Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/2fd20a-53ae-4bea-80c9-03f23a73941d/1/ih8K1VcrribjnIdAxoqPu0buSGQ.mft
File: ih8K1VcrribjnIdAxoqPu0buSGQ.mft (raw, json)
Hash identifier: pUt7L3rj9a+6xuevjSxCpG13YFUk43qrmiU78TeLVac=
Subject key identifier: 8E:5C:28:11:F2:9C:1B:25:E3:E5:FF:72:9E:7F:91:D9:95:74:42:13
Authority key identifier: 8A:1F:0A:D5:57:2B:AE:26:E3:9C:87:40:C6:8A:8F:BB:46:EE:48:64
Certificate issuer: /CN=8a1f0ad5572bae26e39c8740c68a8fbb46ee4864
Certificate serial: 019CACB53B15431948A9154FFCE4317286CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ih8K1VcrribjnIdAxoqPu0buSGQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/2fd20a-53ae-4bea-80c9-03f23a73941d/1/ih8K1VcrribjnIdAxoqPu0buSGQ.mft
Manifest number: 0BD8
Signing time: Mon 02 Mar 2026 04:01:24 +0000
Manifest this update: Mon 02 Mar 2026 04:01:24 +0000
Manifest next update: Tue 03 Mar 2026 04:01:24 +0000
Files and hashes: 1: ih8K1VcrribjnIdAxoqPu0buSGQ.crl (hash: TF22REdejIWAMJXA1eBI4qCmrIGgy5oAv7R7QG8OKwA=)
2: xMgS7QD9_G9EOx5x98EDuY-9yGs.roa (hash: hMlsCv6vl96geP53LLF12LxkGDU69mGZggpEWqFm3G4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/2fd20a-53ae-4bea-80c9-03f23a73941d/1/ih8K1VcrribjnIdAxoqPu0buSGQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b1/2fd20a-53ae-4bea-80c9-03f23a73941d/1/ih8K1VcrribjnIdAxoqPu0buSGQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/ih8K1VcrribjnIdAxoqPu0buSGQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ac:b5:3b:15:43:19:48:a9:15:4f:fc:e4:31:72:86:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8a1f0ad5572bae26e39c8740c68a8fbb46ee4864
Validity
Not Before: Mar 2 04:01:24 2026 GMT
Not After : Mar 3 04:01:24 2026 GMT
Subject: CN=8e5c2811f29c1b25e3e5ff729e7f91d995744213
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:e3:2e:0a:b5:51:ce:06:ba:94:53:0f:f1:8a:
dc:f0:89:b2:a8:02:99:29:65:33:d2:d2:83:e9:3f:
5b:ec:c5:ef:a5:df:9e:d9:81:83:fe:ef:ea:11:62:
da:46:18:2e:7a:83:91:8f:bd:db:4f:72:ae:2e:1c:
fe:75:b0:0d:9c:2d:1b:7e:1c:de:ab:fe:d2:70:7b:
8c:85:b7:b3:b6:ec:89:aa:8b:12:87:13:2b:b9:e3:
99:c7:9a:80:e5:5a:72:67:58:a3:3e:53:41:7f:06:
f6:8a:58:5a:c4:78:17:81:aa:50:7e:fa:29:4b:30:
49:90:81:54:e1:8b:bc:6d:b7:60:e1:3c:48:3d:dd:
c0:55:82:a8:cd:e3:7c:16:ae:df:28:01:37:a5:e7:
08:92:00:ef:73:d2:f8:69:db:e2:c4:44:a7:97:c3:
0f:6f:8e:82:e3:d5:c8:72:0c:21:e8:74:ce:5f:1e:
4d:fb:dc:b8:99:d4:be:c9:9b:a4:ae:84:c2:c7:31:
7f:c9:30:f3:c2:79:b3:c7:39:eb:da:af:00:ff:fb:
c5:6e:d8:b9:6d:fa:a7:7c:c0:85:04:05:43:0e:f1:
1e:5b:c2:a4:97:0e:13:dd:d5:59:65:ee:e7:7c:3d:
62:af:f9:c9:2b:b1:b1:14:54:2c:84:b2:e4:e6:df:
a9:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:5C:28:11:F2:9C:1B:25:E3:E5:FF:72:9E:7F:91:D9:95:74:42:13
X509v3 Authority Key Identifier:
