Manifest
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/3c8e4e11-3aca-4305-acd4-f05e6c909115/0/B8288EA9E3D67DC3D38FA775181C4B2C87729BDF.mft
File: B8288EA9E3D67DC3D38FA775181C4B2C87729BDF.mft (raw, json)
Hash identifier: GlBjEpW5xCVczIt1i+Yy+7vbBfIuznI/Z5A0nyxqQQs=
Subject key identifier: B3:1A:BE:2A:AC:89:6F:6E:6C:33:48:CA:73:79:2B:E6:BB:A2:56:CC
Authority key identifier: B8:28:8E:A9:E3:D6:7D:C3:D3:8F:A7:75:18:1C:4B:2C:87:72:9B:DF
Certificate issuer: /CN=b8288ea9e3d67dc3d38fa775181c4b2c87729bdf
Certificate serial: 754AAFD7A150FEAA26C09DFFD480B63F2B331C2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uCiOqePWfcPTj6d1GBxLLIdym98.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/3c8e4e11-3aca-4305-acd4-f05e6c909115/0/B8288EA9E3D67DC3D38FA775181C4B2C87729BDF.mft
Manifest number: 0171
Signing time: Wed 22 Apr 2026 09:28:00 +0000
Manifest this update: Wed 22 Apr 2026 09:23:00 +0000
Manifest next update: Thu 23 Apr 2026 10:36:00 +0000
Files and hashes: 1: B8288EA9E3D67DC3D38FA775181C4B2C87729BDF.crl (hash: DPsxrhQqhCqaHohXQtIlwgkmN0ZK4RhCxPhWLxa0OCc=)
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
75:4a:af:d7:a1:50:fe:aa:26:c0:9d:ff:d4:80:b6:3f:2b:33:1c:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b8288ea9e3d67dc3d38fa775181c4b2c87729bdf
Validity
Not Before: Apr 22 09:23:00 2026 GMT
Not After : Apr 23 10:36:00 2026 GMT
Subject: CN=B31ABE2AAC896F6E6C3348CA73792BE6BBA256CC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:0d:db:e2:98:e1:d2:00:72:4f:3f:33:df:43:
d2:e3:65:84:3a:d8:44:82:54:eb:73:05:c2:8b:ab:
d9:1f:6a:1a:ee:77:f9:8f:5f:a5:b9:ef:11:ff:52:
3c:bb:a8:f4:5a:aa:9c:b1:3c:16:ff:87:1f:21:b9:
2f:1e:0d:fd:3f:50:26:74:67:56:7b:f3:66:9a:11:
51:d3:f6:13:fe:21:60:9f:d0:27:de:32:fc:f6:53:
7b:69:87:4c:dc:56:69:65:1b:d0:e2:63:36:80:1c:
c6:12:57:b9:8c:7a:61:10:4f:d6:79:b0:1c:a6:cd:
f4:40:ff:fb:8e:0e:c1:46:32:38:ca:51:50:c0:00:
dd:c2:78:a2:8f:75:b4:c3:36:1f:12:c2:e6:5c:2d:
bf:da:7c:9a:f6:32:32:dd:e6:23:bf:82:e1:66:1a:
c2:09:48:e6:ee:f3:fb:0d:4c:47:2f:40:9c:61:6c:
79:1f:cc:d8:c9:30:07:4b:d8:a3:11:cd:8f:1c:02:
21:01:a2:98:8d:ed:50:f9:db:e9:c8:76:a1:1c:ba:
e2:d1:00:91:ef:fc:c5:0e:0a:e4:d3:1b:26:8b:3e:
50:90:95:47:c3:9d:b5:0e:68:1e:be:8d:f8:95:50:
1f:1d:23:7b:4d:95:ba:3f:2d:b4:25:8d:d7:bc:af:
f8:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:1A:BE:2A:AC:89:6F:6E:6C:33:48:CA:73:79:2B:E6:BB:A2:56:CC
X509v3 Authority Key Identifier:
keyid:B8:28:8E:A9:E3:D6:7D:C3:D3:8F:A7:75:18:1C:4B:2C:87:72:9B:DF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/3c8e4e11-3aca-4305-acd4-f05e6c909115/0/B8288EA9E3D67DC3D38FA775181C4B2C87729BDF.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uCiOqePWfcPTj6d1GBxLLIdym98.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/3c8e4e11-3aca-4305-acd4-f05e6c909115/0/B8288EA9E3D67DC3D38FA775181C4B2C87729BDF.mft
