Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/3266f1-7c88-4f59-b566-1ac4a4007db4/1/h0HsF9wDCbE9iKZ-oi3Luyak46E.mft
File: h0HsF9wDCbE9iKZ-oi3Luyak46E.mft (raw, json)
Hash identifier: 4SdOmry7kaxlczstFWGnRr1O0jDMoKcbNzPF0i7zgzY=
Subject key identifier: BE:12:E0:A2:29:5C:42:E3:FB:80:26:AB:34:7B:AF:2A:85:B6:B7:68
Authority key identifier: 87:41:EC:17:DC:03:09:B1:3D:88:A6:7E:A2:2D:CB:BB:26:A4:E3:A1
Certificate issuer: /CN=8741ec17dc0309b13d88a67ea22dcbbb26a4e3a1
Certificate serial: 019D386693F984DA5750688C53050540E0A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h0HsF9wDCbE9iKZ-oi3Luyak46E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/3266f1-7c88-4f59-b566-1ac4a4007db4/1/h0HsF9wDCbE9iKZ-oi3Luyak46E.mft
Manifest number: 0BBC
Signing time: Sun 29 Mar 2026 07:02:19 +0000
Manifest this update: Sun 29 Mar 2026 07:02:19 +0000
Manifest next update: Mon 30 Mar 2026 07:02:19 +0000
Files and hashes: 1: EMcdw1Ph-JlhHvvHhVSjSxPxNSg.roa (hash: WLZZDdaT7EIhgSFh+wJhMvZeYoYBiu555dqxXusPvfs=)
2: h0HsF9wDCbE9iKZ-oi3Luyak46E.crl (hash: VWbsMQ4rgm/hdKKWN9ANuFFIGpl1DANYcIK/QDG8N+8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d2/3266f1-7c88-4f59-b566-1ac4a4007db4/1/h0HsF9wDCbE9iKZ-oi3Luyak46E.crl
rsync://rpki.ripe.net/repository/DEFAULT/d2/3266f1-7c88-4f59-b566-1ac4a4007db4/1/h0HsF9wDCbE9iKZ-oi3Luyak46E.mft
rsync://rpki.ripe.net/repository/DEFAULT/h0HsF9wDCbE9iKZ-oi3Luyak46E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:66:93:f9:84:da:57:50:68:8c:53:05:05:40:e0:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8741ec17dc0309b13d88a67ea22dcbbb26a4e3a1
Validity
Not Before: Mar 29 07:02:19 2026 GMT
Not After : Mar 30 07:02:19 2026 GMT
Subject: CN=be12e0a2295c42e3fb8026ab347baf2a85b6b768
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:51:e1:88:c9:c2:49:c5:05:38:27:99:ee:e5:
b0:d6:4f:c3:3a:c7:f7:e0:1b:60:47:8f:80:3c:87:
04:fe:81:30:d3:3b:46:85:d7:04:15:08:37:98:ae:
12:8f:42:f5:41:cb:37:4f:35:27:0a:ab:e8:e3:3f:
5a:ff:e2:05:f1:e1:da:1b:57:25:e2:83:05:ab:88:
83:05:d3:46:73:c4:e8:d1:6f:fd:dd:d6:f9:99:3a:
17:79:80:d2:61:c6:ee:25:65:95:e4:f0:c5:4f:1a:
13:51:b4:01:56:92:18:d1:bf:74:3f:09:ee:8d:6f:
f3:9d:25:ba:dd:2a:a3:99:33:99:4c:46:a0:9b:a5:
a1:ed:0f:c7:55:e9:27:ab:e0:a2:56:15:6d:d0:eb:
6d:d7:78:5e:24:ae:2a:b3:a1:71:0a:7f:70:c3:f5:
77:94:3b:a5:a4:e9:ea:95:f8:4e:2a:03:e3:33:71:
dc:7b:52:09:32:47:76:75:b8:0b:61:31:e6:82:b6:
f7:32:23:e1:e3:2b:b9:06:81:f8:6b:93:1e:39:74:
1d:31:8c:37:1b:bf:a1:87:6a:e4:e9:65:16:f9:d6:
92:60:da:eb:a6:43:7b:4d:0c:b2:a9:3d:2d:6f:90:
6c:11:c5:61:0a:70:bb:ea:ae:d1:67:85:89:d1:8c:
fd:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:12:E0:A2:29:5C:42:E3:FB:80:26:AB:34:7B:AF:2A:85:B6:B7:68
X509v3 Authority Key Identifier:
keyid:87:41:EC:17:DC:03:09:B1:3D:88:A6:7E:A2:2D:CB:BB:26:A4:E3:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h0HsF9wDCbE9iKZ-oi3Luyak46E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/3266f1-7c88-4f59-b566-1ac4a4007db4/1/h0HsF9wDCbE9iKZ-oi3Luyak46E.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/3266f1-7c88-4f59-b566-1ac4a4007db4/1/h0HsF9wDCbE9iKZ-oi3Luyak46E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5d:38:53:e0:bb:bb:7c:79:a7:3e:fb:63:c1:39:be:4e:5c:6e:
11:3b:7d:0f:6a:5a:1c:e1:63:8b:e1:a2:7c:ca:d3:54:46:3d:
00:d1:6b:54:ff:22:a7:41:15:82:28:16:72:f6:db:b4:f7:f4:
2a:41:6e:76:97:95:52:7a:18:79:5d:79:3e:9d:d0:41:14:0c:
7d:16:1c:5f:aa:c0:ed:40:f3:85:9c:df:16:92:74:fa:2d:6d:
77:45:d4:af:d9:ea:ae:f6:22:9a:d3:49:e9:0b:a4:f6:cf:29:
dd:4d:33:c6:ef:46:cd:3d:11:0d:9a:06:f6:2a:92:0a:42:f2:
a7:8c:b9:92:fd:4e:9c:e8:09:72:3d:2b:7c:52:36:f7:78:d5:
90:6d:3d:7e:cd:f4:46:33:d4:10:11:6a:d1:dc:eb:fc:8f:58:
1b:b0:08:b5:fc:ef:77:94:1d:b5:39:62:5b:5e:0b:56:7a:22:
be:84:1d:7e:ec:86:5b:32:ee:5d:4c:78:59:39:85:67:05:a9:
4b:8b:10:cb:f7:6d:e3:b7:03:83:71:74:ee:1b:e3:bf:c5:1e:
34:7e:66:50:a0:69:e8:cb:40:3e:f4:d5:e1:98:7c:4b:bd:84:
a6:33:5f:f6:9f:1e:f7:f0:e3:3d:71:d7:6c:7a:01:5a:6b:f9:
ed:86:33:a3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZpP5hNpXUGiMUwUFQOCnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NDFlYzE3ZGMwMzA5YjEzZDg4YTY3ZWEyMmRjYmJiMjZh
NGUzYTEwHhcNMjYwMzI5MDcwMjE5WhcNMjYwMzMwMDcwMjE5WjAzMTEwLwYDVQQD
EyhiZTEyZTBhMjI5NWM0MmUzZmI4MDI2YWIzNDdiYWYyYTg1YjZiNzY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmFHhiMnCScUFOCeZ7uWw1k/DOsf3
4BtgR4+APIcE/oEw0ztGhdcEFQg3mK4Sj0L1Qcs3TzUnCqvo4z9a/+IF8eHaG1cl
4oMFq4iDBdNGc8To0W/93db5mToXeYDSYcbuJWWV5PDFTxoTUbQBVpIY0b90Pwnu
jW/znSW63SqjmTOZTEagm6Wh7Q/HVeknq+CiVhVt0Ott13heJK4qs6FxCn9ww/V3
lDulpOnqlfhOKgPjM3Hce1IJMkd2dbgLYTHmgrb3MiPh4yu5BoH4a5MeOXQdMYw3
G7+hh2rk6WUW+daSYNrrpkN7TQyyqT0tb5BsEcVhCnC76q7RZ4WJ0Yz9uwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL4S4KIpXELj+4AmqzR7ryqFtrdoMB8GA1UdIwQY
MBaAFIdB7BfcAwmxPYimfqIty7smpOOhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDBIc0Y5d0RDYkU5aUtaLW9pM0x1eWFrNDZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi8zMjY2ZjEtN2M4OC00ZjU5LWI1NjYt
MWFjNGE0MDA3ZGI0LzEvaDBIc0Y5d0RDYkU5aUtaLW9pM0x1eWFrNDZFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi8zMjY2ZjEtN2M4OC00ZjU5LWI1NjYtMWFjNGE0MDA3ZGI0
LzEvaDBIc0Y5d0RDYkU5aUtaLW9pM0x1eWFrNDZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXThT4Lu7
fHmnPvtjwTm+TlxuETt9D2paHOFji+GifMrTVEY9ANFrVP8ip0EVgigWcvbbtPf0
KkFudpeVUnoYeV15Pp3QQRQMfRYcX6rA7UDzhZzfFpJ0+i1td0XUr9nqrvYimtNJ
6Quk9s8p3U0zxu9GzT0RDZoG9iqSCkLyp4y5kv1OnOgJcj0rfFI293jVkG09fs30
RjPUEBFq0dzr/I9YG7AItfzvd5QdtTliW14LVnoivoQdfuyGWzLuXUx4WTmFZwWp
S4sQy/dt47cDg3F07hvjv8UeNH5mUKBp6MtAPvTV4Zh8S72EpjNf9p8e9/DjPXHX
bHoBWmv57YYzow==
-----END CERTIFICATE-----
Generated at Sun Mar 29 13:43:24 2026 by rpki-client