Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/340031-365b-4fd2-8732-8c0faca3cbd8/1/HQJgQG6DeuODgPzI2ZK5PQ3hqDs.mft
File: HQJgQG6DeuODgPzI2ZK5PQ3hqDs.mft (raw, json)
Hash identifier: dNegCWpfpRYL7kp97OGZJB4qC9OmYm/CNCcpFoJosKM=
Subject key identifier: 9D:39:35:59:CC:B4:70:FD:90:13:A1:36:E4:F2:29:0B:53:C7:5C:92
Authority key identifier: 1D:02:60:40:6E:83:7A:E3:83:80:FC:C8:D9:92:B9:3D:0D:E1:A8:3B
Certificate issuer: /CN=1d0260406e837ae38380fcc8d992b93d0de1a83b
Certificate serial: 019D38D3B45C57BA6D12572A4B2209AB1662
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HQJgQG6DeuODgPzI2ZK5PQ3hqDs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/340031-365b-4fd2-8732-8c0faca3cbd8/1/HQJgQG6DeuODgPzI2ZK5PQ3hqDs.mft
Manifest number: 0DB1
Signing time: Sun 29 Mar 2026 09:01:31 +0000
Manifest this update: Sun 29 Mar 2026 09:01:31 +0000
Manifest next update: Mon 30 Mar 2026 09:01:31 +0000
Files and hashes: 1: HQJgQG6DeuODgPzI2ZK5PQ3hqDs.crl (hash: jpEjHzSpqdTE5mV7oUk6OArgThDfv/nToe6EmOg23Xs=)
2: bdOQfAWdL7wiwVEQoYOuUBY_f9o.roa (hash: nNRgBnyPBnuWyk/W/uELLwEd7uoijhFF49TNbx1XS78=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/340031-365b-4fd2-8732-8c0faca3cbd8/1/HQJgQG6DeuODgPzI2ZK5PQ3hqDs.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/340031-365b-4fd2-8732-8c0faca3cbd8/1/HQJgQG6DeuODgPzI2ZK5PQ3hqDs.mft
rsync://rpki.ripe.net/repository/DEFAULT/HQJgQG6DeuODgPzI2ZK5PQ3hqDs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:d3:b4:5c:57:ba:6d:12:57:2a:4b:22:09:ab:16:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d0260406e837ae38380fcc8d992b93d0de1a83b
Validity
Not Before: Mar 29 09:01:31 2026 GMT
Not After : Mar 30 09:01:31 2026 GMT
Subject: CN=9d393559ccb470fd9013a136e4f2290b53c75c92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:db:da:bb:aa:76:37:ee:b7:20:13:9b:e2:33:
e0:54:12:43:1d:e7:ed:bd:6b:3d:b6:09:17:6e:1d:
d7:40:dc:9b:d7:3f:2a:1f:66:96:4f:0a:34:06:f6:
08:d6:58:8a:c6:a5:1e:6a:81:b2:9c:3c:81:23:62:
13:fc:9b:b6:b7:34:73:54:e4:90:d1:2e:9a:39:a4:
46:50:e9:a0:06:94:dd:69:a4:33:3e:0d:f2:bb:3b:
5e:b5:4d:00:f1:e0:84:13:87:77:ca:6e:cb:15:90:
ca:e1:01:20:eb:c4:98:49:ee:aa:b1:73:66:05:06:
56:68:fd:6b:f2:8f:8a:66:5d:34:2d:ba:cf:c9:8a:
62:ee:0b:5d:b3:e8:8b:7b:dd:73:ee:d6:2e:dd:70:
e1:42:39:a1:35:1f:6a:a4:d3:3d:7e:58:ad:2a:c6:
6f:77:c2:9f:74:dc:ac:1e:1c:eb:a4:01:e6:44:4e:
c2:f9:4d:8e:f4:3d:df:26:e6:7e:fc:1c:bf:ef:64:
26:52:7d:0b:70:1a:d2:9e:3b:24:0f:02:fc:78:cf:
2d:9f:85:49:52:53:b6:48:88:41:73:31:41:db:a6:
f1:f8:da:34:42:72:db:04:9e:df:06:f8:fc:21:e4:
87:64:74:c7:3a:12:9a:0a:e6:16:f2:4d:6c:ba:ff:
8a:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:39:35:59:CC:B4:70:FD:90:13:A1:36:E4:F2:29:0B:53:C7:5C:92
X509v3 Authority Key Identifier:
keyid:1D:02:60:40:6E:83:7A:E3:83:80:FC:C8:D9:92:B9:3D:0D:E1:A8:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HQJgQG6DeuODgPzI2ZK5PQ3hqDs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/340031-365b-4fd2-8732-8c0faca3cbd8/1/HQJgQG6DeuODgPzI2ZK5PQ3hqDs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/340031-365b-4fd2-8732-8c0faca3cbd8/1/HQJgQG6DeuODgPzI2ZK5PQ3hqDs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
59:fc:be:0e:bc:03:7c:e3:03:18:16:9b:0e:6f:78:84:30:56:
2e:70:cb:c6:b6:7b:14:8e:c4:50:db:8d:b9:2a:51:ad:01:b7:
e0:e3:96:70:99:73:32:9e:29:01:e1:b3:33:12:62:c4:28:94:
96:84:dd:a6:02:f1:2f:55:3f:ff:08:e1:4a:ac:8e:d1:5c:d7:
a9:99:5d:08:76:71:86:51:31:02:61:67:25:d8:92:2a:4c:91:
36:08:77:1b:05:fa:7f:8f:6c:0c:17:9b:d1:0e:81:e6:51:37:
c2:a8:8d:8c:eb:be:87:c3:2d:98:fa:1c:f8:fc:63:1b:0b:a9:
c7:9d:fd:bc:ac:42:ae:7e:21:83:f1:d6:85:2c:27:87:84:eb:
3d:ac:a5:50:87:59:e8:03:94:d7:7c:d3:f2:42:1b:48:39:46:
c8:15:86:4d:b1:36:e5:3c:87:7e:e3:76:a7:eb:34:3e:70:35:
d3:4a:3b:e0:d3:5a:08:dc:7e:05:b7:96:4f:f1:7e:be:f4:08:
45:0b:73:a8:e6:b6:37:0b:ef:c6:55:f3:8e:ed:07:10:48:34:
18:43:6d:e9:15:ad:8c:4c:1c:61:18:4d:51:9a:c6:c2:3c:53:
6e:dc:d2:d6:e2:98:19:b6:44:72:0f:25:93:14:9b:f1:52:78:
1c:ae:fc:fd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0407RcV7ptElcqSyIJqxZiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkMDI2MDQwNmU4MzdhZTM4MzgwZmNjOGQ5OTJiOTNkMGRl
MWE4M2IwHhcNMjYwMzI5MDkwMTMxWhcNMjYwMzMwMDkwMTMxWjAzMTEwLwYDVQQD
Eyg5ZDM5MzU1OWNjYjQ3MGZkOTAxM2ExMzZlNGYyMjkwYjUzYzc1YzkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuNvau6p2N+63IBOb4jPgVBJDHeft
vWs9tgkXbh3XQNyb1z8qH2aWTwo0BvYI1liKxqUeaoGynDyBI2IT/Ju2tzRzVOSQ
0S6aOaRGUOmgBpTdaaQzPg3yuztetU0A8eCEE4d3ym7LFZDK4QEg68SYSe6qsXNm
BQZWaP1r8o+KZl00LbrPyYpi7gtds+iLe91z7tYu3XDhQjmhNR9qpNM9flitKsZv
d8KfdNysHhzrpAHmRE7C+U2O9D3fJuZ+/By/72QmUn0LcBrSnjskDwL8eM8tn4VJ
UlO2SIhBczFB26bx+No0QnLbBJ7fBvj8IeSHZHTHOhKaCuYW8k1suv+KeQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ05NVnMtHD9kBOhNuTyKQtTx1ySMB8GA1UdIwQY
MBaAFB0CYEBug3rjg4D8yNmSuT0N4ag7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFFKZ1FHNkRldU9EZ1B6STJaSzVQUTNocURzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8zNDAwMzEtMzY1Yi00ZmQyLTg3MzIt
OGMwZmFjYTNjYmQ4LzEvSFFKZ1FHNkRldU9EZ1B6STJaSzVQUTNocURzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8zNDAwMzEtMzY1Yi00ZmQyLTg3MzItOGMwZmFjYTNjYmQ4
LzEvSFFKZ1FHNkRldU9EZ1B6STJaSzVQUTNocURzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWfy+DrwD
fOMDGBabDm94hDBWLnDLxrZ7FI7EUNuNuSpRrQG34OOWcJlzMp4pAeGzMxJixCiU
loTdpgLxL1U//wjhSqyO0VzXqZldCHZxhlExAmFnJdiSKkyRNgh3GwX6f49sDBeb
0Q6B5lE3wqiNjOu+h8MtmPoc+PxjGwupx539vKxCrn4hg/HWhSwnh4TrPaylUIdZ
6AOU13zT8kIbSDlGyBWGTbE25TyHfuN2p+s0PnA100o74NNaCNx+BbeWT/F+vvQI
RQtzqOa2NwvvxlXzju0HEEg0GENt6RWtjEwcYRhNUZrGwjxTbtzS1uKYGbZEcg8l
kxSb8VJ4HK78/Q==
-----END CERTIFICATE-----
Generated at Sun Mar 29 15:28:02 2026 by rpki-client