Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/9d563d-c470-43b3-82bb-88cb4e7106ea/1/hbYRoLfUM0t6I5XozOew48m4OOg.mft
File: hbYRoLfUM0t6I5XozOew48m4OOg.mft (raw, json)
Hash identifier: +l+vGIaeyFwfNT94kSz2/njQCZO2hPx+URGcjBFRqr4=
Subject key identifier: D8:E7:FC:0B:1E:8A:D3:1B:84:9E:FF:45:32:4F:90:68:09:7C:56:D6
Authority key identifier: 85:B6:11:A0:B7:D4:33:4B:7A:23:95:E8:CC:E7:B0:E3:C9:B8:38:E8
Certificate issuer: /CN=85b611a0b7d4334b7a2395e8cce7b0e3c9b838e8
Certificate serial: 019D382E0912992B9F478046672F59B888B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hbYRoLfUM0t6I5XozOew48m4OOg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/9d563d-c470-43b3-82bb-88cb4e7106ea/1/hbYRoLfUM0t6I5XozOew48m4OOg.mft
Manifest number: 1397
Signing time: Sun 29 Mar 2026 06:00:34 +0000
Manifest this update: Sun 29 Mar 2026 06:00:34 +0000
Manifest next update: Mon 30 Mar 2026 06:00:34 +0000
Files and hashes: 1: hbYRoLfUM0t6I5XozOew48m4OOg.crl (hash: Qe84Menf2Dkv1/D1T5bGmC+e0B21DD2VhaJFnrhvmB4=)
2: m-rsXaeOpkpdSMqwVTpewPk00d4.roa (hash: rIs/IZogYIqQxOz7ptGPvRo3thst3hZ+JDFL9DxC1k8=)
3: x_DMZGJsbuDtxrP8_5aAtJAHah4.roa (hash: MEzmMNL5npMBSYbvubxXk2b9wk818GmjUSqjwh512m0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/98/9d563d-c470-43b3-82bb-88cb4e7106ea/1/hbYRoLfUM0t6I5XozOew48m4OOg.crl
rsync://rpki.ripe.net/repository/DEFAULT/98/9d563d-c470-43b3-82bb-88cb4e7106ea/1/hbYRoLfUM0t6I5XozOew48m4OOg.mft
rsync://rpki.ripe.net/repository/DEFAULT/hbYRoLfUM0t6I5XozOew48m4OOg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 06:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:2e:09:12:99:2b:9f:47:80:46:67:2f:59:b8:88:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85b611a0b7d4334b7a2395e8cce7b0e3c9b838e8
Validity
Not Before: Mar 29 06:00:34 2026 GMT
Not After : Mar 30 06:00:34 2026 GMT
Subject: CN=d8e7fc0b1e8ad31b849eff45324f9068097c56d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:a0:cc:ca:aa:7c:5c:f3:6e:6b:d3:26:5e:33:
09:d9:e5:d5:ef:d3:57:92:2d:f3:59:b3:aa:50:8f:
29:ca:82:d9:18:9e:45:06:44:32:a1:f1:ae:d3:92:
2c:b3:d8:02:10:bc:f9:bf:95:c6:f7:f9:de:b5:e5:
84:25:58:73:e3:03:db:1b:44:90:7b:5c:61:db:1a:
66:e9:e9:e4:81:f9:5b:1b:00:02:0b:66:aa:53:4f:
38:be:9e:41:a8:08:59:68:96:5c:06:fb:fa:7d:4e:
e7:14:d8:1f:d9:f3:db:8d:bc:92:af:f4:56:52:b3:
83:93:ef:3f:6c:34:6e:d5:19:d6:e1:c1:60:47:bd:
07:21:1c:40:cb:97:36:32:91:75:3b:d9:65:df:51:
3e:df:fc:81:9f:ba:5e:ad:c1:01:bc:01:a8:c2:24:
ed:73:be:19:9f:1e:64:7f:f4:8c:f8:d3:25:84:9b:
ab:ef:66:0f:a0:be:3c:d0:35:e1:3e:40:cf:a7:04:
97:07:49:ec:d2:3a:f6:00:c1:50:f7:d0:81:e8:2d:
c8:2d:66:fd:38:b2:e2:dc:33:42:f7:a8:fa:67:2e:
ff:33:8b:01:1f:dc:58:65:26:20:3e:3d:da:2c:f7:
eb:a7:09:c2:7f:5f:0c:89:d3:38:92:46:7b:77:20:
e3:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:E7:FC:0B:1E:8A:D3:1B:84:9E:FF:45:32:4F:90:68:09:7C:56:D6
X509v3 Authority Key Identifier:
keyid:85:B6:11:A0:B7:D4:33:4B:7A:23:95:E8:CC:E7:B0:E3:C9:B8:38:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hbYRoLfUM0t6I5XozOew48m4OOg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/9d563d-c470-43b3-82bb-88cb4e7106ea/1/hbYRoLfUM0t6I5XozOew48m4OOg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/9d563d-c470-43b3-82bb-88cb4e7106ea/1/hbYRoLfUM0t6I5XozOew48m4OOg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8e:6b:79:3f:5e:91:70:e2:bc:cb:41:70:a7:1e:a5:1b:f6:fc:
fd:ef:40:09:73:77:cd:dc:02:ad:59:b3:db:5b:70:e5:7b:c5:
bb:df:34:80:c7:32:53:35:d2:c8:67:c9:8e:56:5a:cc:09:3c:
9e:da:54:a0:47:cb:32:bb:d9:cc:62:59:08:fa:1f:31:09:9f:
42:86:bf:91:ec:26:14:54:30:36:a4:95:e6:43:47:d0:db:01:
5f:65:1c:cf:c6:0c:2b:9c:d5:91:9b:8f:49:cf:00:97:b2:cc:
ae:85:72:b8:7d:21:1b:58:b0:e3:ed:f5:c6:d6:d8:e4:80:c3:
42:f7:e9:14:7a:fc:b3:4c:b7:f5:0c:31:a9:84:5f:94:a0:8b:
73:c2:40:fb:48:5f:a5:f6:a2:82:1c:72:b6:40:e6:27:d1:18:
ed:56:3e:51:dd:2b:b1:02:f5:93:50:1f:86:d9:a5:16:50:5c:
e7:b8:7f:a1:4b:40:ca:d3:73:6c:32:9e:b2:3b:14:52:07:58:
0d:c3:20:07:ea:55:58:69:88:f7:df:78:06:66:0c:bd:c7:7a:
1f:85:b5:72:14:df:51:6d:a5:4e:8b:db:91:8f:81:c2:d0:a4:
28:ea:d9:25:e7:80:a1:3b:46:95:18:54:8e:43:cf:04:d0:9f:
e2:72:72:35
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04LgkSmSufR4BGZy9ZuIi2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1YjYxMWEwYjdkNDMzNGI3YTIzOTVlOGNjZTdiMGUzYzli
ODM4ZTgwHhcNMjYwMzI5MDYwMDM0WhcNMjYwMzMwMDYwMDM0WjAzMTEwLwYDVQQD
EyhkOGU3ZmMwYjFlOGFkMzFiODQ5ZWZmNDUzMjRmOTA2ODA5N2M1NmQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi6DMyqp8XPNua9MmXjMJ2eXV79NX
ki3zWbOqUI8pyoLZGJ5FBkQyofGu05Iss9gCELz5v5XG9/neteWEJVhz4wPbG0SQ
e1xh2xpm6enkgflbGwACC2aqU084vp5BqAhZaJZcBvv6fU7nFNgf2fPbjbySr/RW
UrODk+8/bDRu1RnW4cFgR70HIRxAy5c2MpF1O9ll31E+3/yBn7percEBvAGowiTt
c74Znx5kf/SM+NMlhJur72YPoL480DXhPkDPpwSXB0ns0jr2AMFQ99CB6C3ILWb9
OLLi3DNC96j6Zy7/M4sBH9xYZSYgPj3aLPfrpwnCf18MidM4kkZ7dyDj/QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNjn/AseitMbhJ7/RTJPkGgJfFbWMB8GA1UdIwQY
MBaAFIW2EaC31DNLeiOV6MznsOPJuDjoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGJZUm9MZlVNMHQ2STVYb3pPZXc0OG00T09nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC85ZDU2M2QtYzQ3MC00M2IzLTgyYmIt
ODhjYjRlNzEwNmVhLzEvaGJZUm9MZlVNMHQ2STVYb3pPZXc0OG00T09nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC85ZDU2M2QtYzQ3MC00M2IzLTgyYmItODhjYjRlNzEwNmVh
LzEvaGJZUm9MZlVNMHQ2STVYb3pPZXc0OG00T09nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjmt5P16R
cOK8y0Fwpx6lG/b8/e9ACXN3zdwCrVmz21tw5XvFu980gMcyUzXSyGfJjlZazAk8
ntpUoEfLMrvZzGJZCPofMQmfQoa/kewmFFQwNqSV5kNH0NsBX2Ucz8YMK5zVkZuP
Sc8Al7LMroVyuH0hG1iw4+31xtbY5IDDQvfpFHr8s0y39QwxqYRflKCLc8JA+0hf
pfaighxytkDmJ9EY7VY+Ud0rsQL1k1AfhtmlFlBc57h/oUtAytNzbDKesjsUUgdY
DcMgB+pVWGmI9994BmYMvcd6H4W1chTfUW2lTovbkY+BwtCkKOrZJeeAoTtGlRhU
jkPPBNCf4nJyNQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:32:55 2026 by rpki-client