Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/56c6cb-a36e-4e1c-a432-4f97772b0180/1/h7-ak2z5rSjsWNt5imD9cd9sN_M.mft
File: h7-ak2z5rSjsWNt5imD9cd9sN_M.mft (raw, json)
Hash identifier: JqA3hFKnec9QbbhuLMnrnkQXydZ/4DLjDATz4KfcT/s=
Subject key identifier: DC:37:F1:1E:4A:7A:B4:23:7D:1C:22:96:0E:9B:B0:36:29:A1:2B:65
Authority key identifier: 87:BF:9A:93:6C:F9:AD:28:EC:58:DB:79:8A:60:FD:71:DF:6C:37:F3
Certificate issuer: /CN=87bf9a936cf9ad28ec58db798a60fd71df6c37f3
Certificate serial: 019D38668E7A98510CFDC44F9D2BD8EF2EBD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h7-ak2z5rSjsWNt5imD9cd9sN_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/56c6cb-a36e-4e1c-a432-4f97772b0180/1/h7-ak2z5rSjsWNt5imD9cd9sN_M.mft
Manifest number: 1150
Signing time: Sun 29 Mar 2026 07:02:18 +0000
Manifest this update: Sun 29 Mar 2026 07:02:18 +0000
Manifest next update: Mon 30 Mar 2026 07:02:18 +0000
Files and hashes: 1: h7-ak2z5rSjsWNt5imD9cd9sN_M.crl (hash: stjo+ShW4ovQuk30tGzempe+WHwe48OX/niqSx7n3Mg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/23/56c6cb-a36e-4e1c-a432-4f97772b0180/1/h7-ak2z5rSjsWNt5imD9cd9sN_M.crl
rsync://rpki.ripe.net/repository/DEFAULT/23/56c6cb-a36e-4e1c-a432-4f97772b0180/1/h7-ak2z5rSjsWNt5imD9cd9sN_M.mft
rsync://rpki.ripe.net/repository/DEFAULT/h7-ak2z5rSjsWNt5imD9cd9sN_M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:66:8e:7a:98:51:0c:fd:c4:4f:9d:2b:d8:ef:2e:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87bf9a936cf9ad28ec58db798a60fd71df6c37f3
Validity
Not Before: Mar 29 07:02:18 2026 GMT
Not After : Mar 30 07:02:18 2026 GMT
Subject: CN=dc37f11e4a7ab4237d1c22960e9bb03629a12b65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:f3:00:f0:20:d7:1d:96:53:ed:2d:73:02:21:
98:7a:e7:19:a6:8d:35:5d:56:9b:a8:8c:18:58:af:
89:d4:30:86:e2:19:bf:55:5f:51:80:b3:c0:28:ad:
cf:06:9c:66:cc:c8:da:cb:5e:b3:7f:1e:fc:f7:b8:
dc:52:de:54:51:1d:db:56:4d:ec:08:6b:3c:51:21:
0a:92:ea:54:e3:ba:c6:14:bf:2e:8c:f7:da:6f:b7:
cc:ea:f7:ce:de:87:85:4f:0c:f2:b3:7f:6e:5e:61:
10:57:73:eb:5b:69:99:28:75:5b:b7:17:0c:41:05:
7c:16:65:17:5f:ae:13:18:a6:16:d3:86:19:95:2e:
9c:cd:80:2d:ff:eb:cb:4d:cb:74:a5:83:90:3a:8f:
e4:db:a5:87:75:e4:b9:a4:2b:af:64:e0:23:b2:01:
32:32:61:ee:87:58:cf:f5:e9:d7:2a:fc:1f:15:5d:
06:f9:15:17:69:ee:c9:3d:32:69:34:a4:2f:62:95:
fa:11:d5:3a:45:30:a4:74:5d:0a:31:4d:09:ed:20:
b8:dd:8e:a2:2e:d6:7e:79:fc:0f:1a:fc:47:b3:57:
f3:95:2e:d1:d2:f1:82:c2:f3:a3:ce:62:7b:0a:3c:
4d:a1:e0:bd:b0:71:03:da:20:02:03:e2:84:56:bb:
28:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:37:F1:1E:4A:7A:B4:23:7D:1C:22:96:0E:9B:B0:36:29:A1:2B:65
X509v3 Authority Key Identifier:
keyid:87:BF:9A:93:6C:F9:AD:28:EC:58:DB:79:8A:60:FD:71:DF:6C:37:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h7-ak2z5rSjsWNt5imD9cd9sN_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/56c6cb-a36e-4e1c-a432-4f97772b0180/1/h7-ak2z5rSjsWNt5imD9cd9sN_M.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/56c6cb-a36e-4e1c-a432-4f97772b0180/1/h7-ak2z5rSjsWNt5imD9cd9sN_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7e:28:02:fe:41:48:33:c9:26:2c:f8:06:de:c1:a1:f0:39:59:
f4:b0:76:a0:94:66:c1:9f:da:a2:a1:a9:0d:69:4f:3f:ed:5e:
23:cf:13:55:4e:e3:12:5a:ba:d7:6c:ab:3b:0f:9f:09:cc:57:
e3:8f:3f:c7:97:66:76:fd:6e:3c:6a:41:a0:08:ff:4c:6d:85:
e1:12:cb:40:c3:05:b9:be:be:7b:59:72:1e:aa:6a:08:66:7f:
6b:ee:8f:d8:54:6e:4f:bd:4f:95:5f:83:e0:59:cb:73:9b:50:
8e:fd:07:81:08:01:ee:5f:65:1b:b9:53:3b:62:a5:a9:3b:1f:
74:97:0c:27:50:c1:7c:7e:ce:ca:fd:6c:17:dc:ab:d5:55:ec:
d0:25:56:c8:aa:26:84:a2:97:80:66:52:44:f4:a2:cd:ba:1c:
0f:25:b1:3c:f5:a2:d9:82:3f:a6:a3:11:ba:59:c6:72:24:18:
ee:7a:2f:bd:96:65:a4:43:67:61:ff:62:c7:a7:16:7d:11:04:
a0:7b:ee:67:74:8a:ed:c9:7e:f3:d2:ca:17:f6:84:a1:3f:e4:
05:5c:09:e6:82:19:da:79:80:47:22:de:02:97:6f:0f:45:0d:
42:69:b8:6a:1f:9b:7c:a2:58:6f:43:ac:30:1a:fe:c5:c1:9e:
80:54:1d:98
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04Zo56mFEM/cRPnSvY7y69MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3YmY5YTkzNmNmOWFkMjhlYzU4ZGI3OThhNjBmZDcxZGY2
YzM3ZjMwHhcNMjYwMzI5MDcwMjE4WhcNMjYwMzMwMDcwMjE4WjAzMTEwLwYDVQQD
EyhkYzM3ZjExZTRhN2FiNDIzN2QxYzIyOTYwZTliYjAzNjI5YTEyYjY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2PMA8CDXHZZT7S1zAiGYeucZpo01
XVabqIwYWK+J1DCG4hm/VV9RgLPAKK3PBpxmzMjay16zfx7897jcUt5UUR3bVk3s
CGs8USEKkupU47rGFL8ujPfab7fM6vfO3oeFTwzys39uXmEQV3PrW2mZKHVbtxcM
QQV8FmUXX64TGKYW04YZlS6czYAt/+vLTct0pYOQOo/k26WHdeS5pCuvZOAjsgEy
MmHuh1jP9enXKvwfFV0G+RUXae7JPTJpNKQvYpX6EdU6RTCkdF0KMU0J7SC43Y6i
LtZ+efwPGvxHs1fzlS7R0vGCwvOjzmJ7CjxNoeC9sHED2iACA+KEVrsoMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNw38R5KerQjfRwilg6bsDYpoStlMB8GA1UdIwQY
MBaAFIe/mpNs+a0o7FjbeYpg/XHfbDfzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDctYWsyejVyU2pzV050NWltRDljZDlzTl9NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy81NmM2Y2ItYTM2ZS00ZTFjLWE0MzIt
NGY5Nzc3MmIwMTgwLzEvaDctYWsyejVyU2pzV050NWltRDljZDlzTl9NLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy81NmM2Y2ItYTM2ZS00ZTFjLWE0MzItNGY5Nzc3MmIwMTgw
LzEvaDctYWsyejVyU2pzV050NWltRDljZDlzTl9NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfigC/kFI
M8kmLPgG3sGh8DlZ9LB2oJRmwZ/aoqGpDWlPP+1eI88TVU7jElq612yrOw+fCcxX
448/x5dmdv1uPGpBoAj/TG2F4RLLQMMFub6+e1lyHqpqCGZ/a+6P2FRuT71PlV+D
4FnLc5tQjv0HgQgB7l9lG7lTO2KlqTsfdJcMJ1DBfH7Oyv1sF9yr1VXs0CVWyKom
hKKXgGZSRPSizbocDyWxPPWi2YI/pqMRulnGciQY7novvZZlpENnYf9ix6cWfREE
oHvuZ3SK7cl+89LKF/aEoT/kBVwJ5oIZ2nmARyLeApdvD0UNQmm4ah+bfKJYb0Os
MBr+xcGegFQdmA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 13:41:57 2026 by rpki-client