Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/391350-a970-4ba1-8a94-3979b800cda8/1/HEIt1-1z0cAEhQAzv5V5tP716dE.mft
File: HEIt1-1z0cAEhQAzv5V5tP716dE.mft (raw, json)
Hash identifier: NU/S0ieaQ5HbjrD4hrrpcDh69C6WZxk1YcYUlOrr1iQ=
Subject key identifier: D6:89:69:C3:80:2E:9E:75:52:85:BF:20:EC:04:7D:07:D7:E5:12:F7
Authority key identifier: 1C:42:2D:D7:ED:73:D1:C0:04:85:00:33:BF:95:79:B4:FE:F5:E9:D1
Certificate issuer: /CN=1c422dd7ed73d1c004850033bf9579b4fef5e9d1
Certificate serial: 019D37F708DEDBBE50120F6D8EB7721A051E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HEIt1-1z0cAEhQAzv5V5tP716dE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/391350-a970-4ba1-8a94-3979b800cda8/1/HEIt1-1z0cAEhQAzv5V5tP716dE.mft
Manifest number: 0353
Signing time: Sun 29 Mar 2026 05:00:29 +0000
Manifest this update: Sun 29 Mar 2026 05:00:29 +0000
Manifest next update: Mon 30 Mar 2026 05:00:29 +0000
Files and hashes: 1: HEIt1-1z0cAEhQAzv5V5tP716dE.crl (hash: FQXMOLhgPX4qi5Hz7BhCpnDw5iNViK+wmFEcMi8lwv4=)
2: rMe1K3Pnk5DXwFmZ5iqZqI-4AuI.roa (hash: YS2JSus6g27DEMsfgkNECiXWqWyQcBqe1+Gnt78gLl0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/391350-a970-4ba1-8a94-3979b800cda8/1/HEIt1-1z0cAEhQAzv5V5tP716dE.crl
rsync://rpki.ripe.net/repository/DEFAULT/b4/391350-a970-4ba1-8a94-3979b800cda8/1/HEIt1-1z0cAEhQAzv5V5tP716dE.mft
rsync://rpki.ripe.net/repository/DEFAULT/HEIt1-1z0cAEhQAzv5V5tP716dE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 05:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:f7:08:de:db:be:50:12:0f:6d:8e:b7:72:1a:05:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c422dd7ed73d1c004850033bf9579b4fef5e9d1
Validity
Not Before: Mar 29 05:00:29 2026 GMT
Not After : Mar 30 05:00:29 2026 GMT
Subject: CN=d68969c3802e9e755285bf20ec047d07d7e512f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:12:27:7f:85:b3:78:18:f4:08:07:13:50:6d:
0e:fa:e8:d4:28:62:8f:90:87:88:23:b8:8c:6a:0d:
e2:86:08:89:63:11:33:3e:4b:c3:2f:1d:2f:93:55:
61:fc:96:35:e2:a5:69:f1:6f:4d:e4:ab:8d:78:4f:
e4:d8:d5:b0:33:93:f2:94:f6:1c:4b:34:d5:73:49:
14:1b:f8:ed:86:1b:a2:43:d3:fa:28:e0:1c:f2:7f:
74:91:c7:0b:cd:62:05:b3:3b:dd:41:20:ab:19:6a:
23:39:7a:eb:3a:cf:da:1c:8d:8e:61:b1:1a:ee:b0:
14:76:1a:96:a3:df:27:85:e8:4b:5d:ba:33:06:b4:
ca:5f:0b:c6:a7:23:99:e7:ba:99:ad:9b:87:1b:26:
61:d7:59:96:6c:1a:51:53:21:7e:2b:9b:73:93:6e:
d4:f4:26:59:94:a2:5a:f1:38:dd:bd:e6:9d:c0:aa:
5a:3f:0b:0a:ab:ea:0c:6b:68:9c:2b:d7:6b:6c:80:
fc:28:ce:81:78:78:43:58:0d:0c:a4:7d:50:9d:ad:
de:f1:8e:59:86:c0:ec:a6:30:1b:aa:43:07:3a:dd:
8a:ce:0e:12:f3:56:23:ae:20:e6:38:13:be:b2:77:
07:1f:da:5d:bf:fd:c8:b8:f7:15:9c:ff:c5:22:1c:
f5:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:89:69:C3:80:2E:9E:75:52:85:BF:20:EC:04:7D:07:D7:E5:12:F7
X509v3 Authority Key Identifier:
