Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/973bb5-0661-456c-9e1e-253be9f6ed3d/1/H1KEKQNNz7oB9__1x8yIVtTQbhs.mft
File: H1KEKQNNz7oB9__1x8yIVtTQbhs.mft (raw, json)
Hash identifier: tXiySs3QrkGX0xzA8wCqSEj0Hx5bm2akBwo0gFK7AZA=
Subject key identifier: 52:DE:65:68:A6:0A:5C:39:D7:9C:CC:D7:16:AE:33:14:A9:08:6C:99
Authority key identifier: 1F:52:84:29:03:4D:CF:BA:01:F7:FF:F5:C7:CC:88:56:D4:D0:6E:1B
Certificate issuer: /CN=1f528429034dcfba01f7fff5c7cc8856d4d06e1b
Certificate serial: 019D37F6FCEB1CC27FF10106E92BBC948B93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H1KEKQNNz7oB9__1x8yIVtTQbhs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/973bb5-0661-456c-9e1e-253be9f6ed3d/1/H1KEKQNNz7oB9__1x8yIVtTQbhs.mft
Manifest number: 0DE8
Signing time: Sun 29 Mar 2026 05:00:26 +0000
Manifest this update: Sun 29 Mar 2026 05:00:26 +0000
Manifest next update: Mon 30 Mar 2026 05:00:26 +0000
Files and hashes: 1: H1KEKQNNz7oB9__1x8yIVtTQbhs.crl (hash: ZumBsG+q9zi6meg+qQZ5eDUsr8ZyqDOj4h1mXaKc2AI=)
2: LmAKZqBdTFF5oLsEoluyDIA0344.roa (hash: hZY8m7f3JelI/bgQwSPE+IWZx3xID2uYH6Ji+lC9gck=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ad/973bb5-0661-456c-9e1e-253be9f6ed3d/1/H1KEKQNNz7oB9__1x8yIVtTQbhs.crl
rsync://rpki.ripe.net/repository/DEFAULT/ad/973bb5-0661-456c-9e1e-253be9f6ed3d/1/H1KEKQNNz7oB9__1x8yIVtTQbhs.mft
rsync://rpki.ripe.net/repository/DEFAULT/H1KEKQNNz7oB9__1x8yIVtTQbhs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 05:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:f6:fc:eb:1c:c2:7f:f1:01:06:e9:2b:bc:94:8b:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f528429034dcfba01f7fff5c7cc8856d4d06e1b
Validity
Not Before: Mar 29 05:00:26 2026 GMT
Not After : Mar 30 05:00:26 2026 GMT
Subject: CN=52de6568a60a5c39d79cccd716ae3314a9086c99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:e8:86:e0:f9:01:71:c0:b8:ef:44:87:dc:e9:
c9:63:0d:10:d7:ff:df:e1:b2:68:21:3a:f4:67:14:
23:4b:b4:f2:c2:6d:30:7c:13:06:f8:32:c3:3c:59:
bc:b4:70:4a:4e:c5:bc:a4:1b:ef:94:93:8f:7d:54:
d5:3d:3e:12:bd:e8:b7:8f:0f:21:3e:84:7d:38:a8:
46:a2:87:ae:e1:6e:99:82:18:d0:e4:6f:9c:0e:f3:
1a:0c:c0:49:4f:46:16:2f:11:28:7d:44:9e:38:d6:
10:76:2b:40:fa:18:ab:38:d2:4f:09:4a:0f:f7:b8:
f9:af:d3:e3:fb:2c:d3:85:7f:f8:52:1a:b4:2a:d2:
cf:03:34:60:e6:9b:46:44:00:f2:1f:24:36:31:41:
95:28:e4:fb:4d:5e:01:8c:7e:30:64:45:1c:0c:3a:
30:2f:60:0c:1b:8d:40:44:fd:54:11:e4:b9:bc:90:
9c:af:0f:2a:30:f2:97:41:fd:aa:d4:51:46:e1:60:
01:c9:d8:f1:f3:d8:90:29:94:4f:81:59:61:03:cd:
f6:b9:d3:59:1f:2b:8a:4a:b2:f5:59:b9:9f:69:8b:
6e:02:4a:c8:05:31:dd:76:44:14:8b:18:dd:78:c7:
01:d2:da:b4:fa:e8:e1:e1:f5:23:4e:eb:94:40:ee:
9b:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:DE:65:68:A6:0A:5C:39:D7:9C:CC:D7:16:AE:33:14:A9:08:6C:99
X509v3 Authority Key Identifier:
keyid:1F:52:84:29:03:4D:CF:BA:01:F7:FF:F5:C7:CC:88:56:D4:D0:6E:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H1KEKQNNz7oB9__1x8yIVtTQbhs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/973bb5-0661-456c-9e1e-253be9f6ed3d/1/H1KEKQNNz7oB9__1x8yIVtTQbhs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/973bb5-0661-456c-9e1e-253be9f6ed3d/1/H1KEKQNNz7oB9__1x8yIVtTQbhs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
81:24:5a:d0:5e:e0:3e:2f:a4:61:06:0e:6f:c8:06:1c:d8:6e:
af:5d:da:be:6f:b1:2f:79:fa:9e:fd:02:67:b6:4b:98:7c:d9:
0d:5a:46:70:11:1a:20:96:cb:37:62:0d:af:ea:31:d6:c7:c7:
21:01:38:ac:67:49:90:40:c2:0b:79:6a:2f:47:dc:3c:64:ac:
96:d3:ac:c5:04:2c:dd:3d:4a:2a:48:74:6c:93:a4:1d:66:07:
ad:ba:b6:1f:9c:b5:e7:a8:5c:5c:02:8d:d9:04:57:1b:2b:42:
ba:3c:d7:90:b7:21:34:1c:d0:ef:57:c6:50:56:bd:75:c0:6a:
c0:69:e2:87:17:0d:c1:04:0d:21:a0:ae:d3:81:d6:fc:f3:7f:
5a:09:d4:96:66:33:63:3f:4e:12:7b:41:20:c5:9d:db:9d:09:
26:b7:6b:b8:50:63:32:b3:c7:92:e7:56:55:ef:e6:94:04:01:
8d:f1:af:73:94:85:49:f7:37:22:c5:d8:8f:14:89:e9:63:3e:
df:87:96:df:cc:38:8c:81:d7:a4:e6:df:20:8b:df:53:f7:d2:
06:cf:9e:d5:cc:c6:b6:2a:02:43:86:9e:66:b8:0e:83:66:5a:
11:59:12:0b:28:51:fc:63:3e:f9:4d:af:63:e4:ec:97:5d:71:
23:d1:e9:5a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ039vzrHMJ/8QEG6Su8lIuTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNTI4NDI5MDM0ZGNmYmEwMWY3ZmZmNWM3Y2M4ODU2ZDRk
MDZlMWIwHhcNMjYwMzI5MDUwMDI2WhcNMjYwMzMwMDUwMDI2WjAzMTEwLwYDVQQD
Eyg1MmRlNjU2OGE2MGE1YzM5ZDc5Y2NjZDcxNmFlMzMxNGE5MDg2Yzk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAveiG4PkBccC470SH3OnJYw0Q1//f
4bJoITr0ZxQjS7Tywm0wfBMG+DLDPFm8tHBKTsW8pBvvlJOPfVTVPT4Svei3jw8h
PoR9OKhGooeu4W6ZghjQ5G+cDvMaDMBJT0YWLxEofUSeONYQditA+hirONJPCUoP
97j5r9Pj+yzThX/4Uhq0KtLPAzRg5ptGRADyHyQ2MUGVKOT7TV4BjH4wZEUcDDow
L2AMG41ARP1UEeS5vJCcrw8qMPKXQf2q1FFG4WABydjx89iQKZRPgVlhA832udNZ
HyuKSrL1WbmfaYtuAkrIBTHddkQUixjdeMcB0tq0+ujh4fUjTuuUQO6bLwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFLeZWimClw515zM1xauMxSpCGyZMB8GA1UdIwQY
MBaAFB9ShCkDTc+6Aff/9cfMiFbU0G4bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDFLRUtRTk56N29COV9fMXg4eUlWdFRRYmhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC85NzNiYjUtMDY2MS00NTZjLTllMWUt
MjUzYmU5ZjZlZDNkLzEvSDFLRUtRTk56N29COV9fMXg4eUlWdFRRYmhzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC85NzNiYjUtMDY2MS00NTZjLTllMWUtMjUzYmU5ZjZlZDNk
LzEvSDFLRUtRTk56N29COV9fMXg4eUlWdFRRYmhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgSRa0F7g
Pi+kYQYOb8gGHNhur13avm+xL3n6nv0CZ7ZLmHzZDVpGcBEaIJbLN2INr+ox1sfH
IQE4rGdJkEDCC3lqL0fcPGSsltOsxQQs3T1KKkh0bJOkHWYHrbq2H5y156hcXAKN
2QRXGytCujzXkLchNBzQ71fGUFa9dcBqwGnihxcNwQQNIaCu04HW/PN/WgnUlmYz
Yz9OEntBIMWd250JJrdruFBjMrPHkudWVe/mlAQBjfGvc5SFSfc3IsXYjxSJ6WM+
34eW38w4jIHXpObfIIvfU/fSBs+e1czGtioCQ4aeZrgOg2ZaEVkSCyhR/GM++U2v
Y+Tsl11xI9HpWg==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:46:35 2026 by rpki-client