Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/4daee0-84e2-41e9-9643-d54955643cd9/1/HnsuJD-KqVRZeTK83NmvZWDc5RY.mft
File: HnsuJD-KqVRZeTK83NmvZWDc5RY.mft (raw, json)
Hash identifier: Ea5v+++wQrBPiChQ8NCjxAKxWuSHAyx6OCnjb5kaELA=
Subject key identifier: 71:01:8B:16:9B:0B:26:E0:20:93:FC:63:54:37:5C:BA:7B:41:23:72
Authority key identifier: 1E:7B:2E:24:3F:8A:A9:54:59:79:32:BC:DC:D9:AF:65:60:DC:E5:16
Certificate issuer: /CN=1e7b2e243f8aa954597932bcdcd9af6560dce516
Certificate serial: 019DD087D40194BF1BF1819FB86C517F51C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HnsuJD-KqVRZeTK83NmvZWDc5RY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/4daee0-84e2-41e9-9643-d54955643cd9/1/HnsuJD-KqVRZeTK83NmvZWDc5RY.mft
Manifest number: 0DA2
Signing time: Mon 27 Apr 2026 20:00:55 +0000
Manifest this update: Mon 27 Apr 2026 20:00:55 +0000
Manifest next update: Tue 28 Apr 2026 20:00:55 +0000
Files and hashes: 1: 1-z-hX5qlCf8aH8nr2X0zpJdE1hg.roa (hash: 9rLZMVrt7BCmTVumDwvgzgKKJKdaVIZCBXEilPyFZ4c=)
2: HnsuJD-KqVRZeTK83NmvZWDc5RY.crl (hash: uT+0uAtvUKftTrImeCLJ9G1U5ZrzBi/gucJGqwYm7vo=)
3: XI8CVY8sYwhzkz3YLD7pkxjD3Zk.roa (hash: 25+wg4lixvrKpaIcYJueXb9oNmVKiR9L4SbDtXfdAjQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/68/4daee0-84e2-41e9-9643-d54955643cd9/1/HnsuJD-KqVRZeTK83NmvZWDc5RY.crl
rsync://rpki.ripe.net/repository/DEFAULT/68/4daee0-84e2-41e9-9643-d54955643cd9/1/HnsuJD-KqVRZeTK83NmvZWDc5RY.mft
rsync://rpki.ripe.net/repository/DEFAULT/HnsuJD-KqVRZeTK83NmvZWDc5RY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Apr 2026 17:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:d0:87:d4:01:94:bf:1b:f1:81:9f:b8:6c:51:7f:51:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e7b2e243f8aa954597932bcdcd9af6560dce516
Validity
Not Before: Apr 27 20:00:55 2026 GMT
Not After : Apr 28 20:00:55 2026 GMT
Subject: CN=71018b169b0b26e02093fc6354375cba7b412372
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:6f:d7:6c:16:74:bc:ec:b8:81:e3:5b:78:af:
77:ad:3f:e8:1a:19:6b:65:b0:1f:37:8e:d4:63:3d:
c5:4a:61:37:4d:e8:12:73:57:7f:c3:4f:ad:08:bc:
3f:eb:d1:60:bd:e4:03:16:4b:31:08:a7:20:ff:86:
5a:f9:d1:64:eb:0d:9f:05:c8:42:40:34:04:4e:b7:
7d:1b:74:24:3f:b8:e8:41:5d:12:62:80:89:99:b6:
fa:05:c8:87:8a:5e:0c:ed:de:59:cf:7e:5e:94:ed:
65:64:2f:00:50:01:b6:8c:a6:0c:a1:63:7d:03:19:
b4:f2:55:62:55:fd:5c:b4:3a:9f:07:5f:10:b3:a7:
0e:65:07:b4:1f:60:3e:d5:31:3f:54:41:0a:21:5c:
1f:92:33:26:ce:64:03:7a:d9:dc:96:10:d6:87:c7:
a4:39:f9:45:b8:57:15:1a:98:fa:fd:62:2d:9b:c7:
d9:bb:4f:76:f3:ba:d3:51:3d:15:9f:39:0e:87:59:
9f:24:94:dc:3a:2c:0f:cd:68:8a:96:43:9d:d6:e9:
06:ab:50:35:0c:da:17:60:4b:89:e6:af:08:05:f8:
18:13:00:20:9a:4e:a5:f6:c2:9f:05:e6:b7:5e:bf:
e5:bc:13:b5:aa:2a:43:77:39:44:10:d9:00:c8:ea:
bf:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:01:8B:16:9B:0B:26:E0:20:93:FC:63:54:37:5C:BA:7B:41:23:72
X509v3 Authority Key Identifier:
