Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/131274-7334-446b-a935-3487ae82b20d/1/hqnzrkX3AVCvF-uHiel4iQKe5dM.mft
File: hqnzrkX3AVCvF-uHiel4iQKe5dM.mft (raw, json)
Hash identifier: XhIVg1RJ7MjAxmjLNaVJWRExyebc0hph5lMBXb76idQ=
Subject key identifier: D9:62:61:4B:85:D3:F8:63:71:38:88:B5:3A:F3:61:92:97:8A:48:13
Authority key identifier: 86:A9:F3:AE:45:F7:01:50:AF:17:EB:87:89:E9:78:89:02:9E:E5:D3
Certificate issuer: /CN=86a9f3ae45f70150af17eb8789e97889029ee5d3
Certificate serial: 019D3865D74807394E971E5938626FEC56C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hqnzrkX3AVCvF-uHiel4iQKe5dM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/131274-7334-446b-a935-3487ae82b20d/1/hqnzrkX3AVCvF-uHiel4iQKe5dM.mft
Manifest number: 188E
Signing time: Sun 29 Mar 2026 07:01:31 +0000
Manifest this update: Sun 29 Mar 2026 07:01:31 +0000
Manifest next update: Mon 30 Mar 2026 07:01:31 +0000
Files and hashes: 1: O3Ze20ZxAwVm_hG9bsYyUaAYePQ.roa (hash: TSl1RQes/j1AF84x+h+cAOoSi4izTWDFh+hMOg3IRm4=)
2: hqnzrkX3AVCvF-uHiel4iQKe5dM.crl (hash: DobyBqDfbEWYgGo1aqI6zNhjAQ7xB9kDNfsFBp/hVcs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3d/131274-7334-446b-a935-3487ae82b20d/1/hqnzrkX3AVCvF-uHiel4iQKe5dM.crl
rsync://rpki.ripe.net/repository/DEFAULT/3d/131274-7334-446b-a935-3487ae82b20d/1/hqnzrkX3AVCvF-uHiel4iQKe5dM.mft
rsync://rpki.ripe.net/repository/DEFAULT/hqnzrkX3AVCvF-uHiel4iQKe5dM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:65:d7:48:07:39:4e:97:1e:59:38:62:6f:ec:56:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86a9f3ae45f70150af17eb8789e97889029ee5d3
Validity
Not Before: Mar 29 07:01:31 2026 GMT
Not After : Mar 30 07:01:31 2026 GMT
Subject: CN=d962614b85d3f863713888b53af36192978a4813
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:9e:f8:f5:e4:20:ed:77:07:0f:b4:1e:61:ac:
a7:40:02:e2:0c:e5:dc:c0:8b:19:69:45:23:a6:0b:
1e:70:cf:98:fc:2e:f8:ef:9f:82:6e:38:1c:37:2d:
df:fb:6f:a5:e8:74:ca:fe:41:5a:55:fd:b4:3a:f0:
e8:91:e7:5e:e3:35:5c:b6:35:55:5b:b3:5c:9d:83:
a9:6a:6f:bd:20:2b:68:02:93:b4:fc:e6:e2:cf:a1:
58:bb:32:0d:0c:a3:3f:90:2f:aa:f4:c1:92:44:eb:
0f:42:cf:8b:94:9a:d0:b5:f0:00:cd:92:05:82:20:
ca:6b:90:4d:74:bf:5d:51:a3:a5:47:8a:8e:b9:01:
26:c0:d5:48:80:02:b7:2e:78:05:ff:c5:f6:7a:4b:
57:85:58:96:89:b8:b6:00:16:b6:c8:d3:1a:47:12:
c5:77:3e:5f:2a:5f:67:78:7b:d3:bc:90:91:bb:fc:
8e:e1:24:37:1a:ba:27:99:0b:9c:aa:7e:e3:05:f3:
7a:ef:b5:be:fc:85:af:e1:3f:06:09:a3:c3:92:ca:
51:52:5e:77:eb:7f:1b:c6:6a:bc:36:1c:dc:ba:a9:
c6:50:a6:9c:c0:28:34:92:c5:f5:04:73:ff:12:d4:
15:81:fb:e6:f6:40:07:98:5a:46:19:17:5c:81:77:
4d:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:62:61:4B:85:D3:F8:63:71:38:88:B5:3A:F3:61:92:97:8A:48:13
X509v3 Authority Key Identifier:
keyid:86:A9:F3:AE:45:F7:01:50:AF:17:EB:87:89:E9:78:89:02:9E:E5:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hqnzrkX3AVCvF-uHiel4iQKe5dM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/131274-7334-446b-a935-3487ae82b20d/1/hqnzrkX3AVCvF-uHiel4iQKe5dM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/131274-7334-446b-a935-3487ae82b20d/1/hqnzrkX3AVCvF-uHiel4iQKe5dM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0b:7e:64:f8:03:6b:cd:98:b9:20:b7:60:bc:b5:51:59:df:cc:
79:f6:b1:c7:6a:03:1b:53:1a:c4:7f:db:4d:08:8d:02:5e:46:
88:7d:7c:2a:af:9e:44:81:f4:ae:7f:43:ed:9e:5c:c4:8e:c0:
c9:37:ed:f6:11:4e:6f:45:fd:15:89:fc:a3:0a:14:91:55:20:
a7:ab:03:96:41:0d:5a:b7:fc:d9:f0:80:1b:92:c6:94:d5:1f:
ab:c0:95:7d:b2:82:95:0c:91:8d:a5:90:4c:d7:d7:45:7b:7d:
b7:67:b2:81:97:40:f3:64:ed:6c:5a:40:05:68:7e:7c:5a:4d:
5d:44:f8:83:51:d9:1e:8f:e1:a5:f1:7f:c3:dc:2e:cb:09:9d:
89:2a:e3:f3:88:ea:ff:dd:46:a4:f2:62:ec:00:41:6d:79:19:
12:46:3f:87:99:9b:1d:a0:83:d6:75:91:02:61:6a:ef:74:18:
b3:d8:6b:21:29:be:fd:28:0f:96:f2:be:b0:14:5f:ee:52:33:
93:04:87:c8:a8:13:60:34:09:12:c0:f5:f2:f7:65:ce:26:38:
9b:68:65:d0:db:61:98:4c:4d:28:ee:41:11:03:2e:c2:8a:c8:
22:14:da:c4:d6:f2:5a:c9:70:be:74:19:23:8b:b0:bd:83:d2:
20:01:d7:94
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZddIBzlOlx5ZOGJv7FbDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2YTlmM2FlNDVmNzAxNTBhZjE3ZWI4Nzg5ZTk3ODg5MDI5
ZWU1ZDMwHhcNMjYwMzI5MDcwMTMxWhcNMjYwMzMwMDcwMTMxWjAzMTEwLwYDVQQD
EyhkOTYyNjE0Yjg1ZDNmODYzNzEzODg4YjUzYWYzNjE5Mjk3OGE0ODEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnJ749eQg7XcHD7QeYaynQALiDOXc
wIsZaUUjpgsecM+Y/C7475+CbjgcNy3f+2+l6HTK/kFaVf20OvDokede4zVctjVV
W7NcnYOpam+9ICtoApO0/Obiz6FYuzINDKM/kC+q9MGSROsPQs+LlJrQtfAAzZIF
giDKa5BNdL9dUaOlR4qOuQEmwNVIgAK3LngF/8X2ektXhViWibi2ABa2yNMaRxLF
dz5fKl9neHvTvJCRu/yO4SQ3GronmQucqn7jBfN677W+/IWv4T8GCaPDkspRUl53
638bxmq8NhzcuqnGUKacwCg0ksX1BHP/EtQVgfvm9kAHmFpGGRdcgXdNsQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNliYUuF0/hjcTiItTrzYZKXikgTMB8GA1UdIwQY
MBaAFIap865F9wFQrxfrh4npeIkCnuXTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHFuenJrWDNBVkN2Ri11SGllbDRpUUtlNWRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8xMzEyNzQtNzMzNC00NDZiLWE5MzUt
MzQ4N2FlODJiMjBkLzEvaHFuenJrWDNBVkN2Ri11SGllbDRpUUtlNWRNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8xMzEyNzQtNzMzNC00NDZiLWE5MzUtMzQ4N2FlODJiMjBk
LzEvaHFuenJrWDNBVkN2Ri11SGllbDRpUUtlNWRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAC35k+ANr
zZi5ILdgvLVRWd/Mefaxx2oDG1MaxH/bTQiNAl5GiH18Kq+eRIH0rn9D7Z5cxI7A
yTft9hFOb0X9FYn8owoUkVUgp6sDlkENWrf82fCAG5LGlNUfq8CVfbKClQyRjaWQ
TNfXRXt9t2eygZdA82TtbFpABWh+fFpNXUT4g1HZHo/hpfF/w9wuywmdiSrj84jq
/91GpPJi7ABBbXkZEkY/h5mbHaCD1nWRAmFq73QYs9hrISm+/SgPlvK+sBRf7lIz
kwSHyKgTYDQJEsD18vdlziY4m2hl0NthmExNKO5BEQMuworIIhTaxNbyWslwvnQZ
I4uwvYPSIAHXlA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 14:15:19 2026 by rpki-client