Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/9bdb8c-d307-41f6-ac81-e3ccf3ea3c4a/1/h3YEKrfwcZWY6znlPvkuCsz6T6M.mft
File: h3YEKrfwcZWY6znlPvkuCsz6T6M.mft (raw, json)
Hash identifier: nkdXgBDeQANuF5FlasPLJhfdNSOk4RFjmI90gULdn8A=
Subject key identifier: 85:6B:8C:84:8D:3E:72:19:49:32:1A:EE:82:2A:18:20:42:10:B7:16
Authority key identifier: 87:76:04:2A:B7:F0:71:95:98:EB:39:E5:3E:F9:2E:0A:CC:FA:4F:A3
Certificate issuer: /CN=8776042ab7f0719598eb39e53ef92e0accfa4fa3
Certificate serial: 019D98BDC4DE231AD7973A69286212A9878F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h3YEKrfwcZWY6znlPvkuCsz6T6M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/9bdb8c-d307-41f6-ac81-e3ccf3ea3c4a/1/h3YEKrfwcZWY6znlPvkuCsz6T6M.mft
Manifest number: 0CC2
Signing time: Fri 17 Apr 2026 00:01:06 +0000
Manifest this update: Fri 17 Apr 2026 00:01:06 +0000
Manifest next update: Sat 18 Apr 2026 00:01:06 +0000
Files and hashes: 1: h3YEKrfwcZWY6znlPvkuCsz6T6M.crl (hash: 2rdU2vIEgldy4WTwXBaafx2myCt2sXM6P3+v7cFaZy0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/9bdb8c-d307-41f6-ac81-e3ccf3ea3c4a/1/h3YEKrfwcZWY6znlPvkuCsz6T6M.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/9bdb8c-d307-41f6-ac81-e3ccf3ea3c4a/1/h3YEKrfwcZWY6znlPvkuCsz6T6M.mft
rsync://rpki.ripe.net/repository/DEFAULT/h3YEKrfwcZWY6znlPvkuCsz6T6M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:98:bd:c4:de:23:1a:d7:97:3a:69:28:62:12:a9:87:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8776042ab7f0719598eb39e53ef92e0accfa4fa3
Validity
Not Before: Apr 17 00:01:06 2026 GMT
Not After : Apr 18 00:01:06 2026 GMT
Subject: CN=856b8c848d3e721949321aee822a18204210b716
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:75:14:53:9f:9a:9f:46:6f:5a:b4:14:8d:3f:
b6:45:1a:41:7b:2b:7f:eb:5f:7e:1b:91:93:a6:98:
d0:57:9b:2e:16:a2:be:bb:18:cf:4d:5f:43:c5:ce:
be:c1:a8:f8:48:09:26:75:8f:0f:8f:94:08:34:d9:
84:d6:89:9c:9b:43:ff:eb:8f:02:db:93:d0:9f:4d:
ed:d0:20:41:b7:f4:78:a5:9e:6a:c9:7d:61:57:f0:
80:28:7b:3e:59:1b:db:5b:9d:92:c1:3b:5c:e2:5f:
50:46:d7:00:3b:2f:f8:8d:67:bc:45:fd:cc:4c:2f:
e9:73:b1:e5:60:d3:2a:1d:38:f2:54:b1:40:59:d8:
0c:51:63:86:0c:0e:15:e3:ec:4d:55:cd:85:c7:bf:
6b:ae:30:67:92:9b:e8:3b:be:b8:5a:16:d4:ed:4e:
cf:9e:1e:a8:37:25:d0:46:f3:2e:e6:9a:9e:2e:d3:
d3:48:a0:ff:d8:36:51:75:1e:6d:0d:9e:80:5d:a7:
e6:ef:e2:d7:9a:cb:3f:07:20:94:e2:1a:26:ab:66:
c3:d9:3e:b9:d8:02:7f:a8:bb:fc:42:81:44:e1:15:
2f:db:fe:d5:f6:1d:b1:13:66:cf:c2:61:fb:26:c5:
20:fd:a1:78:1b:6a:49:16:41:6f:95:4c:24:d7:66:
17:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:6B:8C:84:8D:3E:72:19:49:32:1A:EE:82:2A:18:20:42:10:B7:16
X509v3 Authority Key Identifier:
keyid:87:76:04:2A:B7:F0:71:95:98:EB:39:E5:3E:F9:2E:0A:CC:FA:4F:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h3YEKrfwcZWY6znlPvkuCsz6T6M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/9bdb8c-d307-41f6-ac81-e3ccf3ea3c4a/1/h3YEKrfwcZWY6znlPvkuCsz6T6M.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/9bdb8c-d307-41f6-ac81-e3ccf3ea3c4a/1/h3YEKrfwcZWY6znlPvkuCsz6T6M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
87:a1:fa:98:a2:34:2a:85:86:61:12:d0:f0:d4:be:2b:53:fb:
15:01:61:de:14:85:e0:8c:94:02:dd:93:8f:65:4f:ed:6d:6f:
16:5f:fe:99:69:0b:f9:ed:03:a4:bd:05:1f:6b:6c:9b:c2:a3:
f6:ca:81:bd:51:1f:d5:ee:50:d3:ab:89:0d:25:0d:13:a8:1e:
60:9a:48:03:c0:d2:f0:23:e5:01:5e:e4:62:fb:ec:aa:0d:d4:
fa:a8:d9:d1:a7:71:90:de:70:d9:77:85:ea:24:3e:ae:31:58:
9f:3a:23:10:94:98:32:da:37:90:10:bc:1f:82:17:86:de:a5:
26:62:cb:97:51:59:d8:a6:9b:48:71:aa:a7:2f:1e:96:57:82:
43:08:b9:12:6d:c8:62:3c:7f:c1:2d:26:20:f3:f1:e2:74:87:
4c:82:54:c5:60:83:1e:83:ff:5e:b7:f4:8a:23:9d:e7:7e:2e:
f2:7d:cd:a6:be:54:1a:5d:41:c0:94:4c:5b:39:25:42:c7:ea:
50:f2:66:59:65:31:d0:97:00:ee:be:3c:b0:ac:2f:54:ab:38:
03:38:d1:4a:4c:ec:83:4b:a8:34:d4:e8:bc:4d:4a:b9:96:78:
ee:dd:b0:4e:9f:4f:89:76:a3:5d:ae:80:92:8a:b6:fc:29:c6:
a9:52:e1:c1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2YvcTeIxrXlzppKGISqYePMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NzYwNDJhYjdmMDcxOTU5OGViMzllNTNlZjkyZTBhY2Nm
YTRmYTMwHhcNMjYwNDE3MDAwMTA2WhcNMjYwNDE4MDAwMTA2WjAzMTEwLwYDVQQD
Eyg4NTZiOGM4NDhkM2U3MjE5NDkzMjFhZWU4MjJhMTgyMDQyMTBiNzE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtHUUU5+an0ZvWrQUjT+2RRpBeyt/
619+G5GTppjQV5suFqK+uxjPTV9Dxc6+waj4SAkmdY8Pj5QINNmE1omcm0P/648C
25PQn03t0CBBt/R4pZ5qyX1hV/CAKHs+WRvbW52SwTtc4l9QRtcAOy/4jWe8Rf3M
TC/pc7HlYNMqHTjyVLFAWdgMUWOGDA4V4+xNVc2Fx79rrjBnkpvoO764WhbU7U7P
nh6oNyXQRvMu5pqeLtPTSKD/2DZRdR5tDZ6AXafm7+LXmss/ByCU4homq2bD2T65
2AJ/qLv8QoFE4RUv2/7V9h2xE2bPwmH7JsUg/aF4G2pJFkFvlUwk12YX9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIVrjISNPnIZSTIa7oIqGCBCELcWMB8GA1UdIwQY
MBaAFId2BCq38HGVmOs55T75LgrM+k+jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDNZRUtyZndjWldZNnpubFB2a3VDc3o2VDZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC85YmRiOGMtZDMwNy00MWY2LWFjODEt
ZTNjY2YzZWEzYzRhLzEvaDNZRUtyZndjWldZNnpubFB2a3VDc3o2VDZNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC85YmRiOGMtZDMwNy00MWY2LWFjODEtZTNjY2YzZWEzYzRh
LzEvaDNZRUtyZndjWldZNnpubFB2a3VDc3o2VDZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAh6H6mKI0
KoWGYRLQ8NS+K1P7FQFh3hSF4IyUAt2Tj2VP7W1vFl/+mWkL+e0DpL0FH2tsm8Kj
9sqBvVEf1e5Q06uJDSUNE6geYJpIA8DS8CPlAV7kYvvsqg3U+qjZ0adxkN5w2XeF
6iQ+rjFYnzojEJSYMto3kBC8H4IXht6lJmLLl1FZ2KabSHGqpy8elleCQwi5Em3I
Yjx/wS0mIPPx4nSHTIJUxWCDHoP/Xrf0iiOd534u8n3Npr5UGl1BwJRMWzklQsfq
UPJmWWUx0JcA7r48sKwvVKs4AzjRSkzsg0uoNNTovE1KuZZ47t2wTp9PiXajXa6A
koq2/CnGqVLhwQ==
-----END CERTIFICATE-----
Generated at Fri Apr 17 07:18:39 2026 by rpki-client