Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/11b83b-79ea-47ce-befc-88d1ce63dbeb/1/hIiHKlri_4o7e3K2KaHYX_5l47I.mft
File: hIiHKlri_4o7e3K2KaHYX_5l47I.mft (raw, json)
Hash identifier: YF4ddDoZT+PhC2Syy9VMTfkmegIU78hZYg+tQXd/fZs=
Subject key identifier: 42:31:89:B6:13:45:B2:FF:42:F3:6A:40:9B:73:00:B0:E9:61:5F:45
Authority key identifier: 84:88:87:2A:5A:E2:FF:8A:3B:7B:72:B6:29:A1:D8:5F:FE:65:E3:B2
Certificate issuer: /CN=8488872a5ae2ff8a3b7b72b629a1d85ffe65e3b2
Certificate serial: 019D39AE96A5302580AAB92397E1943D7026
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hIiHKlri_4o7e3K2KaHYX_5l47I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/11b83b-79ea-47ce-befc-88d1ce63dbeb/1/hIiHKlri_4o7e3K2KaHYX_5l47I.mft
Manifest number: 32
Signing time: Sun 29 Mar 2026 13:00:36 +0000
Manifest this update: Sun 29 Mar 2026 13:00:36 +0000
Manifest next update: Mon 30 Mar 2026 13:00:36 +0000
Files and hashes: 1: hIiHKlri_4o7e3K2KaHYX_5l47I.crl (hash: l/cYrNpqOTpN0+2ckFwOAVob4ZeIhPSmqtJShuoBb5w=)
2: k-sgoPln1cp3T1zJqrvhOdrGKoA.roa (hash: SszWmAr0Z6FAYJPxwEksshrBGWaRl09WGMF21cgmoSs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7d/11b83b-79ea-47ce-befc-88d1ce63dbeb/1/hIiHKlri_4o7e3K2KaHYX_5l47I.crl
rsync://rpki.ripe.net/repository/DEFAULT/7d/11b83b-79ea-47ce-befc-88d1ce63dbeb/1/hIiHKlri_4o7e3K2KaHYX_5l47I.mft
rsync://rpki.ripe.net/repository/DEFAULT/hIiHKlri_4o7e3K2KaHYX_5l47I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 08:48:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:ae:96:a5:30:25:80:aa:b9:23:97:e1:94:3d:70:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8488872a5ae2ff8a3b7b72b629a1d85ffe65e3b2
Validity
Not Before: Mar 29 13:00:36 2026 GMT
Not After : Mar 30 13:00:36 2026 GMT
Subject: CN=423189b61345b2ff42f36a409b7300b0e9615f45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:b3:8d:bf:87:0a:4c:62:4f:61:12:29:b1:c3:
2c:ac:17:25:6d:0e:9b:89:5f:7a:e3:e8:bf:c4:cd:
72:0c:d5:24:2b:3c:f9:27:e3:08:77:5d:d7:8c:9e:
62:cd:3d:cb:2b:fb:56:e0:8e:5b:83:4b:b6:3b:e6:
6b:54:19:a0:da:d1:34:b7:45:a5:2e:2e:25:a6:7c:
eb:5b:c7:c9:1d:2b:25:87:76:27:6e:d9:68:48:3b:
09:12:4c:4d:13:e6:57:2a:bc:42:ab:09:18:18:25:
fc:fb:15:64:8a:a5:99:78:6a:be:7e:ea:e4:0b:16:
f2:77:3b:6a:5e:7b:82:3d:69:95:99:f8:fd:89:dd:
0d:4c:eb:2b:d1:28:be:19:ab:cb:42:44:f8:0e:6f:
0b:ac:a5:2f:0b:20:f8:e7:53:ed:bc:5d:f2:23:62:
10:51:85:3e:b2:a6:69:30:87:3e:60:c0:fd:ab:d7:
6f:d5:83:42:2e:4f:6a:3b:a0:29:40:71:43:e8:1f:
60:f3:3f:ab:42:00:51:c9:28:f8:3f:c4:43:d9:5f:
d5:26:1c:0e:38:08:84:37:08:54:03:0f:8e:f0:09:
c4:ab:5d:f3:eb:be:31:51:47:87:74:fb:bd:12:7e:
31:43:e8:87:c4:5a:57:80:0c:34:fa:3b:36:87:af:
cd:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:31:89:B6:13:45:B2:FF:42:F3:6A:40:9B:73:00:B0:E9:61:5F:45
X509v3 Authority Key Identifier:
keyid:84:88:87:2A:5A:E2:FF:8A:3B:7B:72:B6:29:A1:D8:5F:FE:65:E3:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hIiHKlri_4o7e3K2KaHYX_5l47I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/11b83b-79ea-47ce-befc-88d1ce63dbeb/1/hIiHKlri_4o7e3K2KaHYX_5l47I.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/11b83b-79ea-47ce-befc-88d1ce63dbeb/1/hIiHKlri_4o7e3K2KaHYX_5l47I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
07:48:27:00:47:d3:da:f7:86:98:d3:8a:e5:84:d3:fd:d2:1b:
cf:27:4e:e0:ca:49:cf:33:42:bc:cf:d1:66:8a:28:ca:9d:31:
27:de:07:f9:fe:f3:0b:c6:25:ef:2a:cd:3b:13:8c:15:b9:ae:
28:d7:66:b3:3d:76:a3:07:2f:03:ed:f6:d9:43:47:84:df:d9:
4f:93:f1:97:cb:04:51:bc:ba:18:52:03:25:81:db:3a:d1:be:
4b:8d:4e:05:ae:25:c4:9f:27:af:b1:5f:fa:5c:08:4c:00:93:
76:cc:12:2a:f3:de:d7:b3:0a:54:6c:da:57:e8:ad:f5:2c:14:
7d:b2:dd:ac:60:73:ea:44:b5:57:29:35:7a:b6:ff:9b:fa:50:
1c:5d:c9:86:67:3b:92:65:51:6a:c3:56:bc:e6:20:07:0c:5c:
c6:b3:d5:1c:15:f4:0b:7e:4c:e3:dc:8a:20:2f:8c:69:5b:5a:
23:d6:09:ae:f8:02:c6:e1:e6:c9:34:95:88:10:b4:fa:78:10:
bf:a0:68:45:72:8f:fe:f6:5f:ad:3f:58:c0:51:80:90:ba:a9:
51:2d:1e:1c:72:61:49:92:36:aa:ec:7a:2b:b6:38:b9:eb:99:
9e:a8:a8:28:94:25:73:94:89:6f:9e:63:b7:ba:ba:00:61:f4:
52:f5:ab:32
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05rpalMCWAqrkjl+GUPXAmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0ODg4NzJhNWFlMmZmOGEzYjdiNzJiNjI5YTFkODVmZmU2
NWUzYjIwHhcNMjYwMzI5MTMwMDM2WhcNMjYwMzMwMTMwMDM2WjAzMTEwLwYDVQQD
Eyg0MjMxODliNjEzNDViMmZmNDJmMzZhNDA5YjczMDBiMGU5NjE1ZjQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw7ONv4cKTGJPYRIpscMsrBclbQ6b
iV964+i/xM1yDNUkKzz5J+MId13XjJ5izT3LK/tW4I5bg0u2O+ZrVBmg2tE0t0Wl
Li4lpnzrW8fJHSslh3YnbtloSDsJEkxNE+ZXKrxCqwkYGCX8+xVkiqWZeGq+furk
CxbydztqXnuCPWmVmfj9id0NTOsr0Si+GavLQkT4Dm8LrKUvCyD451PtvF3yI2IQ
UYU+sqZpMIc+YMD9q9dv1YNCLk9qO6ApQHFD6B9g8z+rQgBRySj4P8RD2V/VJhwO
OAiENwhUAw+O8AnEq13z674xUUeHdPu9En4xQ+iHxFpXgAw0+js2h6/NpQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEIxibYTRbL/QvNqQJtzALDpYV9FMB8GA1UdIwQY
MBaAFISIhypa4v+KO3tytimh2F/+ZeOyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaElpSEtscmlfNG83ZTNLMkthSFlYXzVsNDdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC8xMWI4M2ItNzllYS00N2NlLWJlZmMt
ODhkMWNlNjNkYmViLzEvaElpSEtscmlfNG83ZTNLMkthSFlYXzVsNDdJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC8xMWI4M2ItNzllYS00N2NlLWJlZmMtODhkMWNlNjNkYmVi
LzEvaElpSEtscmlfNG83ZTNLMkthSFlYXzVsNDdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAB0gnAEfT
2veGmNOK5YTT/dIbzydO4MpJzzNCvM/RZoooyp0xJ94H+f7zC8Yl7yrNOxOMFbmu
KNdmsz12owcvA+322UNHhN/ZT5Pxl8sEUby6GFIDJYHbOtG+S41OBa4lxJ8nr7Ff
+lwITACTdswSKvPe17MKVGzaV+it9SwUfbLdrGBz6kS1Vyk1erb/m/pQHF3Jhmc7
kmVRasNWvOYgBwxcxrPVHBX0C35M49yKIC+MaVtaI9YJrvgCxuHmyTSViBC0+ngQ
v6BoRXKP/vZfrT9YwFGAkLqpUS0eHHJhSZI2qux6K7Y4ueuZnqioKJQlc5SJb55j
t7q6AGH0UvWrMg==
-----END CERTIFICATE-----
Generated at Sun Mar 29 19:14:35 2026 by rpki-client