Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/8bdfd3-d5a1-45b9-9296-6319bb079c44/1/h_ReOkBp1PXr1fbmQh2NPKvjCSE.mft
File: h_ReOkBp1PXr1fbmQh2NPKvjCSE.mft (raw, json)
Hash identifier: KZCsNo/wz99blZ6gMqsl/kkhzS6C8zECAt/JEYLIj54=
Subject key identifier: 1B:4E:EB:5A:2C:3D:4A:7C:5F:2E:55:D3:D8:7A:12:7E:16:EA:55:F7
Authority key identifier: 87:F4:5E:3A:40:69:D4:F5:EB:D5:F6:E6:42:1D:8D:3C:AB:E3:09:21
Certificate issuer: /CN=87f45e3a4069d4f5ebd5f6e6421d8d3cabe30921
Certificate serial: 019D38664615ADC67D884AAA01E3BBBA19DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h_ReOkBp1PXr1fbmQh2NPKvjCSE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/8bdfd3-d5a1-45b9-9296-6319bb079c44/1/h_ReOkBp1PXr1fbmQh2NPKvjCSE.mft
Manifest number: 143C
Signing time: Sun 29 Mar 2026 07:01:59 +0000
Manifest this update: Sun 29 Mar 2026 07:01:59 +0000
Manifest next update: Mon 30 Mar 2026 07:01:59 +0000
Files and hashes: 1: aMxhZsLMDx304AXjnZldJIQi_VU.roa (hash: nX4KFrnvKm65Zf0OrETssJJWMj+/5dAoLpEa4nDLRE4=)
2: h_ReOkBp1PXr1fbmQh2NPKvjCSE.crl (hash: Q8Di5vNhspi/gcvkFvX4vmk966OnGcD9D1cAhekEffc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1d/8bdfd3-d5a1-45b9-9296-6319bb079c44/1/h_ReOkBp1PXr1fbmQh2NPKvjCSE.crl
rsync://rpki.ripe.net/repository/DEFAULT/1d/8bdfd3-d5a1-45b9-9296-6319bb079c44/1/h_ReOkBp1PXr1fbmQh2NPKvjCSE.mft
rsync://rpki.ripe.net/repository/DEFAULT/h_ReOkBp1PXr1fbmQh2NPKvjCSE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:66:46:15:ad:c6:7d:88:4a:aa:01:e3:bb:ba:19:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87f45e3a4069d4f5ebd5f6e6421d8d3cabe30921
Validity
Not Before: Mar 29 07:01:59 2026 GMT
Not After : Mar 30 07:01:59 2026 GMT
Subject: CN=1b4eeb5a2c3d4a7c5f2e55d3d87a127e16ea55f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:85:e3:cf:10:c8:b1:80:b6:27:19:4c:81:c6:
61:ee:f7:9b:c4:e9:c3:97:a6:fa:20:21:91:72:06:
2c:a9:e6:55:2a:07:21:91:60:dc:f9:07:5a:54:57:
b3:47:c9:95:85:7a:a0:78:f6:cb:33:41:0c:ac:24:
b4:10:80:df:82:46:3d:95:3b:42:ba:9f:5d:7b:7d:
65:98:ca:26:8f:11:7e:6a:56:53:94:db:99:40:d7:
50:ff:f0:28:54:7d:4e:66:6b:c2:88:73:d1:de:20:
b5:3f:77:ee:89:1f:66:f2:68:a7:23:97:3d:fe:78:
ca:2b:31:00:54:8f:a0:0c:8b:a5:65:e9:70:ce:5b:
7c:a8:21:d9:c1:6f:3d:29:06:26:9f:f9:e0:e5:4d:
15:c7:d8:b0:9e:3e:32:41:7c:1f:1e:34:59:dc:92:
8e:9b:20:6d:72:b1:02:c2:85:48:bb:af:95:9c:12:
7f:c7:5e:ad:9e:e1:e7:6c:fe:e7:17:78:47:25:62:
92:b7:db:94:e0:25:4c:56:15:49:39:89:a2:66:17:
ed:d6:f6:ee:6e:9f:c3:a6:c1:d7:75:17:a1:1f:b7:
c1:37:3b:d4:50:06:e8:c3:f8:f5:3c:c3:8a:b9:4d:
ba:5e:77:f9:5e:dc:45:a0:e9:fa:ab:b9:b6:19:92:
0d:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:4E:EB:5A:2C:3D:4A:7C:5F:2E:55:D3:D8:7A:12:7E:16:EA:55:F7
X509v3 Authority Key Identifier:
keyid:87:F4:5E:3A:40:69:D4:F5:EB:D5:F6:E6:42:1D:8D:3C:AB:E3:09:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h_ReOkBp1PXr1fbmQh2NPKvjCSE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/8bdfd3-d5a1-45b9-9296-6319bb079c44/1/h_ReOkBp1PXr1fbmQh2NPKvjCSE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/8bdfd3-d5a1-45b9-9296-6319bb079c44/1/h_ReOkBp1PXr1fbmQh2NPKvjCSE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0e:a5:7f:13:77:42:a4:9f:91:b7:ca:1d:4d:14:f8:31:27:e6:
be:3c:45:69:6c:bb:20:a1:dd:b4:b0:e8:5d:09:b7:cc:a5:6f:
cf:f5:45:2a:f3:fe:24:01:d2:bf:ef:a0:0b:bb:2e:6c:00:eb:
d7:5e:98:3c:97:e8:5a:c8:05:23:4f:ae:15:55:d4:82:25:57:
69:48:f5:58:a2:eb:6c:ee:67:c4:ff:e8:89:77:ca:b6:48:05:
89:4a:f4:7c:1c:d2:84:3b:8e:ba:f9:a4:00:b8:e8:76:ba:b8:
27:06:08:77:a1:89:f0:3e:98:5e:a8:4a:69:04:ae:ea:2c:e9:
c1:56:08:7a:5c:75:b2:61:6c:54:9c:aa:77:e5:be:fe:4f:e6:
a9:6d:6a:e4:46:4b:50:19:b0:f9:0d:33:8b:bf:f9:f1:6f:1c:
fd:eb:0a:6f:f9:66:5a:e8:a7:d3:8f:f4:2d:a5:1b:90:77:b0:
a7:76:77:2d:a6:16:0f:e4:de:77:ef:61:5c:1d:70:ba:a5:d1:
82:64:cb:20:bc:92:51:af:a6:ed:e3:d2:7f:e8:41:96:5d:4b:
33:ae:bf:0f:9e:b9:e0:a8:85:aa:49:ba:be:46:36:30:60:67:
d3:03:ce:bb:29:2f:b2:7b:3e:13:31:a0:21:13:c8:bb:75:00:
bd:63:dc:40
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZkYVrcZ9iEqqAeO7uhnbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3ZjQ1ZTNhNDA2OWQ0ZjVlYmQ1ZjZlNjQyMWQ4ZDNjYWJl
MzA5MjEwHhcNMjYwMzI5MDcwMTU5WhcNMjYwMzMwMDcwMTU5WjAzMTEwLwYDVQQD
EygxYjRlZWI1YTJjM2Q0YTdjNWYyZTU1ZDNkODdhMTI3ZTE2ZWE1NWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvoXjzxDIsYC2JxlMgcZh7vebxOnD
l6b6ICGRcgYsqeZVKgchkWDc+QdaVFezR8mVhXqgePbLM0EMrCS0EIDfgkY9lTtC
up9de31lmMomjxF+alZTlNuZQNdQ//AoVH1OZmvCiHPR3iC1P3fuiR9m8minI5c9
/njKKzEAVI+gDIulZelwzlt8qCHZwW89KQYmn/ng5U0Vx9iwnj4yQXwfHjRZ3JKO
myBtcrECwoVIu6+VnBJ/x16tnuHnbP7nF3hHJWKSt9uU4CVMVhVJOYmiZhft1vbu
bp/DpsHXdRehH7fBNzvUUAbow/j1PMOKuU26Xnf5XtxFoOn6q7m2GZINKwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBtO61osPUp8Xy5V09h6En4W6lX3MB8GA1UdIwQY
MBaAFIf0XjpAadT169X25kIdjTyr4wkhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaF9SZU9rQnAxUFhyMWZibVFoMk5QS3ZqQ1NFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC84YmRmZDMtZDVhMS00NWI5LTkyOTYt
NjMxOWJiMDc5YzQ0LzEvaF9SZU9rQnAxUFhyMWZibVFoMk5QS3ZqQ1NFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC84YmRmZDMtZDVhMS00NWI5LTkyOTYtNjMxOWJiMDc5YzQ0
LzEvaF9SZU9rQnAxUFhyMWZibVFoMk5QS3ZqQ1NFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADqV/E3dC
pJ+Rt8odTRT4MSfmvjxFaWy7IKHdtLDoXQm3zKVvz/VFKvP+JAHSv++gC7subADr
116YPJfoWsgFI0+uFVXUgiVXaUj1WKLrbO5nxP/oiXfKtkgFiUr0fBzShDuOuvmk
ALjodrq4JwYId6GJ8D6YXqhKaQSu6izpwVYIelx1smFsVJyqd+W+/k/mqW1q5EZL
UBmw+Q0zi7/58W8c/esKb/lmWuin04/0LaUbkHewp3Z3LaYWD+Ted+9hXB1wuqXR
gmTLILySUa+m7ePSf+hBll1LM66/D5654KiFqkm6vkY2MGBn0wPOuykvsns+EzGg
IRPIu3UAvWPcQA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 16:57:56 2026 by rpki-client