Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/f60d31-c748-4eb7-b781-098d3bd0b951/1/rh967y8S0HaqitWli8uNyvPwvUw.mft
File: rh967y8S0HaqitWli8uNyvPwvUw.mft (raw, json)
Hash identifier: 4wQVoTPeDmUJe7fz/Ha61r6K6t/rrnrfYkce6Us11oY=
Subject key identifier: 40:99:E2:73:95:E5:52:67:41:B2:B1:D2:57:A3:7E:C9:F5:0B:AB:31
Authority key identifier: AE:1F:7A:EF:2F:12:D0:76:AA:8A:D5:A5:8B:CB:8D:CA:F3:F0:BD:4C
Certificate issuer: /CN=ae1f7aef2f12d076aa8ad5a58bcb8dcaf3f0bd4c
Certificate serial: 019D3AC2193A1C876962B4C9B20BDCE70B49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rh967y8S0HaqitWli8uNyvPwvUw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/f60d31-c748-4eb7-b781-098d3bd0b951/1/rh967y8S0HaqitWli8uNyvPwvUw.mft
Manifest number: 13DF
Signing time: Sun 29 Mar 2026 18:01:32 +0000
Manifest this update: Sun 29 Mar 2026 18:01:32 +0000
Manifest next update: Mon 30 Mar 2026 18:01:32 +0000
Files and hashes: 1: rh967y8S0HaqitWli8uNyvPwvUw.crl (hash: Ve95yAKCN6ymYCieqxq0FctPg/Cb668o3vJIzpMf3zc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/91/f60d31-c748-4eb7-b781-098d3bd0b951/1/rh967y8S0HaqitWli8uNyvPwvUw.crl
rsync://rpki.ripe.net/repository/DEFAULT/91/f60d31-c748-4eb7-b781-098d3bd0b951/1/rh967y8S0HaqitWli8uNyvPwvUw.mft
rsync://rpki.ripe.net/repository/DEFAULT/rh967y8S0HaqitWli8uNyvPwvUw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 16:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:3a:c2:19:3a:1c:87:69:62:b4:c9:b2:0b:dc:e7:0b:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae1f7aef2f12d076aa8ad5a58bcb8dcaf3f0bd4c
Validity
Not Before: Mar 29 18:01:32 2026 GMT
Not After : Mar 30 18:01:32 2026 GMT
Subject: CN=4099e27395e5526741b2b1d257a37ec9f50bab31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:f4:ad:09:9e:62:2f:7b:cd:1c:a8:1f:06:35:
95:ce:10:a5:78:8f:3c:bb:be:06:ed:e8:f1:7b:ba:
c6:b5:2b:2c:c3:a4:49:59:b7:61:6c:30:2a:25:d1:
ce:bf:50:37:3a:c5:32:0d:99:c0:eb:38:de:a8:1d:
78:c5:d1:f1:02:0a:9c:51:f2:15:b4:05:c8:30:06:
50:a0:25:43:a1:d9:28:e4:a7:34:17:5e:6c:e6:ef:
06:c2:d0:23:fa:b2:94:d8:0c:9c:11:29:f6:2d:28:
9e:73:e2:19:8c:1d:8e:c4:6a:d8:5c:62:57:37:52:
8c:a5:e7:f1:46:ff:5b:ad:05:d4:2e:1e:5d:29:89:
c3:43:0f:6d:30:fb:53:23:e6:91:59:f6:6a:b3:f9:
a1:3c:d0:cb:8b:57:9b:8c:9f:5a:c1:2d:f2:62:aa:
b5:68:03:bb:66:82:20:5e:36:1c:2f:4e:49:a2:4b:
1f:a2:fa:d5:99:c8:15:c5:15:fa:b1:0c:b2:90:8c:
83:db:07:fe:aa:b7:9b:a5:d2:99:dd:0d:ac:b6:d0:
6a:8a:8a:cd:f7:23:c9:78:74:26:df:0b:53:32:5c:
d2:03:c6:3e:1b:a8:18:b8:d6:47:81:05:be:2a:77:
e1:03:78:08:e2:95:a4:7a:f3:71:3d:86:41:77:b6:
3e:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:99:E2:73:95:E5:52:67:41:B2:B1:D2:57:A3:7E:C9:F5:0B:AB:31
X509v3 Authority Key Identifier:
keyid:AE:1F:7A:EF:2F:12:D0:76:AA:8A:D5:A5:8B:CB:8D:CA:F3:F0:BD:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rh967y8S0HaqitWli8uNyvPwvUw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/f60d31-c748-4eb7-b781-098d3bd0b951/1/rh967y8S0HaqitWli8uNyvPwvUw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/f60d31-c748-4eb7-b781-098d3bd0b951/1/rh967y8S0HaqitWli8uNyvPwvUw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
73:7a:b9:2c:83:c2:e3:c8:5c:e0:51:0c:f6:7b:40:c3:22:5c:
ad:5b:24:66:7b:aa:d4:6d:b0:e3:36:62:4f:13:00:e1:f5:bc:
42:f4:b6:e5:3b:83:c1:ba:5b:d0:fb:46:0f:38:8e:f3:0f:48:
d0:5b:a7:a0:32:83:07:53:b7:58:24:52:7d:30:06:0a:76:51:
36:a2:d3:55:7f:20:31:01:35:13:3f:5b:77:76:09:61:42:e1:
a3:9b:54:7e:61:e9:44:49:c1:d4:5d:1a:af:c7:20:92:09:a7:
27:b6:d4:85:38:79:41:36:eb:42:6a:fc:2b:6e:7c:d2:6d:70:
08:6b:f3:5d:e3:21:ab:92:38:61:68:e3:6a:e0:0f:e1:0c:23:
8c:49:f1:0d:91:ab:f1:3e:20:49:07:0a:4c:af:4a:11:45:ad:
39:e3:20:44:4a:97:a0:19:15:e3:a7:a6:e7:bf:e6:40:47:6e:
8b:fe:30:a0:44:eb:c6:37:03:16:15:4c:13:10:90:47:59:4e:
60:71:85:9c:dd:5e:4a:1a:52:3b:3b:11:e7:bd:cf:13:4b:ee:
ac:57:a6:a7:83:f8:48:23:a4:02:53:43:84:58:10:d1:c9:51:
2f:9f:0d:0f:e3:7f:25:8b:62:51:97:4c:43:62:19:dc:34:6e:
5f:cf:f7:97
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ06whk6HIdpYrTJsgvc5wtJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlMWY3YWVmMmYxMmQwNzZhYThhZDVhNThiY2I4ZGNhZjNm
MGJkNGMwHhcNMjYwMzI5MTgwMTMyWhcNMjYwMzMwMTgwMTMyWjAzMTEwLwYDVQQD
Eyg0MDk5ZTI3Mzk1ZTU1MjY3NDFiMmIxZDI1N2EzN2VjOWY1MGJhYjMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnPStCZ5iL3vNHKgfBjWVzhCleI88
u74G7ejxe7rGtSssw6RJWbdhbDAqJdHOv1A3OsUyDZnA6zjeqB14xdHxAgqcUfIV
tAXIMAZQoCVDodko5Kc0F15s5u8GwtAj+rKU2AycESn2LSiec+IZjB2OxGrYXGJX
N1KMpefxRv9brQXULh5dKYnDQw9tMPtTI+aRWfZqs/mhPNDLi1ebjJ9awS3yYqq1
aAO7ZoIgXjYcL05JoksfovrVmcgVxRX6sQyykIyD2wf+qrebpdKZ3Q2sttBqiorN
9yPJeHQm3wtTMlzSA8Y+G6gYuNZHgQW+KnfhA3gI4pWkevNxPYZBd7Y+OwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFECZ4nOV5VJnQbKx0lejfsn1C6sxMB8GA1UdIwQY
MBaAFK4feu8vEtB2qorVpYvLjcrz8L1MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmg5Njd5OFMwSGFxaXRXbGk4dU55dlB3dlV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS9mNjBkMzEtYzc0OC00ZWI3LWI3ODEt
MDk4ZDNiZDBiOTUxLzEvcmg5Njd5OFMwSGFxaXRXbGk4dU55dlB3dlV3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS9mNjBkMzEtYzc0OC00ZWI3LWI3ODEtMDk4ZDNiZDBiOTUx
LzEvcmg5Njd5OFMwSGFxaXRXbGk4dU55dlB3dlV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAc3q5LIPC
48hc4FEM9ntAwyJcrVskZnuq1G2w4zZiTxMA4fW8QvS25TuDwbpb0PtGDziO8w9I
0FunoDKDB1O3WCRSfTAGCnZRNqLTVX8gMQE1Ez9bd3YJYULho5tUfmHpREnB1F0a
r8cgkgmnJ7bUhTh5QTbrQmr8K2580m1wCGvzXeMhq5I4YWjjauAP4QwjjEnxDZGr
8T4gSQcKTK9KEUWtOeMgREqXoBkV46em57/mQEdui/4woETrxjcDFhVMExCQR1lO
YHGFnN1eShpSOzsR573PE0vurFemp4P4SCOkAlNDhFgQ0clRL58ND+N/JYtiUZdM
Q2IZ3DRuX8/3lw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 20:03:25 2026 by rpki-client