Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/b067db-9ab1-4b13-9b70-a13237613459/1/hB6IIdAaloi57nryrruVnLvtBys.mft
File: hB6IIdAaloi57nryrruVnLvtBys.mft (raw, json)
Hash identifier: EMW3IhAnxpg+rNRRNS0sa/+voV+BjgrQMhIXofIa3EM=
Subject key identifier: FF:CA:3A:8A:5F:D9:7F:71:D2:A0:F6:A9:CF:BD:9A:0E:08:2A:2D:5A
Authority key identifier: 84:1E:88:21:D0:1A:96:88:B9:EE:7A:F2:AE:BB:95:9C:BB:ED:07:2B
Certificate issuer: /CN=841e8821d01a9688b9ee7af2aebb959cbbed072b
Certificate serial: 019D104550E42375D91547252E0A9BA18EAC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hB6IIdAaloi57nryrruVnLvtBys.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/b067db-9ab1-4b13-9b70-a13237613459/1/hB6IIdAaloi57nryrruVnLvtBys.mft
Manifest number: AF
Signing time: Sat 21 Mar 2026 12:01:11 +0000
Manifest this update: Sat 21 Mar 2026 12:01:11 +0000
Manifest next update: Sun 22 Mar 2026 12:01:11 +0000
Files and hashes: 1: eQ8pUqqadp9cp4FYzeNplhCqiz8.roa (hash: RF09/EJZQF5XIgJSe7QHfYgaZkhCRVhxSpLB2BRdPks=)
2: hB6IIdAaloi57nryrruVnLvtBys.crl (hash: HyXp6CYro58N2sx2yx0NXu7mGjnNTnQyAhFMo0msiiM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/b067db-9ab1-4b13-9b70-a13237613459/1/hB6IIdAaloi57nryrruVnLvtBys.crl
rsync://rpki.ripe.net/repository/DEFAULT/b4/b067db-9ab1-4b13-9b70-a13237613459/1/hB6IIdAaloi57nryrruVnLvtBys.mft
rsync://rpki.ripe.net/repository/DEFAULT/hB6IIdAaloi57nryrruVnLvtBys.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 22 Mar 2026 12:01:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:10:45:50:e4:23:75:d9:15:47:25:2e:0a:9b:a1:8e:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=841e8821d01a9688b9ee7af2aebb959cbbed072b
Validity
Not Before: Mar 21 12:01:11 2026 GMT
Not After : Mar 22 12:01:11 2026 GMT
Subject: CN=ffca3a8a5fd97f71d2a0f6a9cfbd9a0e082a2d5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:f7:a7:06:ca:87:35:64:12:a9:90:41:96:c1:
f3:00:24:95:04:b1:01:82:ca:8a:25:46:10:4b:ef:
26:0a:7c:73:e4:0b:e1:b0:95:2a:41:de:e7:ad:a9:
e4:50:54:c2:f8:28:f6:1e:cd:d1:d7:f1:fa:fe:ae:
a3:0c:d1:8b:7f:ea:22:17:7a:2e:61:ac:92:79:22:
c2:86:1c:a3:d1:b0:6c:35:33:30:00:95:fa:4c:c0:
17:69:bb:b3:6a:97:e3:7a:cb:2a:e2:33:2c:38:35:
c7:bb:aa:e4:fc:12:77:b9:b0:07:f8:d5:2c:d5:5c:
0d:58:dc:52:97:35:05:9d:0f:91:49:1d:4c:62:fc:
6d:3e:dc:a7:18:cb:89:79:4f:3e:18:5e:8a:1c:a4:
aa:eb:19:89:97:97:82:e3:74:e4:fc:9c:80:c4:7c:
cb:54:a3:86:c2:9c:e8:75:11:b5:82:e3:5c:32:cc:
26:80:59:aa:73:9c:7e:79:11:d8:df:72:3f:be:d9:
b4:05:12:b6:9d:65:ac:fd:07:f7:a0:2e:37:ef:fc:
be:92:77:bb:10:9f:11:e5:89:7d:f8:a6:a8:cf:95:
b7:16:22:12:1e:a5:1e:c2:1a:b7:45:d0:d2:74:ea:
bc:81:9d:8a:b7:00:88:80:76:4b:1e:19:6f:ef:90:
5e:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:CA:3A:8A:5F:D9:7F:71:D2:A0:F6:A9:CF:BD:9A:0E:08:2A:2D:5A
X509v3 Authority Key Identifier:
