Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/3fd774-3d79-44b1-878a-6028c2654940/1/hpA1wxdzT2Ybv4XCGEFVofNhat0.mft
File: hpA1wxdzT2Ybv4XCGEFVofNhat0.mft (raw, json)
Hash identifier: i1t5uhaE1X36daBDkjFzlNCR6OoXH9hjZvCknCeKlno=
Subject key identifier: E0:36:77:BC:EB:03:CD:CA:53:24:EA:46:65:3E:32:03:5C:48:F8:97
Authority key identifier: 86:90:35:C3:17:73:4F:66:1B:BF:85:C2:18:41:55:A1:F3:61:6A:DD
Certificate issuer: /CN=869035c317734f661bbf85c2184155a1f3616add
Certificate serial: 019D390A6B1D684EC7E5E93A8A253E28BA9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hpA1wxdzT2Ybv4XCGEFVofNhat0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/3fd774-3d79-44b1-878a-6028c2654940/1/hpA1wxdzT2Ybv4XCGEFVofNhat0.mft
Manifest number: 1416
Signing time: Sun 29 Mar 2026 10:01:17 +0000
Manifest this update: Sun 29 Mar 2026 10:01:17 +0000
Manifest next update: Mon 30 Mar 2026 10:01:17 +0000
Files and hashes: 1: hpA1wxdzT2Ybv4XCGEFVofNhat0.crl (hash: 3P3YGdcEZq+NjMuF1O0QYd8QjVjespPSPQrVxQ4WXss=)
2: xICMKArLvTx29numTiutzmAayDM.roa (hash: Lqd0tIHATER1ygDumfjqbLFR0sPowEmoXTK5gpQqBN0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/3fd774-3d79-44b1-878a-6028c2654940/1/hpA1wxdzT2Ybv4XCGEFVofNhat0.crl
rsync://rpki.ripe.net/repository/DEFAULT/01/3fd774-3d79-44b1-878a-6028c2654940/1/hpA1wxdzT2Ybv4XCGEFVofNhat0.mft
rsync://rpki.ripe.net/repository/DEFAULT/hpA1wxdzT2Ybv4XCGEFVofNhat0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:0a:6b:1d:68:4e:c7:e5:e9:3a:8a:25:3e:28:ba:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=869035c317734f661bbf85c2184155a1f3616add
Validity
Not Before: Mar 29 10:01:17 2026 GMT
Not After : Mar 30 10:01:17 2026 GMT
Subject: CN=e03677bceb03cdca5324ea46653e32035c48f897
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:13:59:ec:dd:f7:46:62:e7:9a:51:8f:1f:35:
84:c4:3f:25:11:95:3f:51:99:1b:33:e6:1f:ea:b1:
d3:67:a8:a7:39:bc:da:9a:1e:26:ac:99:d4:f8:05:
8c:78:dc:06:a5:5b:87:27:ae:0a:cc:7b:28:9f:5f:
2e:52:9a:b8:e4:1c:6e:ec:8f:12:b3:33:10:fd:8b:
8b:e3:1e:3f:1c:3f:80:3a:b4:0b:35:c4:db:83:fc:
47:25:76:5f:e3:93:ee:38:a2:c1:85:ea:d3:82:96:
a1:f9:85:06:47:91:39:d5:76:2b:49:70:45:7f:9e:
55:e9:75:a6:ca:d6:29:b6:6c:37:3f:9e:51:2b:1d:
fc:d7:8b:e8:55:ba:74:2b:63:33:0f:93:8b:90:3b:
a3:ad:3c:9e:15:22:32:9f:ec:82:3c:8a:8a:be:26:
d5:8f:51:be:5b:2c:2e:9d:c4:df:c4:ea:cd:62:f7:
01:5a:c9:3b:c0:42:2d:42:f3:b2:9a:b3:40:90:ff:
be:ef:56:22:a4:2d:d9:84:0b:6b:fe:c2:a1:b5:75:
28:bf:88:47:26:a2:ea:2a:21:83:27:03:71:08:e1:
9c:ad:ac:be:a9:b5:19:64:92:fe:21:ef:f3:42:dc:
97:17:7d:ce:d6:85:bf:eb:60:95:88:49:a5:c2:19:
16:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:36:77:BC:EB:03:CD:CA:53:24:EA:46:65:3E:32:03:5C:48:F8:97
X509v3 Authority Key Identifier:
keyid:86:90:35:C3:17:73:4F:66:1B:BF:85:C2:18:41:55:A1:F3:61:6A:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hpA1wxdzT2Ybv4XCGEFVofNhat0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/3fd774-3d79-44b1-878a-6028c2654940/1/hpA1wxdzT2Ybv4XCGEFVofNhat0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/3fd774-3d79-44b1-878a-6028c2654940/1/hpA1wxdzT2Ybv4XCGEFVofNhat0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2d:75:bc:cb:f2:8e:af:c8:f2:a5:94:d0:1f:f5:e3:fb:87:00:
2e:08:ec:57:f0:2e:90:24:5f:72:7d:c7:f5:05:0b:7e:5c:0f:
c0:14:e2:e9:c2:8c:ea:a0:d1:41:d0:1d:2f:db:4d:41:62:b4:
6c:9d:ab:aa:af:6d:d0:59:61:9b:a6:c6:1d:b7:7b:c8:8a:8c:
80:17:36:21:c5:33:56:d3:1b:24:91:ca:a0:b6:4b:c7:bd:6a:
52:23:e5:38:91:da:62:b6:48:5a:b4:f2:d0:ba:49:f1:fb:66:
d4:72:ed:63:7f:07:c8:4d:e2:1b:02:c0:33:18:ad:9b:30:71:
d3:74:13:5d:03:7d:ae:aa:63:1a:bc:c3:e9:7e:4b:56:ff:71:
57:10:2a:3c:d5:ce:be:1d:96:3b:ca:5b:f6:a0:b2:fc:80:88:
e0:f0:51:34:6e:eb:7f:94:fd:54:13:13:a3:19:e4:0d:cc:8a:
97:1b:a1:b0:ca:06:95:94:42:27:8d:4c:b2:1d:e4:37:9b:db:
1f:65:8e:4d:39:91:cf:a9:2b:59:f5:09:30:31:7e:a8:24:e6:
c0:11:24:f5:43:f3:68:0c:08:6f:ff:6a:71:7a:9c:28:03:92:
ba:86:5b:a2:0f:ea:e8:9e:22:64:47:ca:69:a4:28:c8:bc:84:
a7:96:7a:e2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05CmsdaE7H5ek6iiU+KLqcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2OTAzNWMzMTc3MzRmNjYxYmJmODVjMjE4NDE1NWExZjM2
MTZhZGQwHhcNMjYwMzI5MTAwMTE3WhcNMjYwMzMwMTAwMTE3WjAzMTEwLwYDVQQD
EyhlMDM2NzdiY2ViMDNjZGNhNTMyNGVhNDY2NTNlMzIwMzVjNDhmODk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhRNZ7N33RmLnmlGPHzWExD8lEZU/
UZkbM+Yf6rHTZ6inObzamh4mrJnU+AWMeNwGpVuHJ64KzHson18uUpq45Bxu7I8S
szMQ/YuL4x4/HD+AOrQLNcTbg/xHJXZf45PuOKLBherTgpah+YUGR5E51XYrSXBF
f55V6XWmytYptmw3P55RKx3814voVbp0K2MzD5OLkDujrTyeFSIyn+yCPIqKvibV
j1G+WywuncTfxOrNYvcBWsk7wEItQvOymrNAkP++71YipC3ZhAtr/sKhtXUov4hH
JqLqKiGDJwNxCOGcray+qbUZZJL+Ie/zQtyXF33O1oW/62CViEmlwhkWqQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOA2d7zrA83KUyTqRmU+MgNcSPiXMB8GA1UdIwQY
MBaAFIaQNcMXc09mG7+FwhhBVaHzYWrdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHBBMXd4ZHpUMllidjRYQ0dFRlZvZk5oYXQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS8zZmQ3NzQtM2Q3OS00NGIxLTg3OGEt
NjAyOGMyNjU0OTQwLzEvaHBBMXd4ZHpUMllidjRYQ0dFRlZvZk5oYXQwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS8zZmQ3NzQtM2Q3OS00NGIxLTg3OGEtNjAyOGMyNjU0OTQw
LzEvaHBBMXd4ZHpUMllidjRYQ0dFRlZvZk5oYXQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALXW8y/KO
r8jypZTQH/Xj+4cALgjsV/AukCRfcn3H9QULflwPwBTi6cKM6qDRQdAdL9tNQWK0
bJ2rqq9t0Flhm6bGHbd7yIqMgBc2IcUzVtMbJJHKoLZLx71qUiPlOJHaYrZIWrTy
0LpJ8ftm1HLtY38HyE3iGwLAMxitmzBx03QTXQN9rqpjGrzD6X5LVv9xVxAqPNXO
vh2WO8pb9qCy/ICI4PBRNG7rf5T9VBMToxnkDcyKlxuhsMoGlZRCJ41Msh3kN5vb
H2WOTTmRz6krWfUJMDF+qCTmwBEk9UPzaAwIb/9qcXqcKAOSuoZbog/q6J4iZEfK
aaQoyLyEp5Z64g==
-----END CERTIFICATE-----
Generated at Sun Mar 29 14:56:39 2026 by rpki-client