Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/65cf0a-ade3-40b1-9987-8c34e4cf9026/1/h5WLpmHENczSXCBgRi72ANJxnuA.mft
File: h5WLpmHENczSXCBgRi72ANJxnuA.mft (raw, json)
Hash identifier: T5y9JHZnUn6xgGTO8UsuNWrY++/iuO23c0dbHPkWGr0=
Subject key identifier: 44:70:B7:69:69:E6:7B:34:74:ED:F2:E5:80:DD:E0:90:77:F7:4A:32
Authority key identifier: 87:95:8B:A6:61:C4:35:CC:D2:5C:20:60:46:2E:F6:00:D2:71:9E:E0
Certificate issuer: /CN=87958ba661c435ccd25c2060462ef600d2719ee0
Certificate serial: 019D38D3B935A71F58D732527964DC7597D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h5WLpmHENczSXCBgRi72ANJxnuA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/65cf0a-ade3-40b1-9987-8c34e4cf9026/1/h5WLpmHENczSXCBgRi72ANJxnuA.mft
Manifest number: 1891
Signing time: Sun 29 Mar 2026 09:01:32 +0000
Manifest this update: Sun 29 Mar 2026 09:01:32 +0000
Manifest next update: Mon 30 Mar 2026 09:01:32 +0000
Files and hashes: 1: ff3rWotipxB5dvlUy4f5nYkMPs0.roa (hash: 0kFsDh0f69aGD5kG+8GzoVmb9MJyy9m9HMkqJTww73U=)
2: h5WLpmHENczSXCBgRi72ANJxnuA.crl (hash: EJVsCwzH/vqeEBNV8ppuuLfFXHdhs/8uH4v1BpOEY38=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/65cf0a-ade3-40b1-9987-8c34e4cf9026/1/h5WLpmHENczSXCBgRi72ANJxnuA.crl
rsync://rpki.ripe.net/repository/DEFAULT/86/65cf0a-ade3-40b1-9987-8c34e4cf9026/1/h5WLpmHENczSXCBgRi72ANJxnuA.mft
rsync://rpki.ripe.net/repository/DEFAULT/h5WLpmHENczSXCBgRi72ANJxnuA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:d3:b9:35:a7:1f:58:d7:32:52:79:64:dc:75:97:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87958ba661c435ccd25c2060462ef600d2719ee0
Validity
Not Before: Mar 29 09:01:32 2026 GMT
Not After : Mar 30 09:01:32 2026 GMT
Subject: CN=4470b76969e67b3474edf2e580dde09077f74a32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:11:2a:cb:a9:0c:11:b2:a7:54:09:1d:1b:f7:
ce:a1:42:2f:b3:57:3e:9c:96:29:3a:ff:96:5e:0e:
fd:f0:fb:80:72:ed:e6:ff:16:0f:5b:fb:3e:6a:e8:
b1:0d:8c:5e:61:64:fe:3b:79:81:ee:15:95:6e:c1:
2b:54:43:be:87:19:d0:2c:a5:e3:1c:4e:61:81:70:
26:f4:f8:49:c2:9c:21:53:cd:86:f6:3a:ca:5d:1b:
f7:ad:62:0d:95:1a:f8:a1:c8:a4:07:49:5c:38:58:
eb:47:0c:f7:3a:c0:a5:77:16:a1:67:63:95:5e:76:
c9:5b:93:b6:f1:dc:92:25:a5:fd:f6:97:75:c4:e4:
c9:c0:7a:da:c4:17:e0:16:2f:23:ee:2e:d0:6a:e5:
fe:b6:eb:58:17:35:20:51:3c:d3:4a:73:c2:61:19:
33:6d:f6:7f:c3:08:d5:63:84:55:c9:f0:ef:63:ec:
4f:df:79:8e:d6:c8:4b:b6:fe:b4:09:d6:f1:e9:bb:
1f:e9:04:2a:6a:07:6b:6b:3a:fd:8b:3d:7b:b8:27:
92:3f:bc:3a:0e:d1:7c:fa:ed:71:5a:18:70:cb:5f:
7a:21:4f:6a:2c:14:88:74:2d:70:f1:81:33:ef:b7:
d8:9b:18:76:4e:7a:43:04:f1:af:93:c3:7c:be:e3:
cf:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:70:B7:69:69:E6:7B:34:74:ED:F2:E5:80:DD:E0:90:77:F7:4A:32
X509v3 Authority Key Identifier:
keyid:87:95:8B:A6:61:C4:35:CC:D2:5C:20:60:46:2E:F6:00:D2:71:9E:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h5WLpmHENczSXCBgRi72ANJxnuA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/65cf0a-ade3-40b1-9987-8c34e4cf9026/1/h5WLpmHENczSXCBgRi72ANJxnuA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/65cf0a-ade3-40b1-9987-8c34e4cf9026/1/h5WLpmHENczSXCBgRi72ANJxnuA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a2:c6:ae:7d:84:be:c2:d4:f8:29:99:e1:e8:9c:56:8a:22:b5:
93:19:41:fe:9b:1c:95:b6:3a:84:88:38:42:7c:c7:91:01:21:
1f:08:79:64:ef:ea:e6:76:d7:53:d0:ec:07:8d:31:73:b5:9e:
0d:67:85:0c:96:b6:36:18:aa:4e:9d:e6:3f:7a:5f:8b:b1:01:
27:9b:65:67:8f:b3:7f:2d:b5:1a:0b:55:74:43:45:79:ff:d7:
21:e0:bd:97:c4:53:48:24:8a:3c:70:8f:03:5f:19:2d:d2:83:
51:e9:67:9e:3d:a9:ee:ff:6e:12:97:74:76:46:c6:fa:dd:cf:
e2:35:1f:78:d8:66:a6:87:82:27:f4:bb:0d:0c:6a:9a:86:ec:
01:61:21:d7:fa:23:93:78:b8:e9:ec:e9:0f:7a:b9:94:53:7f:
51:2e:e5:29:86:85:48:0c:91:65:2c:ae:34:a9:e0:fa:55:a5:
1a:d4:3d:9e:92:cf:bd:fa:c0:e7:fb:c1:63:5d:f7:cd:af:37:
b1:6c:c5:3a:19:f3:7e:2b:82:b2:cf:08:00:69:e2:89:d3:b4:
a4:dc:30:a8:ad:4b:5a:df:67:57:30:3b:bd:f7:d2:d3:05:27:
3c:54:66:56:da:f0:0c:b3:11:ee:c9:da:5a:ec:f7:17:fe:1d:
58:8b:cb:91
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0407k1px9Y1zJSeWTcdZfUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3OTU4YmE2NjFjNDM1Y2NkMjVjMjA2MDQ2MmVmNjAwZDI3
MTllZTAwHhcNMjYwMzI5MDkwMTMyWhcNMjYwMzMwMDkwMTMyWjAzMTEwLwYDVQQD
Eyg0NDcwYjc2OTY5ZTY3YjM0NzRlZGYyZTU4MGRkZTA5MDc3Zjc0YTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAshEqy6kMEbKnVAkdG/fOoUIvs1c+
nJYpOv+WXg798PuAcu3m/xYPW/s+auixDYxeYWT+O3mB7hWVbsErVEO+hxnQLKXj
HE5hgXAm9PhJwpwhU82G9jrKXRv3rWINlRr4ocikB0lcOFjrRwz3OsCldxahZ2OV
XnbJW5O28dySJaX99pd1xOTJwHraxBfgFi8j7i7QauX+tutYFzUgUTzTSnPCYRkz
bfZ/wwjVY4RVyfDvY+xP33mO1shLtv60Cdbx6bsf6QQqagdrazr9iz17uCeSP7w6
DtF8+u1xWhhwy196IU9qLBSIdC1w8YEz77fYmxh2TnpDBPGvk8N8vuPP7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFERwt2lp5ns0dO3y5YDd4JB390oyMB8GA1UdIwQY
MBaAFIeVi6ZhxDXM0lwgYEYu9gDScZ7gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDVXTHBtSEVOY3pTWENCZ1JpNzJBTkp4bnVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni82NWNmMGEtYWRlMy00MGIxLTk5ODct
OGMzNGU0Y2Y5MDI2LzEvaDVXTHBtSEVOY3pTWENCZ1JpNzJBTkp4bnVBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni82NWNmMGEtYWRlMy00MGIxLTk5ODctOGMzNGU0Y2Y5MDI2
LzEvaDVXTHBtSEVOY3pTWENCZ1JpNzJBTkp4bnVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAosaufYS+
wtT4KZnh6JxWiiK1kxlB/psclbY6hIg4QnzHkQEhHwh5ZO/q5nbXU9DsB40xc7We
DWeFDJa2NhiqTp3mP3pfi7EBJ5tlZ4+zfy21GgtVdENFef/XIeC9l8RTSCSKPHCP
A18ZLdKDUelnnj2p7v9uEpd0dkbG+t3P4jUfeNhmpoeCJ/S7DQxqmobsAWEh1/oj
k3i46ezpD3q5lFN/US7lKYaFSAyRZSyuNKng+lWlGtQ9npLPvfrA5/vBY133za83
sWzFOhnzfiuCss8IAGniidO0pNwwqK1LWt9nVzA7vffS0wUnPFRmVtrwDLMR7sna
Wuz3F/4dWIvLkQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 14:10:34 2026 by rpki-client