Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/4daee0-84e2-41e9-9643-d54955643cd9/1/HnsuJD-KqVRZeTK83NmvZWDc5RY.mft
File: HnsuJD-KqVRZeTK83NmvZWDc5RY.mft (raw, json)
Hash identifier: d12yAYfHfmQhZaNFLRxU0tMKUOdmAcS6BJPxO2vVmoY=
Subject key identifier: 41:A3:F8:80:9B:9C:A3:E1:DA:4D:E0:29:C5:1B:9B:6D:36:C3:44:D0
Authority key identifier: 1E:7B:2E:24:3F:8A:A9:54:59:79:32:BC:DC:D9:AF:65:60:DC:E5:16
Certificate issuer: /CN=1e7b2e243f8aa954597932bcdcd9af6560dce516
Certificate serial: 019CE4EC715ECA3636354A310191F3F2DD9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HnsuJD-KqVRZeTK83NmvZWDc5RY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/4daee0-84e2-41e9-9643-d54955643cd9/1/HnsuJD-KqVRZeTK83NmvZWDc5RY.mft
Manifest number: 0D28
Signing time: Fri 13 Mar 2026 02:00:26 +0000
Manifest this update: Fri 13 Mar 2026 02:00:26 +0000
Manifest next update: Sat 14 Mar 2026 02:00:26 +0000
Files and hashes: 1: 1-z-hX5qlCf8aH8nr2X0zpJdE1hg.roa (hash: 9rLZMVrt7BCmTVumDwvgzgKKJKdaVIZCBXEilPyFZ4c=)
2: HnsuJD-KqVRZeTK83NmvZWDc5RY.crl (hash: hNwOxgPBHA8j7/1NoTmswRQqnvh99swI/WUbhabrlhE=)
3: XI8CVY8sYwhzkz3YLD7pkxjD3Zk.roa (hash: 25+wg4lixvrKpaIcYJueXb9oNmVKiR9L4SbDtXfdAjQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/68/4daee0-84e2-41e9-9643-d54955643cd9/1/HnsuJD-KqVRZeTK83NmvZWDc5RY.crl
rsync://rpki.ripe.net/repository/DEFAULT/68/4daee0-84e2-41e9-9643-d54955643cd9/1/HnsuJD-KqVRZeTK83NmvZWDc5RY.mft
rsync://rpki.ripe.net/repository/DEFAULT/HnsuJD-KqVRZeTK83NmvZWDc5RY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 13 Mar 2026 21:05:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:e4:ec:71:5e:ca:36:36:35:4a:31:01:91:f3:f2:dd:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e7b2e243f8aa954597932bcdcd9af6560dce516
Validity
Not Before: Mar 13 02:00:26 2026 GMT
Not After : Mar 14 02:00:26 2026 GMT
Subject: CN=41a3f8809b9ca3e1da4de029c51b9b6d36c344d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:f2:b1:96:98:86:7f:4e:13:6f:17:75:57:e7:
e4:20:1e:10:a7:a6:72:6c:22:ac:72:81:dc:d5:32:
34:53:ab:0b:fc:9c:26:bd:36:35:5d:83:79:20:bc:
c2:77:7e:a3:ce:1e:db:a8:fd:75:d7:64:41:c6:36:
65:bd:96:01:07:e3:c7:b6:c8:0d:f8:c3:46:2a:ed:
6d:7e:7a:c8:ca:16:f2:fa:30:31:6d:fa:71:71:49:
59:d9:91:5d:af:d3:3f:f7:8e:c2:44:5d:74:6e:45:
3c:19:c6:a4:5e:83:a4:f5:d2:d5:1b:45:24:30:10:
a8:a8:5a:c0:7e:f3:5d:20:32:f9:8e:a1:9d:8b:e8:
c3:49:35:4e:96:c5:9b:2f:46:8b:31:5d:e6:82:40:
6b:7c:82:19:2f:65:c4:2f:10:7e:c1:ca:35:5e:11:
1f:1f:d5:5a:09:2f:86:ae:ef:17:17:ec:58:59:eb:
66:ec:ce:2f:68:3c:7b:7d:dd:b9:80:9b:5a:4e:04:
20:57:42:c2:f9:e8:ab:b5:e0:a9:7b:ba:3b:a2:56:
a9:74:c7:11:a1:33:28:4a:84:9c:52:a9:85:59:b6:
e6:3b:75:10:f6:f3:45:73:23:f1:b8:88:68:f9:2c:
f4:aa:2b:48:d3:eb:13:51:75:4f:99:3a:ec:73:0d:
cd:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:A3:F8:80:9B:9C:A3:E1:DA:4D:E0:29:C5:1B:9B:6D:36:C3:44:D0
X509v3 Authority Key Identifier:
