Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/c1a754-1f96-4500-8102-91140f329eaa/1/hkl2gukwfEaHk1AIFzFH0TKijGQ.mft
File: hkl2gukwfEaHk1AIFzFH0TKijGQ.mft (raw, json)
Hash identifier: cLn9x2y68rqTsw2DvabKX2jPXNDSGMD2ii8d+pOFoDE=
Subject key identifier: 52:68:09:FB:F6:04:B8:3B:99:F6:1B:66:9B:56:0C:18:C5:0C:30:35
Authority key identifier: 86:49:76:82:E9:30:7C:46:87:93:50:08:17:31:47:D1:32:A2:8C:64
Certificate issuer: /CN=86497682e9307c4687935008173147d132a28c64
Certificate serial: 019D382E2AB9EB97B90ED513A3DFD95A98E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hkl2gukwfEaHk1AIFzFH0TKijGQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/c1a754-1f96-4500-8102-91140f329eaa/1/hkl2gukwfEaHk1AIFzFH0TKijGQ.mft
Manifest number: 145C
Signing time: Sun 29 Mar 2026 06:00:42 +0000
Manifest this update: Sun 29 Mar 2026 06:00:42 +0000
Manifest next update: Mon 30 Mar 2026 06:00:42 +0000
Files and hashes: 1: Me7XtuRdIVZUbFTlkKpYNs199RM.roa (hash: 2FYoEiQSEHRljfdP8hVbR34ZxR+Jq9T0ORhGnMfjG70=)
2: hkl2gukwfEaHk1AIFzFH0TKijGQ.crl (hash: 7FYcNwFnvSXrnLLR/qc3xN+5+FzaeuyCE8uTE+Rgr8w=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/95/c1a754-1f96-4500-8102-91140f329eaa/1/hkl2gukwfEaHk1AIFzFH0TKijGQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/95/c1a754-1f96-4500-8102-91140f329eaa/1/hkl2gukwfEaHk1AIFzFH0TKijGQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/hkl2gukwfEaHk1AIFzFH0TKijGQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 06:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:2e:2a:b9:eb:97:b9:0e:d5:13:a3:df:d9:5a:98:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86497682e9307c4687935008173147d132a28c64
Validity
Not Before: Mar 29 06:00:42 2026 GMT
Not After : Mar 30 06:00:42 2026 GMT
Subject: CN=526809fbf604b83b99f61b669b560c18c50c3035
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:53:6d:ac:f1:5d:62:8a:1b:9f:47:cf:0f:5d:
c8:50:e9:f0:e6:cd:7b:02:99:b7:a6:3d:e9:9e:cd:
c1:c8:b5:65:c2:87:94:ce:80:4a:5f:c7:45:63:9a:
a6:28:84:5c:66:aa:bc:8a:e8:0d:58:21:e1:0e:c4:
f7:da:61:80:28:6e:30:9a:cc:e5:50:dd:38:ec:a7:
a2:d0:12:a3:47:b0:a9:90:4c:a7:71:5b:3f:4c:b0:
45:f7:6e:eb:47:8c:ff:49:8e:9d:23:f3:29:9f:80:
70:d7:79:9d:a2:ca:d4:8e:51:bb:8c:ac:9e:09:98:
19:44:29:a2:e4:5f:a3:6e:8a:d1:8a:dd:c2:9c:da:
e2:d3:15:bd:c5:c3:3c:15:ba:e5:f6:e1:4a:03:c3:
e5:ba:1d:51:04:ee:fe:4a:c9:f8:1d:9e:1b:b2:99:
05:2d:24:d9:d9:c2:fa:53:c5:85:8d:0b:fc:91:5c:
5f:dc:4a:cf:b8:70:6c:7d:44:73:7b:49:c8:c1:bf:
2a:5b:bf:12:0f:e8:a4:3b:3f:2b:1b:6d:b4:68:69:
94:71:ab:19:c8:0a:85:d1:53:f9:60:c4:8b:e0:fb:
28:78:1c:cc:88:1b:5c:dc:d3:69:a5:76:d5:b3:d1:
29:a9:2d:40:a3:9c:db:a9:3d:96:9e:be:7a:b3:9e:
76:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:68:09:FB:F6:04:B8:3B:99:F6:1B:66:9B:56:0C:18:C5:0C:30:35
X509v3 Authority Key Identifier:
keyid:86:49:76:82:E9:30:7C:46:87:93:50:08:17:31:47:D1:32:A2:8C:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hkl2gukwfEaHk1AIFzFH0TKijGQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/c1a754-1f96-4500-8102-91140f329eaa/1/hkl2gukwfEaHk1AIFzFH0TKijGQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/c1a754-1f96-4500-8102-91140f329eaa/1/hkl2gukwfEaHk1AIFzFH0TKijGQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a9:36:cb:ba:62:7e:1c:16:cb:4e:17:8b:48:42:36:21:4f:35:
4c:d3:b8:38:e0:36:51:3c:82:2a:f2:0b:6a:bf:a8:12:89:a0:
e7:8e:37:59:db:1f:bb:98:f1:0b:c0:33:bc:8c:e1:9a:d8:37:
ae:4c:86:3c:e7:d9:2e:44:ea:7c:a4:48:95:44:7b:98:7e:cf:
8a:80:60:65:65:91:a3:8f:de:c2:58:db:f7:da:cc:90:88:8f:
67:b6:cc:26:dd:5f:47:6e:2b:de:78:2e:4f:40:5c:aa:61:a5:
a1:fe:0e:b3:9a:04:ad:45:01:c6:38:05:4f:48:bb:41:7d:f1:
2b:2d:99:70:a6:92:6c:7e:08:8a:79:c8:ec:44:c3:0e:6b:a3:
12:dc:c3:85:84:c6:b4:e0:3b:ec:ba:2d:ad:4d:db:e3:a9:c5:
a7:96:03:92:95:1a:59:92:30:90:08:5d:1c:8c:77:0e:3e:30:
da:93:d9:b7:70:fb:b5:cc:81:bf:99:c6:21:27:ec:da:3d:2b:
92:14:07:a5:b3:63:64:9b:c2:27:42:aa:0d:82:f0:30:2b:9f:
bc:ee:67:2f:96:11:72:02:03:da:c6:ad:7d:41:1d:f5:4d:0b:
2f:d4:fd:5d:1a:dd:0a:9d:71:98:c7:bc:f6:ca:6c:ae:8e:51:
f6:9b:6d:4f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04Liq565e5DtUTo9/ZWpjkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2NDk3NjgyZTkzMDdjNDY4NzkzNTAwODE3MzE0N2QxMzJh
MjhjNjQwHhcNMjYwMzI5MDYwMDQyWhcNMjYwMzMwMDYwMDQyWjAzMTEwLwYDVQQD
Eyg1MjY4MDlmYmY2MDRiODNiOTlmNjFiNjY5YjU2MGMxOGM1MGMzMDM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqFNtrPFdYoobn0fPD13IUOnw5s17
Apm3pj3pns3ByLVlwoeUzoBKX8dFY5qmKIRcZqq8iugNWCHhDsT32mGAKG4wmszl
UN047Kei0BKjR7CpkEyncVs/TLBF927rR4z/SY6dI/Mpn4Bw13mdosrUjlG7jKye
CZgZRCmi5F+jborRit3CnNri0xW9xcM8Fbrl9uFKA8Pluh1RBO7+Ssn4HZ4bspkF
LSTZ2cL6U8WFjQv8kVxf3ErPuHBsfURze0nIwb8qW78SD+ikOz8rG220aGmUcasZ
yAqF0VP5YMSL4PsoeBzMiBtc3NNppXbVs9EpqS1Ao5zbqT2Wnr56s552FwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFJoCfv2BLg7mfYbZptWDBjFDDA1MB8GA1UdIwQY
MBaAFIZJdoLpMHxGh5NQCBcxR9EyooxkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGtsMmd1a3dmRWFIazFBSUZ6RkgwVEtpakdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS9jMWE3NTQtMWY5Ni00NTAwLTgxMDIt
OTExNDBmMzI5ZWFhLzEvaGtsMmd1a3dmRWFIazFBSUZ6RkgwVEtpakdRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS9jMWE3NTQtMWY5Ni00NTAwLTgxMDItOTExNDBmMzI5ZWFh
LzEvaGtsMmd1a3dmRWFIazFBSUZ6RkgwVEtpakdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqTbLumJ+
HBbLTheLSEI2IU81TNO4OOA2UTyCKvILar+oEomg5443Wdsfu5jxC8AzvIzhmtg3
rkyGPOfZLkTqfKRIlUR7mH7PioBgZWWRo4/ewljb99rMkIiPZ7bMJt1fR24r3ngu
T0BcqmGlof4Os5oErUUBxjgFT0i7QX3xKy2ZcKaSbH4IinnI7ETDDmujEtzDhYTG
tOA77LotrU3b46nFp5YDkpUaWZIwkAhdHIx3Dj4w2pPZt3D7tcyBv5nGISfs2j0r
khQHpbNjZJvCJ0KqDYLwMCufvO5nL5YRcgID2satfUEd9U0LL9T9XRrdCp1xmMe8
9spsro5R9pttTw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:53:04 2026 by rpki-client