Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/5a99e8-bb46-4fcd-aea1-8d56a7b09953/1/hPWQymLCRkQFg4GMMfJXOg9Q_9A.mft
File: hPWQymLCRkQFg4GMMfJXOg9Q_9A.mft (raw, json)
Hash identifier: ygaYtnqWqbmTH0mVLPfFy7ZgDo5t84J+H13E7Wrj1uk=
Subject key identifier: 4E:ED:8F:2E:74:74:B8:E3:F7:AE:8F:6C:FE:7E:E3:2A:71:C4:49:0C
Authority key identifier: 84:F5:90:CA:62:C2:46:44:05:83:81:8C:31:F2:57:3A:0F:50:FF:D0
Certificate issuer: /CN=84f590ca62c246440583818c31f2573a0f50ffd0
Certificate serial: 019D390A09E5483B94A20DBE7F0EE3E80741
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hPWQymLCRkQFg4GMMfJXOg9Q_9A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/5a99e8-bb46-4fcd-aea1-8d56a7b09953/1/hPWQymLCRkQFg4GMMfJXOg9Q_9A.mft
Manifest number: 0CA3
Signing time: Sun 29 Mar 2026 10:00:52 +0000
Manifest this update: Sun 29 Mar 2026 10:00:52 +0000
Manifest next update: Mon 30 Mar 2026 10:00:52 +0000
Files and hashes: 1: hPWQymLCRkQFg4GMMfJXOg9Q_9A.crl (hash: uj1el4LfmINS66IGC+Y1kGq0UPfCxjUh5mzZnp34MAE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/77/5a99e8-bb46-4fcd-aea1-8d56a7b09953/1/hPWQymLCRkQFg4GMMfJXOg9Q_9A.crl
rsync://rpki.ripe.net/repository/DEFAULT/77/5a99e8-bb46-4fcd-aea1-8d56a7b09953/1/hPWQymLCRkQFg4GMMfJXOg9Q_9A.mft
rsync://rpki.ripe.net/repository/DEFAULT/hPWQymLCRkQFg4GMMfJXOg9Q_9A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 10:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:0a:09:e5:48:3b:94:a2:0d:be:7f:0e:e3:e8:07:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84f590ca62c246440583818c31f2573a0f50ffd0
Validity
Not Before: Mar 29 10:00:52 2026 GMT
Not After : Mar 30 10:00:52 2026 GMT
Subject: CN=4eed8f2e7474b8e3f7ae8f6cfe7ee32a71c4490c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:6a:f6:1d:50:2b:9e:27:02:c9:0f:c1:cd:2d:
2b:dc:c2:09:23:37:1a:b3:58:88:8f:e0:02:c0:0a:
2c:96:9c:3d:25:ea:24:34:63:63:b8:84:8f:dd:26:
b2:67:3b:ae:40:36:e1:28:d9:a3:e8:0c:bb:10:b9:
bc:52:ee:14:0b:4e:1c:f7:ea:9c:2b:af:1f:d2:a1:
e0:14:c8:00:dd:b0:15:1e:67:72:cf:69:9d:d1:13:
4d:fa:6f:90:b1:a2:6b:89:c6:42:44:b1:49:97:4d:
4a:98:87:9c:48:61:93:23:d2:83:e7:21:00:be:1c:
04:a5:9a:06:70:56:01:79:41:55:40:76:79:4c:8a:
17:7e:7c:d0:fe:f0:e1:44:b9:75:2d:66:10:a4:39:
3f:11:d5:65:8c:43:3e:3a:a6:bb:59:0e:4a:68:7c:
82:4c:f1:5a:14:54:97:2c:5e:6a:58:cf:e4:4e:3d:
20:13:80:be:ba:3f:5a:ef:dd:c0:33:ed:40:73:7f:
de:10:41:7e:99:39:52:e4:72:46:20:04:80:43:53:
53:fb:ec:4c:31:79:a4:ca:6a:1d:2b:26:7e:b7:21:
0a:c7:e7:3c:0b:aa:e5:18:78:05:5d:e6:3c:f9:82:
92:b9:9c:56:fc:b8:21:88:40:ea:59:2f:a6:ec:20:
e9:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:ED:8F:2E:74:74:B8:E3:F7:AE:8F:6C:FE:7E:E3:2A:71:C4:49:0C
X509v3 Authority Key Identifier:
keyid:84:F5:90:CA:62:C2:46:44:05:83:81:8C:31:F2:57:3A:0F:50:FF:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hPWQymLCRkQFg4GMMfJXOg9Q_9A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/5a99e8-bb46-4fcd-aea1-8d56a7b09953/1/hPWQymLCRkQFg4GMMfJXOg9Q_9A.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/5a99e8-bb46-4fcd-aea1-8d56a7b09953/1/hPWQymLCRkQFg4GMMfJXOg9Q_9A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
87:05:a4:fb:82:21:fe:d3:6a:b3:27:4f:8a:2b:20:b3:7f:76:
78:69:0a:8c:3e:9d:97:c9:5a:5e:dd:ec:4d:8b:73:fd:fa:21:
44:c7:e2:03:e6:8e:d4:4d:b9:aa:71:af:5e:ff:fb:75:a8:f3:
00:f6:7c:59:22:b4:9b:19:82:b7:fe:64:58:35:7f:70:04:2d:
8c:6c:a2:06:34:97:91:03:8e:01:f0:aa:a3:a6:04:00:2c:fb:
6c:6a:5e:6c:ee:46:09:e5:23:84:aa:f5:8e:e8:f7:45:48:72:
c8:ef:06:08:58:21:0e:80:72:02:11:81:f8:eb:d6:ec:c7:15:
d5:37:29:7c:e6:36:b8:b2:db:d3:34:45:2a:d8:6c:6c:d2:5f:
57:c0:bd:bc:34:24:47:f4:9e:44:b3:10:01:28:ca:9f:62:c8:
e1:68:cd:a9:af:43:6a:16:69:e4:3e:b5:cd:5d:de:c2:f6:9e:
13:8c:15:b3:84:6b:04:d6:52:c1:fc:e3:5d:5c:80:3d:42:6c:
df:8a:99:28:42:8a:f7:6a:26:d6:96:ee:db:34:55:ad:f0:71:
a4:89:2b:2c:f3:56:0e:b7:a0:1a:6f:1f:ca:47:0b:da:f0:3c:
6f:20:94:4f:25:ee:26:be:74:bf:05:e8:33:f7:c8:99:99:a2:
04:1d:de:13
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05CgnlSDuUog2+fw7j6AdBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0ZjU5MGNhNjJjMjQ2NDQwNTgzODE4YzMxZjI1NzNhMGY1
MGZmZDAwHhcNMjYwMzI5MTAwMDUyWhcNMjYwMzMwMTAwMDUyWjAzMTEwLwYDVQQD
Eyg0ZWVkOGYyZTc0NzRiOGUzZjdhZThmNmNmZTdlZTMyYTcxYzQ0OTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvWr2HVArnicCyQ/BzS0r3MIJIzca
s1iIj+ACwAoslpw9JeokNGNjuISP3SayZzuuQDbhKNmj6Ay7ELm8Uu4UC04c9+qc
K68f0qHgFMgA3bAVHmdyz2md0RNN+m+QsaJricZCRLFJl01KmIecSGGTI9KD5yEA
vhwEpZoGcFYBeUFVQHZ5TIoXfnzQ/vDhRLl1LWYQpDk/EdVljEM+Oqa7WQ5KaHyC
TPFaFFSXLF5qWM/kTj0gE4C+uj9a793AM+1Ac3/eEEF+mTlS5HJGIASAQ1NT++xM
MXmkymodKyZ+tyEKx+c8C6rlGHgFXeY8+YKSuZxW/LghiEDqWS+m7CDpEwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE7tjy50dLjj966PbP5+4ypxxEkMMB8GA1UdIwQY
MBaAFIT1kMpiwkZEBYOBjDHyVzoPUP/QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFBXUXltTENSa1FGZzRHTU1mSlhPZzlRXzlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny81YTk5ZTgtYmI0Ni00ZmNkLWFlYTEt
OGQ1NmE3YjA5OTUzLzEvaFBXUXltTENSa1FGZzRHTU1mSlhPZzlRXzlBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny81YTk5ZTgtYmI0Ni00ZmNkLWFlYTEtOGQ1NmE3YjA5OTUz
LzEvaFBXUXltTENSa1FGZzRHTU1mSlhPZzlRXzlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhwWk+4Ih
/tNqsydPiisgs392eGkKjD6dl8laXt3sTYtz/fohRMfiA+aO1E25qnGvXv/7dajz
APZ8WSK0mxmCt/5kWDV/cAQtjGyiBjSXkQOOAfCqo6YEACz7bGpebO5GCeUjhKr1
juj3RUhyyO8GCFghDoByAhGB+OvW7McV1TcpfOY2uLLb0zRFKthsbNJfV8C9vDQk
R/SeRLMQASjKn2LI4WjNqa9DahZp5D61zV3ewvaeE4wVs4RrBNZSwfzjXVyAPUJs
34qZKEKK92om1pbu2zRVrfBxpIkrLPNWDregGm8fykcL2vA8byCUTyXuJr50vwXo
M/fImZmiBB3eEw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 19:57:45 2026 by rpki-client