Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/bb6f34-347b-4bae-8f92-ea84a51eb3dc/1/hfhwEZ5ZIb8SSV3JAtz-PY1KN9g.mft
File: hfhwEZ5ZIb8SSV3JAtz-PY1KN9g.mft (raw, json)
Hash identifier: uGjG2obyidbDj4nb5x73O1nOyu3+ck35fKDuOpf/aaM=
Subject key identifier: B9:5B:1B:6F:61:7F:30:16:33:98:62:58:97:60:0C:EF:0D:49:08:5A
Authority key identifier: 85:F8:70:11:9E:59:21:BF:12:49:5D:C9:02:DC:FE:3D:8D:4A:37:D8
Certificate issuer: /CN=85f870119e5921bf12495dc902dcfe3d8d4a37d8
Certificate serial: 019D39AF539BF221383488D0E48785B9B528
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hfhwEZ5ZIb8SSV3JAtz-PY1KN9g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/bb6f34-347b-4bae-8f92-ea84a51eb3dc/1/hfhwEZ5ZIb8SSV3JAtz-PY1KN9g.mft
Manifest number: 043A
Signing time: Sun 29 Mar 2026 13:01:24 +0000
Manifest this update: Sun 29 Mar 2026 13:01:24 +0000
Manifest next update: Mon 30 Mar 2026 13:01:24 +0000
Files and hashes: 1: hfhwEZ5ZIb8SSV3JAtz-PY1KN9g.crl (hash: nlo2F6CuywZY3YVSsrqMy4cHpV82CDcKVXZXvnLPk7A=)
2: y9uehOeQeqw3aXtpz02BRppyIDw.roa (hash: DkoCOynUoTvS6BEYZLogyktfjmzSkzrDWMdKSZGF36c=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a5/bb6f34-347b-4bae-8f92-ea84a51eb3dc/1/hfhwEZ5ZIb8SSV3JAtz-PY1KN9g.crl
rsync://rpki.ripe.net/repository/DEFAULT/a5/bb6f34-347b-4bae-8f92-ea84a51eb3dc/1/hfhwEZ5ZIb8SSV3JAtz-PY1KN9g.mft
rsync://rpki.ripe.net/repository/DEFAULT/hfhwEZ5ZIb8SSV3JAtz-PY1KN9g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:af:53:9b:f2:21:38:34:88:d0:e4:87:85:b9:b5:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85f870119e5921bf12495dc902dcfe3d8d4a37d8
Validity
Not Before: Mar 29 13:01:24 2026 GMT
Not After : Mar 30 13:01:24 2026 GMT
Subject: CN=b95b1b6f617f30163398625897600cef0d49085a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:82:cb:50:f1:96:5e:2f:1a:87:76:4d:2b:e1:
4d:c4:b7:db:f3:ca:6e:29:b0:24:4e:9a:11:00:29:
fb:1c:c5:97:29:2e:13:4e:a4:f0:de:a9:71:95:19:
70:a9:19:9f:4a:08:9c:fe:5a:cd:ba:61:fd:70:c4:
72:bf:e4:6b:cf:fb:1a:54:e1:0a:ad:38:06:c9:c1:
ce:7b:d8:8b:7d:03:d6:99:81:5b:42:1c:2f:a8:c0:
31:a9:da:b1:41:38:1c:27:aa:57:9a:d1:6b:20:ae:
aa:8d:61:4d:ff:a8:80:64:91:fe:43:00:71:21:53:
ab:ea:62:ec:bd:8b:b9:5d:2f:47:d7:11:74:c1:3f:
e9:18:de:76:33:63:2b:18:0e:fc:a4:40:cc:c8:ef:
b2:ae:80:07:c4:be:85:eb:48:89:ff:0a:59:7d:8d:
12:fa:b9:63:87:46:bb:c0:99:96:ef:eb:0f:6e:1b:
16:ea:bc:eb:c9:b5:f1:12:61:4b:c7:63:b0:3b:88:
ac:55:1f:5b:a9:2b:c4:8d:0e:51:74:cc:09:95:2b:
e5:01:5c:26:b6:c3:ac:77:8e:d7:66:94:54:7b:d4:
9a:17:39:b7:cc:ca:fa:94:d7:c6:92:60:f8:bb:64:
d9:3c:c5:23:85:9b:d6:08:89:d3:d5:59:41:26:1f:
6b:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:5B:1B:6F:61:7F:30:16:33:98:62:58:97:60:0C:EF:0D:49:08:5A
X509v3 Authority Key Identifier:
keyid:85:F8:70:11:9E:59:21:BF:12:49:5D:C9:02:DC:FE:3D:8D:4A:37:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hfhwEZ5ZIb8SSV3JAtz-PY1KN9g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/bb6f34-347b-4bae-8f92-ea84a51eb3dc/1/hfhwEZ5ZIb8SSV3JAtz-PY1KN9g.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/bb6f34-347b-4bae-8f92-ea84a51eb3dc/1/hfhwEZ5ZIb8SSV3JAtz-PY1KN9g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
03:f5:1f:40:6d:04:e2:dd:b0:fc:cd:7f:22:3b:76:6d:bc:c2:
09:03:13:e8:f3:dc:1b:df:dc:98:71:65:56:3e:10:b9:0b:e4:
a6:49:58:c9:43:bd:3a:32:7c:dd:32:62:7c:a9:73:ee:c7:15:
fb:30:d3:09:48:2f:0a:ef:9d:a8:25:91:bd:5b:8d:a9:0e:3e:
08:a1:62:1e:7d:00:9b:22:04:b8:e8:e1:95:40:3e:47:bf:c0:
49:ca:72:0a:cd:51:0c:b6:7a:00:0e:ad:09:d3:ba:1a:82:1a:
e8:89:f0:d8:df:02:f6:6a:22:6c:a9:10:59:bf:3b:a7:69:83:
54:aa:8c:0d:83:11:a7:44:15:51:6e:a2:5b:58:a4:9f:c3:1d:
6e:b3:f7:fc:9c:57:ae:74:2a:ef:b6:57:b8:09:5d:fb:23:60:
d7:5f:ee:04:0b:74:fd:9b:28:fe:e2:44:c1:12:fb:76:30:e2:
b0:80:96:c5:f8:90:cb:e8:45:29:55:4d:9b:39:02:fe:81:c3:
91:95:a8:b7:1d:9f:43:91:d6:f9:fd:36:43:53:fd:e1:6e:1e:
f9:9c:e1:c8:e0:f8:b1:f8:0b:e4:3f:51:59:12:6f:ed:fb:0b:
53:4a:f7:06:f3:88:b7:df:e6:06:10:cb:67:22:e5:9e:31:57:
cf:f9:98:9d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05r1Ob8iE4NIjQ5IeFubUoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1Zjg3MDExOWU1OTIxYmYxMjQ5NWRjOTAyZGNmZTNkOGQ0
YTM3ZDgwHhcNMjYwMzI5MTMwMTI0WhcNMjYwMzMwMTMwMTI0WjAzMTEwLwYDVQQD
EyhiOTViMWI2ZjYxN2YzMDE2MzM5ODYyNTg5NzYwMGNlZjBkNDkwODVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsYLLUPGWXi8ah3ZNK+FNxLfb88pu
KbAkTpoRACn7HMWXKS4TTqTw3qlxlRlwqRmfSgic/lrNumH9cMRyv+Rrz/saVOEK
rTgGycHOe9iLfQPWmYFbQhwvqMAxqdqxQTgcJ6pXmtFrIK6qjWFN/6iAZJH+QwBx
IVOr6mLsvYu5XS9H1xF0wT/pGN52M2MrGA78pEDMyO+yroAHxL6F60iJ/wpZfY0S
+rljh0a7wJmW7+sPbhsW6rzrybXxEmFLx2OwO4isVR9bqSvEjQ5RdMwJlSvlAVwm
tsOsd47XZpRUe9SaFzm3zMr6lNfGkmD4u2TZPMUjhZvWCInT1VlBJh9rDwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLlbG29hfzAWM5hiWJdgDO8NSQhaMB8GA1UdIwQY
MBaAFIX4cBGeWSG/EkldyQLc/j2NSjfYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGZod0VaNVpJYjhTU1YzSkF0ei1QWTFLTjlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS9iYjZmMzQtMzQ3Yi00YmFlLThmOTIt
ZWE4NGE1MWViM2RjLzEvaGZod0VaNVpJYjhTU1YzSkF0ei1QWTFLTjlnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS9iYjZmMzQtMzQ3Yi00YmFlLThmOTItZWE4NGE1MWViM2Rj
LzEvaGZod0VaNVpJYjhTU1YzSkF0ei1QWTFLTjlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAA/UfQG0E
4t2w/M1/Ijt2bbzCCQMT6PPcG9/cmHFlVj4QuQvkpklYyUO9OjJ83TJifKlz7scV
+zDTCUgvCu+dqCWRvVuNqQ4+CKFiHn0AmyIEuOjhlUA+R7/AScpyCs1RDLZ6AA6t
CdO6GoIa6Inw2N8C9moibKkQWb87p2mDVKqMDYMRp0QVUW6iW1ikn8MdbrP3/JxX
rnQq77ZXuAld+yNg11/uBAt0/Zso/uJEwRL7djDisICWxfiQy+hFKVVNmzkC/oHD
kZWotx2fQ5HW+f02Q1P94W4e+ZzhyOD4sfgL5D9RWRJv7fsLU0r3BvOIt9/mBhDL
ZyLlnjFXz/mYnQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 15:23:57 2026 by rpki-client