Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/f1a67b-f5c2-48be-87c1-18481c54bac0/1/hphbrg2TjeJDhcQFPNo5G3RFAmc.mft
File: hphbrg2TjeJDhcQFPNo5G3RFAmc.mft (raw, json)
Hash identifier: 8iqMHNiBV45JIoq+2oOOLNYsv7cf4ny/pS7SjBZK6Uo=
Subject key identifier: B9:EB:95:E6:D7:76:44:9E:33:2C:DF:20:96:97:62:44:51:F8:A8:B5
Authority key identifier: 86:98:5B:AE:0D:93:8D:E2:43:85:C4:05:3C:DA:39:1B:74:45:02:67
Certificate issuer: /CN=86985bae0d938de24385c4053cda391b74450267
Certificate serial: 019D382E510B89E1767C4AEFDD507DF79863
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hphbrg2TjeJDhcQFPNo5G3RFAmc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/f1a67b-f5c2-48be-87c1-18481c54bac0/1/hphbrg2TjeJDhcQFPNo5G3RFAmc.mft
Manifest number: 0BFF
Signing time: Sun 29 Mar 2026 06:00:52 +0000
Manifest this update: Sun 29 Mar 2026 06:00:52 +0000
Manifest next update: Mon 30 Mar 2026 06:00:52 +0000
Files and hashes: 1: hphbrg2TjeJDhcQFPNo5G3RFAmc.crl (hash: XRrKT4akWjEZWzmoBvpu7KF7AwE5OzvFfZGM8msCIzk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/f1a67b-f5c2-48be-87c1-18481c54bac0/1/hphbrg2TjeJDhcQFPNo5G3RFAmc.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/f1a67b-f5c2-48be-87c1-18481c54bac0/1/hphbrg2TjeJDhcQFPNo5G3RFAmc.mft
rsync://rpki.ripe.net/repository/DEFAULT/hphbrg2TjeJDhcQFPNo5G3RFAmc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 06:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:2e:51:0b:89:e1:76:7c:4a:ef:dd:50:7d:f7:98:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86985bae0d938de24385c4053cda391b74450267
Validity
Not Before: Mar 29 06:00:52 2026 GMT
Not After : Mar 30 06:00:52 2026 GMT
Subject: CN=b9eb95e6d776449e332cdf209697624451f8a8b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:77:65:0b:37:a1:ee:68:9d:79:96:3c:40:37:
c7:15:21:3d:f8:6a:fc:09:b1:88:de:8f:0c:1d:aa:
2a:65:23:5a:b8:e7:f2:cd:44:1d:e9:43:4e:48:0d:
2a:f8:a1:7b:2e:cb:ba:29:9f:ea:c4:8b:e7:b7:b4:
d6:4e:51:e8:71:9b:9a:b0:90:07:a8:56:ac:a0:46:
0a:0f:b7:94:47:06:cf:b9:e1:7a:db:5b:ab:5c:e9:
29:88:72:4f:b9:03:89:f4:f4:c9:d7:02:ca:54:8b:
f3:f6:4a:1b:08:68:f7:51:a4:06:1c:ad:b8:11:9f:
e5:2b:37:d4:e6:e5:3e:3d:3b:ae:48:c7:a4:02:a9:
0c:b6:c5:53:35:5c:da:2d:5a:32:08:d1:32:6a:41:
a8:a5:b8:7b:47:2b:f1:0e:a9:e1:12:0c:e2:0e:a1:
76:57:54:3f:d1:ac:84:e8:51:ae:28:41:97:ec:64:
51:e3:ac:ff:8a:b6:45:b3:f1:a9:5c:73:de:df:e7:
61:6d:78:60:7d:6d:90:6e:35:2e:7f:79:93:18:cb:
49:e9:30:ab:16:c7:cc:ff:82:a1:f8:66:ee:29:f0:
8c:12:55:8e:2e:98:9e:86:cd:70:74:73:8b:0c:9c:
ca:4d:f6:d4:8d:29:30:7e:43:40:e9:c2:a9:7d:37:
19:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:EB:95:E6:D7:76:44:9E:33:2C:DF:20:96:97:62:44:51:F8:A8:B5
X509v3 Authority Key Identifier:
keyid:86:98:5B:AE:0D:93:8D:E2:43:85:C4:05:3C:DA:39:1B:74:45:02:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hphbrg2TjeJDhcQFPNo5G3RFAmc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/f1a67b-f5c2-48be-87c1-18481c54bac0/1/hphbrg2TjeJDhcQFPNo5G3RFAmc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/f1a67b-f5c2-48be-87c1-18481c54bac0/1/hphbrg2TjeJDhcQFPNo5G3RFAmc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
91:ef:0d:19:45:7b:4a:66:f4:2c:4c:1e:52:52:c2:0e:68:16:
b5:2b:8a:e4:ef:09:0d:1b:47:00:3d:1a:db:c3:be:ca:15:85:
00:23:c8:e5:41:40:c5:10:9d:2e:f3:b0:db:ae:2a:82:e7:f8:
7c:54:c1:31:53:9e:68:ee:fb:14:d0:8e:1c:d9:7b:da:da:6c:
cb:92:d7:0d:c4:0d:58:7a:c3:75:2b:d6:5f:f5:96:20:2f:08:
d7:eb:4c:ee:34:f0:dc:54:6a:d1:fa:78:73:3f:39:aa:b5:23:
99:02:ee:e9:08:36:04:dd:98:b0:fc:22:e0:41:df:10:28:5e:
a5:b8:ea:b4:ea:80:32:48:a2:a7:c4:12:4a:52:39:4e:d2:d9:
82:72:1f:6b:27:d8:26:49:98:cd:ba:70:84:ab:b3:b5:01:db:
29:7d:79:0e:08:aa:9e:1d:9f:9f:69:61:f0:78:b5:a1:12:f7:
2f:70:2a:6a:a1:65:90:53:76:5b:df:58:b7:cd:c8:49:de:94:
44:ea:c9:90:01:b2:d5:41:c5:c9:b4:fe:9b:07:53:42:4d:15:
86:6c:f8:6a:72:97:85:7e:6c:8e:00:a1:7f:44:d3:1f:61:7c:
9a:19:dd:68:07:8b:8d:97:7c:41:30:a6:84:b7:f8:e5:73:d2:
37:50:b6:96
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04LlELieF2fErv3VB995hjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2OTg1YmFlMGQ5MzhkZTI0Mzg1YzQwNTNjZGEzOTFiNzQ0
NTAyNjcwHhcNMjYwMzI5MDYwMDUyWhcNMjYwMzMwMDYwMDUyWjAzMTEwLwYDVQQD
EyhiOWViOTVlNmQ3NzY0NDllMzMyY2RmMjA5Njk3NjI0NDUxZjhhOGI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq3dlCzeh7mideZY8QDfHFSE9+Gr8
CbGI3o8MHaoqZSNauOfyzUQd6UNOSA0q+KF7Lsu6KZ/qxIvnt7TWTlHocZuasJAH
qFasoEYKD7eURwbPueF621urXOkpiHJPuQOJ9PTJ1wLKVIvz9kobCGj3UaQGHK24
EZ/lKzfU5uU+PTuuSMekAqkMtsVTNVzaLVoyCNEyakGopbh7RyvxDqnhEgziDqF2
V1Q/0ayE6FGuKEGX7GRR46z/irZFs/GpXHPe3+dhbXhgfW2QbjUuf3mTGMtJ6TCr
FsfM/4Kh+GbuKfCMElWOLpiehs1wdHOLDJzKTfbUjSkwfkNA6cKpfTcZVQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLnrlebXdkSeMyzfIJaXYkRR+Ki1MB8GA1UdIwQY
MBaAFIaYW64Nk43iQ4XEBTzaORt0RQJnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHBoYnJnMlRqZUpEaGNRRlBObzVHM1JGQW1jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy9mMWE2N2ItZjVjMi00OGJlLTg3YzEt
MTg0ODFjNTRiYWMwLzEvaHBoYnJnMlRqZUpEaGNRRlBObzVHM1JGQW1jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy9mMWE2N2ItZjVjMi00OGJlLTg3YzEtMTg0ODFjNTRiYWMw
LzEvaHBoYnJnMlRqZUpEaGNRRlBObzVHM1JGQW1jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAke8NGUV7
Smb0LEweUlLCDmgWtSuK5O8JDRtHAD0a28O+yhWFACPI5UFAxRCdLvOw264qguf4
fFTBMVOeaO77FNCOHNl72tpsy5LXDcQNWHrDdSvWX/WWIC8I1+tM7jTw3FRq0fp4
cz85qrUjmQLu6Qg2BN2YsPwi4EHfEChepbjqtOqAMkiip8QSSlI5TtLZgnIfayfY
JkmYzbpwhKuztQHbKX15Dgiqnh2fn2lh8Hi1oRL3L3AqaqFlkFN2W99Yt83ISd6U
ROrJkAGy1UHFybT+mwdTQk0Vhmz4anKXhX5sjgChf0TTH2F8mhndaAeLjZd8QTCm
hLf45XPSN1C2lg==
-----END CERTIFICATE-----
Generated at Sun Mar 29 16:27:36 2026 by rpki-client