Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/89234b-20c5-4f5b-b806-9ec28ae65745/1/yHfSSx1xwCFHafEZ33KY_wz4l7A.mft
File: yHfSSx1xwCFHafEZ33KY_wz4l7A.mft (raw, json)
Hash identifier: xhZDdlK4urSzpXi3kgv+BeflGp8hh4VTX20jfbYVSvk=
Subject key identifier: FC:2F:F7:9C:E2:44:A3:DB:A0:EC:E0:D3:97:C3:B8:13:ED:07:EF:60
Authority key identifier: C8:77:D2:4B:1D:71:C0:21:47:69:F1:19:DF:72:98:FF:0C:F8:97:B0
Certificate issuer: /CN=c877d24b1d71c0214769f119df7298ff0cf897b0
Certificate serial: 019D3940A97E5EB21C818AA7DA4644959563
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yHfSSx1xwCFHafEZ33KY_wz4l7A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/89234b-20c5-4f5b-b806-9ec28ae65745/1/yHfSSx1xwCFHafEZ33KY_wz4l7A.mft
Manifest number: 0CF9
Signing time: Sun 29 Mar 2026 11:00:32 +0000
Manifest this update: Sun 29 Mar 2026 11:00:32 +0000
Manifest next update: Mon 30 Mar 2026 11:00:32 +0000
Files and hashes: 1: yHfSSx1xwCFHafEZ33KY_wz4l7A.crl (hash: oO0aGI/BRMYJWeJyTaUDTEHVkVk6LNBvUean6ejID5s=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e8/89234b-20c5-4f5b-b806-9ec28ae65745/1/yHfSSx1xwCFHafEZ33KY_wz4l7A.crl
rsync://rpki.ripe.net/repository/DEFAULT/e8/89234b-20c5-4f5b-b806-9ec28ae65745/1/yHfSSx1xwCFHafEZ33KY_wz4l7A.mft
rsync://rpki.ripe.net/repository/DEFAULT/yHfSSx1xwCFHafEZ33KY_wz4l7A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 11:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:40:a9:7e:5e:b2:1c:81:8a:a7:da:46:44:95:95:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c877d24b1d71c0214769f119df7298ff0cf897b0
Validity
Not Before: Mar 29 11:00:32 2026 GMT
Not After : Mar 30 11:00:32 2026 GMT
Subject: CN=fc2ff79ce244a3dba0ece0d397c3b813ed07ef60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:89:a7:4d:32:99:9f:5a:7c:53:52:10:fe:38:
83:da:03:3f:29:01:8e:0b:13:b3:09:3e:9b:46:96:
85:11:5c:ef:74:49:84:6d:ee:d9:50:80:82:74:93:
e6:37:9e:63:0c:a6:17:9f:52:6c:53:b6:9f:3f:85:
ef:63:71:41:68:18:88:e8:a7:71:30:6e:c2:50:34:
e6:cb:e2:40:0c:64:36:4e:1c:79:ff:09:f2:9c:ef:
87:14:df:db:94:8d:4d:b8:84:bd:c6:25:33:48:4d:
9a:49:2e:09:7f:c2:99:7d:fb:ee:d0:0f:72:c2:61:
fd:b6:49:0c:1e:27:e4:82:a9:ad:b9:8d:f0:9b:7b:
da:42:07:d9:55:c9:8f:87:9f:4f:46:41:26:9d:53:
87:26:65:98:d8:cc:32:41:9f:10:61:a3:4a:dd:29:
33:b7:86:1e:30:1e:ca:70:a4:c1:ec:62:98:c8:72:
e5:7a:bc:8a:46:0a:d5:b4:4b:01:a3:6e:1d:27:3e:
38:6c:0b:99:2b:00:e8:bd:af:a9:f8:88:41:ff:c7:
c4:c9:26:d2:d4:2f:f5:56:95:03:ad:b1:9b:89:d4:
a9:3a:9a:ce:08:85:af:fb:d5:d2:39:eb:4a:a6:86:
17:8a:25:5f:2a:f7:e2:c5:2b:57:de:ec:5d:15:c8:
8e:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:2F:F7:9C:E2:44:A3:DB:A0:EC:E0:D3:97:C3:B8:13:ED:07:EF:60
X509v3 Authority Key Identifier:
keyid:C8:77:D2:4B:1D:71:C0:21:47:69:F1:19:DF:72:98:FF:0C:F8:97:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yHfSSx1xwCFHafEZ33KY_wz4l7A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/89234b-20c5-4f5b-b806-9ec28ae65745/1/yHfSSx1xwCFHafEZ33KY_wz4l7A.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/89234b-20c5-4f5b-b806-9ec28ae65745/1/yHfSSx1xwCFHafEZ33KY_wz4l7A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
31:5d:32:cf:9d:7f:5a:6e:ec:ab:7e:69:91:cb:10:92:3f:23:
3f:41:49:03:55:89:26:fa:17:58:44:ad:f1:31:0e:dd:97:10:
e6:93:4b:49:7c:10:b9:f1:db:93:a1:18:4e:86:5b:40:83:75:
48:06:bd:ac:fb:29:9a:b2:86:8b:b7:d5:c8:c8:49:66:c9:5c:
7a:ba:eb:f8:14:71:01:99:cb:91:25:c5:f3:dc:9d:8f:0d:4e:
66:de:93:73:cf:2c:d7:13:ec:dd:73:cb:fe:dc:7b:4d:71:e5:
77:b4:82:7f:73:8b:6e:2a:4a:7d:c0:43:db:dd:06:76:e4:c1:
9c:eb:c8:e2:24:77:23:4d:55:cd:89:ab:96:a5:ef:db:69:d3:
47:bb:bd:68:c7:d0:8b:2a:27:ad:04:1a:cf:2a:71:ab:a2:f8:
ab:ed:a1:bc:04:b3:60:fb:d5:25:bc:5f:82:d7:4a:2d:15:be:
cd:9b:ea:e0:53:32:6e:5e:58:6b:19:3b:3f:f7:79:30:47:f1:
96:87:db:ca:aa:c4:a5:ab:23:ab:64:87:6a:0b:bc:f8:32:37:
4b:11:42:69:5a:a0:54:f8:4e:eb:3f:67:4e:07:53:37:d3:6a:
cc:ee:a7:59:9b:c2:69:21:96:53:11:4a:32:8c:4f:1e:b8:72:
39:0e:42:13
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05QKl+XrIcgYqn2kZElZVjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4NzdkMjRiMWQ3MWMwMjE0NzY5ZjExOWRmNzI5OGZmMGNm
ODk3YjAwHhcNMjYwMzI5MTEwMDMyWhcNMjYwMzMwMTEwMDMyWjAzMTEwLwYDVQQD
EyhmYzJmZjc5Y2UyNDRhM2RiYTBlY2UwZDM5N2MzYjgxM2VkMDdlZjYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtomnTTKZn1p8U1IQ/jiD2gM/KQGO
CxOzCT6bRpaFEVzvdEmEbe7ZUICCdJPmN55jDKYXn1JsU7afP4XvY3FBaBiI6Kdx
MG7CUDTmy+JADGQ2Thx5/wnynO+HFN/blI1NuIS9xiUzSE2aSS4Jf8KZffvu0A9y
wmH9tkkMHifkgqmtuY3wm3vaQgfZVcmPh59PRkEmnVOHJmWY2MwyQZ8QYaNK3Skz
t4YeMB7KcKTB7GKYyHLleryKRgrVtEsBo24dJz44bAuZKwDova+p+IhB/8fEySbS
1C/1VpUDrbGbidSpOprOCIWv+9XSOetKpoYXiiVfKvfixStX3uxdFciOVQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPwv95ziRKPboOzg05fDuBPtB+9gMB8GA1UdIwQY
MBaAFMh30ksdccAhR2nxGd9ymP8M+JewMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUhmU1N4MXh3Q0ZIYWZFWjMzS1lfd3o0bDdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC84OTIzNGItMjBjNS00ZjViLWI4MDYt
OWVjMjhhZTY1NzQ1LzEveUhmU1N4MXh3Q0ZIYWZFWjMzS1lfd3o0bDdBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC84OTIzNGItMjBjNS00ZjViLWI4MDYtOWVjMjhhZTY1NzQ1
LzEveUhmU1N4MXh3Q0ZIYWZFWjMzS1lfd3o0bDdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMV0yz51/
Wm7sq35pkcsQkj8jP0FJA1WJJvoXWESt8TEO3ZcQ5pNLSXwQufHbk6EYToZbQIN1
SAa9rPspmrKGi7fVyMhJZslcerrr+BRxAZnLkSXF89ydjw1OZt6Tc88s1xPs3XPL
/tx7TXHld7SCf3OLbipKfcBD290GduTBnOvI4iR3I01VzYmrlqXv22nTR7u9aMfQ
iyonrQQazypxq6L4q+2hvASzYPvVJbxfgtdKLRW+zZvq4FMybl5Yaxk7P/d5MEfx
lofbyqrEpasjq2SHagu8+DI3SxFCaVqgVPhO6z9nTgdTN9NqzO6nWZvCaSGWUxFK
MoxPHrhyOQ5CEw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 19:51:44 2026 by rpki-client