Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/e5bf20-86c3-4d3f-93d3-20397e66448a/1/h0FAFRyNjVa2r1MjnSkCHt3Nilo.mft
File: h0FAFRyNjVa2r1MjnSkCHt3Nilo.mft (raw, json)
Hash identifier: m0NOhOoRMObF8iPDNX46TI4BjsFMwQEaDPMi2jkx/QI=
Subject key identifier: D6:6E:D9:DD:A5:07:C2:7A:2F:00:14:79:64:43:41:EF:1C:36:FC:0F
Authority key identifier: 87:41:40:15:1C:8D:8D:56:B6:AF:53:23:9D:29:02:1E:DD:CD:8A:5A
Certificate issuer: /CN=874140151c8d8d56b6af53239d29021eddcd8a5a
Certificate serial: 019D378996F5AAA84BB0ED577E605D12BBAF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h0FAFRyNjVa2r1MjnSkCHt3Nilo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/e5bf20-86c3-4d3f-93d3-20397e66448a/1/h0FAFRyNjVa2r1MjnSkCHt3Nilo.mft
Manifest number: 46
Signing time: Sun 29 Mar 2026 03:00:57 +0000
Manifest this update: Sun 29 Mar 2026 03:00:57 +0000
Manifest next update: Mon 30 Mar 2026 03:00:57 +0000
Files and hashes: 1: QwfwWnuU2NBVoqdOmvfr5FQjIoM.roa (hash: eLvlx5jM6qNIq7/8tFMX7T9AIKZbkgsEQFX69vOLcbc=)
2: h0FAFRyNjVa2r1MjnSkCHt3Nilo.crl (hash: LHOtTz11J1VR+vSjMa7P1dknn4JLwuvaqf1iabmqPiM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8f/e5bf20-86c3-4d3f-93d3-20397e66448a/1/h0FAFRyNjVa2r1MjnSkCHt3Nilo.crl
rsync://rpki.ripe.net/repository/DEFAULT/8f/e5bf20-86c3-4d3f-93d3-20397e66448a/1/h0FAFRyNjVa2r1MjnSkCHt3Nilo.mft
rsync://rpki.ripe.net/repository/DEFAULT/h0FAFRyNjVa2r1MjnSkCHt3Nilo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 03:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:89:96:f5:aa:a8:4b:b0:ed:57:7e:60:5d:12:bb:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=874140151c8d8d56b6af53239d29021eddcd8a5a
Validity
Not Before: Mar 29 03:00:57 2026 GMT
Not After : Mar 30 03:00:57 2026 GMT
Subject: CN=d66ed9dda507c27a2f001479644341ef1c36fc0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:ba:6d:ac:64:51:20:6d:54:b5:81:69:89:c2:
1e:59:f7:36:04:de:01:94:05:ff:aa:d2:d3:c7:ed:
6c:7e:ba:a1:11:3d:27:6d:fe:f9:f4:e9:1b:31:87:
75:81:76:da:da:28:0d:a1:46:18:b9:01:ec:fa:8a:
09:20:49:12:ef:03:64:36:27:1c:6e:bb:00:d5:4c:
70:81:06:3f:4c:40:5c:e8:24:d3:35:fa:5f:35:1d:
4f:3e:3d:5c:27:3c:66:43:67:dc:ea:c4:04:c5:fa:
03:4a:d7:98:26:16:07:aa:e3:c4:00:5f:88:a6:84:
07:8a:f4:46:22:18:c7:31:6f:72:30:7c:21:34:35:
41:d0:52:22:a5:78:81:39:31:d9:d5:b5:2f:03:b2:
d3:51:1b:65:c6:40:6a:60:6a:01:7d:8d:78:4e:60:
33:89:80:cb:7a:3a:57:cf:d7:a8:b0:af:fa:42:96:
15:e5:de:02:25:95:b4:2d:af:f0:60:c4:df:97:e2:
cb:1d:33:df:e2:ac:f5:6a:ac:a1:56:98:67:5d:f8:
cf:fc:2e:c3:b9:10:cd:f0:da:d6:f8:e0:52:15:26:
13:44:60:74:b1:40:28:e7:aa:7e:12:c1:b4:2d:19:
f8:6c:1d:fe:07:71:4e:3d:08:a0:45:90:d8:55:5d:
31:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:6E:D9:DD:A5:07:C2:7A:2F:00:14:79:64:43:41:EF:1C:36:FC:0F
X509v3 Authority Key Identifier:
keyid:87:41:40:15:1C:8D:8D:56:B6:AF:53:23:9D:29:02:1E:DD:CD:8A:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h0FAFRyNjVa2r1MjnSkCHt3Nilo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/e5bf20-86c3-4d3f-93d3-20397e66448a/1/h0FAFRyNjVa2r1MjnSkCHt3Nilo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/e5bf20-86c3-4d3f-93d3-20397e66448a/1/h0FAFRyNjVa2r1MjnSkCHt3Nilo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
66:b4:6b:8c:ba:b6:72:43:f8:e4:aa:5c:f3:58:20:64:3a:a5:
80:11:9d:d3:6d:0a:dd:2c:24:bd:13:e5:7d:a3:93:0a:f6:b2:
c3:46:18:6b:01:99:81:97:01:66:82:87:82:17:72:a6:8c:d1:
72:72:10:32:07:c3:7a:8b:7c:09:24:3d:6c:06:ae:02:dc:6b:
5a:77:0f:41:d1:e6:35:8f:23:9d:cd:41:3b:d4:5c:88:fe:c3:
bb:cc:71:93:8b:f8:e0:d8:47:cf:ee:97:e1:a0:b4:c6:ba:43:
26:17:19:5f:32:7b:9c:36:f4:48:08:e5:f8:7d:a0:70:f1:14:
5d:b2:80:2f:5c:77:33:d7:07:de:73:86:52:d3:23:19:ff:6e:
00:d9:f3:d3:ef:19:4e:c2:f1:f3:60:87:f5:67:47:7f:b8:8d:
62:5e:d2:b6:04:23:10:b2:3d:15:e2:e7:fe:dc:ae:f2:10:7d:
33:ba:50:67:98:b8:0f:86:57:17:b7:00:18:33:8d:3f:bb:71:
df:5b:4f:2f:f0:62:48:fb:21:dd:f2:67:88:f6:65:0f:1c:ce:
ba:10:0c:8c:e1:f6:28:6e:2a:69:98:78:73:f7:2c:de:0b:75:
9e:55:96:d2:ab:f5:f4:ae:c5:c3:0e:84:a2:91:98:1c:68:d4:
f2:95:bf:46
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03iZb1qqhLsO1XfmBdEruvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NDE0MDE1MWM4ZDhkNTZiNmFmNTMyMzlkMjkwMjFlZGRj
ZDhhNWEwHhcNMjYwMzI5MDMwMDU3WhcNMjYwMzMwMDMwMDU3WjAzMTEwLwYDVQQD
EyhkNjZlZDlkZGE1MDdjMjdhMmYwMDE0Nzk2NDQzNDFlZjFjMzZmYzBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+LptrGRRIG1UtYFpicIeWfc2BN4B
lAX/qtLTx+1sfrqhET0nbf759OkbMYd1gXba2igNoUYYuQHs+ooJIEkS7wNkNicc
brsA1UxwgQY/TEBc6CTTNfpfNR1PPj1cJzxmQ2fc6sQExfoDSteYJhYHquPEAF+I
poQHivRGIhjHMW9yMHwhNDVB0FIipXiBOTHZ1bUvA7LTURtlxkBqYGoBfY14TmAz
iYDLejpXz9eosK/6QpYV5d4CJZW0La/wYMTfl+LLHTPf4qz1aqyhVphnXfjP/C7D
uRDN8NrW+OBSFSYTRGB0sUAo56p+EsG0LRn4bB3+B3FOPQigRZDYVV0xgwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNZu2d2lB8J6LwAUeWRDQe8cNvwPMB8GA1UdIwQY
MBaAFIdBQBUcjY1Wtq9TI50pAh7dzYpaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDBGQUZSeU5qVmEycjFNam5Ta0NIdDNOaWxvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi9lNWJmMjAtODZjMy00ZDNmLTkzZDMt
MjAzOTdlNjY0NDhhLzEvaDBGQUZSeU5qVmEycjFNam5Ta0NIdDNOaWxvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi9lNWJmMjAtODZjMy00ZDNmLTkzZDMtMjAzOTdlNjY0NDhh
LzEvaDBGQUZSeU5qVmEycjFNam5Ta0NIdDNOaWxvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZrRrjLq2
ckP45Kpc81ggZDqlgBGd020K3SwkvRPlfaOTCvayw0YYawGZgZcBZoKHghdypozR
cnIQMgfDeot8CSQ9bAauAtxrWncPQdHmNY8jnc1BO9RciP7Du8xxk4v44NhHz+6X
4aC0xrpDJhcZXzJ7nDb0SAjl+H2gcPEUXbKAL1x3M9cH3nOGUtMjGf9uANnz0+8Z
TsLx82CH9WdHf7iNYl7StgQjELI9FeLn/tyu8hB9M7pQZ5i4D4ZXF7cAGDONP7tx
31tPL/BiSPsh3fJniPZlDxzOuhAMjOH2KG4qaZh4c/cs3gt1nlWW0qv19K7Fww6E
opGYHGjU8pW/Rg==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:27:38 2026 by rpki-client