Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/3f5e3c-ac7b-4f0f-a874-26971599a554/1/HxKTy74vaSVA08xaboI2YElMQGM.mft
File: HxKTy74vaSVA08xaboI2YElMQGM.mft (raw, json)
Hash identifier: CP0U0uQXch4tmdf3iOJNXsofXrSJcTgb28YerNUECtA=
Subject key identifier: 02:CF:40:53:24:10:3D:65:FC:23:15:39:C3:F5:E6:75:6D:43:28:87
Authority key identifier: 1F:12:93:CB:BE:2F:69:25:40:D3:CC:5A:6E:82:36:60:49:4C:40:63
Certificate issuer: /CN=1f1293cbbe2f692540d3cc5a6e823660494c4063
Certificate serial: 019D3866955A806A50FC397FA9B5997188DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HxKTy74vaSVA08xaboI2YElMQGM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/3f5e3c-ac7b-4f0f-a874-26971599a554/1/HxKTy74vaSVA08xaboI2YElMQGM.mft
Manifest number: 1012
Signing time: Sun 29 Mar 2026 07:02:20 +0000
Manifest this update: Sun 29 Mar 2026 07:02:20 +0000
Manifest next update: Mon 30 Mar 2026 07:02:20 +0000
Files and hashes: 1: HxKTy74vaSVA08xaboI2YElMQGM.crl (hash: En3K4xz9OrInOb1Cbj7UXfK01rD/JkhMqrW/vtO+lQw=)
2: qZFE4vvvTJ5M0gUNt0iW88jKACg.roa (hash: qVu2Vq/zJz0bGweHHRGe7Gy0T4GqhgX5DzTBtgSOzZg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1a/3f5e3c-ac7b-4f0f-a874-26971599a554/1/HxKTy74vaSVA08xaboI2YElMQGM.crl
rsync://rpki.ripe.net/repository/DEFAULT/1a/3f5e3c-ac7b-4f0f-a874-26971599a554/1/HxKTy74vaSVA08xaboI2YElMQGM.mft
rsync://rpki.ripe.net/repository/DEFAULT/HxKTy74vaSVA08xaboI2YElMQGM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:66:95:5a:80:6a:50:fc:39:7f:a9:b5:99:71:88:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f1293cbbe2f692540d3cc5a6e823660494c4063
Validity
Not Before: Mar 29 07:02:20 2026 GMT
Not After : Mar 30 07:02:20 2026 GMT
Subject: CN=02cf405324103d65fc231539c3f5e6756d432887
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:d6:70:6c:f7:d5:4c:cb:a1:a0:ab:96:1f:e0:
aa:70:76:2c:4e:ab:b1:79:b4:d2:2c:db:d8:d2:ce:
92:4a:14:53:76:25:87:37:af:8e:8a:55:63:1a:0c:
a7:f8:20:98:03:54:43:fa:c3:8e:91:b2:d9:15:98:
94:03:30:19:1d:b8:94:98:09:58:df:2e:61:eb:41:
5c:d3:d6:a8:98:50:6c:39:29:bb:d5:7d:19:2c:2e:
ae:d2:cc:38:27:a6:c8:29:36:3b:5c:52:5c:7e:66:
e1:48:56:77:47:5a:95:d9:f2:7f:b6:94:c1:c7:fa:
52:ca:9c:60:74:3e:a7:40:96:65:60:40:93:8c:cf:
09:22:bf:60:7d:6c:5b:9c:49:01:db:a4:a6:d4:14:
ea:bf:92:bb:24:32:d5:08:f2:64:81:a0:ee:d0:32:
57:0d:7e:b2:39:09:c5:fd:79:8a:e3:58:57:ce:35:
98:48:1b:43:58:bc:32:70:e8:0c:70:08:54:65:ab:
82:09:04:31:6d:77:8e:d1:bf:b9:f4:35:38:b2:5b:
6c:6a:52:d7:da:8a:ae:cc:3d:03:6e:12:99:7b:03:
a7:26:e0:7d:6b:8a:7e:8c:77:8d:91:33:3d:ed:d7:
76:1f:d1:19:e1:ed:74:1c:00:3e:96:1d:54:09:e0:
32:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:CF:40:53:24:10:3D:65:FC:23:15:39:C3:F5:E6:75:6D:43:28:87
X509v3 Authority Key Identifier:
keyid:1F:12:93:CB:BE:2F:69:25:40:D3:CC:5A:6E:82:36:60:49:4C:40:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HxKTy74vaSVA08xaboI2YElMQGM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/3f5e3c-ac7b-4f0f-a874-26971599a554/1/HxKTy74vaSVA08xaboI2YElMQGM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/3f5e3c-ac7b-4f0f-a874-26971599a554/1/HxKTy74vaSVA08xaboI2YElMQGM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
89:cf:9c:aa:d5:73:d6:d8:13:00:85:ae:da:00:db:b3:64:c5:
75:b4:07:f7:ea:91:df:a8:79:0f:92:06:23:01:32:b4:6d:a8:
9f:78:fc:23:2e:f4:9b:aa:20:e8:a8:23:86:39:3f:cb:ba:24:
2b:e0:1f:d7:43:e1:a3:d6:0c:07:76:85:6b:5e:e2:49:ea:31:
43:c2:69:38:98:d8:09:63:3a:75:06:4c:eb:63:97:0f:9d:f6:
e3:7a:d1:83:b0:e0:74:dc:2d:ec:23:74:a9:e7:5c:b2:e3:5e:
fc:9a:a5:2e:ff:31:49:c3:c4:f0:90:a6:8c:59:ff:12:81:da:
de:ac:ff:0c:3b:8f:de:e3:10:83:08:53:4f:36:65:f4:bf:c5:
54:61:6c:4f:66:30:52:44:68:8d:ba:9c:a3:87:9e:99:40:17:
47:a8:6e:ff:f0:3c:54:19:c1:27:d8:2a:14:9f:2b:31:4e:28:
90:57:ae:b1:53:92:ac:21:0e:f1:b7:04:6d:78:23:20:cf:db:
cb:46:e3:54:fa:5f:2a:8b:b9:e9:e5:e4:8f:fd:40:bd:40:68:
d2:65:10:21:26:b7:1d:f9:30:11:e3:e7:4d:c6:52:99:78:bb:
55:cf:87:25:5e:3c:39:87:98:af:86:16:b5:d5:f8:94:ca:bd:
84:ad:e8:80
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZpVagGpQ/Dl/qbWZcYjeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmMTI5M2NiYmUyZjY5MjU0MGQzY2M1YTZlODIzNjYwNDk0
YzQwNjMwHhcNMjYwMzI5MDcwMjIwWhcNMjYwMzMwMDcwMjIwWjAzMTEwLwYDVQQD
EygwMmNmNDA1MzI0MTAzZDY1ZmMyMzE1MzljM2Y1ZTY3NTZkNDMyODg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAudZwbPfVTMuhoKuWH+CqcHYsTqux
ebTSLNvY0s6SShRTdiWHN6+OilVjGgyn+CCYA1RD+sOOkbLZFZiUAzAZHbiUmAlY
3y5h60Fc09aomFBsOSm71X0ZLC6u0sw4J6bIKTY7XFJcfmbhSFZ3R1qV2fJ/tpTB
x/pSypxgdD6nQJZlYECTjM8JIr9gfWxbnEkB26Sm1BTqv5K7JDLVCPJkgaDu0DJX
DX6yOQnF/XmK41hXzjWYSBtDWLwycOgMcAhUZauCCQQxbXeO0b+59DU4sltsalLX
2oquzD0DbhKZewOnJuB9a4p+jHeNkTM97dd2H9EZ4e10HAA+lh1UCeAy9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFALPQFMkED1l/CMVOcP15nVtQyiHMB8GA1UdIwQY
MBaAFB8Sk8u+L2klQNPMWm6CNmBJTEBjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHhLVHk3NHZhU1ZBMDh4YWJvSTJZRWxNUUdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS8zZjVlM2MtYWM3Yi00ZjBmLWE4NzQt
MjY5NzE1OTlhNTU0LzEvSHhLVHk3NHZhU1ZBMDh4YWJvSTJZRWxNUUdNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS8zZjVlM2MtYWM3Yi00ZjBmLWE4NzQtMjY5NzE1OTlhNTU0
LzEvSHhLVHk3NHZhU1ZBMDh4YWJvSTJZRWxNUUdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAic+cqtVz
1tgTAIWu2gDbs2TFdbQH9+qR36h5D5IGIwEytG2on3j8Iy70m6og6Kgjhjk/y7ok
K+Af10Pho9YMB3aFa17iSeoxQ8JpOJjYCWM6dQZM62OXD53243rRg7DgdNwt7CN0
qedcsuNe/JqlLv8xScPE8JCmjFn/EoHa3qz/DDuP3uMQgwhTTzZl9L/FVGFsT2Yw
UkRojbqco4eemUAXR6hu//A8VBnBJ9gqFJ8rMU4okFeusVOSrCEO8bcEbXgjIM/b
y0bjVPpfKou56eXkj/1AvUBo0mUQISa3HfkwEePnTcZSmXi7Vc+HJV48OYeYr4YW
tdX4lMq9hK3ogA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 13:43:31 2026 by rpki-client