Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/c890fc-2cf8-4075-875d-ccfc7f07b9cb/1/rHI58-_bN5H1vlVSmbXYFpfz0BI.mft
File: rHI58-_bN5H1vlVSmbXYFpfz0BI.mft (raw, json)
Hash identifier: UToZKhuaPK+a71brhx5qyEv8InEajqwrZXhgMINH2rY=
Subject key identifier: B6:E4:3C:BD:5B:EF:C7:1F:E8:38:4E:5A:34:28:B9:C1:2F:64:D6:07
Authority key identifier: AC:72:39:F3:EF:DB:37:91:F5:BE:55:52:99:B5:D8:16:97:F3:D0:12
Certificate issuer: /CN=ac7239f3efdb3791f5be555299b5d81697f3d012
Certificate serial: 019D38D363F673A49455900A7574B200648B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rHI58-_bN5H1vlVSmbXYFpfz0BI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/c890fc-2cf8-4075-875d-ccfc7f07b9cb/1/rHI58-_bN5H1vlVSmbXYFpfz0BI.mft
Manifest number: 144B
Signing time: Sun 29 Mar 2026 09:01:10 +0000
Manifest this update: Sun 29 Mar 2026 09:01:10 +0000
Manifest next update: Mon 30 Mar 2026 09:01:10 +0000
Files and hashes: 1: rHI58-_bN5H1vlVSmbXYFpfz0BI.crl (hash: GLVG7BbvSc+kM4DHlEkoXhUH+W3P0c4O2WZgbopOQ3Y=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/c890fc-2cf8-4075-875d-ccfc7f07b9cb/1/rHI58-_bN5H1vlVSmbXYFpfz0BI.crl
rsync://rpki.ripe.net/repository/DEFAULT/1e/c890fc-2cf8-4075-875d-ccfc7f07b9cb/1/rHI58-_bN5H1vlVSmbXYFpfz0BI.mft
rsync://rpki.ripe.net/repository/DEFAULT/rHI58-_bN5H1vlVSmbXYFpfz0BI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:d3:63:f6:73:a4:94:55:90:0a:75:74:b2:00:64:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac7239f3efdb3791f5be555299b5d81697f3d012
Validity
Not Before: Mar 29 09:01:10 2026 GMT
Not After : Mar 30 09:01:10 2026 GMT
Subject: CN=b6e43cbd5befc71fe8384e5a3428b9c12f64d607
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:a7:8a:10:f0:77:8b:14:96:a5:ea:52:2b:35:
7b:ca:3a:a8:1d:89:23:7c:b1:ff:1a:d2:88:3a:23:
27:4c:ed:f6:ed:9f:ef:b1:46:46:6b:db:39:86:b7:
c2:73:3c:b1:9c:b8:e1:24:50:26:8f:22:a7:71:2f:
61:e3:5e:2e:08:79:5b:de:35:e0:cb:c2:dc:63:7f:
e0:eb:bc:39:40:96:e1:34:ac:b3:2b:f2:12:57:51:
43:14:77:39:76:46:db:6c:56:e6:4c:3b:4f:e2:49:
bf:01:a0:ac:0f:e0:5d:d1:e7:3b:cc:36:fe:7f:0e:
8c:9e:c7:48:4e:01:9b:fc:00:dd:75:4d:5b:27:ac:
e9:1f:d4:f7:a4:cf:2c:cb:17:b3:11:34:d8:70:5f:
f9:0b:fe:4d:61:0d:ff:48:af:6d:1e:a4:ae:06:f5:
18:c6:c8:3b:c4:99:5b:a0:7d:f7:c8:dc:f8:d1:8b:
75:e0:db:36:0d:fe:41:99:3e:ee:3a:a5:db:86:56:
d4:07:e9:49:3f:b6:a1:74:46:d4:06:cf:79:9b:00:
a4:e4:8f:a3:09:83:4f:b1:e6:67:4d:57:94:8b:04:
84:6d:3e:27:9c:c7:a5:9b:72:8c:d8:11:c0:4a:e5:
9e:ba:c2:c5:4a:7f:43:94:82:82:a9:6a:1b:a9:45:
75:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:E4:3C:BD:5B:EF:C7:1F:E8:38:4E:5A:34:28:B9:C1:2F:64:D6:07
X509v3 Authority Key Identifier:
