Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/a0083c-d0a8-4d8a-94b4-735625e0d297/1/h8CntD1CkkkXpZBZi0QyXkzJLuQ.mft
File: h8CntD1CkkkXpZBZi0QyXkzJLuQ.mft (raw, json)
Hash identifier: F7QhlYoiStTnDytPMVivBT0ZL59NYRXsMdo4CAN0+c4=
Subject key identifier: 98:A0:D3:9C:63:8E:D8:4A:D8:89:29:E1:35:2B:56:A2:20:FB:D2:FD
Authority key identifier: 87:C0:A7:B4:3D:42:92:49:17:A5:90:59:8B:44:32:5E:4C:C9:2E:E4
Certificate issuer: /CN=87c0a7b43d42924917a590598b44325e4cc92ee4
Certificate serial: 019D9BBF10B41D11E4EE6422FC0CD8009291
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h8CntD1CkkkXpZBZi0QyXkzJLuQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/a0083c-d0a8-4d8a-94b4-735625e0d297/1/h8CntD1CkkkXpZBZi0QyXkzJLuQ.mft
Manifest number: 0C96
Signing time: Fri 17 Apr 2026 14:01:23 +0000
Manifest this update: Fri 17 Apr 2026 14:01:23 +0000
Manifest next update: Sat 18 Apr 2026 14:01:23 +0000
Files and hashes: 1: h8CntD1CkkkXpZBZi0QyXkzJLuQ.crl (hash: 7TA6K2XJdYl8lG9kMOd1MVnqTzDm+CdKI6DiOQ+qSMA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ba/a0083c-d0a8-4d8a-94b4-735625e0d297/1/h8CntD1CkkkXpZBZi0QyXkzJLuQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/ba/a0083c-d0a8-4d8a-94b4-735625e0d297/1/h8CntD1CkkkXpZBZi0QyXkzJLuQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/h8CntD1CkkkXpZBZi0QyXkzJLuQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9b:bf:10:b4:1d:11:e4:ee:64:22:fc:0c:d8:00:92:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87c0a7b43d42924917a590598b44325e4cc92ee4
Validity
Not Before: Apr 17 14:01:23 2026 GMT
Not After : Apr 18 14:01:23 2026 GMT
Subject: CN=98a0d39c638ed84ad88929e1352b56a220fbd2fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:aa:02:ed:6d:d8:26:82:19:e4:4d:e7:a0:39:
1d:38:30:a2:10:df:fe:a7:b2:46:9c:99:65:6f:63:
70:9b:14:c8:37:66:ac:ab:fb:65:49:5a:99:49:0e:
46:94:87:60:5a:25:3a:0a:6a:a3:80:a9:07:20:13:
2d:5b:39:3b:90:61:40:cd:0f:c5:2f:bc:31:a3:9d:
c5:d7:a7:f4:3a:3b:e0:d9:90:27:7b:82:7f:3e:3c:
eb:77:e9:73:b4:c2:67:c7:d6:d4:7a:c5:62:18:be:
d2:96:ea:fc:94:f2:77:cb:1a:a4:58:58:7e:5d:f1:
2d:46:a1:be:59:0d:f2:c3:af:5e:75:ed:5c:d1:0d:
3a:bf:30:95:a7:76:8a:5d:7c:22:71:ec:d9:0d:f2:
bc:cc:7d:fe:87:b1:87:91:c4:ba:ad:c5:79:69:47:
45:ff:99:06:7c:d6:9f:6e:22:27:5c:b9:97:6a:7b:
f8:de:d9:d2:31:1b:6a:ed:3c:fb:6e:79:3a:7f:34:
8c:09:0c:b8:8a:c4:6d:4b:2a:0d:26:66:79:1d:ed:
2f:b4:c7:95:aa:51:72:f3:21:1d:28:4c:e9:51:a8:
3a:35:50:56:3b:92:a2:1a:4a:73:6a:eb:7a:5d:95:
ab:b3:3d:bd:49:d0:78:af:46:7d:d7:63:aa:d2:90:
74:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:A0:D3:9C:63:8E:D8:4A:D8:89:29:E1:35:2B:56:A2:20:FB:D2:FD
X509v3 Authority Key Identifier:
keyid:87:C0:A7:B4:3D:42:92:49:17:A5:90:59:8B:44:32:5E:4C:C9:2E:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h8CntD1CkkkXpZBZi0QyXkzJLuQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/a0083c-d0a8-4d8a-94b4-735625e0d297/1/h8CntD1CkkkXpZBZi0QyXkzJLuQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/a0083c-d0a8-4d8a-94b4-735625e0d297/1/h8CntD1CkkkXpZBZi0QyXkzJLuQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
94:b9:27:8c:9f:95:8e:5d:90:f5:4c:38:ec:31:00:9c:08:25:
1a:30:da:db:63:82:9f:bb:2b:ec:a4:84:b3:70:e0:e8:92:c7:
89:36:33:39:c4:8c:f0:aa:05:14:fd:a1:49:1a:8b:df:13:9e:
ba:35:6c:95:42:02:d1:f7:4f:ef:e2:f6:1f:cc:9f:bc:5c:3a:
92:a8:fc:78:73:ac:03:00:48:72:98:c2:d6:fe:d3:ef:2c:31:
4a:d8:36:e3:9d:49:5c:9a:75:42:39:94:91:d1:2f:15:2d:05:
30:87:9f:5f:ec:18:df:5b:88:fa:66:94:40:e4:3f:39:cd:91:
04:7c:13:7a:81:65:89:7c:09:7a:15:00:96:25:8b:aa:b8:6d:
06:fb:cd:00:14:65:26:70:ba:1a:34:54:7e:99:f4:15:6a:53:
ff:3c:7c:37:fb:2b:c7:c4:9b:96:d0:32:a2:b0:08:46:e0:ae:
00:55:ad:0d:b7:a5:7e:14:3b:ca:7d:3a:19:12:b4:b3:d9:17:
ad:2c:ca:1c:de:a6:b1:e4:30:e0:cb:8f:d3:7b:bc:10:65:32:
00:38:1a:21:e4:92:0e:78:85:c3:08:c4:48:69:14:2a:0d:1f:
c6:a3:fb:9e:ca:95:94:78:98:19:bd:82:6a:bd:e0:4d:a1:37:
f1:22:37:e3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2bvxC0HRHk7mQi/AzYAJKRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3YzBhN2I0M2Q0MjkyNDkxN2E1OTA1OThiNDQzMjVlNGNj
OTJlZTQwHhcNMjYwNDE3MTQwMTIzWhcNMjYwNDE4MTQwMTIzWjAzMTEwLwYDVQQD
Eyg5OGEwZDM5YzYzOGVkODRhZDg4OTI5ZTEzNTJiNTZhMjIwZmJkMmZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzKoC7W3YJoIZ5E3noDkdODCiEN/+
p7JGnJllb2NwmxTIN2asq/tlSVqZSQ5GlIdgWiU6CmqjgKkHIBMtWzk7kGFAzQ/F
L7wxo53F16f0Ojvg2ZAne4J/Pjzrd+lztMJnx9bUesViGL7Slur8lPJ3yxqkWFh+
XfEtRqG+WQ3yw69ede1c0Q06vzCVp3aKXXwicezZDfK8zH3+h7GHkcS6rcV5aUdF
/5kGfNafbiInXLmXanv43tnSMRtq7Tz7bnk6fzSMCQy4isRtSyoNJmZ5He0vtMeV
qlFy8yEdKEzpUag6NVBWO5KiGkpzaut6XZWrsz29SdB4r0Z912Oq0pB0mwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJig05xjjthK2Ikp4TUrVqIg+9L9MB8GA1UdIwQY
MBaAFIfAp7Q9QpJJF6WQWYtEMl5MyS7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDhDbnREMUNra2tYcFpCWmkwUXlYa3pKTHVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS9hMDA4M2MtZDBhOC00ZDhhLTk0YjQt
NzM1NjI1ZTBkMjk3LzEvaDhDbnREMUNra2tYcFpCWmkwUXlYa3pKTHVRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS9hMDA4M2MtZDBhOC00ZDhhLTk0YjQtNzM1NjI1ZTBkMjk3
LzEvaDhDbnREMUNra2tYcFpCWmkwUXlYa3pKTHVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlLknjJ+V
jl2Q9Uw47DEAnAglGjDa22OCn7sr7KSEs3Dg6JLHiTYzOcSM8KoFFP2hSRqL3xOe
ujVslUIC0fdP7+L2H8yfvFw6kqj8eHOsAwBIcpjC1v7T7ywxStg2451JXJp1QjmU
kdEvFS0FMIefX+wY31uI+maUQOQ/Oc2RBHwTeoFliXwJehUAliWLqrhtBvvNABRl
JnC6GjRUfpn0FWpT/zx8N/srx8SbltAyorAIRuCuAFWtDbelfhQ7yn06GRK0s9kX
rSzKHN6mseQw4MuP03u8EGUyADgaIeSSDniFwwjESGkUKg0fxqP7nsqVlHiYGb2C
ar3gTaE38SI34w==
-----END CERTIFICATE-----
Generated at Fri Apr 17 17:17:54 2026 by rpki-client