Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/8ab2a3-088e-4e0c-be9a-4a946c52fbc2/1/D8lnTtVfCnZcpdocb6-k3SXioXg.mft
File: D8lnTtVfCnZcpdocb6-k3SXioXg.mft (raw, json)
Hash identifier: 1i4qZ8Z0d64c7qmGXzItJik7eNSpbdKJomfS/mUGM2o=
Subject key identifier: 32:21:A5:79:7A:26:0D:82:C4:42:D0:2D:B5:87:95:66:83:0E:A7:3F
Authority key identifier: 0F:C9:67:4E:D5:5F:0A:76:5C:A5:DA:1C:6F:AF:A4:DD:25:E2:A1:78
Certificate issuer: /CN=0fc9674ed55f0a765ca5da1c6fafa4dd25e2a178
Certificate serial: 019E303BE6F5EAFAD0E7CB5045ECE7710D0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D8lnTtVfCnZcpdocb6-k3SXioXg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/8ab2a3-088e-4e0c-be9a-4a946c52fbc2/1/D8lnTtVfCnZcpdocb6-k3SXioXg.mft
Manifest number: 09F4
Signing time: Sat 16 May 2026 10:01:32 +0000
Manifest this update: Sat 16 May 2026 10:01:32 +0000
Manifest next update: Sun 17 May 2026 10:01:32 +0000
Files and hashes: 1: D8lnTtVfCnZcpdocb6-k3SXioXg.crl (hash: e+0v0fvqErZNCRybuiXOPq1E6hCq8jVMA9AhR1TqRYA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/8ab2a3-088e-4e0c-be9a-4a946c52fbc2/1/D8lnTtVfCnZcpdocb6-k3SXioXg.crl
rsync://rpki.ripe.net/repository/DEFAULT/f4/8ab2a3-088e-4e0c-be9a-4a946c52fbc2/1/D8lnTtVfCnZcpdocb6-k3SXioXg.mft
rsync://rpki.ripe.net/repository/DEFAULT/D8lnTtVfCnZcpdocb6-k3SXioXg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 17 May 2026 10:01:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:30:3b:e6:f5:ea:fa:d0:e7:cb:50:45:ec:e7:71:0d:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0fc9674ed55f0a765ca5da1c6fafa4dd25e2a178
Validity
Not Before: May 16 10:01:32 2026 GMT
Not After : May 17 10:01:32 2026 GMT
Subject: CN=3221a5797a260d82c442d02db5879566830ea73f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:dd:e7:7e:a1:59:06:d4:ff:98:4f:ad:45:cd:
a0:df:99:78:ca:f5:95:b6:b1:aa:13:7e:10:bd:dc:
1a:17:c9:46:54:d5:ed:48:61:78:d8:41:3a:86:34:
06:f6:a6:f3:37:82:90:c7:11:33:46:b6:40:10:33:
5f:84:4a:1e:32:ed:66:7d:54:d4:20:83:de:3a:1b:
23:fa:08:7c:52:b1:4b:6f:88:19:65:b9:f9:19:7d:
ed:99:ab:4a:75:48:f3:0b:64:a8:34:1c:2a:9e:f5:
bd:d9:f3:1f:8f:e1:ca:45:8f:af:73:57:c3:e9:17:
48:c7:b8:9d:fb:6c:6a:df:54:46:78:cf:da:3f:eb:
88:73:59:55:f7:cb:8d:a6:e2:ab:51:ed:76:a1:0e:
a2:34:ab:be:6f:ca:75:43:b9:af:9d:ad:02:e7:f9:
b4:a3:9f:e7:e4:65:35:bc:a1:fc:0a:bc:d3:14:34:
3f:d0:b7:21:7d:d7:97:23:30:eb:6c:a6:ba:74:81:
6c:0e:21:3c:3a:da:61:01:bf:88:28:0b:34:ba:05:
7e:37:4d:a3:b2:17:0b:63:ef:5f:ff:49:4b:74:c5:
54:9a:5c:33:96:f5:56:9c:25:b8:54:e5:02:53:95:
8d:62:fa:1f:e6:7c:5d:0e:89:89:ac:c8:c1:13:5f:
de:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:21:A5:79:7A:26:0D:82:C4:42:D0:2D:B5:87:95:66:83:0E:A7:3F
X509v3 Authority Key Identifier:
keyid:0F:C9:67:4E:D5:5F:0A:76:5C:A5:DA:1C:6F:AF:A4:DD:25:E2:A1:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D8lnTtVfCnZcpdocb6-k3SXioXg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/8ab2a3-088e-4e0c-be9a-4a946c52fbc2/1/D8lnTtVfCnZcpdocb6-k3SXioXg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/8ab2a3-088e-4e0c-be9a-4a946c52fbc2/1/D8lnTtVfCnZcpdocb6-k3SXioXg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
18:26:de:03:b3:41:17:4b:2a:33:ae:19:fd:34:33:b4:64:47:
09:f3:03:77:69:40:30:e6:ab:7c:29:5b:10:ac:66:32:6d:61:
1c:e2:69:8f:71:14:f1:1e:30:4a:ce:b6:cd:f3:3a:88:37:70:
f8:e0:b4:6e:71:a2:a1:83:ad:d6:64:5e:bf:b2:c9:b5:82:0c:
18:95:df:b4:78:95:fe:29:46:2b:35:36:c3:5c:3e:8f:a0:33:
a4:37:8c:4d:89:0c:6b:2e:e9:5d:1d:be:e7:2b:b9:ea:45:cd:
75:e6:b9:e8:84:a1:e5:e3:2b:9e:0d:42:83:e8:72:d3:89:65:
9d:39:24:e4:e9:ea:54:75:ad:f4:ed:1a:11:2f:b7:31:20:39:
2f:ce:30:e6:6d:81:55:b3:9a:75:52:31:20:2b:a8:fd:7e:32:
29:2c:3a:74:96:33:65:9f:a1:bd:03:6e:b1:47:70:04:7a:3a:
0a:4a:df:94:09:07:2c:1f:c2:c7:0d:81:5e:6b:d4:93:f3:46:
e4:10:63:22:ac:39:22:dd:7c:56:43:79:89:42:5a:9d:c3:2c:
ed:9f:60:25:1a:f9:d8:2f:fb:7f:1c:55:4b:3e:10:92:1f:ff:
33:ec:99:21:8b:be:97:12:3f:2b:89:eb:d9:93:99:91:8d:f8:
96:e0:24:eb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4wO+b16vrQ58tQRezncQ0LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmYzk2NzRlZDU1ZjBhNzY1Y2E1ZGExYzZmYWZhNGRkMjVl
MmExNzgwHhcNMjYwNTE2MTAwMTMyWhcNMjYwNTE3MTAwMTMyWjAzMTEwLwYDVQQD
EygzMjIxYTU3OTdhMjYwZDgyYzQ0MmQwMmRiNTg3OTU2NjgzMGVhNzNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtd3nfqFZBtT/mE+tRc2g35l4yvWV
trGqE34QvdwaF8lGVNXtSGF42EE6hjQG9qbzN4KQxxEzRrZAEDNfhEoeMu1mfVTU
IIPeOhsj+gh8UrFLb4gZZbn5GX3tmatKdUjzC2SoNBwqnvW92fMfj+HKRY+vc1fD
6RdIx7id+2xq31RGeM/aP+uIc1lV98uNpuKrUe12oQ6iNKu+b8p1Q7mvna0C5/m0
o5/n5GU1vKH8CrzTFDQ/0LchfdeXIzDrbKa6dIFsDiE8OtphAb+IKAs0ugV+N02j
shcLY+9f/0lLdMVUmlwzlvVWnCW4VOUCU5WNYvof5nxdDomJrMjBE1/e5QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDIhpXl6Jg2CxELQLbWHlWaDDqc/MB8GA1UdIwQY
MBaAFA/JZ07VXwp2XKXaHG+vpN0l4qF4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDhsblR0VmZDblpjcGRvY2I2LWszU1hpb1hnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC84YWIyYTMtMDg4ZS00ZTBjLWJlOWEt
NGE5NDZjNTJmYmMyLzEvRDhsblR0VmZDblpjcGRvY2I2LWszU1hpb1hnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC84YWIyYTMtMDg4ZS00ZTBjLWJlOWEtNGE5NDZjNTJmYmMy
LzEvRDhsblR0VmZDblpjcGRvY2I2LWszU1hpb1hnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGCbeA7NB
F0sqM64Z/TQztGRHCfMDd2lAMOarfClbEKxmMm1hHOJpj3EU8R4wSs62zfM6iDdw
+OC0bnGioYOt1mRev7LJtYIMGJXftHiV/ilGKzU2w1w+j6AzpDeMTYkMay7pXR2+
5yu56kXNdea56ISh5eMrng1Cg+hy04llnTkk5OnqVHWt9O0aES+3MSA5L84w5m2B
VbOadVIxICuo/X4yKSw6dJYzZZ+hvQNusUdwBHo6CkrflAkHLB/Cxw2BXmvUk/NG
5BBjIqw5It18VkN5iUJancMs7Z9gJRr52C/7fxxVSz4Qkh//M+yZIYu+lxI/K4nr
2ZOZkY34luAk6w==
-----END CERTIFICATE-----
Generated at Sat May 16 18:42:33 2026 by rpki-client