keyid:84:1E:88:21:D0:1A:96:88:B9:EE:7A:F2:AE:BB:95:9C:BB:ED:07:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hB6IIdAaloi57nryrruVnLvtBys.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/b067db-9ab1-4b13-9b70-a13237613459/1/hB6IIdAaloi57nryrruVnLvtBys.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/b067db-9ab1-4b13-9b70-a13237613459/1/hB6IIdAaloi57nryrruVnLvtBys.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a6:f5:22:f8:d3:1e:bf:61:14:d7:c7:1e:be:f7:db:52:56:96:
e3:b8:2c:80:b2:88:d4:02:5e:a6:94:14:f8:28:1d:4a:f4:63:
3f:ec:e0:32:4f:d2:8d:b5:5c:23:fb:42:b7:5b:8c:bf:31:8e:
32:ee:f4:c8:fa:5e:dd:d1:8d:9b:01:98:0e:21:a9:a8:96:2d:
0e:77:53:45:99:62:a0:52:5e:be:93:58:46:03:64:0c:ae:47:
c2:2b:20:7f:ee:08:4f:85:36:57:4a:69:17:3e:91:b7:a5:0e:
a6:05:d7:c7:3a:31:35:32:a2:ca:60:39:14:fb:bc:c9:1a:3d:
cf:5d:8a:6d:36:a9:3c:13:fd:da:fd:27:85:f4:20:89:2d:bd:
4f:70:7e:b0:49:9e:72:36:62:d3:15:18:26:46:f1:2b:d3:c5:
fb:f4:2b:73:fa:36:4c:ad:38:42:4f:3a:46:1c:87:d8:35:81:
0d:3b:3b:bb:48:12:0a:44:18:96:9d:e2:69:75:1e:c6:c2:03:
02:9e:77:2a:05:8a:06:f6:2f:be:3f:fd:52:f8:99:c3:69:68:
7d:b4:28:ec:07:85:b7:b8:39:24:0a:c6:ce:e1:4d:8d:68:63:
25:45:b0:8a:c8:a5:8a:85:92:6b:dd:65:e9:44:66:bc:53:ce:
c5:fe:48:da
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0QRVDkI3XZFUclLgqboY6sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0MWU4ODIxZDAxYTk2ODhiOWVlN2FmMmFlYmI5NTljYmJl
ZDA3MmIwHhcNMjYwMzIxMTIwMTExWhcNMjYwMzIyMTIwMTExWjAzMTEwLwYDVQQD
EyhmZmNhM2E4YTVmZDk3ZjcxZDJhMGY2YTljZmJkOWEwZTA4MmEyZDVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwfenBsqHNWQSqZBBlsHzACSVBLEB
gsqKJUYQS+8mCnxz5AvhsJUqQd7nrankUFTC+Cj2Hs3R1/H6/q6jDNGLf+oiF3ou
YaySeSLChhyj0bBsNTMwAJX6TMAXabuzapfjessq4jMsODXHu6rk/BJ3ubAH+NUs
1VwNWNxSlzUFnQ+RSR1MYvxtPtynGMuJeU8+GF6KHKSq6xmJl5eC43Tk/JyAxHzL
VKOGwpzodRG1guNcMswmgFmqc5x+eRHY33I/vtm0BRK2nWWs/Qf3oC437/y+kne7
EJ8R5Yl9+Kaoz5W3FiISHqUewhq3RdDSdOq8gZ2KtwCIgHZLHhlv75BeMQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP/KOopf2X9x0qD2qc+9mg4IKi1aMB8GA1UdIwQY
MBaAFIQeiCHQGpaIue568q67lZy77QcrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEI2SUlkQWFsb2k1N25yeXJydVZuTHZ0QnlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9iMDY3ZGItOWFiMS00YjEzLTliNzAt
YTEzMjM3NjEzNDU5LzEvaEI2SUlkQWFsb2k1N25yeXJydVZuTHZ0QnlzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9iMDY3ZGItOWFiMS00YjEzLTliNzAtYTEzMjM3NjEzNDU5
LzEvaEI2SUlkQWFsb2k1N25yeXJydVZuTHZ0QnlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApvUi+NMe
v2EU18cevvfbUlaW47gsgLKI1AJeppQU+CgdSvRjP+zgMk/SjbVcI/tCt1uMvzGO
Mu70yPpe3dGNmwGYDiGpqJYtDndTRZlioFJevpNYRgNkDK5Hwisgf+4IT4U2V0pp
Fz6Rt6UOpgXXxzoxNTKiymA5FPu8yRo9z12KbTapPBP92v0nhfQgiS29T3B+sEme
cjZi0xUYJkbxK9PF+/Qrc/o2TK04Qk86RhyH2DWBDTs7u0gSCkQYlp3iaXUexsID
Ap53KgWKBvYvvj/9UviZw2lofbQo7AeFt7g5JArGzuFNjWhjJUWwisilioWSa91l
6URmvFPOxf5I2g==
-----END CERTIFICATE-----
Generated at Sat Mar 21 19:23:49 2026 by rpki-client