keyid:8A:1F:0A:D5:57:2B:AE:26:E3:9C:87:40:C6:8A:8F:BB:46:EE:48:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ih8K1VcrribjnIdAxoqPu0buSGQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/2fd20a-53ae-4bea-80c9-03f23a73941d/1/ih8K1VcrribjnIdAxoqPu0buSGQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/2fd20a-53ae-4bea-80c9-03f23a73941d/1/ih8K1VcrribjnIdAxoqPu0buSGQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
86:88:3b:01:dc:91:8d:84:41:0f:81:8e:af:c4:e3:46:6c:ff:
12:eb:c0:a2:5f:13:71:f9:d4:35:1f:52:a3:df:d3:75:e0:4f:
d5:25:bb:e2:b6:78:d8:a9:b5:fc:2b:76:c2:e8:f2:79:44:da:
a5:40:c0:81:98:2c:eb:71:a0:0f:bc:3a:91:34:87:91:7a:ea:
4e:20:9d:c7:91:52:e4:84:f5:26:f1:76:a0:be:d2:01:5b:87:
63:ea:71:05:80:98:15:dd:68:fa:d9:d0:3b:cb:b5:2b:a5:d2:
f5:4d:93:04:a1:c3:99:43:1e:da:54:e3:a9:48:68:db:b1:d0:
68:93:8d:2b:c9:92:dc:79:04:37:d3:67:a4:90:e8:b4:c5:5f:
52:90:b8:71:e3:1a:13:b7:2f:e7:79:6f:3c:2a:1b:ed:26:76:
da:cc:48:c7:4a:ef:da:ef:41:9e:b2:95:a6:88:3e:a0:3d:34:
a3:f4:23:9a:84:af:6a:a0:b0:21:c9:65:91:f0:d2:ed:0e:e5:
1c:b0:e0:c7:78:4c:34:1b:c3:02:21:97:a0:a3:b3:fc:17:9e:
b0:b6:43:3c:f4:d4:a6:bf:ac:76:85:53:49:21:e9:8b:c5:c3:
86:fe:d5:40:56:33:93:a3:e9:e7:57:6f:1f:5d:2d:b1:78:0b:
6d:48:13:2b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZystTsVQxlIqRVP/OQxcobLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhMWYwYWQ1NTcyYmFlMjZlMzljODc0MGM2OGE4ZmJiNDZl
ZTQ4NjQwHhcNMjYwMzAyMDQwMTI0WhcNMjYwMzAzMDQwMTI0WjAzMTEwLwYDVQQD
Eyg4ZTVjMjgxMWYyOWMxYjI1ZTNlNWZmNzI5ZTdmOTFkOTk1NzQ0MjEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAluMuCrVRzga6lFMP8Yrc8ImyqAKZ
KWUz0tKD6T9b7MXvpd+e2YGD/u/qEWLaRhgueoORj73bT3KuLhz+dbANnC0bfhze
q/7ScHuMhbeztuyJqosShxMrueOZx5qA5VpyZ1ijPlNBfwb2ilhaxHgXgapQfvop
SzBJkIFU4Yu8bbdg4TxIPd3AVYKozeN8Fq7fKAE3pecIkgDvc9L4advixESnl8MP
b46C49XIcgwh6HTOXx5N+9y4mdS+yZukroTCxzF/yTDzwnmzxznr2q8A//vFbti5
bfqnfMCFBAVDDvEeW8Kklw4T3dVZZe7nfD1ir/nJK7GxFFQshLLk5t+pawIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI5cKBHynBsl4+X/cp5/kdmVdEITMB8GA1UdIwQY
MBaAFIofCtVXK64m45yHQMaKj7tG7khkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWg4SzFWY3JyaWJqbklkQXhvcVB1MGJ1U0dRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS8yZmQyMGEtNTNhZS00YmVhLTgwYzkt
MDNmMjNhNzM5NDFkLzEvaWg4SzFWY3JyaWJqbklkQXhvcVB1MGJ1U0dRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS8yZmQyMGEtNTNhZS00YmVhLTgwYzktMDNmMjNhNzM5NDFk
LzEvaWg4SzFWY3JyaWJqbklkQXhvcVB1MGJ1U0dRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhog7AdyR
jYRBD4GOr8TjRmz/EuvAol8TcfnUNR9So9/TdeBP1SW74rZ42Km1/Ct2wujyeUTa
pUDAgZgs63GgD7w6kTSHkXrqTiCdx5FS5IT1JvF2oL7SAVuHY+pxBYCYFd1o+tnQ
O8u1K6XS9U2TBKHDmUMe2lTjqUho27HQaJONK8mS3HkEN9NnpJDotMVfUpC4ceMa
E7cv53lvPCob7SZ22sxIx0rv2u9BnrKVpog+oD00o/QjmoSvaqCwIcllkfDS7Q7l
HLDgx3hMNBvDAiGXoKOz/BeesLZDPPTUpr+sdoVTSSHpi8XDhv7VQFYzk6Pp51dv
H10tsXgLbUgTKw==
-----END CERTIFICATE-----
Generated at Mon Mar 2 10:57:41 2026 by rpki-client