Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/65cf0a-ade3-40b1-9987-8c34e4cf9026/1/h5WLpmHENczSXCBgRi72ANJxnuA.mft
File: h5WLpmHENczSXCBgRi72ANJxnuA.mft (raw, json)
Hash identifier: PLdA13HDS7L0xBrFEk/+0IgNsqXBAoicL+tzk1k+pWU=
Subject key identifier: 97:2B:C4:D5:C5:6F:F7:96:D5:5A:4F:44:03:B7:17:01:76:76:05:9F
Authority key identifier: 87:95:8B:A6:61:C4:35:CC:D2:5C:20:60:46:2E:F6:00:D2:71:9E:E0
Certificate issuer: /CN=87958ba661c435ccd25c2060462ef600d2719ee0
Certificate serial: 019EB9216977C35A84F122672F9DBE12915B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h5WLpmHENczSXCBgRi72ANJxnuA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/65cf0a-ade3-40b1-9987-8c34e4cf9026/1/h5WLpmHENczSXCBgRi72ANJxnuA.mft
Manifest number: 1958
Signing time: Fri 12 Jun 2026 00:00:34 +0000
Manifest this update: Fri 12 Jun 2026 00:00:34 +0000
Manifest next update: Sat 13 Jun 2026 00:00:34 +0000
Files and hashes: 1: ff3rWotipxB5dvlUy4f5nYkMPs0.roa (hash: 0kFsDh0f69aGD5kG+8GzoVmb9MJyy9m9HMkqJTww73U=)
2: h5WLpmHENczSXCBgRi72ANJxnuA.crl (hash: Pq/43rq2M3v8TuCiPXrNLfjThXblsgEwCux7GEvY1Ko=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/65cf0a-ade3-40b1-9987-8c34e4cf9026/1/h5WLpmHENczSXCBgRi72ANJxnuA.crl
rsync://rpki.ripe.net/repository/DEFAULT/86/65cf0a-ade3-40b1-9987-8c34e4cf9026/1/h5WLpmHENczSXCBgRi72ANJxnuA.mft
rsync://rpki.ripe.net/repository/DEFAULT/h5WLpmHENczSXCBgRi72ANJxnuA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 20:26:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:b9:21:69:77:c3:5a:84:f1:22:67:2f:9d:be:12:91:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87958ba661c435ccd25c2060462ef600d2719ee0
Validity
Not Before: Jun 12 00:00:34 2026 GMT
Not After : Jun 13 00:00:34 2026 GMT
Subject: CN=972bc4d5c56ff796d55a4f4403b717017676059f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:f5:da:bb:b3:ce:8d:9e:b7:22:0e:78:12:e5:
0f:2c:cc:6b:21:8c:cc:3d:00:b7:98:86:67:a1:aa:
a8:0c:6f:29:4b:48:5c:b1:51:5a:42:01:86:64:19:
68:76:4a:6c:13:a9:2d:a3:8d:d1:7c:57:e8:4f:df:
ac:2c:86:bb:4b:f6:e0:d6:a6:b3:58:09:c0:f4:24:
89:31:a7:75:97:bf:4a:f7:b5:0e:a2:8f:4a:33:5a:
75:8a:6d:31:90:de:a2:9a:ab:85:ef:e0:9b:12:e2:
f6:f3:da:9d:45:d8:11:93:29:00:b5:59:9f:3f:c7:
78:11:c2:78:94:48:93:c1:fc:f8:86:3d:f4:9f:e8:
b7:6f:1c:5e:25:6b:7c:ad:ac:73:42:eb:02:d1:2d:
5c:48:a7:b7:05:fb:fe:b0:62:14:44:89:11:25:e0:
d1:21:cd:bc:bd:f8:03:4c:a1:7d:2e:0b:7c:f2:49:
16:5a:e8:fa:c4:50:60:6a:d6:32:f0:71:2f:96:b4:
55:fc:9b:2e:b4:fa:bb:93:8f:ee:11:87:42:38:68:
d1:f5:63:26:5a:9f:7d:59:40:d8:31:ff:ea:80:d4:
a0:ff:9e:c0:77:04:95:94:13:09:5e:26:8d:22:2a:
aa:61:34:41:dc:d8:7a:1b:2e:d9:df:e5:59:e0:b1:
f1:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:2B:C4:D5:C5:6F:F7:96:D5:5A:4F:44:03:B7:17:01:76:76:05:9F
X509v3 Authority Key Identifier:
keyid:87:95:8B:A6:61:C4:35:CC:D2:5C:20:60:46:2E:F6:00:D2:71:9E:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h5WLpmHENczSXCBgRi72ANJxnuA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/65cf0a-ade3-40b1-9987-8c34e4cf9026/1/h5WLpmHENczSXCBgRi72ANJxnuA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/65cf0a-ade3-40b1-9987-8c34e4cf9026/1/h5WLpmHENczSXCBgRi72ANJxnuA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
ad:b4:63:22:e9:a7:36:2c:09:f2:ae:80:c8:bd:54:da:6c:a7:
40:f7:53:f3:c5:e1:b4:9c:e4:89:77:2d:02:6f:25:26:40:da:
0a:d7:a4:71:11:ed:70:6b:dc:3f:a3:c0:b3:14:27:c5:fc:74:
7d:58:d4:bc:ca:99:15:12:b5:00:1c:dd:b2:1a:b6:53:23:c0:
d1:e1:87:da:6b:d8:9c:3b:db:3b:cd:78:0c:56:6f:04:10:f2:
03:0a:e8:0c:84:d8:36:38:42:3c:d6:9e:3c:01:6c:d8:a3:3c:
2d:47:64:af:5b:25:95:89:de:ec:02:13:72:aa:5a:3a:2f:2a:
41:fd:f2:0e:ec:d0:d9:99:24:88:db:58:c5:e1:be:07:17:de:
db:69:af:7f:88:fc:3e:73:7f:4f:4a:ee:87:5f:d2:fa:aa:7a:
46:09:5d:60:1b:e6:41:56:6f:30:9e:7f:77:06:a0:55:c4:91:
79:65:42:8b:5d:e1:22:15:d7:49:b9:68:8b:e6:7a:8e:7f:a2:
19:65:8a:75:a2:40:9f:68:a8:97:0a:8f:8c:b6:85:f3:0f:62:
9d:29:b2:54:b8:c6:75:51:a0:8d:ca:7a:e6:71:15:a0:e1:48:
b6:6b:c8:01:48:78:30:ae:c2:07:77:3a:2b:58:a4:02:89:64:
3d:ab:11:a2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ65IWl3w1qE8SJnL52+EpFbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3OTU4YmE2NjFjNDM1Y2NkMjVjMjA2MDQ2MmVmNjAwZDI3
MTllZTAwHhcNMjYwNjEyMDAwMDM0WhcNMjYwNjEzMDAwMDM0WjAzMTEwLwYDVQQD
Eyg5NzJiYzRkNWM1NmZmNzk2ZDU1YTRmNDQwM2I3MTcwMTc2NzYwNTlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsPXau7POjZ63Ig54EuUPLMxrIYzM
PQC3mIZnoaqoDG8pS0hcsVFaQgGGZBlodkpsE6kto43RfFfoT9+sLIa7S/bg1qaz
WAnA9CSJMad1l79K97UOoo9KM1p1im0xkN6imquF7+CbEuL289qdRdgRkykAtVmf
P8d4EcJ4lEiTwfz4hj30n+i3bxxeJWt8raxzQusC0S1cSKe3Bfv+sGIURIkRJeDR
Ic28vfgDTKF9Lgt88kkWWuj6xFBgatYy8HEvlrRV/JsutPq7k4/uEYdCOGjR9WMm
Wp99WUDYMf/qgNSg/57AdwSVlBMJXiaNIiqqYTRB3Nh6Gy7Z3+VZ4LHx2wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJcrxNXFb/eW1VpPRAO3FwF2dgWfMB8GA1UdIwQY
MBaAFIeVi6ZhxDXM0lwgYEYu9gDScZ7gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDVXTHBtSEVOY3pTWENCZ1JpNzJBTkp4bnVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni82NWNmMGEtYWRlMy00MGIxLTk5ODct
OGMzNGU0Y2Y5MDI2LzEvaDVXTHBtSEVOY3pTWENCZ1JpNzJBTkp4bnVBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni82NWNmMGEtYWRlMy00MGIxLTk5ODctOGMzNGU0Y2Y5MDI2
LzEvaDVXTHBtSEVOY3pTWENCZ1JpNzJBTkp4bnVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArbRjIumn
NiwJ8q6AyL1U2mynQPdT88XhtJzkiXctAm8lJkDaCtekcRHtcGvcP6PAsxQnxfx0
fVjUvMqZFRK1ABzdshq2UyPA0eGH2mvYnDvbO814DFZvBBDyAwroDITYNjhCPNae
PAFs2KM8LUdkr1sllYne7AITcqpaOi8qQf3yDuzQ2ZkkiNtYxeG+Bxfe22mvf4j8
PnN/T0ruh1/S+qp6RgldYBvmQVZvMJ5/dwagVcSReWVCi13hIhXXSbloi+Z6jn+i
GWWKdaJAn2iolwqPjLaF8w9inSmyVLjGdVGgjcp65nEVoOFItmvIAUh4MK7CB3c6
K1ikAolkPasRog==
-----END CERTIFICATE-----
Generated at Fri Jun 12 02:48:36 2026 by rpki-client