keyid:AC:72:39:F3:EF:DB:37:91:F5:BE:55:52:99:B5:D8:16:97:F3:D0:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rHI58-_bN5H1vlVSmbXYFpfz0BI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/c890fc-2cf8-4075-875d-ccfc7f07b9cb/1/rHI58-_bN5H1vlVSmbXYFpfz0BI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/c890fc-2cf8-4075-875d-ccfc7f07b9cb/1/rHI58-_bN5H1vlVSmbXYFpfz0BI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
96:5f:44:89:93:1b:31:16:3f:eb:b6:45:7d:83:bf:16:d2:ff:
23:69:d1:e0:f4:78:09:39:1e:f8:3c:cf:49:5e:cf:54:97:c8:
2e:6b:4f:de:8e:05:ad:a4:58:ef:83:ea:ef:70:48:11:7b:f5:
5f:11:f8:ae:03:16:b9:6e:92:4e:c2:ed:35:e8:92:e7:aa:79:
b5:d7:72:f4:76:85:ca:93:a6:53:60:38:15:c2:e5:97:b6:a4:
c2:f6:bf:2b:d0:95:45:32:ec:d6:b7:bf:57:ab:dd:b3:a7:05:
b0:35:49:cb:a8:e0:1a:f2:8b:47:19:1e:e3:ab:0b:a9:40:61:
f6:52:ab:0a:3d:ef:29:a8:1f:70:60:1c:7f:57:03:1d:9d:3f:
5e:d2:94:8f:5e:27:1f:8a:d3:cb:f9:7a:5d:f3:da:5a:76:10:
0b:af:32:cf:c9:d0:d2:73:96:86:07:ef:6b:73:e5:88:fc:ec:
cf:1b:55:c2:11:6a:ab:f4:d0:95:0a:c6:65:35:12:05:e4:81:
d7:c0:cd:59:d3:66:a5:7e:eb:46:b4:4f:9c:07:79:e7:6c:a0:
9e:4d:a2:33:d4:0c:81:3a:44:92:e1:a1:32:80:4b:e0:d8:03:
52:65:3b:d4:fe:3f:8c:e1:0b:2e:88:29:fd:53:58:be:4c:97:
d9:2d:bf:70
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0402P2c6SUVZAKdXSyAGSLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjNzIzOWYzZWZkYjM3OTFmNWJlNTU1Mjk5YjVkODE2OTdm
M2QwMTIwHhcNMjYwMzI5MDkwMTEwWhcNMjYwMzMwMDkwMTEwWjAzMTEwLwYDVQQD
EyhiNmU0M2NiZDViZWZjNzFmZTgzODRlNWEzNDI4YjljMTJmNjRkNjA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlaeKEPB3ixSWpepSKzV7yjqoHYkj
fLH/GtKIOiMnTO327Z/vsUZGa9s5hrfCczyxnLjhJFAmjyKncS9h414uCHlb3jXg
y8LcY3/g67w5QJbhNKyzK/ISV1FDFHc5dkbbbFbmTDtP4km/AaCsD+Bd0ec7zDb+
fw6MnsdITgGb/ADddU1bJ6zpH9T3pM8syxezETTYcF/5C/5NYQ3/SK9tHqSuBvUY
xsg7xJlboH33yNz40Yt14Ns2Df5BmT7uOqXbhlbUB+lJP7ahdEbUBs95mwCk5I+j
CYNPseZnTVeUiwSEbT4nnMelm3KM2BHASuWeusLFSn9DlIKCqWobqUV1oQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLbkPL1b78cf6DhOWjQoucEvZNYHMB8GA1UdIwQY
MBaAFKxyOfPv2zeR9b5VUpm12BaX89ASMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckhJNTgtX2JONUgxdmxWU21iWFlGcGZ6MEJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS9jODkwZmMtMmNmOC00MDc1LTg3NWQt
Y2NmYzdmMDdiOWNiLzEvckhJNTgtX2JONUgxdmxWU21iWFlGcGZ6MEJJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS9jODkwZmMtMmNmOC00MDc1LTg3NWQtY2NmYzdmMDdiOWNi
LzEvckhJNTgtX2JONUgxdmxWU21iWFlGcGZ6MEJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAll9EiZMb
MRY/67ZFfYO/FtL/I2nR4PR4CTke+DzPSV7PVJfILmtP3o4FraRY74Pq73BIEXv1
XxH4rgMWuW6STsLtNeiS56p5tddy9HaFypOmU2A4FcLll7akwva/K9CVRTLs1re/
V6vds6cFsDVJy6jgGvKLRxke46sLqUBh9lKrCj3vKagfcGAcf1cDHZ0/XtKUj14n
H4rTy/l6XfPaWnYQC68yz8nQ0nOWhgfva3PliPzszxtVwhFqq/TQlQrGZTUSBeSB
18DNWdNmpX7rRrRPnAd552ygnk2iM9QMgTpEkuGhMoBL4NgDUmU71P4/jOELLogp
/VNYvkyX2S2/cA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:25:52 2026 by rpki-client