Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/3f133f-1c81-4a4b-a255-3e3646591aa0/1/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.mft
File: hkq9Q1-JnVcKjl-4O9rRFTRV3uA.mft (raw, json)
Hash identifier: MZIxHl77mntF21IlzHWNBFkjIYojMhgREIedmriYIko=
Subject key identifier: 5D:B0:27:48:DC:1D:96:8B:42:3D:E9:B6:AA:8C:1E:7B:77:77:40:31
Authority key identifier: 86:4A:BD:43:5F:89:9D:57:0A:8E:5F:B8:3B:DA:D1:15:34:55:DE:E0
Certificate issuer: /CN=864abd435f899d570a8e5fb83bdad1153455dee0
Certificate serial: 019D382DE45857F8466A43380A01475954F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/3f133f-1c81-4a4b-a255-3e3646591aa0/1/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.mft
Manifest number: 1891
Signing time: Sun 29 Mar 2026 06:00:24 +0000
Manifest this update: Sun 29 Mar 2026 06:00:24 +0000
Manifest next update: Mon 30 Mar 2026 06:00:24 +0000
Files and hashes: 1: FKPDUKEH3RWf-_A6oyRKO4_LVBY.roa (hash: hV9SiFdAv7sVh4TN2I3na70oOpO2IrQF3ksLQ7b5hl8=)
2: hkq9Q1-JnVcKjl-4O9rRFTRV3uA.crl (hash: gvpg7CcvZzgBbKTSarVQgUgilQbPjlsTSh2+tlyWvaw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/3f133f-1c81-4a4b-a255-3e3646591aa0/1/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/3f133f-1c81-4a4b-a255-3e3646591aa0/1/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.mft
rsync://rpki.ripe.net/repository/DEFAULT/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 06:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:2d:e4:58:57:f8:46:6a:43:38:0a:01:47:59:54:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=864abd435f899d570a8e5fb83bdad1153455dee0
Validity
Not Before: Mar 29 06:00:24 2026 GMT
Not After : Mar 30 06:00:24 2026 GMT
Subject: CN=5db02748dc1d968b423de9b6aa8c1e7b77774031
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:16:f7:c6:7b:a4:35:70:2f:c9:af:b4:6d:9a:
ef:8b:7c:bd:9c:99:bc:81:cc:f8:35:0c:af:45:86:
4a:07:e9:54:89:0a:66:db:9e:1a:11:45:25:d1:4e:
e2:f4:1c:29:5d:e8:d8:e3:75:91:7a:a3:ea:9e:83:
18:b9:61:eb:e6:4e:02:bb:fa:66:bf:c1:30:14:23:
10:c5:b3:7b:ab:bf:2b:8a:5b:89:e9:35:66:c8:c4:
e2:3b:b7:7e:ff:d6:51:a7:d4:f8:6f:d8:69:68:bc:
86:a9:66:91:f6:2f:df:98:fa:a0:c7:74:93:55:ff:
52:ea:ee:50:a1:95:65:79:a0:7e:4f:55:16:28:ea:
8f:d5:fb:e4:31:d1:89:88:3b:3e:28:7e:ae:ac:5c:
35:9d:a5:d6:d8:da:86:97:78:4a:38:e3:d5:a1:7a:
83:71:7f:d6:59:1a:44:97:4e:1f:74:77:40:34:c0:
2a:12:e5:1a:ad:c5:9c:2b:8a:83:4c:65:00:3a:fc:
82:17:08:9e:15:15:f0:1e:94:7b:62:06:1f:83:93:
b7:64:23:cd:01:ae:b3:8a:70:76:07:c4:25:a5:38:
db:9d:ca:a0:d5:67:91:26:e5:18:a3:7f:1d:f2:2b:
4c:45:e7:44:ab:d4:29:44:a5:7c:82:5d:57:ec:54:
82:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:B0:27:48:DC:1D:96:8B:42:3D:E9:B6:AA:8C:1E:7B:77:77:40:31
X509v3 Authority Key Identifier:
keyid:86:4A:BD:43:5F:89:9D:57:0A:8E:5F:B8:3B:DA:D1:15:34:55:DE:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/3f133f-1c81-4a4b-a255-3e3646591aa0/1/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/3f133f-1c81-4a4b-a255-3e3646591aa0/1/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
80:78:19:af:25:fe:e5:bc:8b:2a:97:d1:b0:45:3f:93:31:8f:
b2:37:f5:08:b7:3b:99:1e:75:9d:c2:44:3f:af:87:5b:69:b9:
06:93:9a:8d:3e:60:63:7e:75:d7:11:43:b4:2e:4e:b3:37:3a:
67:6e:7c:32:c7:46:58:89:35:26:32:1d:fb:22:51:a0:bf:7e:
cd:05:0a:0e:90:e2:b4:3e:41:70:6d:eb:7e:47:6c:01:5c:fb:
9c:40:71:a2:85:72:b3:bf:18:b6:55:a3:bc:eb:fa:5f:0f:5b:
58:e7:44:3e:cf:76:3b:ab:23:12:9d:51:0e:5f:c7:6d:8d:04:
9d:07:9f:1d:bf:bd:27:23:e5:56:d3:de:0b:a2:d5:ee:84:af:
e9:40:87:66:da:3a:0c:83:3e:a6:40:c8:fe:6d:7a:80:03:f2:
cb:51:80:0d:ef:00:18:28:02:ed:a9:4e:b7:a0:23:b8:ac:f0:
6a:d4:55:58:ef:10:52:fb:36:de:e2:53:7a:e4:4f:f5:38:fa:
de:bb:43:af:88:e4:55:47:66:85:d0:f3:17:d8:a6:f6:fd:b1:
34:d6:9a:40:eb:f8:1d:5a:9c:a9:cb:9b:f5:34:8f:3d:e5:fe:
df:c7:2c:05:b8:fc:54:90:97:1c:41:c8:c1:05:38:4c:d4:22:
ec:94:3c:80
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04LeRYV/hGakM4CgFHWVT4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2NGFiZDQzNWY4OTlkNTcwYThlNWZiODNiZGFkMTE1MzQ1
NWRlZTAwHhcNMjYwMzI5MDYwMDI0WhcNMjYwMzMwMDYwMDI0WjAzMTEwLwYDVQQD
Eyg1ZGIwMjc0OGRjMWQ5NjhiNDIzZGU5YjZhYThjMWU3Yjc3Nzc0MDMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAohb3xnukNXAvya+0bZrvi3y9nJm8
gcz4NQyvRYZKB+lUiQpm254aEUUl0U7i9BwpXejY43WReqPqnoMYuWHr5k4Cu/pm
v8EwFCMQxbN7q78riluJ6TVmyMTiO7d+/9ZRp9T4b9hpaLyGqWaR9i/fmPqgx3ST
Vf9S6u5QoZVleaB+T1UWKOqP1fvkMdGJiDs+KH6urFw1naXW2NqGl3hKOOPVoXqD
cX/WWRpEl04fdHdANMAqEuUarcWcK4qDTGUAOvyCFwieFRXwHpR7YgYfg5O3ZCPN
Aa6zinB2B8QlpTjbncqg1WeRJuUYo38d8itMRedEq9QpRKV8gl1X7FSCyQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF2wJ0jcHZaLQj3ptqqMHnt3d0AxMB8GA1UdIwQY
MBaAFIZKvUNfiZ1XCo5fuDva0RU0Vd7gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGtxOVExLUpuVmNLamwtNE85clJGVFJWM3VBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS8zZjEzM2YtMWM4MS00YTRiLWEyNTUt
M2UzNjQ2NTkxYWEwLzEvaGtxOVExLUpuVmNLamwtNE85clJGVFJWM3VBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS8zZjEzM2YtMWM4MS00YTRiLWEyNTUtM2UzNjQ2NTkxYWEw
LzEvaGtxOVExLUpuVmNLamwtNE85clJGVFJWM3VBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgHgZryX+
5byLKpfRsEU/kzGPsjf1CLc7mR51ncJEP6+HW2m5BpOajT5gY3511xFDtC5Oszc6
Z258MsdGWIk1JjId+yJRoL9+zQUKDpDitD5BcG3rfkdsAVz7nEBxooVys78YtlWj
vOv6Xw9bWOdEPs92O6sjEp1RDl/HbY0EnQefHb+9JyPlVtPeC6LV7oSv6UCHZto6
DIM+pkDI/m16gAPyy1GADe8AGCgC7alOt6AjuKzwatRVWO8QUvs23uJTeuRP9Tj6
3rtDr4jkVUdmhdDzF9im9v2xNNaaQOv4HVqcqcub9TSPPeX+38csBbj8VJCXHEHI
wQU4TNQi7JQ8gA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 15:38:23 2026 by rpki-client