Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/e81c1a-0c87-4825-bccc-36b7b1de045d/1/H9nOye0f1PQcCx4w77lshhVTvjY.mft
File: H9nOye0f1PQcCx4w77lshhVTvjY.mft (raw, json)
Hash identifier: ZhIC1jpAHC054/u22AAeAp/8E7iKKxpVuof1flcAoZ0=
Subject key identifier: 62:21:1E:71:C7:E8:04:00:25:79:41:B6:98:65:D8:88:8E:73:86:C6
Authority key identifier: 1F:D9:CE:C9:ED:1F:D4:F4:1C:0B:1E:30:EF:B9:6C:86:15:53:BE:36
Certificate issuer: /CN=1fd9cec9ed1fd4f41c0b1e30efb96c861553be36
Certificate serial: 019D3909DEAE64ED5FB00B578B129FFE227E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H9nOye0f1PQcCx4w77lshhVTvjY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/e81c1a-0c87-4825-bccc-36b7b1de045d/1/H9nOye0f1PQcCx4w77lshhVTvjY.mft
Manifest number: 0472
Signing time: Sun 29 Mar 2026 10:00:41 +0000
Manifest this update: Sun 29 Mar 2026 10:00:41 +0000
Manifest next update: Mon 30 Mar 2026 10:00:41 +0000
Files and hashes: 1: AGVrI7h1W1sZnmEHrQIXxLRxF1Q.roa (hash: K1nbjcJomqgMcH/NVsTCJWhMoSmEDtw4c8u/MMrHlso=)
2: H9nOye0f1PQcCx4w77lshhVTvjY.crl (hash: UILjsuJKy1XoNE8bUfpUVNgh7amkYgXB110Hze7Qxwc=)
3: fnZsGtHZZ57ibD1bgR7D-kx03A8.asa (hash: gnq6h8vpZgrDrbXWUtlG5+lFKokphaSsAqWL7zsvVig=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/e81c1a-0c87-4825-bccc-36b7b1de045d/1/H9nOye0f1PQcCx4w77lshhVTvjY.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/e81c1a-0c87-4825-bccc-36b7b1de045d/1/H9nOye0f1PQcCx4w77lshhVTvjY.mft
rsync://rpki.ripe.net/repository/DEFAULT/H9nOye0f1PQcCx4w77lshhVTvjY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:09:de:ae:64:ed:5f:b0:0b:57:8b:12:9f:fe:22:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1fd9cec9ed1fd4f41c0b1e30efb96c861553be36
Validity
Not Before: Mar 29 10:00:41 2026 GMT
Not After : Mar 30 10:00:41 2026 GMT
Subject: CN=62211e71c7e80400257941b69865d8888e7386c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:b4:f1:b5:16:3f:86:4f:84:34:77:d4:53:27:
04:71:dd:5f:2b:98:d3:8d:b3:bd:66:be:dc:d9:78:
c7:99:6c:3d:af:ae:13:d9:bd:2e:6a:c3:3c:3a:7a:
24:8c:14:40:7a:22:5d:3f:9d:5e:01:90:e1:d0:d0:
7f:9d:87:e6:7e:fb:46:2e:b2:d0:f0:78:fe:6c:0f:
fa:89:02:b3:d4:3d:68:ec:4c:7f:e4:8c:0e:87:e7:
f1:f8:e6:b4:c3:a0:40:e4:07:03:41:4c:16:1c:78:
9b:cb:5d:24:a0:ee:26:fc:a1:96:10:22:3b:b9:c7:
11:1a:27:85:3d:88:f3:50:a3:3f:03:bc:fa:10:3c:
dc:ce:07:88:dd:76:be:02:e0:19:33:34:10:24:08:
c9:c4:de:ff:46:a2:3b:a3:8a:15:5e:b5:44:87:75:
ff:d3:ca:d4:73:f5:95:70:a0:d4:5d:2c:fc:b6:50:
f8:ca:1a:d0:b6:95:29:a5:3c:5b:c9:60:76:c0:34:
ce:f3:d2:aa:88:2e:46:5d:7c:76:4a:d2:b5:81:d7:
aa:d9:1d:23:5d:14:21:9c:0a:8b:91:d1:01:42:39:
d8:d9:98:85:bc:0c:6e:a3:7c:08:f4:2f:2c:e1:f1:
1c:68:d8:20:5e:81:b6:30:f8:8d:73:c9:8a:40:ac:
2a:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:21:1E:71:C7:E8:04:00:25:79:41:B6:98:65:D8:88:8E:73:86:C6
X509v3 Authority Key Identifier:
keyid:1F:D9:CE:C9:ED:1F:D4:F4:1C:0B:1E:30:EF:B9:6C:86:15:53:BE:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H9nOye0f1PQcCx4w77lshhVTvjY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/e81c1a-0c87-4825-bccc-36b7b1de045d/1/H9nOye0f1PQcCx4w77lshhVTvjY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/e81c1a-0c87-4825-bccc-36b7b1de045d/1/H9nOye0f1PQcCx4w77lshhVTvjY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5e:64:64:7c:a4:92:9b:6d:d2:6f:68:2d:8f:e3:f5:2b:df:f8:
ba:99:c1:e8:d2:bc:ef:31:dc:9f:a6:e8:8b:30:15:52:71:87:
17:83:c3:ec:42:a1:0d:8c:c8:18:bf:b8:26:72:d9:ad:5e:aa:
8b:4c:94:d3:92:ef:b7:3a:0e:a5:9f:c6:e7:b7:2b:f7:7e:99:
00:bf:f6:86:e4:3d:6e:15:2e:ca:26:fa:b3:bb:81:20:47:fa:
0a:97:8e:c5:c4:36:48:9e:37:ee:4e:37:08:0a:53:a8:51:bc:
b3:6d:4b:1f:96:be:70:d5:a0:21:e0:ca:b8:c7:c5:39:7d:29:
0c:3e:8b:a1:65:3b:76:f0:61:ff:74:20:5b:59:63:cb:6a:46:
d4:4b:20:cb:b6:a3:9b:62:fe:2e:7d:9e:a5:5e:b5:8b:11:38:
8c:8d:45:ff:c5:da:2b:66:c7:35:bb:90:67:8d:cc:be:9e:ae:
34:31:c3:f3:d5:13:5b:df:c3:ba:cb:08:1a:89:83:3a:74:bb:
30:3e:e6:a8:48:fd:de:dc:83:ac:2d:85:1a:38:92:63:ea:74:
db:21:b6:66:9b:06:3d:fd:5f:18:66:9d:a6:3e:75:82:e2:a3:
ee:e4:5f:dd:71:69:cb:b6:e0:f5:1c:58:e5:a3:d7:bb:80:ba:
11:fa:f7:d2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05Cd6uZO1fsAtXixKf/iJ+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmZDljZWM5ZWQxZmQ0ZjQxYzBiMWUzMGVmYjk2Yzg2MTU1
M2JlMzYwHhcNMjYwMzI5MTAwMDQxWhcNMjYwMzMwMTAwMDQxWjAzMTEwLwYDVQQD
Eyg2MjIxMWU3MWM3ZTgwNDAwMjU3OTQxYjY5ODY1ZDg4ODhlNzM4NmM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyLTxtRY/hk+ENHfUUycEcd1fK5jT
jbO9Zr7c2XjHmWw9r64T2b0uasM8OnokjBRAeiJdP51eAZDh0NB/nYfmfvtGLrLQ
8Hj+bA/6iQKz1D1o7Ex/5IwOh+fx+Oa0w6BA5AcDQUwWHHiby10koO4m/KGWECI7
uccRGieFPYjzUKM/A7z6EDzczgeI3Xa+AuAZMzQQJAjJxN7/RqI7o4oVXrVEh3X/
08rUc/WVcKDUXSz8tlD4yhrQtpUppTxbyWB2wDTO89KqiC5GXXx2StK1gdeq2R0j
XRQhnAqLkdEBQjnY2ZiFvAxuo3wI9C8s4fEcaNggXoG2MPiNc8mKQKwqgwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGIhHnHH6AQAJXlBtphl2IiOc4bGMB8GA1UdIwQY
MBaAFB/ZzsntH9T0HAseMO+5bIYVU742MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDluT3llMGYxUFFjQ3g0dzc3bHNoaFZUdmpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9lODFjMWEtMGM4Ny00ODI1LWJjY2Mt
MzZiN2IxZGUwNDVkLzEvSDluT3llMGYxUFFjQ3g0dzc3bHNoaFZUdmpZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9lODFjMWEtMGM4Ny00ODI1LWJjY2MtMzZiN2IxZGUwNDVk
LzEvSDluT3llMGYxUFFjQ3g0dzc3bHNoaFZUdmpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXmRkfKSS
m23Sb2gtj+P1K9/4upnB6NK87zHcn6boizAVUnGHF4PD7EKhDYzIGL+4JnLZrV6q
i0yU05LvtzoOpZ/G57cr936ZAL/2huQ9bhUuyib6s7uBIEf6CpeOxcQ2SJ437k43
CApTqFG8s21LH5a+cNWgIeDKuMfFOX0pDD6LoWU7dvBh/3QgW1ljy2pG1Esgy7aj
m2L+Ln2epV61ixE4jI1F/8XaK2bHNbuQZ43Mvp6uNDHD89UTW9/DussIGomDOnS7
MD7mqEj93tyDrC2FGjiSY+p02yG2ZpsGPf1fGGadpj51guKj7uRf3XFpy7bg9RxY
5aPXu4C6Efr30g==
-----END CERTIFICATE-----
Generated at Sun Mar 29 17:02:09 2026 by rpki-client