Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/6381d3-5d01-4abc-bed7-7b21bf303ccc/1/h-2cuDQKwglaTLBSjl6i9zjOpnI.mft
File: h-2cuDQKwglaTLBSjl6i9zjOpnI.mft (raw, json)
Hash identifier: DX+LTkhNEyvo1fc2BO0m+g/XB+bpLcAkgNcvJbAFwp8=
Subject key identifier: D5:BF:76:1E:7D:44:D0:37:78:CF:5B:2C:1F:CD:2F:CB:0C:3E:03:AF
Authority key identifier: 87:ED:9C:B8:34:0A:C2:09:5A:4C:B0:52:8E:5E:A2:F7:38:CE:A6:72
Certificate issuer: /CN=87ed9cb8340ac2095a4cb0528e5ea2f738cea672
Certificate serial: 019D386601601F5F82939FAD10AC2183CF1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h-2cuDQKwglaTLBSjl6i9zjOpnI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/6381d3-5d01-4abc-bed7-7b21bf303ccc/1/h-2cuDQKwglaTLBSjl6i9zjOpnI.mft
Manifest number: 065B
Signing time: Sun 29 Mar 2026 07:01:42 +0000
Manifest this update: Sun 29 Mar 2026 07:01:42 +0000
Manifest next update: Mon 30 Mar 2026 07:01:42 +0000
Files and hashes: 1: ClXL4dT4GSld8lEfAWyCYr5cI3Y.roa (hash: gOfRKf6V+xV3ZsFtbBW86oarsiPBo5VFvmb0v2OnPU0=)
2: h-2cuDQKwglaTLBSjl6i9zjOpnI.crl (hash: eiYTF7NPfNtMMsfBk5+5DvjONLrR5oOU6g0oqIx5IpE=)
3: vT00UMTKIHLp4hINXZvd81w31H4.roa (hash: QI91nZrYvdKW6PkjSidpqTabE42DmbX4YNbp5QsN850=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/6381d3-5d01-4abc-bed7-7b21bf303ccc/1/h-2cuDQKwglaTLBSjl6i9zjOpnI.crl
rsync://rpki.ripe.net/repository/DEFAULT/0b/6381d3-5d01-4abc-bed7-7b21bf303ccc/1/h-2cuDQKwglaTLBSjl6i9zjOpnI.mft
rsync://rpki.ripe.net/repository/DEFAULT/h-2cuDQKwglaTLBSjl6i9zjOpnI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:66:01:60:1f:5f:82:93:9f:ad:10:ac:21:83:cf:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87ed9cb8340ac2095a4cb0528e5ea2f738cea672
Validity
Not Before: Mar 29 07:01:42 2026 GMT
Not After : Mar 30 07:01:42 2026 GMT
Subject: CN=d5bf761e7d44d03778cf5b2c1fcd2fcb0c3e03af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:e0:21:70:32:d7:ab:35:40:5d:3d:54:a6:55:
6f:97:5a:ef:c7:9a:0f:a2:82:a7:b2:f2:e3:72:57:
5d:c1:71:70:dc:db:d0:ec:1f:0f:9b:e0:58:b7:59:
8d:e6:1b:d8:86:53:cb:19:04:87:97:43:81:ba:20:
7f:22:42:aa:82:fd:02:a3:c2:42:3e:aa:d0:4f:a4:
4a:fa:8e:ee:c6:f4:58:47:34:72:fd:55:c2:cf:7c:
fb:97:89:aa:b4:fb:4d:ed:0a:36:60:a2:56:f1:a6:
43:a6:0d:dc:7a:22:de:af:74:08:4e:9f:f3:e8:8b:
ff:6f:72:98:96:84:0f:46:fc:19:71:a0:8f:51:b8:
ef:18:89:88:4e:ae:c2:bf:c4:12:74:60:bd:ad:57:
1b:c8:57:a3:53:05:b5:a4:04:a1:aa:49:71:74:33:
0c:78:35:6b:72:6a:92:ff:5d:ac:9a:9c:cf:b8:9b:
f5:26:cd:28:59:17:b6:ae:5f:b5:10:d2:ee:1a:b1:
42:9f:e1:17:05:5a:dd:83:dd:5d:d0:00:7b:7f:c5:
15:c8:c2:e7:d6:c5:38:dd:db:c5:c8:2c:71:dd:d9:
91:cf:33:b4:87:9e:6c:d9:45:12:45:a9:b2:99:36:
a4:91:59:d8:fd:a8:cc:b9:b1:22:79:e2:a3:e2:66:
54:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:BF:76:1E:7D:44:D0:37:78:CF:5B:2C:1F:CD:2F:CB:0C:3E:03:AF
X509v3 Authority Key Identifier:
keyid:87:ED:9C:B8:34:0A:C2:09:5A:4C:B0:52:8E:5E:A2:F7:38:CE:A6:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h-2cuDQKwglaTLBSjl6i9zjOpnI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/6381d3-5d01-4abc-bed7-7b21bf303ccc/1/h-2cuDQKwglaTLBSjl6i9zjOpnI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/6381d3-5d01-4abc-bed7-7b21bf303ccc/1/h-2cuDQKwglaTLBSjl6i9zjOpnI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a1:ec:16:6b:64:09:34:43:0b:b1:f1:da:03:60:cf:0b:65:ff:
4f:ed:3b:51:b9:f5:c8:5b:7a:b0:e2:11:1c:c1:69:39:32:85:
b5:4b:ec:02:6e:71:7a:b5:cc:43:b7:3d:9e:0d:89:0d:ac:83:
35:84:0d:1d:06:8f:fd:44:8a:c3:a8:e7:9e:84:ea:cc:e9:13:
ef:3d:ce:b9:53:7c:be:24:c4:30:9d:44:3c:dd:ac:46:90:f0:
52:4c:9e:d8:98:52:93:a5:ef:c7:91:f8:6c:53:c9:da:95:22:
b0:13:71:1c:1c:d4:e8:d2:20:7b:32:1e:b8:70:f6:f2:ce:7e:
6f:49:2c:9a:68:38:75:39:10:99:fb:7f:e5:bd:68:cb:76:6d:
66:52:93:6a:3c:b0:c1:12:c8:6b:39:33:c4:25:ed:d9:d0:24:
ec:f3:f0:0d:88:0a:9b:56:6f:1c:9e:2e:83:e4:25:b0:cb:59:
a0:2f:6c:55:b1:06:7b:3c:fb:cf:d6:e9:c4:c5:64:22:37:98:
5d:22:fb:ff:6b:58:76:98:46:c8:32:7b:71:01:c9:c5:ac:55:
b4:1d:93:da:88:d8:a5:30:88:59:7c:72:aa:88:7f:5b:03:a6:
bd:b1:7a:a5:a2:52:61:65:02:56:ab:3f:0c:b9:94:df:f3:2e:
f8:38:ce:03
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZgFgH1+Ck5+tEKwhg88aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3ZWQ5Y2I4MzQwYWMyMDk1YTRjYjA1MjhlNWVhMmY3Mzhj
ZWE2NzIwHhcNMjYwMzI5MDcwMTQyWhcNMjYwMzMwMDcwMTQyWjAzMTEwLwYDVQQD
EyhkNWJmNzYxZTdkNDRkMDM3NzhjZjViMmMxZmNkMmZjYjBjM2UwM2FmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+AhcDLXqzVAXT1UplVvl1rvx5oP
ooKnsvLjclddwXFw3NvQ7B8Pm+BYt1mN5hvYhlPLGQSHl0OBuiB/IkKqgv0Co8JC
PqrQT6RK+o7uxvRYRzRy/VXCz3z7l4mqtPtN7Qo2YKJW8aZDpg3ceiLer3QITp/z
6Iv/b3KYloQPRvwZcaCPUbjvGImITq7Cv8QSdGC9rVcbyFejUwW1pAShqklxdDMM
eDVrcmqS/12smpzPuJv1Js0oWRe2rl+1ENLuGrFCn+EXBVrdg91d0AB7f8UVyMLn
1sU43dvFyCxx3dmRzzO0h55s2UUSRamymTakkVnY/ajMubEieeKj4mZUowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNW/dh59RNA3eM9bLB/NL8sMPgOvMB8GA1UdIwQY
MBaAFIftnLg0CsIJWkywUo5eovc4zqZyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaC0yY3VEUUt3Z2xhVExCU2psNmk5empPcG5JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi82MzgxZDMtNWQwMS00YWJjLWJlZDct
N2IyMWJmMzAzY2NjLzEvaC0yY3VEUUt3Z2xhVExCU2psNmk5empPcG5JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi82MzgxZDMtNWQwMS00YWJjLWJlZDctN2IyMWJmMzAzY2Nj
LzEvaC0yY3VEUUt3Z2xhVExCU2psNmk5empPcG5JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoewWa2QJ
NEMLsfHaA2DPC2X/T+07Ubn1yFt6sOIRHMFpOTKFtUvsAm5xerXMQ7c9ng2JDayD
NYQNHQaP/USKw6jnnoTqzOkT7z3OuVN8viTEMJ1EPN2sRpDwUkye2JhSk6Xvx5H4
bFPJ2pUisBNxHBzU6NIgezIeuHD28s5+b0ksmmg4dTkQmft/5b1oy3ZtZlKTajyw
wRLIazkzxCXt2dAk7PPwDYgKm1ZvHJ4ug+QlsMtZoC9sVbEGezz7z9bpxMVkIjeY
XSL7/2tYdphGyDJ7cQHJxaxVtB2T2ojYpTCIWXxyqoh/WwOmvbF6paJSYWUCVqs/
DLmU3/Mu+DjOAw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 14:02:08 2026 by rpki-client