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1b:59:41:25:59:9f:31:8f:2d:02:5e:cc:60:92:7a:8c:80:e3:
f3:2e:f0:0f:b8:93:34:ba:87:21:1c:1b:5c:7e:3b:47:3c:de:
01:64:5b:bc:ea:a3:39:54:eb:3e:c1:fd:05:d7:3b:e7:0d:94:
64:7d:c0:82:10:04:f9:d3:b1:28:f1:f6:f0:39:ff:5c:48:0e:
31:35:37:9b:12:f2:46:9a:b2:79:30:80:06:09:1e:cf:f8:f2:
98:01:cd:ee:cd:92:90:8c:9a:46:01:11:07:59:c0:be:54:6b:
0a:b9:b2:c0:ad:06:d2:85:ce:4a:4e:ef:db:b1:f2:e3:7c:94:
aa:24:bd:c3:7d:16:6e:58:1f:f6:ef:d6:50:3c:fd:56:08:e9:
32:dc:b7:21:cc:f0:b8:69:92:74:2c:f9:70:bd:f7:11:c5:c7:
94:f0:12:46:52:69:97:a4:1e:cd:c0:b4:5d:10:21:04:32:13:
88:71:23:89:9e:53:cf:cf:94:13:b3:42:f5:de:c5:d2:78:93:
96:96:31:d6:ad:f4:5a:d5:88:d1:4a:1d:84:a0:4e:0c:8e:e2:
b3:b8:a2:00:4c:fd:77:5a:fa:4d:72:de:ef:86:f0:eb:c2:d1:
a5:d2:71:22:e9:92:1f:ad:f3:ed:be:9c:83:2b:b7:b5:77:82:
89:73:2c:4a
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgIUdUqv16FQ/qomwJ3/1IC2PyszHC4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjgyODhlYTllM2Q2N2RjM2QzOGZhNzc1MTgxYzRiMmM4
NzcyOWJkZjAeFw0yNjA0MjIwOTIzMDBaFw0yNjA0MjMxMDM2MDBaMDMxMTAvBgNV
BAMTKEIzMUFCRTJBQUM4OTZGNkU2QzMzNDhDQTczNzkyQkU2QkJBMjU2Q0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0DdvimOHSAHJPPzPfQ9LjZYQ6
2ESCVOtzBcKLq9kfahrud/mPX6W57xH/Ujy7qPRaqpyxPBb/hx8huS8eDf0/UCZ0
Z1Z782aaEVHT9hP+IWCf0CfeMvz2U3tph0zcVmllG9DiYzaAHMYSV7mMemEQT9Z5
sBymzfRA//uODsFGMjjKUVDAAN3CeKKPdbTDNh8SwuZcLb/afJr2MjLd5iO/guFm
GsIJSObu8/sNTEcvQJxhbHkfzNjJMAdL2KMRzY8cAiEBopiN7VD52+nIdqEcuuLR
AJHv/MUOCuTTGyaLPlCQlUfDnbUOaB6+jfiVUB8dI3tNlbo/LbQljde8r/jJAgMB
AAGjggJHMIICQzAdBgNVHQ4EFgQUsxq+KqyJb25sM0jKc3kr5ruiVswwHwYDVR0j
BBgwFoAUuCiOqePWfcPTj6d1GBxLLIdym98wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvM2M4ZTRlMTEtM2FjYS00MzA1LWFjZDQtZjA1ZTZjOTA5
MTE1LzAvQjgyODhFQTlFM0Q2N0RDM0QzOEZBNzc1MTgxQzRCMkM4NzcyOUJERi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3VDaU9xZVBXZmNQVGo2ZDFHQnhMTElk
eW05OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6
Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS8zYzhlNGUxMS0z
YWNhLTQzMDUtYWNkNC1mMDVlNmM5MDkxMTUvMC9CODI4OEVBOUUzRDY3REMzRDM4
RkE3NzUxODFDNEIyQzg3NzI5QkRGLm1mdDAYBgNVHSABAf8EDjAMMAoGCCsGAQUF
Bw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYIKwYBBQUH
AQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAG1lBJVmfMY8tAl7MYJJ6
jIDj8y7wD7iTNLqHIRwbXH47RzzeAWRbvOqjOVTrPsH9Bdc75w2UZH3AghAE+dOx
KPH28Dn/XEgOMTU3mxLyRpqyeTCABgkez/jymAHN7s2SkIyaRgERB1nAvlRrCrmy
wK0G0oXOSk7v27Hy43yUqiS9w30Wblgf9u/WUDz9VgjpMty3IczwuGmSdCz5cL33
EcXHlPASRlJpl6QezcC0XRAhBDITiHEjiZ5Tz8+UE7NC9d7F0niTlpYx1q30WtWI
0UodhKBODI7is7iiAEz9d1r6TXLe74bw68LRpdJxIumSH63z7b6cgyu3tXeCiXMs
Sg==
-----END CERTIFICATE-----
Generated at Sat May 16 03:39:43 2026 by rpki-client