keyid:1E:7B:2E:24:3F:8A:A9:54:59:79:32:BC:DC:D9:AF:65:60:DC:E5:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HnsuJD-KqVRZeTK83NmvZWDc5RY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/4daee0-84e2-41e9-9643-d54955643cd9/1/HnsuJD-KqVRZeTK83NmvZWDc5RY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/4daee0-84e2-41e9-9643-d54955643cd9/1/HnsuJD-KqVRZeTK83NmvZWDc5RY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b6:c8:fb:48:4a:3b:ef:c5:68:61:a0:57:fe:55:90:c1:cd:84:
62:b1:0f:86:57:cb:76:f3:f4:2a:f3:03:3a:9c:60:d0:8f:6c:
2c:52:48:c2:ae:4b:bb:fe:c4:07:1f:1b:8e:f9:00:d7:f3:e3:
be:af:e8:32:b2:0b:12:ae:e0:9e:b3:66:35:ab:fc:13:9e:72:
58:fd:7a:df:8d:dd:dc:6d:54:d8:d0:a9:5d:3e:eb:f5:4a:fe:
0b:f9:1e:96:f8:13:fb:b6:12:d3:fa:c6:9b:4a:ac:95:2d:25:
22:b9:db:c7:9f:8b:fc:41:2d:33:08:f9:33:01:e4:2b:a0:59:
05:c9:99:2e:4c:ac:80:1b:66:7a:b2:0b:51:ec:03:c7:8a:3e:
28:b1:5a:99:0e:88:22:59:0b:f2:2c:d2:31:c4:21:8b:1a:38:
12:86:09:6a:eb:1d:ca:f0:3e:33:85:51:14:ac:5e:d8:9f:d0:
0b:81:67:8b:88:28:fc:a8:a8:35:73:93:1a:6d:fc:c2:03:f9:
96:f8:16:b7:6c:b7:a9:42:78:d3:3d:57:5c:f1:44:25:4f:23:
78:04:07:4e:d6:9b:f7:c6:86:43:2e:0c:e2:73:e7:6f:fc:12:
bd:e7:a4:25:cb:b2:28:fd:31:4e:94:a8:30:cd:0b:7c:76:44:
4c:3b:95:05
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ3Qh9QBlL8b8YGfuGxRf1HDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlN2IyZTI0M2Y4YWE5NTQ1OTc5MzJiY2RjZDlhZjY1NjBk
Y2U1MTYwHhcNMjYwNDI3MjAwMDU1WhcNMjYwNDI4MjAwMDU1WjAzMTEwLwYDVQQD
Eyg3MTAxOGIxNjliMGIyNmUwMjA5M2ZjNjM1NDM3NWNiYTdiNDEyMzcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtW/XbBZ0vOy4geNbeK93rT/oGhlr
ZbAfN47UYz3FSmE3TegSc1d/w0+tCLw/69FgveQDFksxCKcg/4Za+dFk6w2fBchC
QDQETrd9G3QkP7joQV0SYoCJmbb6BciHil4M7d5Zz35elO1lZC8AUAG2jKYMoWN9
Axm08lViVf1ctDqfB18Qs6cOZQe0H2A+1TE/VEEKIVwfkjMmzmQDetnclhDWh8ek
OflFuFcVGpj6/WItm8fZu09287rTUT0VnzkOh1mfJJTcOiwPzWiKlkOd1ukGq1A1
DNoXYEuJ5q8IBfgYEwAgmk6l9sKfBea3Xr/lvBO1qipDdzlEENkAyOq/9wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHEBixabCybgIJP8Y1Q3XLp7QSNyMB8GA1UdIwQY
MBaAFB57LiQ/iqlUWXkyvNzZr2Vg3OUWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSG5zdUpELUtxVlJaZVRLODNObXZaV0RjNVJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC80ZGFlZTAtODRlMi00MWU5LTk2NDMt
ZDU0OTU1NjQzY2Q5LzEvSG5zdUpELUtxVlJaZVRLODNObXZaV0RjNVJZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC80ZGFlZTAtODRlMi00MWU5LTk2NDMtZDU0OTU1NjQzY2Q5
LzEvSG5zdUpELUtxVlJaZVRLODNObXZaV0RjNVJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtsj7SEo7
78VoYaBX/lWQwc2EYrEPhlfLdvP0KvMDOpxg0I9sLFJIwq5Lu/7EBx8bjvkA1/Pj
vq/oMrILEq7gnrNmNav8E55yWP16343d3G1U2NCpXT7r9Ur+C/kelvgT+7YS0/rG
m0qslS0lIrnbx5+L/EEtMwj5MwHkK6BZBcmZLkysgBtmerILUewDx4o+KLFamQ6I
IlkL8izSMcQhixo4EoYJausdyvA+M4VRFKxe2J/QC4Fni4go/KioNXOTGm38wgP5
lvgWt2y3qUJ40z1XXPFEJU8jeAQHTtab98aGQy4M4nPnb/wSveekJcuyKP0xTpSo
MM0LfHZETDuVBQ==
-----END CERTIFICATE-----
Generated at Mon Apr 27 22:29:21 2026 by rpki-client