Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/173306-2dbd-4ad8-bd51-b1f3bcc67aae/1/hD0a_PE70hF9R99oPkCmMocATP4.mft
File: hD0a_PE70hF9R99oPkCmMocATP4.mft (raw, json)
Hash identifier: ChMFKi0BsgmNtSft3oszbLmJ6bEvIfZDzgnPHdT9srU=
Subject key identifier: 65:02:2F:40:34:F8:50:77:DF:81:6C:BA:03:ED:1C:AD:66:E9:E2:B6
Authority key identifier: 84:3D:1A:FC:F1:3B:D2:11:7D:47:DF:68:3E:40:A6:32:87:00:4C:FE
Certificate issuer: /CN=843d1afcf13bd2117d47df683e40a63287004cfe
Certificate serial: 019DCF75CC5E22A84E30C273294C8A4106A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hD0a_PE70hF9R99oPkCmMocATP4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/173306-2dbd-4ad8-bd51-b1f3bcc67aae/1/hD0a_PE70hF9R99oPkCmMocATP4.mft
Manifest number: 1587
Signing time: Mon 27 Apr 2026 15:01:36 +0000
Manifest this update: Mon 27 Apr 2026 15:01:36 +0000
Manifest next update: Tue 28 Apr 2026 15:01:36 +0000
Files and hashes: 1: blJ-TZh-82zY8BmhlGXDYcWlXEM.roa (hash: Fd7qkgfgnAB5yGlcwTOLNMtcHfXu1EK11nyoGzaI4T8=)
2: hD0a_PE70hF9R99oPkCmMocATP4.crl (hash: VjhuYQM/pTlrd1MvgmsLETbjAi97B88RtB3XJRuvuNY=)
3: uGcdeOeH2FGE8oSm_emFftbBDBI.roa (hash: K6Jsrsz0fx7XMWqDVYW8cVOMG7U2AmGR+nHljnd4RYQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/173306-2dbd-4ad8-bd51-b1f3bcc67aae/1/hD0a_PE70hF9R99oPkCmMocATP4.crl
rsync://rpki.ripe.net/repository/DEFAULT/45/173306-2dbd-4ad8-bd51-b1f3bcc67aae/1/hD0a_PE70hF9R99oPkCmMocATP4.mft
rsync://rpki.ripe.net/repository/DEFAULT/hD0a_PE70hF9R99oPkCmMocATP4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Apr 2026 14:27:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:cf:75:cc:5e:22:a8:4e:30:c2:73:29:4c:8a:41:06:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=843d1afcf13bd2117d47df683e40a63287004cfe
Validity
Not Before: Apr 27 15:01:36 2026 GMT
Not After : Apr 28 15:01:36 2026 GMT
Subject: CN=65022f4034f85077df816cba03ed1cad66e9e2b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:05:b8:83:78:f3:58:23:56:58:04:32:21:0b:
27:46:e5:44:77:70:ff:17:f9:a6:0c:3e:89:be:52:
8f:69:7b:56:98:55:63:67:16:3e:71:90:70:68:43:
b2:b0:87:8e:8c:01:2f:92:b2:e9:a2:74:aa:f8:dd:
b1:13:ac:d6:f4:fc:ac:44:c8:ea:c3:65:00:6c:68:
be:86:2c:60:03:fe:95:3e:21:fc:64:c3:b2:dd:5a:
cb:62:3a:ec:05:a2:82:7c:03:bc:9e:09:be:7c:99:
3f:58:b0:be:19:bb:66:a9:59:71:aa:22:d6:94:1c:
1d:40:ee:a4:75:74:c3:19:92:6a:2b:df:93:fd:ab:
23:65:e2:3e:75:f5:3e:a0:71:f7:44:10:1a:74:45:
0a:1f:65:d7:f5:75:1f:34:64:49:35:22:83:3f:d0:
99:2d:83:d9:05:24:1a:9f:0d:b8:bf:7d:3d:a0:7c:
c3:c3:77:91:28:4b:ce:e6:13:4d:56:40:a0:30:0c:
ae:a4:75:84:c4:21:63:af:b6:cb:bb:2c:3c:1f:ee:
94:51:cb:d6:7e:5e:6b:88:48:df:15:59:e0:e4:c8:
2b:bd:27:3e:a9:d0:24:8b:86:ac:ae:ec:6f:e4:0d:
66:57:8f:66:84:aa:f3:1e:89:4c:56:a1:60:58:10:
3b:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:02:2F:40:34:F8:50:77:DF:81:6C:BA:03:ED:1C:AD:66:E9:E2:B6
X509v3 Authority Key Identifier:
keyid:84:3D:1A:FC:F1:3B:D2:11:7D:47:DF:68:3E:40:A6:32:87:00:4C:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hD0a_PE70hF9R99oPkCmMocATP4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/173306-2dbd-4ad8-bd51-b1f3bcc67aae/1/hD0a_PE70hF9R99oPkCmMocATP4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/173306-2dbd-4ad8-bd51-b1f3bcc67aae/1/hD0a_PE70hF9R99oPkCmMocATP4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5b:f5:e6:9d:43:f4:71:4d:c2:13:3d:20:ec:73:bd:b5:1b:1a:
b3:99:4a:b6:04:2a:6d:66:7e:6c:fd:9e:8a:83:09:7e:1c:1a:
87:82:90:54:e9:1c:38:cd:9f:a7:e3:52:9a:6e:e5:73:95:bd:
6c:ee:cd:67:a6:88:af:91:03:c6:55:4b:af:5f:92:1e:d3:73:
07:8a:40:58:be:27:1d:23:1c:49:95:5b:6f:66:40:92:b2:f3:
df:51:f3:fe:cb:b7:c2:6e:53:b3:d3:40:0f:a3:6a:30:cb:d3:
d6:51:2c:3d:4c:2e:fe:79:84:8c:65:72:90:64:ad:6c:a7:b6:
9e:6d:43:fd:42:69:72:e2:b3:b3:45:60:2b:da:73:96:f9:01:
61:be:b0:49:9b:9e:89:6d:15:af:cb:bc:41:76:64:20:0f:3c:
cc:6e:8d:f4:9c:68:7b:d2:82:1c:e3:e6:6d:69:33:b3:65:51:
61:49:86:aa:ae:3e:cb:dd:8f:6b:a7:a5:28:cc:8a:8c:63:34:
eb:41:5e:4e:86:76:fd:dd:ee:9d:31:9b:b6:7a:cb:6a:db:4a:
b3:2a:d7:d6:fd:41:ab:98:5b:22:22:af:f4:06:7b:05:1b:b0:
40:74:40:eb:bd:4a:e1:48:2f:9f:ba:5a:ed:6f:51:a3:77:09:
b8:06:7f:f0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ3PdcxeIqhOMMJzKUyKQQapMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0M2QxYWZjZjEzYmQyMTE3ZDQ3ZGY2ODNlNDBhNjMyODcw
MDRjZmUwHhcNMjYwNDI3MTUwMTM2WhcNMjYwNDI4MTUwMTM2WjAzMTEwLwYDVQQD
Eyg2NTAyMmY0MDM0Zjg1MDc3ZGY4MTZjYmEwM2VkMWNhZDY2ZTllMmI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAogW4g3jzWCNWWAQyIQsnRuVEd3D/
F/mmDD6JvlKPaXtWmFVjZxY+cZBwaEOysIeOjAEvkrLponSq+N2xE6zW9PysRMjq
w2UAbGi+hixgA/6VPiH8ZMOy3VrLYjrsBaKCfAO8ngm+fJk/WLC+GbtmqVlxqiLW
lBwdQO6kdXTDGZJqK9+T/asjZeI+dfU+oHH3RBAadEUKH2XX9XUfNGRJNSKDP9CZ
LYPZBSQanw24v309oHzDw3eRKEvO5hNNVkCgMAyupHWExCFjr7bLuyw8H+6UUcvW
fl5riEjfFVng5MgrvSc+qdAki4asruxv5A1mV49mhKrzHolMVqFgWBA7wwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGUCL0A0+FB334FsugPtHK1m6eK2MB8GA1UdIwQY
MBaAFIQ9GvzxO9IRfUffaD5ApjKHAEz+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEQwYV9QRTcwaEY5Ujk5b1BrQ21Nb2NBVFA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS8xNzMzMDYtMmRiZC00YWQ4LWJkNTEt
YjFmM2JjYzY3YWFlLzEvaEQwYV9QRTcwaEY5Ujk5b1BrQ21Nb2NBVFA0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS8xNzMzMDYtMmRiZC00YWQ4LWJkNTEtYjFmM2JjYzY3YWFl
LzEvaEQwYV9QRTcwaEY5Ujk5b1BrQ21Nb2NBVFA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAW/XmnUP0
cU3CEz0g7HO9tRsas5lKtgQqbWZ+bP2eioMJfhwah4KQVOkcOM2fp+NSmm7lc5W9
bO7NZ6aIr5EDxlVLr1+SHtNzB4pAWL4nHSMcSZVbb2ZAkrLz31Hz/su3wm5Ts9NA
D6NqMMvT1lEsPUwu/nmEjGVykGStbKe2nm1D/UJpcuKzs0VgK9pzlvkBYb6wSZue
iW0Vr8u8QXZkIA88zG6N9Jxoe9KCHOPmbWkzs2VRYUmGqq4+y92Pa6elKMyKjGM0
60FeToZ2/d3unTGbtnrLattKsyrX1v1Bq5hbIiKv9AZ7BRuwQHRA671K4Ugvn7pa
7W9Ro3cJuAZ/8A==
-----END CERTIFICATE-----
Generated at Mon Apr 27 19:07:04 2026 by rpki-client