Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/f1370a-57ca-46a0-8af4-78ba6dc50086/1/hEoXkcsH8dhhI8Y9w63P11TbEBs.mft
File: hEoXkcsH8dhhI8Y9w63P11TbEBs.mft (raw, json)
Hash identifier: Z/nuwnA4oDgKkERCTjVahYsuYQos+VlfJvnairqn4AU=
Subject key identifier: 7C:33:C6:22:F8:81:BC:3B:17:F6:10:FC:FE:CC:F5:D1:D1:8D:50:AE
Authority key identifier: 84:4A:17:91:CB:07:F1:D8:61:23:C6:3D:C3:AD:CF:D7:54:DB:10:1B
Certificate issuer: /CN=844a1791cb07f1d86123c63dc3adcfd754db101b
Certificate serial: 019D3978249695F6EB417B9B7D5BCC3712CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hEoXkcsH8dhhI8Y9w63P11TbEBs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/f1370a-57ca-46a0-8af4-78ba6dc50086/1/hEoXkcsH8dhhI8Y9w63P11TbEBs.mft
Manifest number: 0CA1
Signing time: Sun 29 Mar 2026 12:01:08 +0000
Manifest this update: Sun 29 Mar 2026 12:01:08 +0000
Manifest next update: Mon 30 Mar 2026 12:01:08 +0000
Files and hashes: 1: EaRvqzzZ4WLrsiOnFG9kIdBFPGo.roa (hash: PN+ow0E5ikp9C/ApCEWcQ9LIaP3NSeY86i0Td9fsxZc=)
2: JuG7AUgythULffPdDYDIoVusgls.roa (hash: TjT7c6XjgFC6qy9Niuuvvzz9Cwlb8UzAUWc3tb4emnE=)
3: hEoXkcsH8dhhI8Y9w63P11TbEBs.crl (hash: dhiVf0/5tGwY1L5WyjgCmDltfA7kDrPE0fgOUOnLloI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/f1370a-57ca-46a0-8af4-78ba6dc50086/1/hEoXkcsH8dhhI8Y9w63P11TbEBs.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/f1370a-57ca-46a0-8af4-78ba6dc50086/1/hEoXkcsH8dhhI8Y9w63P11TbEBs.mft
rsync://rpki.ripe.net/repository/DEFAULT/hEoXkcsH8dhhI8Y9w63P11TbEBs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:78:24:96:95:f6:eb:41:7b:9b:7d:5b:cc:37:12:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=844a1791cb07f1d86123c63dc3adcfd754db101b
Validity
Not Before: Mar 29 12:01:08 2026 GMT
Not After : Mar 30 12:01:08 2026 GMT
Subject: CN=7c33c622f881bc3b17f610fcfeccf5d1d18d50ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:b9:42:be:7b:f2:09:c4:3c:b3:72:bb:40:b6:
fa:da:17:0f:d5:08:69:0f:75:3d:79:c7:c1:f1:06:
3d:3d:89:98:4e:db:f1:e5:45:07:f7:73:a9:c7:66:
ee:2d:42:a8:17:96:42:95:21:a7:42:30:08:1e:2e:
83:04:8e:c5:28:ea:c2:e8:96:c3:4f:9c:9b:39:78:
3c:2e:6d:c7:e2:c6:4a:c2:82:e9:6a:4d:6c:26:88:
71:ff:ce:b3:35:ce:83:6c:3c:c1:ba:22:e3:e3:15:
36:9d:c1:7c:d3:04:3c:aa:d6:2a:f2:45:59:d1:08:
4c:38:a9:46:53:a2:9f:30:25:52:7d:ed:c2:5c:0c:
0e:e0:51:5c:08:06:a4:3d:08:14:06:75:5c:9c:51:
90:1e:7a:bd:8b:d2:b1:99:1d:66:2f:1c:99:0e:76:
5c:08:55:7b:98:e8:db:a6:c3:88:0f:ce:75:46:98:
a6:a2:65:42:64:4f:2e:9b:4f:19:1c:61:3d:91:ef:
7f:4c:60:ff:d7:72:94:3d:63:12:96:40:21:af:fa:
ab:dc:46:84:dc:de:77:f1:30:94:4a:72:ad:84:0e:
60:18:f3:74:27:ab:f7:2c:c0:44:bb:42:f7:78:45:
2f:a3:bd:93:15:cd:df:ff:3a:b9:58:12:96:de:c3:
57:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:33:C6:22:F8:81:BC:3B:17:F6:10:FC:FE:CC:F5:D1:D1:8D:50:AE
X509v3 Authority Key Identifier:
keyid:84:4A:17:91:CB:07:F1:D8:61:23:C6:3D:C3:AD:CF:D7:54:DB:10:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hEoXkcsH8dhhI8Y9w63P11TbEBs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/f1370a-57ca-46a0-8af4-78ba6dc50086/1/hEoXkcsH8dhhI8Y9w63P11TbEBs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/f1370a-57ca-46a0-8af4-78ba6dc50086/1/hEoXkcsH8dhhI8Y9w63P11TbEBs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a0:9b:71:cf:f8:a6:77:71:9e:8e:88:ba:fb:d4:d3:5a:d1:bc:
21:6b:2d:00:66:35:a3:40:36:8d:59:6d:67:b5:fa:4f:35:52:
24:87:5b:85:fc:b0:4a:4a:7f:09:ae:34:82:d0:d4:98:ad:67:
1b:f4:dd:93:71:6c:16:18:4b:40:e7:dc:a7:4b:79:25:c6:f4:
31:a0:3a:0c:32:ed:f3:ef:ed:3c:f6:25:64:56:f1:41:a7:1b:
18:71:c7:80:b2:25:92:84:81:58:e8:59:05:08:4f:11:f2:0e:
44:1f:ba:01:4e:42:6d:89:c2:24:7c:cb:12:c3:18:62:33:e0:
98:02:2b:38:24:07:9b:8c:68:db:c3:51:b5:4c:cb:1f:03:6d:
0b:f3:21:28:73:9a:4f:00:d4:47:e3:b3:fc:09:29:f4:32:3a:
cb:97:6f:2d:bf:07:a0:c7:56:bc:a1:a0:8f:e4:5b:82:60:84:
1d:b2:07:b0:09:1c:a0:63:a9:90:49:a0:5b:88:ae:c7:6c:f3:
4f:80:22:72:b5:25:d9:aa:77:bf:12:9e:e5:d8:be:d7:4f:35:
78:7a:32:b8:01:c5:2d:0c:01:a3:85:10:ff:a4:56:f0:f9:96:
b5:f4:a5:be:d0:8f:70:25:7a:00:f8:13:ee:9c:90:7d:7c:c6:
ad:c8:ff:43
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05eCSWlfbrQXubfVvMNxLLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0NGExNzkxY2IwN2YxZDg2MTIzYzYzZGMzYWRjZmQ3NTRk
YjEwMWIwHhcNMjYwMzI5MTIwMTA4WhcNMjYwMzMwMTIwMTA4WjAzMTEwLwYDVQQD
Eyg3YzMzYzYyMmY4ODFiYzNiMTdmNjEwZmNmZWNjZjVkMWQxOGQ1MGFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjrlCvnvyCcQ8s3K7QLb62hcP1Qhp
D3U9ecfB8QY9PYmYTtvx5UUH93Opx2buLUKoF5ZClSGnQjAIHi6DBI7FKOrC6JbD
T5ybOXg8Lm3H4sZKwoLpak1sJohx/86zNc6DbDzBuiLj4xU2ncF80wQ8qtYq8kVZ
0QhMOKlGU6KfMCVSfe3CXAwO4FFcCAakPQgUBnVcnFGQHnq9i9KxmR1mLxyZDnZc
CFV7mOjbpsOID851RpimomVCZE8um08ZHGE9ke9/TGD/13KUPWMSlkAhr/qr3EaE
3N538TCUSnKthA5gGPN0J6v3LMBEu0L3eEUvo72TFc3f/zq5WBKW3sNXNwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHwzxiL4gbw7F/YQ/P7M9dHRjVCuMB8GA1UdIwQY
MBaAFIRKF5HLB/HYYSPGPcOtz9dU2xAbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEVvWGtjc0g4ZGhoSThZOXc2M1AxMVRiRUJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9mMTM3MGEtNTdjYS00NmEwLThhZjQt
NzhiYTZkYzUwMDg2LzEvaEVvWGtjc0g4ZGhoSThZOXc2M1AxMVRiRUJzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9mMTM3MGEtNTdjYS00NmEwLThhZjQtNzhiYTZkYzUwMDg2
LzEvaEVvWGtjc0g4ZGhoSThZOXc2M1AxMVRiRUJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoJtxz/im
d3Gejoi6+9TTWtG8IWstAGY1o0A2jVltZ7X6TzVSJIdbhfywSkp/Ca40gtDUmK1n
G/Tdk3FsFhhLQOfcp0t5Jcb0MaA6DDLt8+/tPPYlZFbxQacbGHHHgLIlkoSBWOhZ
BQhPEfIORB+6AU5CbYnCJHzLEsMYYjPgmAIrOCQHm4xo28NRtUzLHwNtC/MhKHOa
TwDUR+Oz/Akp9DI6y5dvLb8HoMdWvKGgj+RbgmCEHbIHsAkcoGOpkEmgW4iux2zz
T4AicrUl2ap3vxKe5di+1081eHoyuAHFLQwBo4UQ/6RW8PmWtfSlvtCPcCV6APgT
7pyQfXzGrcj/Qw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 17:47:19 2026 by rpki-client