Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/028b82-fe03-4025-9765-b8dd18e48e86/1/hlEiwOVi5AeXaCPZThnip5T4y2I.mft
File: hlEiwOVi5AeXaCPZThnip5T4y2I.mft (raw, json)
Hash identifier: Ge8HxvtIqB99MOIBhbN/XA7aQ4tH+EddYiG1s4e0iEY=
Subject key identifier: 09:08:F1:67:8D:DD:7E:46:B6:EA:19:16:E0:63:32:A0:8F:1A:DB:02
Authority key identifier: 86:51:22:C0:E5:62:E4:07:97:68:23:D9:4E:19:E2:A7:94:F8:CB:62
Certificate issuer: /CN=865122c0e562e407976823d94e19e2a794f8cb62
Certificate serial: 019D38D2E6688377EB0C3F6081AF68E19AEF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hlEiwOVi5AeXaCPZThnip5T4y2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/028b82-fe03-4025-9765-b8dd18e48e86/1/hlEiwOVi5AeXaCPZThnip5T4y2I.mft
Manifest number: 181F
Signing time: Sun 29 Mar 2026 09:00:38 +0000
Manifest this update: Sun 29 Mar 2026 09:00:38 +0000
Manifest next update: Mon 30 Mar 2026 09:00:38 +0000
Files and hashes: 1: YvcDMestY9X7wmYPi3GUVazWTT8.roa (hash: XANK4dLT4WRniF1gFGKD3AM4xZkWl+FQBiK8+nHkS3E=)
2: hlEiwOVi5AeXaCPZThnip5T4y2I.crl (hash: +WOcRt0eDSQLq0ya6KQpduM7WJtCMSowOc5266ZAQhE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/76/028b82-fe03-4025-9765-b8dd18e48e86/1/hlEiwOVi5AeXaCPZThnip5T4y2I.crl
rsync://rpki.ripe.net/repository/DEFAULT/76/028b82-fe03-4025-9765-b8dd18e48e86/1/hlEiwOVi5AeXaCPZThnip5T4y2I.mft
rsync://rpki.ripe.net/repository/DEFAULT/hlEiwOVi5AeXaCPZThnip5T4y2I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:d2:e6:68:83:77:eb:0c:3f:60:81:af:68:e1:9a:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=865122c0e562e407976823d94e19e2a794f8cb62
Validity
Not Before: Mar 29 09:00:38 2026 GMT
Not After : Mar 30 09:00:38 2026 GMT
Subject: CN=0908f1678ddd7e46b6ea1916e06332a08f1adb02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:93:57:47:e3:b4:f1:68:9d:ef:7a:e3:c4:ed:
00:75:ab:fd:62:b4:9d:07:cd:a9:85:6b:88:24:e0:
32:57:5c:33:24:a0:6d:92:e4:ac:2b:3c:1c:a2:61:
0e:f2:bd:db:f3:f4:07:22:ac:d2:a5:5a:d0:32:56:
e7:91:b1:c7:e4:c0:43:9c:46:f4:3c:89:65:f3:4d:
18:c3:bd:5c:60:73:c5:5d:e8:7a:4c:18:e6:21:7d:
20:8f:0a:c4:c0:22:84:39:ee:96:18:0b:8b:d9:d3:
fd:ad:7c:4d:4c:31:77:5b:08:1e:10:3d:71:77:b9:
35:85:51:53:7c:78:ec:22:7e:68:1c:2c:b4:44:ae:
ce:7d:a6:33:e6:d7:c8:e9:ce:bf:98:0c:30:a7:f2:
92:e3:3c:f1:ff:1f:e7:59:62:cf:66:94:7d:59:49:
92:e0:bf:b6:b9:ae:ce:19:c0:d4:fb:08:ea:c8:f3:
db:6b:93:68:72:2a:14:94:fa:8d:66:e8:3a:5e:9f:
6e:a2:4e:8f:f1:cc:fe:a7:67:a0:27:b7:4a:0b:82:
37:4c:f0:b1:0e:53:b9:97:79:5c:e2:55:1d:1b:74:
ee:51:ed:fd:30:a3:8d:7b:70:20:2a:3a:43:9b:33:
1f:62:d0:d3:4f:93:c7:da:85:99:2b:f2:ba:35:7d:
b8:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:08:F1:67:8D:DD:7E:46:B6:EA:19:16:E0:63:32:A0:8F:1A:DB:02
X509v3 Authority Key Identifier:
keyid:86:51:22:C0:E5:62:E4:07:97:68:23:D9:4E:19:E2:A7:94:F8:CB:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hlEiwOVi5AeXaCPZThnip5T4y2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/028b82-fe03-4025-9765-b8dd18e48e86/1/hlEiwOVi5AeXaCPZThnip5T4y2I.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/028b82-fe03-4025-9765-b8dd18e48e86/1/hlEiwOVi5AeXaCPZThnip5T4y2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b5:04:9b:b9:95:2f:5e:62:5e:01:8f:16:31:eb:e6:24:bb:28:
f3:15:43:4a:1f:af:8e:5b:9a:74:98:62:f0:6b:34:a0:58:a9:
93:74:c2:46:3d:58:de:6c:23:f7:99:df:93:4f:4d:83:3c:67:
e5:d0:0f:0a:96:c2:49:12:53:4b:be:35:eb:0b:54:31:87:5b:
db:fa:67:17:77:79:9c:ff:52:5c:09:cd:d8:08:83:32:b1:48:
4e:fe:8a:78:7e:b8:c7:42:99:bb:2a:09:ce:ca:9b:c8:5a:00:
91:1a:dc:ef:c6:38:c4:ac:a1:53:15:9b:90:07:a3:65:98:62:
df:42:70:61:ea:17:99:44:2a:09:78:14:b7:95:fa:9c:c2:70:
25:af:af:c2:a4:9d:c4:cd:2a:83:2e:1b:e4:27:3f:0a:91:89:
a4:61:ce:95:e4:1b:af:94:58:97:96:73:72:fe:27:6a:ee:ca:
a9:08:72:30:b0:4c:98:dd:ab:ca:bf:45:1c:6a:82:f4:74:bb:
1a:c8:4f:d8:44:2c:4a:bc:e8:be:69:68:11:9c:7e:b2:30:35:
47:a5:f1:62:bc:05:47:e2:1f:84:42:78:72:2f:d9:c3:73:21:
43:7f:91:54:71:3e:00:ec:b5:ab:f6:f1:9f:20:5b:4f:41:f5:
cb:f9:f8:7e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ040uZog3frDD9gga9o4ZrvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2NTEyMmMwZTU2MmU0MDc5NzY4MjNkOTRlMTllMmE3OTRm
OGNiNjIwHhcNMjYwMzI5MDkwMDM4WhcNMjYwMzMwMDkwMDM4WjAzMTEwLwYDVQQD
EygwOTA4ZjE2NzhkZGQ3ZTQ2YjZlYTE5MTZlMDYzMzJhMDhmMWFkYjAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm5NXR+O08Wid73rjxO0Adav9YrSd
B82phWuIJOAyV1wzJKBtkuSsKzwcomEO8r3b8/QHIqzSpVrQMlbnkbHH5MBDnEb0
PIll800Yw71cYHPFXeh6TBjmIX0gjwrEwCKEOe6WGAuL2dP9rXxNTDF3WwgeED1x
d7k1hVFTfHjsIn5oHCy0RK7OfaYz5tfI6c6/mAwwp/KS4zzx/x/nWWLPZpR9WUmS
4L+2ua7OGcDU+wjqyPPba5NocioUlPqNZug6Xp9uok6P8cz+p2egJ7dKC4I3TPCx
DlO5l3lc4lUdG3TuUe39MKONe3AgKjpDmzMfYtDTT5PH2oWZK/K6NX24CQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAkI8WeN3X5GtuoZFuBjMqCPGtsCMB8GA1UdIwQY
MBaAFIZRIsDlYuQHl2gj2U4Z4qeU+MtiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGxFaXdPVmk1QWVYYUNQWlRobmlwNVQ0eTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni8wMjhiODItZmUwMy00MDI1LTk3NjUt
YjhkZDE4ZTQ4ZTg2LzEvaGxFaXdPVmk1QWVYYUNQWlRobmlwNVQ0eTJJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni8wMjhiODItZmUwMy00MDI1LTk3NjUtYjhkZDE4ZTQ4ZTg2
LzEvaGxFaXdPVmk1QWVYYUNQWlRobmlwNVQ0eTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtQSbuZUv
XmJeAY8WMevmJLso8xVDSh+vjluadJhi8Gs0oFipk3TCRj1Y3mwj95nfk09Ngzxn
5dAPCpbCSRJTS7416wtUMYdb2/pnF3d5nP9SXAnN2AiDMrFITv6KeH64x0KZuyoJ
zsqbyFoAkRrc78Y4xKyhUxWbkAejZZhi30JwYeoXmUQqCXgUt5X6nMJwJa+vwqSd
xM0qgy4b5Cc/CpGJpGHOleQbr5RYl5Zzcv4nau7KqQhyMLBMmN2ryr9FHGqC9HS7
GshP2EQsSrzovmloEZx+sjA1R6XxYrwFR+IfhEJ4ci/Zw3MhQ3+RVHE+AOy1q/bx
nyBbT0H1y/n4fg==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:26:45 2026 by rpki-client