Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/83df5b-d153-4cb6-baf3-4cd38b758d5c/1/HlqvPQaD3IoNWMZDgm4WbTwozKk.mft
File: HlqvPQaD3IoNWMZDgm4WbTwozKk.mft (raw, json)
Hash identifier: E+kBOju8c50UH/EF0Cklb7VI++6zAnHSbeMqF68QThA=
Subject key identifier: 82:1F:FB:B2:FE:D8:EE:DC:3C:1F:C9:9A:31:EB:C4:1F:64:8C:28:AB
Authority key identifier: 1E:5A:AF:3D:06:83:DC:8A:0D:58:C6:43:82:6E:16:6D:3C:28:CC:A9
Certificate issuer: /CN=1e5aaf3d0683dc8a0d58c643826e166d3c28cca9
Certificate serial: 019D38D38FF8E16565B8EC912437E8836F06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HlqvPQaD3IoNWMZDgm4WbTwozKk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/83df5b-d153-4cb6-baf3-4cd38b758d5c/1/HlqvPQaD3IoNWMZDgm4WbTwozKk.mft
Manifest number: 189A
Signing time: Sun 29 Mar 2026 09:01:22 +0000
Manifest this update: Sun 29 Mar 2026 09:01:22 +0000
Manifest next update: Mon 30 Mar 2026 09:01:22 +0000
Files and hashes: 1: HlqvPQaD3IoNWMZDgm4WbTwozKk.crl (hash: 6XP6q2CJBs2PvGnwmM1cGSgZJZ9o8ePltLb5pTGONjg=)
2: RoLgrjDxF4akRKaq8T1rSF19Kng.roa (hash: +7nyTK/C6dWtP3h0zQHeagqR3OkxYgHMPvGFJRKBnDk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/06/83df5b-d153-4cb6-baf3-4cd38b758d5c/1/HlqvPQaD3IoNWMZDgm4WbTwozKk.crl
rsync://rpki.ripe.net/repository/DEFAULT/06/83df5b-d153-4cb6-baf3-4cd38b758d5c/1/HlqvPQaD3IoNWMZDgm4WbTwozKk.mft
rsync://rpki.ripe.net/repository/DEFAULT/HlqvPQaD3IoNWMZDgm4WbTwozKk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:d3:8f:f8:e1:65:65:b8:ec:91:24:37:e8:83:6f:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e5aaf3d0683dc8a0d58c643826e166d3c28cca9
Validity
Not Before: Mar 29 09:01:22 2026 GMT
Not After : Mar 30 09:01:22 2026 GMT
Subject: CN=821ffbb2fed8eedc3c1fc99a31ebc41f648c28ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:9c:ae:b8:ea:6c:bd:44:e4:84:fc:6f:57:16:
64:85:65:01:ac:04:18:80:3c:2e:73:38:dd:30:52:
57:c4:c3:50:b4:6a:f5:cb:1a:69:49:36:e9:af:47:
0d:24:f4:f0:f5:e7:e9:c7:04:7d:5c:1a:ba:67:92:
32:ab:44:ce:63:f1:ab:39:24:78:ac:ef:a5:88:66:
26:30:c9:1f:3c:bb:ff:1a:2d:6a:2f:3b:1d:23:04:
c0:15:90:0c:04:2b:2e:91:ab:85:45:7f:1e:7b:6c:
20:df:7e:0e:ee:04:18:73:bd:be:fc:84:0a:da:1c:
6d:76:a5:e6:32:6b:6b:e6:80:e1:01:54:4e:9c:df:
48:da:c1:5e:68:f2:e8:0e:24:9e:db:6e:fd:e2:c4:
eb:42:21:ff:b1:7f:95:32:10:18:4e:ae:73:a0:7e:
ea:86:1e:16:9e:18:d1:3e:06:08:48:f7:4e:8f:f6:
04:45:b0:d9:0d:f9:23:36:a1:74:c6:a7:16:a4:77:
36:5e:09:45:c5:46:12:2c:b1:11:84:39:bd:62:4b:
29:6b:1e:04:b0:54:7d:9e:d0:d1:04:0c:7b:fd:c4:
8c:6e:4f:cf:c7:25:ef:3e:37:63:63:8e:b9:c6:6f:
ac:7e:8c:df:9f:5a:7e:ff:b5:36:6e:30:3d:fc:05:
11:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:1F:FB:B2:FE:D8:EE:DC:3C:1F:C9:9A:31:EB:C4:1F:64:8C:28:AB
X509v3 Authority Key Identifier:
keyid:1E:5A:AF:3D:06:83:DC:8A:0D:58:C6:43:82:6E:16:6D:3C:28:CC:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HlqvPQaD3IoNWMZDgm4WbTwozKk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/83df5b-d153-4cb6-baf3-4cd38b758d5c/1/HlqvPQaD3IoNWMZDgm4WbTwozKk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/83df5b-d153-4cb6-baf3-4cd38b758d5c/1/HlqvPQaD3IoNWMZDgm4WbTwozKk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
20:0e:1c:30:a1:23:47:dc:94:be:83:e7:a3:0a:65:c8:96:03:
79:f4:8c:56:3b:0d:66:26:59:8d:6d:3a:58:6d:1a:68:14:dc:
f5:91:38:e5:ed:58:c0:df:24:62:ec:d0:53:a0:fc:9f:3f:ed:
aa:3e:cd:af:fa:e4:82:5a:43:21:2c:45:96:d9:2c:c1:08:9b:
70:12:ae:12:96:9e:aa:10:f2:72:e1:dc:c0:df:e7:83:e8:f7:
cf:77:75:21:05:c5:1e:b9:c3:16:2a:21:a4:7a:fb:04:c6:26:
1e:64:80:80:42:92:7d:d3:ed:74:f1:ea:c9:c2:bc:8c:89:75:
1e:47:a2:1d:10:49:86:f6:ec:0a:c7:97:a0:0a:e9:39:c6:3b:
53:9f:1f:15:63:a2:b1:b1:c5:20:9e:70:8e:73:e3:4d:01:bd:
93:46:42:35:e9:fc:51:e6:da:65:af:fa:66:62:fe:74:9f:8d:
79:59:3c:95:57:b6:60:d9:1c:6a:9c:ef:87:9d:b6:eb:0a:2e:
6c:d8:f9:e4:79:7c:0d:0e:e3:81:1e:2f:0b:13:66:36:cf:8b:
9f:d2:c4:fa:3a:91:90:8a:f6:16:f2:87:d7:83:25:a2:5f:a1:
bf:7a:23:e4:67:f4:37:ad:bb:c4:97:fd:b9:6b:b5:52:1b:a0:
f6:fd:55:e4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0404/44WVluOyRJDfog28GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlNWFhZjNkMDY4M2RjOGEwZDU4YzY0MzgyNmUxNjZkM2My
OGNjYTkwHhcNMjYwMzI5MDkwMTIyWhcNMjYwMzMwMDkwMTIyWjAzMTEwLwYDVQQD
Eyg4MjFmZmJiMmZlZDhlZWRjM2MxZmM5OWEzMWViYzQxZjY0OGMyOGFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs5yuuOpsvUTkhPxvVxZkhWUBrAQY
gDwuczjdMFJXxMNQtGr1yxppSTbpr0cNJPTw9efpxwR9XBq6Z5Iyq0TOY/GrOSR4
rO+liGYmMMkfPLv/Gi1qLzsdIwTAFZAMBCsukauFRX8ee2wg334O7gQYc72+/IQK
2hxtdqXmMmtr5oDhAVROnN9I2sFeaPLoDiSe22794sTrQiH/sX+VMhAYTq5zoH7q
hh4WnhjRPgYISPdOj/YERbDZDfkjNqF0xqcWpHc2XglFxUYSLLERhDm9Ykspax4E
sFR9ntDRBAx7/cSMbk/PxyXvPjdjY465xm+sfozfn1p+/7U2bjA9/AUREQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIIf+7L+2O7cPB/JmjHrxB9kjCirMB8GA1UdIwQY
MBaAFB5arz0Gg9yKDVjGQ4JuFm08KMypMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGxxdlBRYUQzSW9OV01aRGdtNFdiVHdvektrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi84M2RmNWItZDE1My00Y2I2LWJhZjMt
NGNkMzhiNzU4ZDVjLzEvSGxxdlBRYUQzSW9OV01aRGdtNFdiVHdvektrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi84M2RmNWItZDE1My00Y2I2LWJhZjMtNGNkMzhiNzU4ZDVj
LzEvSGxxdlBRYUQzSW9OV01aRGdtNFdiVHdvektrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIA4cMKEj
R9yUvoPnowplyJYDefSMVjsNZiZZjW06WG0aaBTc9ZE45e1YwN8kYuzQU6D8nz/t
qj7Nr/rkglpDISxFltkswQibcBKuEpaeqhDycuHcwN/ng+j3z3d1IQXFHrnDFioh
pHr7BMYmHmSAgEKSfdPtdPHqycK8jIl1HkeiHRBJhvbsCseXoArpOcY7U58fFWOi
sbHFIJ5wjnPjTQG9k0ZCNen8UebaZa/6ZmL+dJ+NeVk8lVe2YNkcapzvh5226wou
bNj55Hl8DQ7jgR4vCxNmNs+Ln9LE+jqRkIr2FvKH14Mlol+hv3oj5Gf0N627xJf9
uWu1Uhug9v1V5A==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:17:02 2026 by rpki-client