Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/7dde96-10dd-4323-81d2-d2e3372ac29c/1/H0guXkEsHeu3dt7fr0XDMXTnZC4.mft
File: H0guXkEsHeu3dt7fr0XDMXTnZC4.mft (raw, json)
Hash identifier: P0JFaAl6UfEvC3GnHEjq7k9yntGQr1tvdLlgczFlqBA=
Subject key identifier: 7B:4D:AF:B6:B7:4D:13:24:4C:23:3B:28:E3:46:A9:D9:C1:36:36:78
Authority key identifier: 1F:48:2E:5E:41:2C:1D:EB:B7:76:DE:DF:AF:45:C3:31:74:E7:64:2E
Certificate issuer: /CN=1f482e5e412c1debb776dedfaf45c33174e7642e
Certificate serial: 019D3909D9B20079CDF5339BFAD7B8970608
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H0guXkEsHeu3dt7fr0XDMXTnZC4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/7dde96-10dd-4323-81d2-d2e3372ac29c/1/H0guXkEsHeu3dt7fr0XDMXTnZC4.mft
Manifest number: 06DB
Signing time: Sun 29 Mar 2026 10:00:40 +0000
Manifest this update: Sun 29 Mar 2026 10:00:40 +0000
Manifest next update: Mon 30 Mar 2026 10:00:40 +0000
Files and hashes: 1: 7F5MFPLGX7n9kqmK4iPr3DwuhNU.roa (hash: sUozPnCyk9y8i1GS+PfFGedUQX43402xLyKa/GCV0HY=)
2: H0guXkEsHeu3dt7fr0XDMXTnZC4.crl (hash: ziA3qQ+ljMQdR+uG5rb2LRJw+hCH44zMgDvHQG+smOk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/7dde96-10dd-4323-81d2-d2e3372ac29c/1/H0guXkEsHeu3dt7fr0XDMXTnZC4.crl
rsync://rpki.ripe.net/repository/DEFAULT/29/7dde96-10dd-4323-81d2-d2e3372ac29c/1/H0guXkEsHeu3dt7fr0XDMXTnZC4.mft
rsync://rpki.ripe.net/repository/DEFAULT/H0guXkEsHeu3dt7fr0XDMXTnZC4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:09:d9:b2:00:79:cd:f5:33:9b:fa:d7:b8:97:06:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f482e5e412c1debb776dedfaf45c33174e7642e
Validity
Not Before: Mar 29 10:00:40 2026 GMT
Not After : Mar 30 10:00:40 2026 GMT
Subject: CN=7b4dafb6b74d13244c233b28e346a9d9c1363678
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:9e:38:5e:03:12:60:47:6a:55:be:f0:20:5a:
b0:c1:96:19:b9:61:54:97:6f:76:7c:82:f6:d5:e3:
f4:7f:0c:e3:67:54:ab:a6:6e:3b:23:40:e7:09:82:
48:c3:76:ad:4d:c5:cb:cf:2d:ad:50:42:c4:d1:6d:
b6:e9:fd:28:2d:b4:d2:87:b7:86:4d:32:e3:e3:ca:
a9:d5:c3:00:e6:d5:ac:77:e3:72:96:94:95:7a:86:
c3:35:88:ba:df:bc:f5:00:ed:f0:a1:ba:7a:bd:78:
c6:88:2e:eb:57:28:c6:54:c4:8d:d0:f3:d1:5f:c6:
9d:62:1b:03:d9:ef:6b:ef:72:d3:c7:48:a9:f1:d9:
7f:ec:0f:cd:a9:7f:70:c6:8b:60:f5:4f:ec:6f:a4:
55:41:ba:74:1c:0a:8c:a1:f4:b3:b1:4b:9c:c8:c1:
36:c2:38:7b:44:42:8f:08:03:33:30:7c:21:e1:cb:
90:d6:b7:2c:ae:77:0c:74:9a:fc:e1:41:e4:67:74:
d2:c6:69:6f:6b:4b:a7:ee:e8:65:42:b9:d6:f9:7a:
fc:4c:4f:f4:81:cb:46:11:71:01:45:ab:d8:fa:48:
42:2f:67:16:ca:74:cc:c9:57:d7:07:d0:2e:f7:63:
9c:76:0c:f1:1f:e8:00:42:6d:5f:0b:ba:7c:f8:42:
08:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:4D:AF:B6:B7:4D:13:24:4C:23:3B:28:E3:46:A9:D9:C1:36:36:78
X509v3 Authority Key Identifier:
