Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/3fd53b-e153-4c3a-8058-18ad589cecd0/1/Hekyc87VkolMnTVRSLsfrMEPcqI.mft
File: Hekyc87VkolMnTVRSLsfrMEPcqI.mft (raw, json)
Hash identifier: 01e2fYVkAN0JgSCXlcA37nQhShWJ3pYLZ9oDfE/fskc=
Subject key identifier: 87:B1:DB:7C:3C:27:AE:87:D9:41:5C:94:96:EE:27:FF:AF:6F:D2:14
Authority key identifier: 1D:E9:32:73:CE:D5:92:89:4C:9D:35:51:48:BB:1F:AC:C1:0F:72:A2
Certificate issuer: /CN=1de93273ced592894c9d355148bb1facc10f72a2
Certificate serial: 019D38658EB73636DFE70F4C9334B7A05A80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hekyc87VkolMnTVRSLsfrMEPcqI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/3fd53b-e153-4c3a-8058-18ad589cecd0/1/Hekyc87VkolMnTVRSLsfrMEPcqI.mft
Manifest number: 1471
Signing time: Sun 29 Mar 2026 07:01:12 +0000
Manifest this update: Sun 29 Mar 2026 07:01:12 +0000
Manifest next update: Mon 30 Mar 2026 07:01:12 +0000
Files and hashes: 1: Hekyc87VkolMnTVRSLsfrMEPcqI.crl (hash: P+ZVXMWBMwbkFyhHny3hJjf8Rs+4rCVNu1J0OPMAl5w=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9d/3fd53b-e153-4c3a-8058-18ad589cecd0/1/Hekyc87VkolMnTVRSLsfrMEPcqI.crl
rsync://rpki.ripe.net/repository/DEFAULT/9d/3fd53b-e153-4c3a-8058-18ad589cecd0/1/Hekyc87VkolMnTVRSLsfrMEPcqI.mft
rsync://rpki.ripe.net/repository/DEFAULT/Hekyc87VkolMnTVRSLsfrMEPcqI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:65:8e:b7:36:36:df:e7:0f:4c:93:34:b7:a0:5a:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1de93273ced592894c9d355148bb1facc10f72a2
Validity
Not Before: Mar 29 07:01:12 2026 GMT
Not After : Mar 30 07:01:12 2026 GMT
Subject: CN=87b1db7c3c27ae87d9415c9496ee27ffaf6fd214
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:ff:d9:b7:25:84:7b:76:26:e3:33:3b:8a:3a:
91:7d:9a:8a:01:12:5d:74:89:aa:8e:d0:84:78:a4:
4d:c6:25:c2:11:51:73:30:00:21:1f:f5:f6:44:07:
7d:c8:ff:6b:e9:a5:f4:c7:24:17:ed:3b:90:0e:94:
55:f8:60:24:9f:4c:71:a4:91:22:9d:b8:32:f8:71:
81:f1:b5:c8:83:22:a8:3e:02:dd:c9:17:b1:f0:e7:
3a:59:47:dd:9f:42:ae:c8:c1:c9:43:7f:55:8b:1a:
1c:6d:a0:94:aa:fa:fd:7a:61:03:b6:e2:81:d9:f3:
9b:28:ff:39:ae:ad:61:ac:d3:48:e4:5a:ef:4a:22:
35:a0:34:2f:50:57:60:c3:32:b5:d2:dc:1e:e5:27:
84:90:5f:fa:c4:13:8a:67:ae:d0:70:c8:ab:d3:ac:
42:2d:50:09:9f:d4:08:1d:0e:d4:7e:9f:96:b2:f6:
b9:6f:37:f4:f4:ae:6e:5d:dc:26:1b:96:57:12:d9:
42:66:f3:64:bf:76:7c:6d:55:b4:b0:80:2c:3d:14:
6b:01:1f:7c:76:fc:3e:2d:79:8b:fc:6e:b4:4e:0f:
a4:af:4d:a4:4a:b1:e6:8a:ef:2c:56:49:e4:61:e6:
29:1f:16:3b:54:c0:b4:41:a4:e6:ae:94:e4:6a:c4:
d5:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:B1:DB:7C:3C:27:AE:87:D9:41:5C:94:96:EE:27:FF:AF:6F:D2:14
X509v3 Authority Key Identifier:
keyid:1D:E9:32:73:CE:D5:92:89:4C:9D:35:51:48:BB:1F:AC:C1:0F:72:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hekyc87VkolMnTVRSLsfrMEPcqI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/3fd53b-e153-4c3a-8058-18ad589cecd0/1/Hekyc87VkolMnTVRSLsfrMEPcqI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/3fd53b-e153-4c3a-8058-18ad589cecd0/1/Hekyc87VkolMnTVRSLsfrMEPcqI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7f:bd:81:42:dc:ce:44:0d:ed:20:cd:bc:bc:1a:dd:0c:0e:6d:
1a:20:d4:0e:51:88:b8:df:31:64:6e:2c:d8:f2:06:9e:ad:c5:
7e:52:51:e4:cd:1f:dc:49:d0:be:03:4d:c1:c0:7f:8f:05:bd:
a2:a5:c4:e8:ce:91:70:54:4d:b5:b6:f2:95:be:13:57:52:30:
52:7f:da:46:9d:74:4b:a2:75:69:3c:b3:a6:bc:5f:11:c7:a7:
65:0e:62:68:06:94:d5:de:f2:24:eb:d5:e6:ed:55:88:db:64:
ef:d3:0d:a1:b3:46:c3:32:d0:df:c1:41:83:d1:c8:c1:7c:50:
80:e2:a9:fd:b3:0c:6a:8b:55:42:e2:f0:6d:d0:ff:b9:ba:5a:
5c:22:47:18:98:60:cf:5a:26:9a:e9:c1:9b:85:28:41:d9:fd:
4e:eb:96:40:3a:ab:51:f4:4e:a5:a5:b4:0a:29:36:6c:49:cb:
73:70:39:d0:74:e9:c3:46:45:e3:5c:55:d7:06:4b:2a:11:96:
44:78:10:f8:73:9a:0a:7b:82:2f:6f:e6:dd:9a:90:c2:52:5e:
55:70:80:f0:53:fc:e5:65:96:01:7e:d7:d1:8b:56:de:12:11:
b8:2f:06:17:b7:dd:d1:5c:1e:c5:50:49:c0:90:8f:f7:e2:57:
5f:de:4e:2a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZY63Njbf5w9MkzS3oFqAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkZTkzMjczY2VkNTkyODk0YzlkMzU1MTQ4YmIxZmFjYzEw
ZjcyYTIwHhcNMjYwMzI5MDcwMTEyWhcNMjYwMzMwMDcwMTEyWjAzMTEwLwYDVQQD
Eyg4N2IxZGI3YzNjMjdhZTg3ZDk0MTVjOTQ5NmVlMjdmZmFmNmZkMjE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0//ZtyWEe3Ym4zM7ijqRfZqKARJd
dImqjtCEeKRNxiXCEVFzMAAhH/X2RAd9yP9r6aX0xyQX7TuQDpRV+GAkn0xxpJEi
nbgy+HGB8bXIgyKoPgLdyRex8Oc6WUfdn0KuyMHJQ39VixocbaCUqvr9emEDtuKB
2fObKP85rq1hrNNI5FrvSiI1oDQvUFdgwzK10twe5SeEkF/6xBOKZ67QcMir06xC
LVAJn9QIHQ7Ufp+Wsva5bzf09K5uXdwmG5ZXEtlCZvNkv3Z8bVW0sIAsPRRrAR98
dvw+LXmL/G60Tg+kr02kSrHmiu8sVknkYeYpHxY7VMC0QaTmrpTkasTV5QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIex23w8J66H2UFclJbuJ/+vb9IUMB8GA1UdIwQY
MBaAFB3pMnPO1ZKJTJ01UUi7H6zBD3KiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGVreWM4N1Zrb2xNblRWUlNMc2ZyTUVQY3FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC8zZmQ1M2ItZTE1My00YzNhLTgwNTgt
MThhZDU4OWNlY2QwLzEvSGVreWM4N1Zrb2xNblRWUlNMc2ZyTUVQY3FJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC8zZmQ1M2ItZTE1My00YzNhLTgwNTgtMThhZDU4OWNlY2Qw
LzEvSGVreWM4N1Zrb2xNblRWUlNMc2ZyTUVQY3FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAf72BQtzO
RA3tIM28vBrdDA5tGiDUDlGIuN8xZG4s2PIGnq3FflJR5M0f3EnQvgNNwcB/jwW9
oqXE6M6RcFRNtbbylb4TV1IwUn/aRp10S6J1aTyzprxfEcenZQ5iaAaU1d7yJOvV
5u1ViNtk79MNobNGwzLQ38FBg9HIwXxQgOKp/bMMaotVQuLwbdD/ubpaXCJHGJhg
z1ommunBm4UoQdn9TuuWQDqrUfROpaW0Cik2bEnLc3A50HTpw0ZF41xV1wZLKhGW
RHgQ+HOaCnuCL2/m3ZqQwlJeVXCA8FP85WWWAX7X0YtW3hIRuC8GF7fd0VwexVBJ
wJCP9+JXX95OKg==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:25:38 2026 by rpki-client