Manifest
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/3c8e4e11-3aca-4305-acd4-f05e6c909115/0/B8288EA9E3D67DC3D38FA775181C4B2C87729BDF.mft
File: B8288EA9E3D67DC3D38FA775181C4B2C87729BDF.mft (raw, json)
Hash identifier: LShxAV6cigvIDBZ/AIVIwN14HedWHrfI93l14luya7U=
Subject key identifier: F9:46:F9:B1:E4:43:33:FD:2D:C2:7B:10:CB:B8:7E:D8:CE:3F:83:3E
Authority key identifier: B8:28:8E:A9:E3:D6:7D:C3:D3:8F:A7:75:18:1C:4B:2C:87:72:9B:DF
Certificate issuer: /CN=b8288ea9e3d67dc3d38fa775181c4b2c87729bdf
Certificate serial: 12DB463F070A47CF6530544653803608E0745380
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uCiOqePWfcPTj6d1GBxLLIdym98.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/3c8e4e11-3aca-4305-acd4-f05e6c909115/0/B8288EA9E3D67DC3D38FA775181C4B2C87729BDF.mft
Manifest number: 015C
Signing time: Sat 28 Mar 2026 11:24:54 +0000
Manifest this update: Sat 28 Mar 2026 11:19:54 +0000
Manifest next update: Sun 29 Mar 2026 14:06:54 +0000
Files and hashes: 1: B8288EA9E3D67DC3D38FA775181C4B2C87729BDF.crl (hash: Ydfx45zaTdouW+wlTBCBev2AsIixaanO9J2LyhC2U5Q=)
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/3c8e4e11-3aca-4305-acd4-f05e6c909115/0/B8288EA9E3D67DC3D38FA775181C4B2C87729BDF.crl
rsync://rsync.paas.rpki.ripe.net/repository/3c8e4e11-3aca-4305-acd4-f05e6c909115/0/B8288EA9E3D67DC3D38FA775181C4B2C87729BDF.mft
rsync://rpki.ripe.net/repository/DEFAULT/uCiOqePWfcPTj6d1GBxLLIdym98.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Mar 2026 13:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:db:46:3f:07:0a:47:cf:65:30:54:46:53:80:36:08:e0:74:53:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b8288ea9e3d67dc3d38fa775181c4b2c87729bdf
Validity
Not Before: Mar 28 11:19:54 2026 GMT
Not After : Mar 29 14:06:54 2026 GMT
Subject: CN=F946F9B1E44333FD2DC27B10CBB87ED8CE3F833E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:bd:5b:9b:96:b9:d5:e5:42:00:ee:56:ea:45:
f4:d2:ac:a7:20:bb:87:8f:3d:a3:17:14:4e:fb:6a:
e9:e5:9c:04:c5:3c:94:aa:85:f3:23:20:28:02:24:
08:ac:fd:d6:11:8a:2c:f8:66:04:1b:91:39:60:e0:
90:23:f1:59:fb:ef:c2:2e:d5:9a:da:00:a2:2d:a6:
fb:4b:74:e0:2f:61:d6:3d:83:27:a5:23:c3:1f:0b:
a3:9c:ac:f0:7d:1b:f5:b4:fb:55:cf:3a:dc:e6:c3:
ca:f8:94:37:2b:b5:80:23:b7:d6:67:8e:f9:66:3a:
d8:46:c2:e1:6b:7e:fd:90:f7:4d:58:74:25:dc:19:
76:e3:a2:07:98:7d:23:6e:db:a6:52:58:b9:26:b0:
45:9e:7f:f3:fe:3f:ac:cf:6e:7e:d9:56:f9:2e:cd:
49:55:49:bd:bf:36:d4:42:f7:2f:02:85:48:bc:a7:
d2:f7:83:8d:87:92:00:c7:3d:1b:ed:a5:d6:1a:88:
00:9b:55:44:41:ed:67:87:0b:fe:ee:b1:c8:3c:22:
93:8a:e5:01:18:dc:35:fc:64:25:9e:2f:3b:99:e0:
c7:fa:81:73:20:ef:d6:23:00:cf:c9:d3:de:ff:d0:
65:11:b9:15:64:60:76:59:90:40:d6:aa:ed:28:0c:
95:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:46:F9:B1:E4:43:33:FD:2D:C2:7B:10:CB:B8:7E:D8:CE:3F:83:3E
X509v3 Authority Key Identifier:
keyid:B8:28:8E:A9:E3:D6:7D:C3:D3:8F:A7:75:18:1C:4B:2C:87:72:9B:DF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/3c8e4e11-3aca-4305-acd4-f05e6c909115/0/B8288EA9E3D67DC3D38FA775181C4B2C87729BDF.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uCiOqePWfcPTj6d1GBxLLIdym98.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/3c8e4e11-3aca-4305-acd4-f05e6c909115/0/B8288EA9E3D67DC3D38FA775181C4B2C87729BDF.mft
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
78:5a:2e:83:3e:6d:66:e9:fb:39:06:c0:a9:0b:16:a9:df:c4:
1c:c7:12:c0:fd:62:32:3e:bd:4a:6b:a5:ad:cb:63:1c:74:d1:
97:8f:9c:26:f3:5d:1e:9e:77:a8:76:55:66:dc:15:bd:c4:84:
6e:83:5d:bc:8d:f3:2c:1a:37:cf:15:17:38:14:09:57:03:f6:
76:84:7c:da:b0:e3:62:bb:a7:30:87:cd:1a:91:e9:12:27:f3:
73:8d:a4:de:86:ca:b8:11:0d:e4:c3:db:36:50:59:88:a1:31:
0c:34:4c:f3:e5:80:93:cd:d6:a0:31:8d:e5:35:a8:18:23:18:
22:3a:7b:56:7d:38:08:bb:fe:af:ef:20:00:42:a5:25:3e:e8:
22:71:1e:56:39:63:35:43:da:c9:4b:4b:24:f0:4f:ea:17:4f:
c3:63:07:c5:b4:55:3b:bd:5a:87:32:ab:0a:10:72:b4:7e:56:
0e:78:33:dd:c7:af:f9:98:20:4d:22:fe:24:5e:8a:41:8f:a6:
73:aa:c9:aa:58:db:bb:ab:16:b7:0a:c2:d6:7e:8b:d9:2a:30:
06:dc:6c:1c:c9:88:d4:3c:e0:e8:c5:a1:51:30:da:40:e5:10:
dc:3b:b9:86:59:69:8f:f8:75:e2:d5:5b:b6:da:9e:05:28:b1:
04:38:a4:48
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgIUEttGPwcKR89lMFRGU4A2COB0U4AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjgyODhlYTllM2Q2N2RjM2QzOGZhNzc1MTgxYzRiMmM4
NzcyOWJkZjAeFw0yNjAzMjgxMTE5NTRaFw0yNjAzMjkxNDA2NTRaMDMxMTAvBgNV
BAMTKEY5NDZGOUIxRTQ0MzMzRkQyREMyN0IxMENCQjg3RUQ4Q0UzRjgzM0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCdvVublrnV5UIA7lbqRfTSrKcg
u4ePPaMXFE77aunlnATFPJSqhfMjICgCJAis/dYRiiz4ZgQbkTlg4JAj8Vn778Iu
1ZraAKItpvtLdOAvYdY9gyelI8MfC6OcrPB9G/W0+1XPOtzmw8r4lDcrtYAjt9Zn
jvlmOthGwuFrfv2Q901YdCXcGXbjogeYfSNu26ZSWLkmsEWef/P+P6zPbn7ZVvku
zUlVSb2/NtRC9y8ChUi8p9L3g42HkgDHPRvtpdYaiACbVURB7WeHC/7uscg8IpOK
5QEY3DX8ZCWeLzuZ4Mf6gXMg79YjAM/J097/0GURuRVkYHZZkEDWqu0oDJUbAgMB
AAGjggJHMIICQzAdBgNVHQ4EFgQU+Ub5seRDM/0twnsQy7h+2M4/gz4wHwYDVR0j
BBgwFoAUuCiOqePWfcPTj6d1GBxLLIdym98wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvM2M4ZTRlMTEtM2FjYS00MzA1LWFjZDQtZjA1ZTZjOTA5
MTE1LzAvQjgyODhFQTlFM0Q2N0RDM0QzOEZBNzc1MTgxQzRCMkM4NzcyOUJERi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3VDaU9xZVBXZmNQVGo2ZDFHQnhMTElk
eW05OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6
Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS8zYzhlNGUxMS0z
YWNhLTQzMDUtYWNkNC1mMDVlNmM5MDkxMTUvMC9CODI4OEVBOUUzRDY3REMzRDM4
RkE3NzUxODFDNEIyQzg3NzI5QkRGLm1mdDAYBgNVHSABAf8EDjAMMAoGCCsGAQUF
Bw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYIKwYBBQUH
AQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeFougz5tZun7OQbAqQsW
qd/EHMcSwP1iMj69SmulrctjHHTRl4+cJvNdHp53qHZVZtwVvcSEboNdvI3zLBo3
zxUXOBQJVwP2doR82rDjYrunMIfNGpHpEifzc42k3obKuBEN5MPbNlBZiKExDDRM
8+WAk83WoDGN5TWoGCMYIjp7Vn04CLv+r+8gAEKlJT7oInEeVjljNUPayUtLJPBP
6hdPw2MHxbRVO71ahzKrChBytH5WDngz3cev+ZggTSL+JF6KQY+mc6rJqljbu6sW
twrC1n6L2SowBtxsHMmI1Dzg6MWhUTDaQOUQ3Du5hllpj/h14tVbttqeBSixBDik
SA==
-----END CERTIFICATE-----
Generated at Sat Mar 28 21:28:23 2026 by rpki-client