keyid:1F:48:2E:5E:41:2C:1D:EB:B7:76:DE:DF:AF:45:C3:31:74:E7:64:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H0guXkEsHeu3dt7fr0XDMXTnZC4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/7dde96-10dd-4323-81d2-d2e3372ac29c/1/H0guXkEsHeu3dt7fr0XDMXTnZC4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/7dde96-10dd-4323-81d2-d2e3372ac29c/1/H0guXkEsHeu3dt7fr0XDMXTnZC4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
13:81:90:40:c0:55:d4:c6:f4:db:af:bf:0e:66:b2:a0:3a:e1:
14:32:ff:8a:95:25:e8:0c:2e:81:39:fc:82:d0:92:73:c9:4d:
1b:03:4e:f5:c6:7a:b7:ae:3f:5b:86:35:57:7e:33:b6:f7:d7:
d9:c9:1c:7a:6c:b3:a7:8e:71:a7:98:1f:68:ed:36:69:fd:02:
4b:10:d6:03:08:9f:b3:16:6a:2d:7e:05:35:e8:ce:aa:bc:98:
5a:41:4c:9e:3f:dd:fe:16:2c:e3:ed:fd:5a:7d:ca:d7:9b:d2:
38:c8:a3:ff:30:b7:9c:80:7f:84:bb:14:8c:0f:11:a7:c2:10:
c7:7b:29:a7:fb:aa:e9:11:be:47:94:08:f8:4d:aa:e7:c0:46:
24:12:02:41:ae:fa:ec:7e:3c:fd:d8:b0:57:17:c7:00:ec:56:
cc:98:70:6c:56:10:71:97:58:41:4e:08:a7:f2:36:db:05:ea:
f7:d6:d4:05:b0:5a:1a:f3:14:1c:e4:1d:a4:3d:a4:83:0d:47:
5a:51:3d:96:35:a8:50:61:17:2a:e4:0c:0d:fc:0d:17:2c:79:
78:83:60:9f:e7:64:27:f1:7a:6d:37:32:d9:1a:c7:ee:eb:5f:
3d:5d:3a:32:bf:24:65:4c:34:9b:e7:16:bb:2f:43:29:6c:e5:
68:96:ce:8f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05CdmyAHnN9TOb+te4lwYIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNDgyZTVlNDEyYzFkZWJiNzc2ZGVkZmFmNDVjMzMxNzRl
NzY0MmUwHhcNMjYwMzI5MTAwMDQwWhcNMjYwMzMwMTAwMDQwWjAzMTEwLwYDVQQD
Eyg3YjRkYWZiNmI3NGQxMzI0NGMyMzNiMjhlMzQ2YTlkOWMxMzYzNjc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv544XgMSYEdqVb7wIFqwwZYZuWFU
l292fIL21eP0fwzjZ1Srpm47I0DnCYJIw3atTcXLzy2tUELE0W226f0oLbTSh7eG
TTLj48qp1cMA5tWsd+NylpSVeobDNYi637z1AO3wobp6vXjGiC7rVyjGVMSN0PPR
X8adYhsD2e9r73LTx0ip8dl/7A/NqX9wxotg9U/sb6RVQbp0HAqMofSzsUucyME2
wjh7REKPCAMzMHwh4cuQ1rcsrncMdJr84UHkZ3TSxmlva0un7uhlQrnW+Xr8TE/0
gctGEXEBRavY+khCL2cWynTMyVfXB9Au92OcdgzxH+gAQm1fC7p8+EIIOwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHtNr7a3TRMkTCM7KONGqdnBNjZ4MB8GA1UdIwQY
MBaAFB9ILl5BLB3rt3be369FwzF052QuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDBndVhrRXNIZXUzZHQ3ZnIwWERNWFRuWkM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS83ZGRlOTYtMTBkZC00MzIzLTgxZDIt
ZDJlMzM3MmFjMjljLzEvSDBndVhrRXNIZXUzZHQ3ZnIwWERNWFRuWkM0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS83ZGRlOTYtMTBkZC00MzIzLTgxZDItZDJlMzM3MmFjMjlj
LzEvSDBndVhrRXNIZXUzZHQ3ZnIwWERNWFRuWkM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAE4GQQMBV
1Mb026+/DmayoDrhFDL/ipUl6AwugTn8gtCSc8lNGwNO9cZ6t64/W4Y1V34ztvfX
2ckcemyzp45xp5gfaO02af0CSxDWAwifsxZqLX4FNejOqryYWkFMnj/d/hYs4+39
Wn3K15vSOMij/zC3nIB/hLsUjA8Rp8IQx3spp/uq6RG+R5QI+E2q58BGJBICQa76
7H48/diwVxfHAOxWzJhwbFYQcZdYQU4Ip/I22wXq99bUBbBaGvMUHOQdpD2kgw1H
WlE9ljWoUGEXKuQMDfwNFyx5eINgn+dkJ/F6bTcy2RrH7utfPV06Mr8kZUw0m+cW
uy9DKWzlaJbOjw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:45:24 2026 by rpki-client