Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/9ae221-c101-497f-91fe-508099c133bb/1/h3qtMHrTMOu4z0TsITiaFwQ2_VM.mft
File: h3qtMHrTMOu4z0TsITiaFwQ2_VM.mft (raw, json)
Hash identifier: sRirXEKPIS1c+RrqmW/WjCa/ApJbUL3vrm2otcxEzEo=
Subject key identifier: A9:72:74:F5:1D:7F:19:FA:15:5E:25:81:FF:9E:13:C7:1A:17:F3:42
Authority key identifier: 87:7A:AD:30:7A:D3:30:EB:B8:CF:44:EC:21:38:9A:17:04:36:FD:53
Certificate issuer: /CN=877aad307ad330ebb8cf44ec21389a170436fd53
Certificate serial: 019D3909E4F9CFF4F68B5753ACF8F24F79DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h3qtMHrTMOu4z0TsITiaFwQ2_VM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/9ae221-c101-497f-91fe-508099c133bb/1/h3qtMHrTMOu4z0TsITiaFwQ2_VM.mft
Manifest number: 1892
Signing time: Sun 29 Mar 2026 10:00:42 +0000
Manifest this update: Sun 29 Mar 2026 10:00:42 +0000
Manifest next update: Mon 30 Mar 2026 10:00:42 +0000
Files and hashes: 1: 4O7JXBvPOYztRW27KQbfsJapV8I.roa (hash: CnJtkzBJ3WzY6WSIQ98/SBNuBHldMzltsiyedt5bTUA=)
2: h3qtMHrTMOu4z0TsITiaFwQ2_VM.crl (hash: 3hJCuiHZI7ez4FQM4ZIz2xVHho5QtCL+qQf1LyMSNzM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/9ae221-c101-497f-91fe-508099c133bb/1/h3qtMHrTMOu4z0TsITiaFwQ2_VM.crl
rsync://rpki.ripe.net/repository/DEFAULT/aa/9ae221-c101-497f-91fe-508099c133bb/1/h3qtMHrTMOu4z0TsITiaFwQ2_VM.mft
rsync://rpki.ripe.net/repository/DEFAULT/h3qtMHrTMOu4z0TsITiaFwQ2_VM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:09:e4:f9:cf:f4:f6:8b:57:53:ac:f8:f2:4f:79:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=877aad307ad330ebb8cf44ec21389a170436fd53
Validity
Not Before: Mar 29 10:00:42 2026 GMT
Not After : Mar 30 10:00:42 2026 GMT
Subject: CN=a97274f51d7f19fa155e2581ff9e13c71a17f342
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:e5:23:6b:47:93:e0:41:86:81:00:8f:08:45:
02:ed:33:60:f7:d0:39:ad:af:73:ff:f3:21:c1:a9:
be:7c:f6:ab:10:67:28:2a:92:55:5a:d8:17:95:d2:
3d:00:d9:7b:a8:29:86:ee:db:9f:79:0a:8c:db:e8:
d9:26:de:a0:87:7b:8a:8d:30:6c:3c:b5:b3:47:3e:
b5:1e:01:74:bc:b2:e8:18:79:64:03:5d:aa:28:78:
ad:90:93:2a:0e:5b:b4:0b:20:60:3d:8f:76:13:38:
b5:2d:8e:3c:d5:83:53:ab:02:49:49:1a:c6:64:9c:
c9:17:2d:27:53:f8:e6:bc:b4:de:0b:33:60:bb:3b:
a9:7b:5b:6d:e4:dd:d8:51:27:4f:08:26:55:12:61:
57:05:d2:a6:59:81:5c:0f:fa:16:98:d7:8e:05:bf:
c0:46:17:02:4e:49:cc:08:04:2b:f6:f5:bf:1c:5b:
74:61:10:60:ca:18:a7:97:97:6b:a4:04:37:c6:b9:
89:e4:c9:2d:ec:39:2a:89:40:f9:aa:0a:36:84:cd:
e5:bf:2e:16:cf:9f:99:c4:7c:5f:f3:04:1a:ec:9d:
60:23:89:b5:61:5f:4c:a8:6b:71:27:2f:96:42:d9:
0a:d7:9c:03:c0:b6:b7:e6:50:dc:2b:f7:85:d7:30:
3a:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:72:74:F5:1D:7F:19:FA:15:5E:25:81:FF:9E:13:C7:1A:17:F3:42
X509v3 Authority Key Identifier:
keyid:87:7A:AD:30:7A:D3:30:EB:B8:CF:44:EC:21:38:9A:17:04:36:FD:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h3qtMHrTMOu4z0TsITiaFwQ2_VM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/9ae221-c101-497f-91fe-508099c133bb/1/h3qtMHrTMOu4z0TsITiaFwQ2_VM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/9ae221-c101-497f-91fe-508099c133bb/1/h3qtMHrTMOu4z0TsITiaFwQ2_VM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4e:a6:85:45:4a:5d:76:d7:d1:66:35:18:b5:88:3e:3e:9a:f3:
f3:89:b5:bb:52:a6:b0:4e:7a:e0:5b:23:1b:0e:bd:5c:36:9e:
27:82:46:94:5d:6d:fa:8e:47:25:52:f7:b3:06:33:ed:3c:68:
1d:9e:54:ac:96:83:83:1a:cc:3b:5b:8d:c1:32:b5:61:6d:5d:
c4:81:7c:1f:6a:77:61:8b:11:4d:a2:2c:15:95:3a:99:24:a8:
26:46:39:fb:6b:f9:24:64:27:db:8f:4a:45:5b:d6:2e:ef:aa:
d1:f4:84:8a:b2:da:8d:06:0d:49:35:61:5c:fe:a2:c3:c1:b5:
fb:9e:8f:4b:76:c2:e3:61:21:96:2b:77:48:21:e4:3e:94:c5:
a9:57:89:7c:74:c4:19:02:f5:5b:f5:d1:c0:5b:71:07:af:83:
3f:0a:5a:5d:d9:c1:fa:6b:ab:5a:09:03:d2:bc:28:2f:66:c3:
0a:a2:6f:5b:05:65:57:74:4c:43:51:1d:84:d4:2e:c1:5d:81:
e1:1e:5a:02:1c:36:90:b0:c5:5b:77:6c:e5:31:70:3e:b6:f9:
f5:ab:c1:dc:fb:d3:3c:76:0a:4b:b7:1d:d0:de:f7:d7:4b:34:
91:4e:92:ff:9e:f4:2b:c5:3a:e8:21:0d:34:76:e0:1f:76:98:
4b:9b:18:ab
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05CeT5z/T2i1dTrPjyT3nbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3N2FhZDMwN2FkMzMwZWJiOGNmNDRlYzIxMzg5YTE3MDQz
NmZkNTMwHhcNMjYwMzI5MTAwMDQyWhcNMjYwMzMwMTAwMDQyWjAzMTEwLwYDVQQD
EyhhOTcyNzRmNTFkN2YxOWZhMTU1ZTI1ODFmZjllMTNjNzFhMTdmMzQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4OUja0eT4EGGgQCPCEUC7TNg99A5
ra9z//Mhwam+fParEGcoKpJVWtgXldI9ANl7qCmG7tufeQqM2+jZJt6gh3uKjTBs
PLWzRz61HgF0vLLoGHlkA12qKHitkJMqDlu0CyBgPY92Ezi1LY481YNTqwJJSRrG
ZJzJFy0nU/jmvLTeCzNguzupe1tt5N3YUSdPCCZVEmFXBdKmWYFcD/oWmNeOBb/A
RhcCTknMCAQr9vW/HFt0YRBgyhinl5drpAQ3xrmJ5Mkt7DkqiUD5qgo2hM3lvy4W
z5+ZxHxf8wQa7J1gI4m1YV9MqGtxJy+WQtkK15wDwLa35lDcK/eF1zA6mwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKlydPUdfxn6FV4lgf+eE8caF/NCMB8GA1UdIwQY
MBaAFId6rTB60zDruM9E7CE4mhcENv1TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDNxdE1IclRNT3U0ejBUc0lUaWFGd1EyX1ZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS85YWUyMjEtYzEwMS00OTdmLTkxZmUt
NTA4MDk5YzEzM2JiLzEvaDNxdE1IclRNT3U0ejBUc0lUaWFGd1EyX1ZNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS85YWUyMjEtYzEwMS00OTdmLTkxZmUtNTA4MDk5YzEzM2Ji
LzEvaDNxdE1IclRNT3U0ejBUc0lUaWFGd1EyX1ZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATqaFRUpd
dtfRZjUYtYg+Pprz84m1u1KmsE564FsjGw69XDaeJ4JGlF1t+o5HJVL3swYz7Txo
HZ5UrJaDgxrMO1uNwTK1YW1dxIF8H2p3YYsRTaIsFZU6mSSoJkY5+2v5JGQn249K
RVvWLu+q0fSEirLajQYNSTVhXP6iw8G1+56PS3bC42Ehlit3SCHkPpTFqVeJfHTE
GQL1W/XRwFtxB6+DPwpaXdnB+murWgkD0rwoL2bDCqJvWwVlV3RMQ1EdhNQuwV2B
4R5aAhw2kLDFW3ds5TFwPrb59avB3PvTPHYKS7cd0N7310s0kU6S/570K8U66CEN
NHbgH3aYS5sYqw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 14:01:45 2026 by rpki-client