keyid:1C:42:2D:D7:ED:73:D1:C0:04:85:00:33:BF:95:79:B4:FE:F5:E9:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HEIt1-1z0cAEhQAzv5V5tP716dE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/391350-a970-4ba1-8a94-3979b800cda8/1/HEIt1-1z0cAEhQAzv5V5tP716dE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/391350-a970-4ba1-8a94-3979b800cda8/1/HEIt1-1z0cAEhQAzv5V5tP716dE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
15:1d:9d:e6:93:44:fb:2b:52:5f:b4:68:1f:1d:c3:1c:cb:57:
3c:c4:aa:48:df:48:35:0f:e3:7c:4b:f2:95:17:09:1e:d4:2a:
1b:5d:d5:8d:28:6c:55:e2:ad:75:2b:9b:02:51:5a:ad:f0:b6:
d5:d5:70:c9:67:d0:61:45:3c:2e:a2:54:a8:f8:1b:47:fc:f9:
30:21:53:7b:15:85:ba:38:a6:55:51:85:40:a4:49:21:5e:36:
97:1b:5e:b4:fe:d2:85:ec:48:77:89:db:68:0b:df:6a:a9:96:
a0:9a:19:d7:08:05:2d:c5:cb:76:1c:c0:99:07:11:b6:16:9d:
c4:ba:f8:b8:bd:8f:98:38:be:f3:d5:f0:72:ce:69:fb:49:a8:
b2:b0:2b:49:d7:a9:65:d8:3f:1a:13:8c:2c:11:79:95:0b:26:
ee:00:ac:7d:36:c5:32:6b:d2:c1:67:b4:9e:50:2a:15:09:fe:
46:7e:d1:28:38:d3:63:e7:64:3e:30:c6:fc:87:47:c5:0d:ee:
da:1e:41:a4:b7:62:91:02:75:dd:1a:01:07:3a:15:8d:f8:f6:
93:2e:49:fd:8f:e2:15:e0:e1:d0:2a:35:f4:b0:25:79:56:c2:
b2:8c:a8:95:eb:93:50:bb:d5:1b:dc:38:f1:1b:b1:e8:62:fe:
33:bb:82:93
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ039wje275QEg9tjrdyGgUeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjNDIyZGQ3ZWQ3M2QxYzAwNDg1MDAzM2JmOTU3OWI0ZmVm
NWU5ZDEwHhcNMjYwMzI5MDUwMDI5WhcNMjYwMzMwMDUwMDI5WjAzMTEwLwYDVQQD
EyhkNjg5NjljMzgwMmU5ZTc1NTI4NWJmMjBlYzA0N2QwN2Q3ZTUxMmY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1BInf4WzeBj0CAcTUG0O+ujUKGKP
kIeII7iMag3ihgiJYxEzPkvDLx0vk1Vh/JY14qVp8W9N5KuNeE/k2NWwM5PylPYc
SzTVc0kUG/jthhuiQ9P6KOAc8n90kccLzWIFszvdQSCrGWojOXrrOs/aHI2OYbEa
7rAUdhqWo98nhehLXbozBrTKXwvGpyOZ57qZrZuHGyZh11mWbBpRUyF+K5tzk27U
9CZZlKJa8TjdveadwKpaPwsKq+oMa2icK9drbID8KM6BeHhDWA0MpH1Qna3e8Y5Z
hsDspjAbqkMHOt2Kzg4S81YjriDmOBO+sncHH9pdv/3IuPcVnP/FIhz1gwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNaJacOALp51UoW/IOwEfQfX5RL3MB8GA1UdIwQY
MBaAFBxCLdftc9HABIUAM7+VebT+9enRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEVJdDEtMXowY0FFaFFBenY1VjV0UDcxNmRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC8zOTEzNTAtYTk3MC00YmExLThhOTQt
Mzk3OWI4MDBjZGE4LzEvSEVJdDEtMXowY0FFaFFBenY1VjV0UDcxNmRFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC8zOTEzNTAtYTk3MC00YmExLThhOTQtMzk3OWI4MDBjZGE4
LzEvSEVJdDEtMXowY0FFaFFBenY1VjV0UDcxNmRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFR2d5pNE
+ytSX7RoHx3DHMtXPMSqSN9INQ/jfEvylRcJHtQqG13VjShsVeKtdSubAlFarfC2
1dVwyWfQYUU8LqJUqPgbR/z5MCFTexWFujimVVGFQKRJIV42lxtetP7ShexId4nb
aAvfaqmWoJoZ1wgFLcXLdhzAmQcRthadxLr4uL2PmDi+89Xwcs5p+0mosrArSdep
Zdg/GhOMLBF5lQsm7gCsfTbFMmvSwWe0nlAqFQn+Rn7RKDjTY+dkPjDG/IdHxQ3u
2h5BpLdikQJ13RoBBzoVjfj2ky5J/Y/iFeDh0Co19LAleVbCsoyoleuTULvVG9w4
8Rux6GL+M7uCkw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 14:56:03 2026 by rpki-client