Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/2ac633-40ec-4027-af2d-0f899e0c20cd/1/HQw5Ht1cvuGhTgqz-T2DT65RHk0.mft
File: HQw5Ht1cvuGhTgqz-T2DT65RHk0.mft (raw, json)
Hash identifier: jWkuMUCcz7qW5UFn8GuRgjIZsG8PQjXqXx3oqCm9qlI=
Subject key identifier: B5:B0:39:8A:19:8C:D6:66:84:D5:CC:F5:CF:68:DC:06:FE:D0:4F:DB
Authority key identifier: 1D:0C:39:1E:DD:5C:BE:E1:A1:4E:0A:B3:F9:3D:83:4F:AE:51:1E:4D
Certificate issuer: /CN=1d0c391edd5cbee1a14e0ab3f93d834fae511e4d
Certificate serial: 019D390A2A8EDA0F06CE1C86A2CE4267A3F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HQw5Ht1cvuGhTgqz-T2DT65RHk0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/2ac633-40ec-4027-af2d-0f899e0c20cd/1/HQw5Ht1cvuGhTgqz-T2DT65RHk0.mft
Manifest number: 15DC
Signing time: Sun 29 Mar 2026 10:01:00 +0000
Manifest this update: Sun 29 Mar 2026 10:01:00 +0000
Manifest next update: Mon 30 Mar 2026 10:01:00 +0000
Files and hashes: 1: HQw5Ht1cvuGhTgqz-T2DT65RHk0.crl (hash: 8tKWnH2uV3b+ChsNQtL6n5EGZIUCbZsujm3o0MWH+cU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4d/2ac633-40ec-4027-af2d-0f899e0c20cd/1/HQw5Ht1cvuGhTgqz-T2DT65RHk0.crl
rsync://rpki.ripe.net/repository/DEFAULT/4d/2ac633-40ec-4027-af2d-0f899e0c20cd/1/HQw5Ht1cvuGhTgqz-T2DT65RHk0.mft
rsync://rpki.ripe.net/repository/DEFAULT/HQw5Ht1cvuGhTgqz-T2DT65RHk0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 08:48:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:0a:2a:8e:da:0f:06:ce:1c:86:a2:ce:42:67:a3:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d0c391edd5cbee1a14e0ab3f93d834fae511e4d
Validity
Not Before: Mar 29 10:01:00 2026 GMT
Not After : Mar 30 10:01:00 2026 GMT
Subject: CN=b5b0398a198cd66684d5ccf5cf68dc06fed04fdb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:97:46:48:a5:bf:64:8f:87:d3:f1:35:9b:cb:
e4:cd:28:b5:11:a0:05:a8:7e:6b:7d:7b:ae:02:ce:
04:46:44:f1:ae:94:96:9c:93:1e:0e:dd:f8:17:06:
53:60:97:0d:02:18:25:52:d5:ba:ec:bf:2d:59:23:
35:ce:bb:a2:63:31:a4:2d:0b:7a:be:00:7c:9e:25:
a8:b6:c2:88:d7:0b:51:8b:ec:05:56:03:88:13:75:
a8:d5:be:67:eb:12:f1:aa:ac:28:ef:14:f1:39:74:
05:9c:f4:a1:7e:d4:8c:fa:eb:7f:be:56:53:6d:94:
bf:6c:97:d3:27:a5:1e:62:e9:4f:72:53:17:a2:12:
2c:9f:c2:c7:46:bb:ca:ad:c7:53:a0:85:d8:76:b6:
b6:a7:67:db:a6:45:a2:97:f2:c3:45:ce:42:25:55:
60:2c:e5:77:f2:01:a4:d0:eb:41:2a:6b:aa:e8:d3:
93:d5:6f:05:7c:50:04:2b:27:c9:2d:29:ef:2c:ca:
f9:07:14:ff:b9:04:3f:ce:01:76:c6:76:74:b3:02:
ce:41:d2:c6:e6:62:d0:55:25:3c:fc:d1:e2:ea:91:
ec:6b:ba:4a:ab:64:b1:8b:47:9e:d6:44:18:d7:35:
91:37:54:73:3e:6a:85:c3:c4:b4:dd:3e:02:4a:bf:
48:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:B0:39:8A:19:8C:D6:66:84:D5:CC:F5:CF:68:DC:06:FE:D0:4F:DB
X509v3 Authority Key Identifier:
keyid:1D:0C:39:1E:DD:5C:BE:E1:A1:4E:0A:B3:F9:3D:83:4F:AE:51:1E:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HQw5Ht1cvuGhTgqz-T2DT65RHk0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/2ac633-40ec-4027-af2d-0f899e0c20cd/1/HQw5Ht1cvuGhTgqz-T2DT65RHk0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/2ac633-40ec-4027-af2d-0f899e0c20cd/1/HQw5Ht1cvuGhTgqz-T2DT65RHk0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7d:f4:68:2f:64:27:d4:8a:b4:1a:ba:70:34:34:79:c8:c7:ce:
9c:67:f5:42:09:ae:53:fa:ef:42:8c:56:79:43:51:c1:44:54:
d0:3d:00:00:1c:a7:53:0a:14:a7:15:72:4a:bc:ad:64:71:67:
b1:98:b9:23:1c:75:d0:9c:45:9c:b9:b0:df:d6:d1:e1:71:69:
df:c7:40:63:c3:88:51:9d:1b:c8:1c:11:81:88:70:dd:44:82:
22:62:ff:fb:bb:6a:e9:23:ab:72:67:46:39:ea:0b:25:f5:8d:
03:9e:5a:ab:4c:2f:0a:7c:59:c3:8d:fe:fc:0a:05:35:be:d7:
71:31:78:2e:1c:25:43:3c:30:7e:03:ac:f4:45:1f:21:8a:b7:
80:ea:63:c8:52:4a:12:dc:9a:ad:c2:c9:53:11:96:59:62:4b:
c6:e5:e5:b8:75:62:e4:ee:a0:d3:88:54:6e:87:22:53:3a:77:
35:ae:91:8d:13:ea:de:b2:47:ec:46:d0:fb:56:ac:06:77:2e:
85:93:8f:d9:e7:e3:cd:29:c0:cf:d2:c4:0e:92:8b:ef:87:91:
32:a4:85:4a:06:3b:83:88:0b:59:af:f7:2c:fc:37:3c:dc:e8:
5e:15:95:86:73:81:99:ec:1f:97:bb:0f:67:c5:6e:89:84:15:
8c:eb:ad:97
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05CiqO2g8GzhyGos5CZ6PzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkMGMzOTFlZGQ1Y2JlZTFhMTRlMGFiM2Y5M2Q4MzRmYWU1
MTFlNGQwHhcNMjYwMzI5MTAwMTAwWhcNMjYwMzMwMTAwMTAwWjAzMTEwLwYDVQQD
EyhiNWIwMzk4YTE5OGNkNjY2ODRkNWNjZjVjZjY4ZGMwNmZlZDA0ZmRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsZdGSKW/ZI+H0/E1m8vkzSi1EaAF
qH5rfXuuAs4ERkTxrpSWnJMeDt34FwZTYJcNAhglUtW67L8tWSM1zruiYzGkLQt6
vgB8niWotsKI1wtRi+wFVgOIE3Wo1b5n6xLxqqwo7xTxOXQFnPShftSM+ut/vlZT
bZS/bJfTJ6UeYulPclMXohIsn8LHRrvKrcdToIXYdra2p2fbpkWil/LDRc5CJVVg
LOV38gGk0OtBKmuq6NOT1W8FfFAEKyfJLSnvLMr5BxT/uQQ/zgF2xnZ0swLOQdLG
5mLQVSU8/NHi6pHsa7pKq2Sxi0ee1kQY1zWRN1RzPmqFw8S03T4CSr9IrwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLWwOYoZjNZmhNXM9c9o3Ab+0E/bMB8GA1UdIwQY
MBaAFB0MOR7dXL7hoU4Ks/k9g0+uUR5NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFF3NUh0MWN2dUdoVGdxei1UMkRUNjVSSGswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8yYWM2MzMtNDBlYy00MDI3LWFmMmQt
MGY4OTllMGMyMGNkLzEvSFF3NUh0MWN2dUdoVGdxei1UMkRUNjVSSGswLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8yYWM2MzMtNDBlYy00MDI3LWFmMmQtMGY4OTllMGMyMGNk
LzEvSFF3NUh0MWN2dUdoVGdxei1UMkRUNjVSSGswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAffRoL2Qn
1Iq0GrpwNDR5yMfOnGf1QgmuU/rvQoxWeUNRwURU0D0AABynUwoUpxVySrytZHFn
sZi5Ixx10JxFnLmw39bR4XFp38dAY8OIUZ0byBwRgYhw3USCImL/+7tq6SOrcmdG
OeoLJfWNA55aq0wvCnxZw43+/AoFNb7XcTF4LhwlQzwwfgOs9EUfIYq3gOpjyFJK
EtyarcLJUxGWWWJLxuXluHVi5O6g04hUbociUzp3Na6RjRPq3rJH7EbQ+1asBncu
hZOP2efjzSnAz9LEDpKL74eRMqSFSgY7g4gLWa/3LPw3PNzoXhWVhnOBmewfl7sP
Z8VuiYQVjOutlw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 18:36:44 2026 by rpki-client