keyid:1E:7B:2E:24:3F:8A:A9:54:59:79:32:BC:DC:D9:AF:65:60:DC:E5:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HnsuJD-KqVRZeTK83NmvZWDc5RY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/4daee0-84e2-41e9-9643-d54955643cd9/1/HnsuJD-KqVRZeTK83NmvZWDc5RY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/4daee0-84e2-41e9-9643-d54955643cd9/1/HnsuJD-KqVRZeTK83NmvZWDc5RY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
69:7c:93:62:b2:2e:c6:d2:73:cc:23:86:40:69:ae:0e:f8:8f:
d0:f2:23:5a:0d:a8:5a:94:54:56:b6:35:15:1e:cc:11:93:1b:
36:6a:e9:3d:08:3b:56:8f:18:b1:bc:89:b1:24:80:32:1b:9f:
61:0e:68:f0:59:54:3c:c4:5f:96:10:2b:9a:e9:ba:4e:08:51:
b3:5b:ac:23:1d:9e:13:a6:b9:3a:4a:da:b1:d8:d8:b6:83:a7:
78:5f:81:2c:0c:1e:3a:d7:0b:a7:b5:40:e3:a4:c7:5a:63:23:
3b:9d:97:0d:1d:35:62:52:50:5d:a0:59:f8:5c:17:f0:d8:b4:
50:60:a7:d9:fd:0f:a3:ce:8b:95:12:05:53:a0:bc:04:5c:4b:
e7:cd:df:94:2b:e0:7f:6c:dd:a4:85:75:a5:96:14:1c:7d:77:
7a:a9:d0:b0:98:c6:bb:43:f0:aa:83:96:6f:38:d4:79:c9:0b:
4d:d1:e4:cd:16:4d:4b:ea:35:0c:59:a9:71:ed:1b:19:76:31:
c2:2c:d1:77:a7:d8:a6:15:7c:a5:84:49:d8:77:52:e4:4c:18:
2e:55:d1:84:55:14:9b:75:bf:5a:1e:2f:55:0b:d9:48:7a:47:
71:ae:8b:43:d3:3b:64:5e:bb:b3:ee:78:d4:2c:7a:cb:ea:9d:
35:3a:1e:c9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZzk7HFeyjY2NUoxAZHz8t2fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlN2IyZTI0M2Y4YWE5NTQ1OTc5MzJiY2RjZDlhZjY1NjBk
Y2U1MTYwHhcNMjYwMzEzMDIwMDI2WhcNMjYwMzE0MDIwMDI2WjAzMTEwLwYDVQQD
Eyg0MWEzZjg4MDliOWNhM2UxZGE0ZGUwMjljNTFiOWI2ZDM2YzM0NGQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu/KxlpiGf04Tbxd1V+fkIB4Qp6Zy
bCKscoHc1TI0U6sL/JwmvTY1XYN5ILzCd36jzh7bqP1112RBxjZlvZYBB+PHtsgN
+MNGKu1tfnrIyhby+jAxbfpxcUlZ2ZFdr9M/947CRF10bkU8GcakXoOk9dLVG0Uk
MBCoqFrAfvNdIDL5jqGdi+jDSTVOlsWbL0aLMV3mgkBrfIIZL2XELxB+wco1XhEf
H9VaCS+Gru8XF+xYWetm7M4vaDx7fd25gJtaTgQgV0LC+eirteCpe7o7olapdMcR
oTMoSoScUqmFWbbmO3UQ9vNFcyPxuIho+Sz0qitI0+sTUXVPmTrscw3NswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEGj+ICbnKPh2k3gKcUbm202w0TQMB8GA1UdIwQY
MBaAFB57LiQ/iqlUWXkyvNzZr2Vg3OUWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSG5zdUpELUtxVlJaZVRLODNObXZaV0RjNVJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC80ZGFlZTAtODRlMi00MWU5LTk2NDMt
ZDU0OTU1NjQzY2Q5LzEvSG5zdUpELUtxVlJaZVRLODNObXZaV0RjNVJZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC80ZGFlZTAtODRlMi00MWU5LTk2NDMtZDU0OTU1NjQzY2Q5
LzEvSG5zdUpELUtxVlJaZVRLODNObXZaV0RjNVJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaXyTYrIu
xtJzzCOGQGmuDviP0PIjWg2oWpRUVrY1FR7MEZMbNmrpPQg7Vo8YsbyJsSSAMhuf
YQ5o8FlUPMRflhArmum6TghRs1usIx2eE6a5OkrasdjYtoOneF+BLAweOtcLp7VA
46THWmMjO52XDR01YlJQXaBZ+FwX8Ni0UGCn2f0Po86LlRIFU6C8BFxL583flCvg
f2zdpIV1pZYUHH13eqnQsJjGu0PwqoOWbzjUeckLTdHkzRZNS+o1DFmpce0bGXYx
wizRd6fYphV8pYRJ2HdS5EwYLlXRhFUUm3W/Wh4vVQvZSHpHca6LQ9M7ZF67s+54
1Cx6y+qdNToeyQ==
-----END CERTIFICATE-----
Generated at Fri Mar 13 07:14:24 2026 by rpki-client