Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/f0b723-77f1-44c0-8fca-7c646795090b/1/HtkwhM7ESb7YpvwAi8fdmV6zcxw.mft
File: HtkwhM7ESb7YpvwAi8fdmV6zcxw.mft (raw, json)
Hash identifier: YRCifhGOcGUV6nBktfIiYhWiRzJH0vETVyITCMXEMPY=
Subject key identifier: 2B:43:0A:FD:01:B6:E5:BE:C3:88:77:30:1B:A5:BA:55:4C:D5:75:F3
Authority key identifier: 1E:D9:30:84:CE:C4:49:BE:D8:A6:FC:00:8B:C7:DD:99:5E:B3:73:1C
Certificate issuer: /CN=1ed93084cec449bed8a6fc008bc7dd995eb3731c
Certificate serial: 019D37C00CA3CD118AFA4C9A05E02507D925
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HtkwhM7ESb7YpvwAi8fdmV6zcxw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/f0b723-77f1-44c0-8fca-7c646795090b/1/HtkwhM7ESb7YpvwAi8fdmV6zcxw.mft
Manifest number: 15B3
Signing time: Sun 29 Mar 2026 04:00:26 +0000
Manifest this update: Sun 29 Mar 2026 04:00:26 +0000
Manifest next update: Mon 30 Mar 2026 04:00:26 +0000
Files and hashes: 1: HtkwhM7ESb7YpvwAi8fdmV6zcxw.crl (hash: tavzAIavtwRJuNxTnvOTusPhYvE6druYbknRgmHGdtc=)
2: sliXU2u2F5b-dxDpfrgoAvWB8tc.roa (hash: shJia0FcMyfJBOItG4MpW4lD3TG/16YLivfvP64r49Q=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ce/f0b723-77f1-44c0-8fca-7c646795090b/1/HtkwhM7ESb7YpvwAi8fdmV6zcxw.crl
rsync://rpki.ripe.net/repository/DEFAULT/ce/f0b723-77f1-44c0-8fca-7c646795090b/1/HtkwhM7ESb7YpvwAi8fdmV6zcxw.mft
rsync://rpki.ripe.net/repository/DEFAULT/HtkwhM7ESb7YpvwAi8fdmV6zcxw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 04:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:c0:0c:a3:cd:11:8a:fa:4c:9a:05:e0:25:07:d9:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ed93084cec449bed8a6fc008bc7dd995eb3731c
Validity
Not Before: Mar 29 04:00:26 2026 GMT
Not After : Mar 30 04:00:26 2026 GMT
Subject: CN=2b430afd01b6e5bec38877301ba5ba554cd575f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:a4:21:07:48:b8:ae:2e:86:6a:b8:08:83:fa:
2b:aa:f1:96:a2:81:8f:f1:d7:64:df:99:2c:24:74:
fb:38:51:6f:d5:41:e6:00:73:4c:c3:50:22:bb:50:
ca:8b:8e:11:2d:e8:1c:90:6a:41:59:69:e9:76:ba:
bf:d1:f2:99:72:16:12:7e:02:19:85:94:55:bc:d8:
bf:0f:10:08:c7:09:94:be:98:7a:37:19:16:bf:e2:
44:9b:2c:72:77:da:a7:39:11:c4:3d:84:3e:a8:3d:
c4:24:82:cb:4e:0c:54:cd:26:7b:36:01:56:c4:93:
54:db:72:23:a3:78:fa:74:3e:fc:e6:66:da:71:08:
ce:81:88:f2:36:34:46:71:ba:3f:e8:2e:ec:d6:b6:
7b:5a:86:d7:70:70:74:07:3b:56:5f:7b:fb:d2:c1:
d3:14:df:71:92:8a:e2:99:66:a8:28:52:90:97:c5:
a0:4b:de:13:51:7a:23:a6:2d:17:4c:a6:81:ce:24:
36:ac:83:9a:88:a0:a7:fa:33:b5:e4:65:27:f8:20:
ba:bb:8f:cc:90:9a:2e:c4:cc:ba:61:be:40:cc:0a:
cc:47:21:ba:28:ef:53:cb:3a:14:17:be:4e:09:19:
b8:93:2b:56:71:b4:d0:da:c2:f1:b6:72:b3:24:12:
17:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:43:0A:FD:01:B6:E5:BE:C3:88:77:30:1B:A5:BA:55:4C:D5:75:F3
X509v3 Authority Key Identifier:
keyid:1E:D9:30:84:CE:C4:49:BE:D8:A6:FC:00:8B:C7:DD:99:5E:B3:73:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HtkwhM7ESb7YpvwAi8fdmV6zcxw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/f0b723-77f1-44c0-8fca-7c646795090b/1/HtkwhM7ESb7YpvwAi8fdmV6zcxw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/f0b723-77f1-44c0-8fca-7c646795090b/1/HtkwhM7ESb7YpvwAi8fdmV6zcxw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7e:ec:ea:3a:9e:19:ce:d1:cf:c0:5e:c2:96:4b:e6:94:b0:66:
30:c1:f5:28:b3:47:e1:82:b5:28:39:71:d8:52:e1:42:4c:03:
5e:45:83:91:08:2e:0b:86:c6:d1:b4:b9:32:4d:3e:4c:56:b2:
ef:3a:e8:a3:98:e2:e9:32:07:ec:ed:0a:f6:71:86:fe:18:48:
6f:fb:04:11:c9:d0:50:cd:06:59:4d:dc:17:d0:30:c8:b7:d8:
51:4e:32:26:77:e9:8f:3c:da:10:b2:e0:64:82:be:13:77:ee:
d9:d5:91:f1:88:02:cf:18:96:8a:e5:95:ee:ed:3f:5b:29:50:
58:95:d2:49:e8:b1:47:9e:0b:84:75:69:5c:3f:b9:68:e8:a5:
67:75:b4:18:61:7c:bf:22:5f:95:ff:9a:6b:41:6a:11:16:42:
6f:bc:8a:d0:a9:04:ed:7b:a5:b7:89:21:77:83:c9:3d:6b:69:
11:f5:d1:6e:57:3a:59:d5:db:b4:0f:3a:1e:15:11:a1:2d:86:
f7:31:fe:dd:6f:9e:5d:1a:5e:34:df:81:f9:ea:49:63:89:4b:
f3:42:d7:1e:c6:78:34:29:9c:4a:5f:f2:67:36:f0:d4:fb:9b:
39:e5:27:43:a0:3e:8a:d0:33:eb:7b:18:a5:64:05:3d:7d:d8:
8a:91:17:01
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03wAyjzRGK+kyaBeAlB9klMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlZDkzMDg0Y2VjNDQ5YmVkOGE2ZmMwMDhiYzdkZDk5NWVi
MzczMWMwHhcNMjYwMzI5MDQwMDI2WhcNMjYwMzMwMDQwMDI2WjAzMTEwLwYDVQQD
EygyYjQzMGFmZDAxYjZlNWJlYzM4ODc3MzAxYmE1YmE1NTRjZDU3NWYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyaQhB0i4ri6GargIg/orqvGWooGP
8ddk35ksJHT7OFFv1UHmAHNMw1Aiu1DKi44RLegckGpBWWnpdrq/0fKZchYSfgIZ
hZRVvNi/DxAIxwmUvph6NxkWv+JEmyxyd9qnORHEPYQ+qD3EJILLTgxUzSZ7NgFW
xJNU23Ijo3j6dD785mbacQjOgYjyNjRGcbo/6C7s1rZ7WobXcHB0BztWX3v70sHT
FN9xkorimWaoKFKQl8WgS94TUXojpi0XTKaBziQ2rIOaiKCn+jO15GUn+CC6u4/M
kJouxMy6Yb5AzArMRyG6KO9TyzoUF75OCRm4kytWcbTQ2sLxtnKzJBIXhwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCtDCv0BtuW+w4h3MBululVM1XXzMB8GA1UdIwQY
MBaAFB7ZMITOxEm+2Kb8AIvH3Zles3McMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHRrd2hNN0VTYjdZcHZ3QWk4ZmRtVjZ6Y3h3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS9mMGI3MjMtNzdmMS00NGMwLThmY2Et
N2M2NDY3OTUwOTBiLzEvSHRrd2hNN0VTYjdZcHZ3QWk4ZmRtVjZ6Y3h3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS9mMGI3MjMtNzdmMS00NGMwLThmY2EtN2M2NDY3OTUwOTBi
LzEvSHRrd2hNN0VTYjdZcHZ3QWk4ZmRtVjZ6Y3h3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfuzqOp4Z
ztHPwF7ClkvmlLBmMMH1KLNH4YK1KDlx2FLhQkwDXkWDkQguC4bG0bS5Mk0+TFay
7zroo5ji6TIH7O0K9nGG/hhIb/sEEcnQUM0GWU3cF9AwyLfYUU4yJnfpjzzaELLg
ZIK+E3fu2dWR8YgCzxiWiuWV7u0/WylQWJXSSeixR54LhHVpXD+5aOilZ3W0GGF8
vyJflf+aa0FqERZCb7yK0KkE7Xult4khd4PJPWtpEfXRblc6WdXbtA86HhURoS2G
9zH+3W+eXRpeNN+B+epJY4lL80LXHsZ4NCmcSl/yZzbw1PubOeUnQ6A+itAz63sY
pWQFPX3YipEXAQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:34:00 2026 by rpki-client