Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/421158-f0c6-4619-afa5-8a94687dba6f/1/hw4qIH9pdyFKlXqOFI0fi1pc0II.mft
File: hw4qIH9pdyFKlXqOFI0fi1pc0II.mft (raw, json)
Hash identifier: ODIbo8nozvZ9hNcq51mDEya7uJS5YbQ7F+PN2jDNJj4=
Subject key identifier: 70:4C:D3:42:EF:94:0E:84:B5:A8:1A:DA:9C:E1:6D:97:AC:DB:04:6E
Authority key identifier: 87:0E:2A:20:7F:69:77:21:4A:95:7A:8E:14:8D:1F:8B:5A:5C:D0:82
Certificate issuer: /CN=870e2a207f6977214a957a8e148d1f8b5a5cd082
Certificate serial: 019D3941884045074EAFE6F4F4E4EC5D1EBE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hw4qIH9pdyFKlXqOFI0fi1pc0II.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/421158-f0c6-4619-afa5-8a94687dba6f/1/hw4qIH9pdyFKlXqOFI0fi1pc0II.mft
Manifest number: 056F
Signing time: Sun 29 Mar 2026 11:01:28 +0000
Manifest this update: Sun 29 Mar 2026 11:01:28 +0000
Manifest next update: Mon 30 Mar 2026 11:01:28 +0000
Files and hashes: 1: 1-xuFkRRYNkNx6K_y3gpKzk8bpNU.roa (hash: DSnPrHXS1D+ilU9Cyi7GMDMNOZU+oSTK260zTbsfVyU=)
2: hw4qIH9pdyFKlXqOFI0fi1pc0II.crl (hash: au97CGqVO+Nz5Yu4DC5Wv5iYddaZnVIUR268sAz/th8=)
3: qoiSe-yUdTemPI1EK5KhIQZ-WAQ.roa (hash: BzNUsMLYSBasxZtN78dIEsZxiGVfFhzEpfLc24JU6bM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/421158-f0c6-4619-afa5-8a94687dba6f/1/hw4qIH9pdyFKlXqOFI0fi1pc0II.crl
rsync://rpki.ripe.net/repository/DEFAULT/af/421158-f0c6-4619-afa5-8a94687dba6f/1/hw4qIH9pdyFKlXqOFI0fi1pc0II.mft
rsync://rpki.ripe.net/repository/DEFAULT/hw4qIH9pdyFKlXqOFI0fi1pc0II.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 08:48:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:41:88:40:45:07:4e:af:e6:f4:f4:e4:ec:5d:1e:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=870e2a207f6977214a957a8e148d1f8b5a5cd082
Validity
Not Before: Mar 29 11:01:28 2026 GMT
Not After : Mar 30 11:01:28 2026 GMT
Subject: CN=704cd342ef940e84b5a81ada9ce16d97acdb046e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:bb:2c:f8:d9:94:ae:13:16:f5:df:ec:96:d4:
d5:22:cd:eb:c4:13:99:43:05:1c:54:87:f8:53:fd:
d2:b5:48:f8:20:e9:97:e6:64:25:12:ea:9d:3a:e9:
bc:56:6f:20:94:d2:d1:62:40:d9:94:97:cd:e2:8a:
b7:86:51:da:78:2e:b5:66:0d:82:18:d1:99:d1:38:
7d:70:cd:dc:de:14:f2:d1:cb:1b:86:c4:2f:8e:4f:
ec:fc:f7:8f:78:c1:50:cf:eb:27:21:92:b1:c8:68:
0a:c3:42:4f:97:7f:c0:a7:bf:84:53:47:46:0c:c5:
b7:08:19:f5:af:1d:43:eb:92:e7:18:5c:71:59:fa:
07:8a:fe:7f:88:6d:58:29:fa:d6:d1:ec:87:35:c7:
be:58:8c:25:7e:cb:6b:b2:08:3a:b1:4b:1a:f1:54:
0e:c7:23:74:4e:81:bb:73:90:3a:5a:0a:a0:88:70:
cc:25:30:d3:ad:dd:12:b8:74:49:cb:31:3b:b7:3f:
07:95:fd:46:54:f3:e3:af:ea:d7:18:0f:3d:4d:d9:
50:82:51:b4:3c:f9:1a:c3:e6:5b:dd:5f:b3:b4:ae:
c6:1a:f5:f4:ca:2b:d5:7f:63:ba:22:c0:62:d7:69:
47:3d:a8:0e:1e:95:6e:7a:03:34:33:dc:62:7e:70:
30:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:4C:D3:42:EF:94:0E:84:B5:A8:1A:DA:9C:E1:6D:97:AC:DB:04:6E
X509v3 Authority Key Identifier:
keyid:87:0E:2A:20:7F:69:77:21:4A:95:7A:8E:14:8D:1F:8B:5A:5C:D0:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hw4qIH9pdyFKlXqOFI0fi1pc0II.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/421158-f0c6-4619-afa5-8a94687dba6f/1/hw4qIH9pdyFKlXqOFI0fi1pc0II.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/421158-f0c6-4619-afa5-8a94687dba6f/1/hw4qIH9pdyFKlXqOFI0fi1pc0II.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
55:5d:56:c2:ee:7d:31:3d:bd:d6:ee:22:6d:d4:7f:c4:38:da:
a6:12:33:2c:a7:2a:ab:14:af:cd:97:09:35:62:5b:4e:2e:95:
7e:79:f8:42:e0:6c:2a:62:85:8d:84:3c:7b:5f:32:4b:41:b6:
94:47:38:cb:18:4d:12:3d:ca:83:2c:08:a6:ab:9d:fc:2e:2c:
75:a5:e0:f0:84:83:df:f3:43:7e:7e:dd:bd:a6:fd:62:a6:94:
00:33:0b:7b:9d:b4:2b:6f:dd:c3:f7:00:64:75:a7:9c:f9:05:
a1:51:62:16:e4:37:a7:28:8d:26:fc:ba:e8:3f:11:7a:11:78:
9c:9f:80:90:95:c4:1c:d0:30:82:b4:6d:6e:d2:89:07:aa:d7:
c2:90:6e:72:15:44:36:f0:e4:0e:90:60:5f:77:4e:17:cc:e5:
b5:0f:87:3b:2d:c7:0c:fd:2d:f1:2b:c8:81:6a:e1:7b:ba:c8:
6e:c3:f1:c5:f0:b1:15:b7:de:c3:44:44:89:18:2b:01:aa:09:
8b:21:50:67:6b:4f:8f:cb:6a:91:ba:34:b8:6d:a0:1e:4c:b0:
c9:b5:7c:c2:32:2f:a7:7d:a4:3b:11:2d:84:c3:2b:7e:31:a9:
63:86:65:6c:33:e8:a1:ca:6d:2d:f0:55:ee:35:99:54:a7:76:
9c:d3:47:9e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05QYhARQdOr+b09OTsXR6+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3MGUyYTIwN2Y2OTc3MjE0YTk1N2E4ZTE0OGQxZjhiNWE1
Y2QwODIwHhcNMjYwMzI5MTEwMTI4WhcNMjYwMzMwMTEwMTI4WjAzMTEwLwYDVQQD
Eyg3MDRjZDM0MmVmOTQwZTg0YjVhODFhZGE5Y2UxNmQ5N2FjZGIwNDZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2rss+NmUrhMW9d/sltTVIs3rxBOZ
QwUcVIf4U/3StUj4IOmX5mQlEuqdOum8Vm8glNLRYkDZlJfN4oq3hlHaeC61Zg2C
GNGZ0Th9cM3c3hTy0csbhsQvjk/s/PePeMFQz+snIZKxyGgKw0JPl3/Ap7+EU0dG
DMW3CBn1rx1D65LnGFxxWfoHiv5/iG1YKfrW0eyHNce+WIwlfstrsgg6sUsa8VQO
xyN0ToG7c5A6WgqgiHDMJTDTrd0SuHRJyzE7tz8Hlf1GVPPjr+rXGA89TdlQglG0
PPkaw+Zb3V+ztK7GGvX0yivVf2O6IsBi12lHPagOHpVuegM0M9xifnAwIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHBM00LvlA6Etaga2pzhbZes2wRuMB8GA1UdIwQY
MBaAFIcOKiB/aXchSpV6jhSNH4taXNCCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHc0cUlIOXBkeUZLbFhxT0ZJMGZpMXBjMElJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi80MjExNTgtZjBjNi00NjE5LWFmYTUt
OGE5NDY4N2RiYTZmLzEvaHc0cUlIOXBkeUZLbFhxT0ZJMGZpMXBjMElJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi80MjExNTgtZjBjNi00NjE5LWFmYTUtOGE5NDY4N2RiYTZm
LzEvaHc0cUlIOXBkeUZLbFhxT0ZJMGZpMXBjMElJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVV1Wwu59
MT291u4ibdR/xDjaphIzLKcqqxSvzZcJNWJbTi6Vfnn4QuBsKmKFjYQ8e18yS0G2
lEc4yxhNEj3KgywIpqud/C4sdaXg8ISD3/NDfn7dvab9YqaUADMLe520K2/dw/cA
ZHWnnPkFoVFiFuQ3pyiNJvy66D8RehF4nJ+AkJXEHNAwgrRtbtKJB6rXwpBuchVE
NvDkDpBgX3dOF8zltQ+HOy3HDP0t8SvIgWrhe7rIbsPxxfCxFbfew0REiRgrAaoJ
iyFQZ2tPj8tqkbo0uG2gHkywybV8wjIvp32kOxEthMMrfjGpY4ZlbDPoocptLfBV
7jWZVKd2nNNHng==
-----END CERTIFICATE-----
Generated at Sun Mar 29 18:38:10 2026 by rpki-client