Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/f04686-359b-4744-b930-1af279625fd0/1/hSC3fQNbkS_6QG393ynjopY-aQQ.mft
File: hSC3fQNbkS_6QG393ynjopY-aQQ.mft (raw, json)
Hash identifier: Klso8Yxms0bl+emdhE057opddFYtZCuJ5zeWfCxdmIg=
Subject key identifier: BF:D8:B4:64:22:5A:61:77:6A:48:93:19:85:CE:57:B1:B4:50:B2:1B
Authority key identifier: 85:20:B7:7D:03:5B:91:2F:FA:40:6D:FD:DF:29:E3:A2:96:3E:69:04
Certificate issuer: /CN=8520b77d035b912ffa406dfddf29e3a2963e6904
Certificate serial: 019D37F79FA96043FCE85CFB46BD6A9CFA46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hSC3fQNbkS_6QG393ynjopY-aQQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/f04686-359b-4744-b930-1af279625fd0/1/hSC3fQNbkS_6QG393ynjopY-aQQ.mft
Manifest number: 0AA3
Signing time: Sun 29 Mar 2026 05:01:08 +0000
Manifest this update: Sun 29 Mar 2026 05:01:08 +0000
Manifest next update: Mon 30 Mar 2026 05:01:08 +0000
Files and hashes: 1: AtB3A-GtrGG7ULQ6X8PKuFu-MDA.roa (hash: XelAFahqgXKc+akh+CQIFVNSjnh+4lCVUJF9Ga/50EI=)
2: Sillb4nEsk9ouNCXzONZ9guaHgo.roa (hash: kbWq0G9OhRAUE6xI4of3xM29A3/8ukL1B/VOzXX1Z7E=)
3: hSC3fQNbkS_6QG393ynjopY-aQQ.crl (hash: CgZQIu1Hn9g6/zyg4vsF1BFJ4d13WLeDybr+nbOdmo8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/56/f04686-359b-4744-b930-1af279625fd0/1/hSC3fQNbkS_6QG393ynjopY-aQQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/56/f04686-359b-4744-b930-1af279625fd0/1/hSC3fQNbkS_6QG393ynjopY-aQQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/hSC3fQNbkS_6QG393ynjopY-aQQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 05:01:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:f7:9f:a9:60:43:fc:e8:5c:fb:46:bd:6a:9c:fa:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8520b77d035b912ffa406dfddf29e3a2963e6904
Validity
Not Before: Mar 29 05:01:08 2026 GMT
Not After : Mar 30 05:01:08 2026 GMT
Subject: CN=bfd8b464225a61776a48931985ce57b1b450b21b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:c8:ad:ed:be:28:a9:d5:ac:a7:3f:e4:92:8d:
0e:8b:6d:5c:b8:72:e6:c3:39:35:2a:27:30:37:a9:
2e:d1:e7:6c:c5:dc:9b:5a:24:19:4b:1b:46:96:10:
21:19:32:35:0f:aa:6e:7d:8c:7d:a2:94:3b:ab:b9:
6e:f9:ee:d9:cb:e1:6a:d7:ec:38:4d:95:ef:a8:79:
df:d1:26:f5:69:04:e3:96:d6:6b:85:c0:ca:1c:a1:
7a:8d:be:93:4f:2d:a7:68:1e:57:97:3a:a1:64:ef:
b4:82:73:1d:68:32:fb:b3:66:09:69:f3:65:87:e9:
17:0d:f2:0e:be:61:e9:ee:54:cc:c7:56:25:d7:59:
11:70:e1:d0:3e:6b:44:e7:14:0a:48:1b:0d:a6:75:
43:0f:6e:16:3b:52:e3:17:aa:94:da:32:79:e2:a8:
88:52:d6:8f:9a:37:2c:0f:51:3f:7d:ae:4c:ef:44:
f3:66:18:de:c5:fb:8b:89:cb:ea:77:8e:39:7d:10:
26:23:17:a9:3f:f4:80:cb:83:97:ba:c4:4a:30:9f:
bd:ff:c3:f7:ce:f2:0c:d4:29:fa:2a:0e:48:d1:2d:
83:4c:31:77:ca:57:3d:e0:38:93:35:93:d3:0e:08:
8b:50:0e:cd:cd:69:b7:0d:47:16:d2:51:81:10:09:
cb:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:D8:B4:64:22:5A:61:77:6A:48:93:19:85:CE:57:B1:B4:50:B2:1B
X509v3 Authority Key Identifier:
keyid:85:20:B7:7D:03:5B:91:2F:FA:40:6D:FD:DF:29:E3:A2:96:3E:69:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hSC3fQNbkS_6QG393ynjopY-aQQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/f04686-359b-4744-b930-1af279625fd0/1/hSC3fQNbkS_6QG393ynjopY-aQQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/f04686-359b-4744-b930-1af279625fd0/1/hSC3fQNbkS_6QG393ynjopY-aQQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b2:04:94:ce:75:e6:dc:a5:ce:6f:d5:ba:58:99:19:29:55:b7:
5e:f2:03:d5:48:4e:a0:00:14:e2:17:fb:cd:2f:78:56:f1:a5:
2f:f4:8a:b7:a9:0b:96:2a:7e:bd:e0:8b:ee:b5:2f:65:7d:06:
1d:85:a1:90:0c:12:fc:8c:2d:e3:f5:08:50:9b:ed:32:8a:75:
54:73:da:24:d1:ff:64:d1:ae:d0:95:0d:ac:32:59:77:fa:3a:
5a:96:6d:42:0b:9e:4a:8d:6a:45:c5:ea:72:df:0d:eb:32:f6:
35:0b:7e:76:63:0d:da:78:7f:cc:73:fa:be:39:11:14:34:71:
c6:eb:14:59:58:bd:93:71:d2:06:9d:60:0b:a9:fd:8d:ca:ed:
b6:27:ac:a9:7b:e3:4e:02:1f:74:f7:64:92:9f:1f:f5:8a:46:
00:c1:97:d1:12:18:12:28:3d:9b:1c:47:c9:33:74:a7:9c:84:
f9:ec:24:af:f1:7f:2c:60:6c:a5:51:5f:28:52:27:df:1a:24:
d0:72:f5:63:9f:32:2c:b4:88:cf:16:96:19:d8:ee:2b:b7:76:
26:85:9f:d6:83:6a:a9:f0:44:b3:9a:6d:4a:a9:0e:80:8c:0d:
18:5b:ab:3a:8a:a0:8a:04:7e:16:0b:6f:fe:d7:b5:ce:67:ab:
46:38:75:af
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0395+pYEP86Fz7Rr1qnPpGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MjBiNzdkMDM1YjkxMmZmYTQwNmRmZGRmMjllM2EyOTYz
ZTY5MDQwHhcNMjYwMzI5MDUwMTA4WhcNMjYwMzMwMDUwMTA4WjAzMTEwLwYDVQQD
EyhiZmQ4YjQ2NDIyNWE2MTc3NmE0ODkzMTk4NWNlNTdiMWI0NTBiMjFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0sit7b4oqdWspz/kko0Oi21cuHLm
wzk1KicwN6ku0edsxdybWiQZSxtGlhAhGTI1D6pufYx9opQ7q7lu+e7Zy+Fq1+w4
TZXvqHnf0Sb1aQTjltZrhcDKHKF6jb6TTy2naB5XlzqhZO+0gnMdaDL7s2YJafNl
h+kXDfIOvmHp7lTMx1Yl11kRcOHQPmtE5xQKSBsNpnVDD24WO1LjF6qU2jJ54qiI
UtaPmjcsD1E/fa5M70TzZhjexfuLicvqd445fRAmIxepP/SAy4OXusRKMJ+9/8P3
zvIM1Cn6Kg5I0S2DTDF3ylc94DiTNZPTDgiLUA7NzWm3DUcW0lGBEAnL9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL/YtGQiWmF3akiTGYXOV7G0ULIbMB8GA1UdIwQY
MBaAFIUgt30DW5Ev+kBt/d8p46KWPmkEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFNDM2ZRTmJrU182UUczOTN5bmpvcFktYVFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni9mMDQ2ODYtMzU5Yi00NzQ0LWI5MzAt
MWFmMjc5NjI1ZmQwLzEvaFNDM2ZRTmJrU182UUczOTN5bmpvcFktYVFRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni9mMDQ2ODYtMzU5Yi00NzQ0LWI5MzAtMWFmMjc5NjI1ZmQw
LzEvaFNDM2ZRTmJrU182UUczOTN5bmpvcFktYVFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsgSUznXm
3KXOb9W6WJkZKVW3XvID1UhOoAAU4hf7zS94VvGlL/SKt6kLlip+veCL7rUvZX0G
HYWhkAwS/Iwt4/UIUJvtMop1VHPaJNH/ZNGu0JUNrDJZd/o6WpZtQgueSo1qRcXq
ct8N6zL2NQt+dmMN2nh/zHP6vjkRFDRxxusUWVi9k3HSBp1gC6n9jcrttiesqXvj
TgIfdPdkkp8f9YpGAMGX0RIYEig9mxxHyTN0p5yE+ewkr/F/LGBspVFfKFIn3xok
0HL1Y58yLLSIzxaWGdjuK7d2JoWf1oNqqfBEs5ptSqkOgIwNGFurOoqgigR+Fgtv
/te1zmerRjh1rw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:39:52 2026 by rpki-client