Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/6cfc2b-9be8-4fe0-a424-196cc167113e/1/HIivL0NlSz9FLVx07QdHElcNH94.mft
File: HIivL0NlSz9FLVx07QdHElcNH94.mft (raw, json)
Hash identifier: d5o3fyr6KUPK/ec10unhFvJutlOYYctdITT1cTuSgyg=
Subject key identifier: 1D:47:65:2F:C5:45:83:D0:EC:AB:13:1A:C3:D6:D8:7C:3B:32:4D:B9
Authority key identifier: 1C:88:AF:2F:43:65:4B:3F:45:2D:5C:74:ED:07:47:12:57:0D:1F:DE
Certificate issuer: /CN=1c88af2f43654b3f452d5c74ed074712570d1fde
Certificate serial: 019D3866606AF74E172E3928C287091D6033
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HIivL0NlSz9FLVx07QdHElcNH94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/6cfc2b-9be8-4fe0-a424-196cc167113e/1/HIivL0NlSz9FLVx07QdHElcNH94.mft
Manifest number: 1893
Signing time: Sun 29 Mar 2026 07:02:06 +0000
Manifest this update: Sun 29 Mar 2026 07:02:06 +0000
Manifest next update: Mon 30 Mar 2026 07:02:06 +0000
Files and hashes: 1: HIivL0NlSz9FLVx07QdHElcNH94.crl (hash: itGFA4nyJBxw+jUos1Vu73yXDlYJ0+2hCckpHARtgGg=)
2: YTVp8HRIZA2vtkGjKasuHviHEzI.roa (hash: fD4GIHwZF/xnQKXHxDrGyWuUN8the7WpF5QYQMukoHw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/95/6cfc2b-9be8-4fe0-a424-196cc167113e/1/HIivL0NlSz9FLVx07QdHElcNH94.crl
rsync://rpki.ripe.net/repository/DEFAULT/95/6cfc2b-9be8-4fe0-a424-196cc167113e/1/HIivL0NlSz9FLVx07QdHElcNH94.mft
rsync://rpki.ripe.net/repository/DEFAULT/HIivL0NlSz9FLVx07QdHElcNH94.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:66:60:6a:f7:4e:17:2e:39:28:c2:87:09:1d:60:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c88af2f43654b3f452d5c74ed074712570d1fde
Validity
Not Before: Mar 29 07:02:06 2026 GMT
Not After : Mar 30 07:02:06 2026 GMT
Subject: CN=1d47652fc54583d0ecab131ac3d6d87c3b324db9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:87:dd:bb:91:2c:5a:0e:1e:4a:df:4b:94:c5:
7c:13:74:cc:be:d8:ce:14:9d:1b:76:e0:c1:f8:61:
ca:15:6b:d1:af:58:14:1a:54:ce:3b:18:27:a2:30:
31:af:72:0c:0f:8e:43:c2:1c:5d:d5:84:0f:41:21:
73:aa:a0:94:81:a1:01:3a:3e:b7:78:85:f0:48:b8:
10:4e:ef:60:84:59:a8:f7:ac:9e:5c:84:c3:8a:c4:
8a:ea:8c:02:68:c9:65:7a:27:df:ed:21:1a:cc:55:
7b:bf:e8:36:af:ba:37:3b:97:dc:79:5e:2d:79:6a:
45:0e:9c:aa:4a:b2:cf:84:bf:b5:5d:df:88:75:69:
d0:d8:e6:de:31:6f:a2:91:a0:1f:ef:6b:09:a0:1c:
d0:1f:73:fc:91:7b:3f:a1:c1:c9:4c:e5:f0:76:22:
55:d8:06:d3:40:6f:53:4b:22:3f:a9:51:84:c1:b8:
61:ea:e1:f5:5c:85:c2:c2:48:dd:f2:dc:d7:39:53:
5b:e3:fa:00:6f:bd:9f:1e:d0:87:88:66:d6:54:63:
a3:54:e1:e0:68:0d:a4:ab:22:a4:e6:69:b3:32:6e:
1d:59:22:f2:63:49:22:32:54:06:63:0c:cf:ea:3b:
44:8c:09:7b:ba:94:f6:ed:69:65:41:50:8f:6f:c5:
fe:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:47:65:2F:C5:45:83:D0:EC:AB:13:1A:C3:D6:D8:7C:3B:32:4D:B9
X509v3 Authority Key Identifier:
keyid:1C:88:AF:2F:43:65:4B:3F:45:2D:5C:74:ED:07:47:12:57:0D:1F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HIivL0NlSz9FLVx07QdHElcNH94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/6cfc2b-9be8-4fe0-a424-196cc167113e/1/HIivL0NlSz9FLVx07QdHElcNH94.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/6cfc2b-9be8-4fe0-a424-196cc167113e/1/HIivL0NlSz9FLVx07QdHElcNH94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9c:67:e5:95:b8:67:12:5c:4b:cd:ec:95:b9:ec:2c:b5:e5:96:
60:4c:9d:23:4c:60:b4:d8:c4:3d:e4:a1:5f:9a:ee:d9:cb:49:
83:87:1e:14:e6:f4:7e:8b:d5:76:13:4f:12:1e:7c:99:66:13:
8c:4b:79:5f:1a:50:e6:15:3c:26:0e:93:d9:4e:1e:ef:18:7c:
fa:96:73:ae:70:0a:34:4e:78:85:c0:fc:3e:68:df:a3:a0:14:
7d:80:d9:58:ea:cb:dc:86:c2:62:ad:dd:b6:ea:1d:c0:71:1d:
9c:0a:2c:6a:64:df:a1:f3:24:c3:72:46:0e:8e:60:db:4d:48:
af:60:63:d9:14:fa:65:58:9f:bf:b3:1a:38:63:01:3e:2f:31:
6a:75:50:a3:bb:90:b4:74:da:ea:a4:f6:fd:ec:07:64:d7:52:
44:1f:7b:54:c3:76:a5:1c:51:4b:65:66:e8:fc:46:de:a8:6c:
de:8c:54:9e:2f:4c:f8:0f:17:be:42:4d:11:12:aa:b7:46:20:
e7:db:7f:e2:3b:07:97:2d:c6:e5:c6:d9:a6:1e:fb:70:41:fe:
76:ff:8d:34:29:1d:fc:37:22:37:dd:f3:8f:93:a8:09:b7:0b:
58:b8:8c:94:2b:66:05:9f:11:cb:2a:1e:fc:ff:21:c3:9c:91:
49:e7:2e:40
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZmBq904XLjkowocJHWAzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjODhhZjJmNDM2NTRiM2Y0NTJkNWM3NGVkMDc0NzEyNTcw
ZDFmZGUwHhcNMjYwMzI5MDcwMjA2WhcNMjYwMzMwMDcwMjA2WjAzMTEwLwYDVQQD
EygxZDQ3NjUyZmM1NDU4M2QwZWNhYjEzMWFjM2Q2ZDg3YzNiMzI0ZGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmofdu5EsWg4eSt9LlMV8E3TMvtjO
FJ0bduDB+GHKFWvRr1gUGlTOOxgnojAxr3IMD45Dwhxd1YQPQSFzqqCUgaEBOj63
eIXwSLgQTu9ghFmo96yeXITDisSK6owCaMlleiff7SEazFV7v+g2r7o3O5fceV4t
eWpFDpyqSrLPhL+1Xd+IdWnQ2ObeMW+ikaAf72sJoBzQH3P8kXs/ocHJTOXwdiJV
2AbTQG9TSyI/qVGEwbhh6uH1XIXCwkjd8tzXOVNb4/oAb72fHtCHiGbWVGOjVOHg
aA2kqyKk5mmzMm4dWSLyY0kiMlQGYwzP6jtEjAl7upT27WllQVCPb8X+kQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB1HZS/FRYPQ7KsTGsPW2Hw7Mk25MB8GA1UdIwQY
MBaAFByIry9DZUs/RS1cdO0HRxJXDR/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSElpdkwwTmxTejlGTFZ4MDdRZEhFbGNOSDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS82Y2ZjMmItOWJlOC00ZmUwLWE0MjQt
MTk2Y2MxNjcxMTNlLzEvSElpdkwwTmxTejlGTFZ4MDdRZEhFbGNOSDk0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS82Y2ZjMmItOWJlOC00ZmUwLWE0MjQtMTk2Y2MxNjcxMTNl
LzEvSElpdkwwTmxTejlGTFZ4MDdRZEhFbGNOSDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnGfllbhn
ElxLzeyVuewsteWWYEydI0xgtNjEPeShX5ru2ctJg4ceFOb0fovVdhNPEh58mWYT
jEt5XxpQ5hU8Jg6T2U4e7xh8+pZzrnAKNE54hcD8Pmjfo6AUfYDZWOrL3IbCYq3d
tuodwHEdnAosamTfofMkw3JGDo5g201Ir2Bj2RT6ZVifv7MaOGMBPi8xanVQo7uQ
tHTa6qT2/ewHZNdSRB97VMN2pRxRS2Vm6PxG3qhs3oxUni9M+A8XvkJNERKqt0Yg
59t/4jsHly3G5cbZph77cEH+dv+NNCkd/DciN93zj5OoCbcLWLiMlCtmBZ8Ryyoe
/P8hw5yRSecuQA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 14:05:46 2026 by rpki-client