Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/8ab2a3-088e-4e0c-be9a-4a946c52fbc2/1/D8lnTtVfCnZcpdocb6-k3SXioXg.mft
File: D8lnTtVfCnZcpdocb6-k3SXioXg.mft (raw, json)
Hash identifier: 0KH1rKdwNXMyvDHRNzPeOjTVeD77OJRw4JeHYa5HuLs=
Subject key identifier: 46:CB:E3:B0:F6:1A:23:B6:17:5D:77:F2:3A:E1:68:39:2F:06:76:69
Authority key identifier: 0F:C9:67:4E:D5:5F:0A:76:5C:A5:DA:1C:6F:AF:A4:DD:25:E2:A1:78
Certificate issuer: /CN=0fc9674ed55f0a765ca5da1c6fafa4dd25e2a178
Certificate serial: 019D99993CC2FECB0EFC2A94E1CDC0ACA6AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D8lnTtVfCnZcpdocb6-k3SXioXg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/8ab2a3-088e-4e0c-be9a-4a946c52fbc2/1/D8lnTtVfCnZcpdocb6-k3SXioXg.mft
Manifest number: 09A6
Signing time: Fri 17 Apr 2026 04:00:49 +0000
Manifest this update: Fri 17 Apr 2026 04:00:49 +0000
Manifest next update: Sat 18 Apr 2026 04:00:49 +0000
Files and hashes: 1: D8lnTtVfCnZcpdocb6-k3SXioXg.crl (hash: BEFi8yssYEnFuAJdHUWzFzm9XRPNvh9IlTztbx5iuhQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/8ab2a3-088e-4e0c-be9a-4a946c52fbc2/1/D8lnTtVfCnZcpdocb6-k3SXioXg.crl
rsync://rpki.ripe.net/repository/DEFAULT/f4/8ab2a3-088e-4e0c-be9a-4a946c52fbc2/1/D8lnTtVfCnZcpdocb6-k3SXioXg.mft
rsync://rpki.ripe.net/repository/DEFAULT/D8lnTtVfCnZcpdocb6-k3SXioXg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:99:99:3c:c2:fe:cb:0e:fc:2a:94:e1:cd:c0:ac:a6:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0fc9674ed55f0a765ca5da1c6fafa4dd25e2a178
Validity
Not Before: Apr 17 04:00:49 2026 GMT
Not After : Apr 18 04:00:49 2026 GMT
Subject: CN=46cbe3b0f61a23b6175d77f23ae168392f067669
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:1d:56:2a:e4:c5:71:0b:35:12:4b:19:48:8b:
f6:98:28:48:c8:f3:74:b0:6d:1c:31:a6:cb:2d:31:
57:7d:66:02:6d:93:b6:1b:8e:2d:1c:81:7e:ad:3f:
5c:d5:3b:2f:f3:25:1e:73:3e:fb:68:15:c9:e7:2d:
ae:75:d5:3e:7d:b2:1d:12:01:eb:66:78:7f:56:07:
4f:8a:fb:90:bc:81:3f:1a:63:c5:00:a0:ae:56:49:
11:b1:9b:41:02:7d:24:27:ca:df:dd:11:f5:79:60:
d3:a9:54:31:44:b5:59:29:d3:78:92:94:b2:38:25:
61:ea:b8:af:49:2b:3a:95:4d:ee:4a:29:42:ec:64:
d0:04:38:bb:e1:fd:04:09:3d:c9:86:d2:16:9a:b0:
eb:54:89:90:91:8d:a0:66:7c:71:89:97:60:35:87:
76:0d:39:3d:ef:f2:d4:70:08:99:96:0e:b3:3b:e0:
d7:91:94:bc:67:f8:45:e1:e3:17:15:e0:7d:17:64:
56:16:3e:5c:af:ce:b7:a4:12:85:c1:56:72:71:0f:
52:f2:fc:87:47:8c:5f:60:54:60:61:e7:09:1c:8d:
0f:23:cb:e7:15:fa:b2:84:37:66:51:96:a6:fd:ee:
ea:ee:34:d1:d6:2b:23:f0:9f:a3:83:cd:97:76:20:
60:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:CB:E3:B0:F6:1A:23:B6:17:5D:77:F2:3A:E1:68:39:2F:06:76:69
X509v3 Authority Key Identifier:
keyid:0F:C9:67:4E:D5:5F:0A:76:5C:A5:DA:1C:6F:AF:A4:DD:25:E2:A1:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D8lnTtVfCnZcpdocb6-k3SXioXg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/8ab2a3-088e-4e0c-be9a-4a946c52fbc2/1/D8lnTtVfCnZcpdocb6-k3SXioXg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/8ab2a3-088e-4e0c-be9a-4a946c52fbc2/1/D8lnTtVfCnZcpdocb6-k3SXioXg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
43:af:93:e0:d9:3f:fc:08:6d:ad:31:d5:4f:b2:84:67:ab:c6:
6d:94:45:07:3e:61:4a:9b:b1:05:f0:6b:74:85:e0:ad:c7:fa:
62:06:db:11:1f:d5:cc:7e:48:db:40:c4:2c:9b:1a:6d:a7:15:
7d:d6:a0:75:23:d7:3a:93:dd:f3:85:96:28:c4:ac:78:86:d1:
b5:77:49:9e:61:01:46:28:80:3b:eb:d5:7a:e6:3a:3a:75:87:
14:8b:3e:d9:c4:75:e9:8d:ba:97:1b:97:5d:0f:e4:f6:43:b0:
85:30:fc:fe:7e:79:36:26:f1:fe:60:85:09:44:b0:d1:e1:eb:
2b:56:ed:a0:88:83:07:92:24:c4:93:07:71:b8:1b:64:5c:68:
98:f4:7c:65:88:9f:34:28:02:06:a3:11:77:8d:bc:65:6d:52:
c1:af:8e:b6:e6:f3:6a:37:8a:53:b5:cf:40:e4:ea:43:40:c0:
11:6a:fe:46:16:8a:28:80:70:f6:88:aa:12:24:49:e9:a2:19:
30:bb:a0:a1:82:15:cf:5f:ce:42:66:d8:de:28:a5:53:c3:33:
d6:f5:f6:3b:15:ac:6a:a7:8b:80:13:b1:20:15:f4:7e:08:9a:
2e:b6:f9:00:37:14:9e:f8:46:53:ee:33:22:c5:7e:a8:27:e8:
79:8f:ff:0a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2ZmTzC/ssO/CqU4c3ArKauMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmYzk2NzRlZDU1ZjBhNzY1Y2E1ZGExYzZmYWZhNGRkMjVl
MmExNzgwHhcNMjYwNDE3MDQwMDQ5WhcNMjYwNDE4MDQwMDQ5WjAzMTEwLwYDVQQD
Eyg0NmNiZTNiMGY2MWEyM2I2MTc1ZDc3ZjIzYWUxNjgzOTJmMDY3NjY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzB1WKuTFcQs1EksZSIv2mChIyPN0
sG0cMabLLTFXfWYCbZO2G44tHIF+rT9c1Tsv8yUecz77aBXJ5y2uddU+fbIdEgHr
Znh/VgdPivuQvIE/GmPFAKCuVkkRsZtBAn0kJ8rf3RH1eWDTqVQxRLVZKdN4kpSy
OCVh6rivSSs6lU3uSilC7GTQBDi74f0ECT3JhtIWmrDrVImQkY2gZnxxiZdgNYd2
DTk97/LUcAiZlg6zO+DXkZS8Z/hF4eMXFeB9F2RWFj5cr863pBKFwVZycQ9S8vyH
R4xfYFRgYecJHI0PI8vnFfqyhDdmUZam/e7q7jTR1isj8J+jg82XdiBgfwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEbL47D2GiO2F1138jrhaDkvBnZpMB8GA1UdIwQY
MBaAFA/JZ07VXwp2XKXaHG+vpN0l4qF4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDhsblR0VmZDblpjcGRvY2I2LWszU1hpb1hnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC84YWIyYTMtMDg4ZS00ZTBjLWJlOWEt
NGE5NDZjNTJmYmMyLzEvRDhsblR0VmZDblpjcGRvY2I2LWszU1hpb1hnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC84YWIyYTMtMDg4ZS00ZTBjLWJlOWEtNGE5NDZjNTJmYmMy
LzEvRDhsblR0VmZDblpjcGRvY2I2LWszU1hpb1hnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQ6+T4Nk/
/AhtrTHVT7KEZ6vGbZRFBz5hSpuxBfBrdIXgrcf6YgbbER/VzH5I20DELJsabacV
fdagdSPXOpPd84WWKMSseIbRtXdJnmEBRiiAO+vVeuY6OnWHFIs+2cR16Y26lxuX
XQ/k9kOwhTD8/n55Nibx/mCFCUSw0eHrK1btoIiDB5IkxJMHcbgbZFxomPR8ZYif
NCgCBqMRd428ZW1Swa+OtubzajeKU7XPQOTqQ0DAEWr+RhaKKIBw9oiqEiRJ6aIZ
MLugoYIVz1/OQmbY3iilU8Mz1vX2OxWsaqeLgBOxIBX0fgiaLrb5ADcUnvhGU+4z
IsV+qCfoeY//Cg==
-----END CERTIFICATE-----
Generated at Fri Apr 17 12:30:03 2026 by rpki-client