Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/c550e3-f024-46b8-87ec-450e24e0891d/1/HZwHLy2z7x8mBQW7-g7-oYwpcLE.mft
File: HZwHLy2z7x8mBQW7-g7-oYwpcLE.mft (raw, json)
Hash identifier: fdG+T+jZH7m2MEVx/mHV/JQIToXDR5+KzRwlmA2pVFo=
Subject key identifier: 3C:00:8C:66:5C:04:F0:CE:72:58:A3:A6:C9:D4:55:84:46:06:61:49
Authority key identifier: 1D:9C:07:2F:2D:B3:EF:1F:26:05:05:BB:FA:0E:FE:A1:8C:29:70:B1
Certificate issuer: /CN=1d9c072f2db3ef1f260505bbfa0efea18c2970b1
Certificate serial: 019D382E8A74A8BD528B0C07116C1A526700
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HZwHLy2z7x8mBQW7-g7-oYwpcLE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/c550e3-f024-46b8-87ec-450e24e0891d/1/HZwHLy2z7x8mBQW7-g7-oYwpcLE.mft
Manifest number: 14B5
Signing time: Sun 29 Mar 2026 06:01:07 +0000
Manifest this update: Sun 29 Mar 2026 06:01:07 +0000
Manifest next update: Mon 30 Mar 2026 06:01:07 +0000
Files and hashes: 1: HZwHLy2z7x8mBQW7-g7-oYwpcLE.crl (hash: sUlI0yysrfsQkId6JrqZ26g/UPgLyKkdyisoTr4GiSA=)
2: c57yC7tB1OJCUcmD7P1hLz2EMFE.roa (hash: ZXukYGaWgtp5a3QMVvyaz5oNdYorD6FVcR+u7jbZN30=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/c550e3-f024-46b8-87ec-450e24e0891d/1/HZwHLy2z7x8mBQW7-g7-oYwpcLE.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/c550e3-f024-46b8-87ec-450e24e0891d/1/HZwHLy2z7x8mBQW7-g7-oYwpcLE.mft
rsync://rpki.ripe.net/repository/DEFAULT/HZwHLy2z7x8mBQW7-g7-oYwpcLE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 06:01:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:2e:8a:74:a8:bd:52:8b:0c:07:11:6c:1a:52:67:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d9c072f2db3ef1f260505bbfa0efea18c2970b1
Validity
Not Before: Mar 29 06:01:07 2026 GMT
Not After : Mar 30 06:01:07 2026 GMT
Subject: CN=3c008c665c04f0ce7258a3a6c9d4558446066149
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:0f:af:83:6b:81:79:55:31:18:2a:de:7e:23:
0c:ed:0f:b8:8c:99:6a:c7:4b:e6:55:6d:11:8c:ac:
b1:d1:87:6e:76:61:1d:26:b0:78:d3:62:89:6d:93:
96:b7:c7:df:7b:b4:69:1e:b6:a8:3c:10:e8:91:10:
bf:a9:8d:17:fd:9e:fe:cc:d7:04:9e:1e:63:67:4c:
2b:3b:ee:b5:c8:cd:d6:96:30:e6:52:75:1c:80:ba:
31:ce:4a:0b:c5:7f:6d:52:fc:bb:2b:ad:fa:76:f3:
0e:73:77:8f:d8:bb:00:af:57:44:40:a3:86:54:73:
92:eb:53:b9:ec:c1:b8:3c:ee:f0:05:92:ef:de:ec:
4c:3d:8c:7b:50:eb:ff:4a:18:86:ce:b6:cf:62:1f:
0f:01:63:ad:c3:98:5e:ad:e8:50:cc:e6:04:6b:19:
58:51:a2:40:6a:69:e1:68:3d:f3:05:f5:bc:bd:9e:
66:21:05:20:1b:97:bd:14:d6:95:0b:1f:fd:cc:bd:
7b:de:a2:2e:cd:49:24:79:42:9e:5e:71:6d:5a:41:
02:26:bd:2a:04:b0:fc:59:fa:23:ab:7d:ac:f1:03:
72:cf:c0:92:f9:f4:5e:f3:6f:9d:05:b2:e2:10:d9:
21:85:5e:d4:f6:51:01:5d:11:31:7e:cd:3e:58:6e:
9b:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:00:8C:66:5C:04:F0:CE:72:58:A3:A6:C9:D4:55:84:46:06:61:49
X509v3 Authority Key Identifier:
keyid:1D:9C:07:2F:2D:B3:EF:1F:26:05:05:BB:FA:0E:FE:A1:8C:29:70:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HZwHLy2z7x8mBQW7-g7-oYwpcLE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/c550e3-f024-46b8-87ec-450e24e0891d/1/HZwHLy2z7x8mBQW7-g7-oYwpcLE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/c550e3-f024-46b8-87ec-450e24e0891d/1/HZwHLy2z7x8mBQW7-g7-oYwpcLE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3e:b8:7c:46:0a:cd:a3:a9:5e:f1:2b:c4:f1:49:57:41:09:bd:
c8:02:01:d2:ea:82:c4:3b:80:ee:ad:bf:79:3d:bb:42:56:d6:
35:2e:ae:49:3b:27:e5:5d:33:18:ee:18:37:f0:17:5f:f7:60:
49:1c:01:62:7e:5b:77:65:ba:ca:c1:fb:00:db:98:ed:e8:14:
e1:76:fd:ef:0b:7a:51:38:93:87:d8:96:77:16:50:b5:89:d6:
a7:a4:7e:ef:b9:1e:7c:45:2b:51:79:3c:36:29:bc:99:5e:9d:
dd:5c:58:e0:27:e8:1d:99:86:19:5d:b6:fe:e8:a5:d5:53:1a:
32:8d:ac:a7:c2:ba:2a:ab:a9:56:3c:72:a6:a6:90:e7:39:78:
f6:dd:21:7d:52:f5:01:8b:90:61:d9:04:eb:6a:97:d2:2f:b9:
6b:1f:54:bf:c0:c4:f1:d1:bc:c5:6f:d0:f4:a3:54:90:41:e1:
53:8e:65:b9:5d:6f:56:52:b8:9b:d4:af:ad:f8:26:bf:b1:12:
dd:ab:ee:a2:28:70:77:9b:bb:42:49:14:7e:2c:1b:c4:26:5f:
9e:cf:09:e0:1c:ef:6e:6d:1c:d5:92:a7:82:01:8c:e5:d6:34:
58:92:cd:f6:8c:02:01:0f:8c:0a:bb:ec:51:4b:78:55:d9:85:
54:40:22:23
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04Lop0qL1SiwwHEWwaUmcAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkOWMwNzJmMmRiM2VmMWYyNjA1MDViYmZhMGVmZWExOGMy
OTcwYjEwHhcNMjYwMzI5MDYwMTA3WhcNMjYwMzMwMDYwMTA3WjAzMTEwLwYDVQQD
EygzYzAwOGM2NjVjMDRmMGNlNzI1OGEzYTZjOWQ0NTU4NDQ2MDY2MTQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3w+vg2uBeVUxGCrefiMM7Q+4jJlq
x0vmVW0RjKyx0YdudmEdJrB402KJbZOWt8ffe7RpHraoPBDokRC/qY0X/Z7+zNcE
nh5jZ0wrO+61yM3WljDmUnUcgLoxzkoLxX9tUvy7K636dvMOc3eP2LsAr1dEQKOG
VHOS61O57MG4PO7wBZLv3uxMPYx7UOv/ShiGzrbPYh8PAWOtw5herehQzOYEaxlY
UaJAamnhaD3zBfW8vZ5mIQUgG5e9FNaVCx/9zL173qIuzUkkeUKeXnFtWkECJr0q
BLD8Wfojq32s8QNyz8CS+fRe82+dBbLiENkhhV7U9lEBXRExfs0+WG6bQwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDwAjGZcBPDOclijpsnUVYRGBmFJMB8GA1UdIwQY
MBaAFB2cBy8ts+8fJgUFu/oO/qGMKXCxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFp3SEx5Mno3eDhtQlFXNy1nNy1vWXdwY0xFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9jNTUwZTMtZjAyNC00NmI4LTg3ZWMt
NDUwZTI0ZTA4OTFkLzEvSFp3SEx5Mno3eDhtQlFXNy1nNy1vWXdwY0xFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9jNTUwZTMtZjAyNC00NmI4LTg3ZWMtNDUwZTI0ZTA4OTFk
LzEvSFp3SEx5Mno3eDhtQlFXNy1nNy1vWXdwY0xFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPrh8RgrN
o6le8SvE8UlXQQm9yAIB0uqCxDuA7q2/eT27QlbWNS6uSTsn5V0zGO4YN/AXX/dg
SRwBYn5bd2W6ysH7ANuY7egU4Xb97wt6UTiTh9iWdxZQtYnWp6R+77kefEUrUXk8
Nim8mV6d3VxY4CfoHZmGGV22/uil1VMaMo2sp8K6KqupVjxypqaQ5zl49t0hfVL1
AYuQYdkE62qX0i+5ax9Uv8DE8dG8xW/Q9KNUkEHhU45luV1vVlK4m9Svrfgmv7ES
3avuoihwd5u7QkkUfiwbxCZfns8J4Bzvbm0c1ZKnggGM5dY0WJLN9owCAQ+MCrvs
UUt4VdmFVEAiIw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:56:07 2026 by rpki-client