa:93:66:
6e:16:6b:00:57:c7:35:eb:65:c8:78:06:79:21:4e:9d:9f:1a:
5c:50:83:0d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZdtYLIuOTasPceD90EF3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjODk0YWIxZWJkMzBmYjM3Y2UyMjlhMzc0ZDNlMzEzOWQ5
MDUxOGYwHhcNMjYwMzI5MDcwMTMyWhcNMjYwMzMwMDcwMTMyWjAzMTEwLwYDVQQD
Eyg4ZDFmNDA2YmEwMDY1ZGEyMDkzMmVkMTNhNzEzY2Q4YmI4ZGU1NjMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApug0xqpYAY9ubEddYJnBy0PumIvK
Y+LyNch4LrUfHfFKzsiEMptefq3Q+g2hDJz9nLCS9b2tZNnNb5aB+aWjhnrquOxG
6oDUrUPsBP3MP0kdiVpwjluRSjC+/1IWNapFHHlWnFLPo0dJH3YLXxJ6lRGetrxr
cy8KZeJF6Hj4xT/4Xnbo7AWUWnV8HICdSakDV8gVPOM9DqZWQuCWUfZ8Fnmq1OqH
TgIhpqowWTQ3sh57aRaQS1x0wkVCvr0O2wDiiCux1in2GNJ7/hrOtQgQieU/mh1Q
Q+OlqHRrbqN80ifsBs2QoW2GI0rDYSGCy+jiANrf4Xpd+/qnKAthzkQNjwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI0fQGugBl2iCTLtE6cTzYu43lYyMB8GA1UdIwQY
MBaAFGyJSrHr0w+zfOIpo3TT4xOdkFGPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklsS3NldlREN044NGltamROUGpFNTJRVVk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS81ZmFmNzYtMWJjMi00NzIxLTk0OTgt
YTFhZTU5ZTE2ODczLzEvYklsS3NldlREN044NGltamROUGpFNTJRVVk4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS81ZmFmNzYtMWJjMi00NzIxLTk0OTgtYTFhZTU5ZTE2ODcz
LzEvYklsS3NldlREN044NGltamROUGpFNTJRVVk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASxrCCSpe
i4rFwMg/paxAqeXRzXZNc/O89cFvSAHxjyUR4eJxf7+tVdXECOF3u6gXctv0WYXD
sWjJb4rwwEAXXBRSeLUR1hRflyWPjJQtc6FOcsfQ/JUaAq59NKANPXnmnRCVRg1N
i7KsXViJoo4wStQ0ZtYPdJ1iiWkR4QWx+9YCRMFB4dZtMzgC/GP1ouF5F2xX/m3E
FbHQ8ch1ryoe8CyAb0Yi/WVKM0tyr7Znw8XZ9w6gDVWu86VYQrtWc+Jkk0K63Xkm
PTCEvAwtDTg/RopRKzE3P00sjAnUqf6IQIXQp/nFCW1JqpNmbhZrAFfHNetlyHgG
eSFOnZ8aXFCDDQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 13:43:42 2026 by rpki-client