Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/545cce-af11-4ef7-9a5d-d35b430af26d/1/HEwmJz2igh_OJgdaoKbiMB7ISSc.mft
File: HEwmJz2igh_OJgdaoKbiMB7ISSc.mft (raw, json)
Hash identifier: GBecfI3KVR3yA2CVlgmQ/RTsx6+BAf2rLMx9ke1Yv5s=
Subject key identifier: 58:CE:39:FF:E2:A0:A3:F4:38:87:86:75:56:6C:EB:8E:47:3D:8B:44
Authority key identifier: 1C:4C:26:27:3D:A2:82:1F:CE:26:07:5A:A0:A6:E2:30:1E:C8:49:27
Certificate issuer: /CN=1c4c26273da2821fce26075aa0a6e2301ec84927
Certificate serial: 019DCF7508CF95EC4F925B516B06FCBB2C43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HEwmJz2igh_OJgdaoKbiMB7ISSc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/545cce-af11-4ef7-9a5d-d35b430af26d/1/HEwmJz2igh_OJgdaoKbiMB7ISSc.mft
Manifest number: 186E
Signing time: Mon 27 Apr 2026 15:00:46 +0000
Manifest this update: Mon 27 Apr 2026 15:00:46 +0000
Manifest next update: Tue 28 Apr 2026 15:00:46 +0000
Files and hashes: 1: Ao01yBlxvJ843s8rmXALqicuFL4.roa (hash: mObGzmDyz7K0J3EGcnRV4ZYxrkCBxp3ntfUTw3IpS/Y=)
2: HEwmJz2igh_OJgdaoKbiMB7ISSc.crl (hash: n4LDFFNqRhWn4q4MNjN6Qx4aAPnRCMgfUubzE38aTl4=)
3: nMd-Xw4DDeNMARsDmT0tnDJOIKY.roa (hash: IL7Kn+tf2yZBt5W5A2bV1BTlZ8XATxRpIlXULrCuaRY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/545cce-af11-4ef7-9a5d-d35b430af26d/1/HEwmJz2igh_OJgdaoKbiMB7ISSc.crl
rsync://rpki.ripe.net/repository/DEFAULT/d5/545cce-af11-4ef7-9a5d-d35b430af26d/1/HEwmJz2igh_OJgdaoKbiMB7ISSc.mft
rsync://rpki.ripe.net/repository/DEFAULT/HEwmJz2igh_OJgdaoKbiMB7ISSc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Apr 2026 15:00:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:cf:75:08:cf:95:ec:4f:92:5b:51:6b:06:fc:bb:2c:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c4c26273da2821fce26075aa0a6e2301ec84927
Validity
Not Before: Apr 27 15:00:46 2026 GMT
Not After : Apr 28 15:00:46 2026 GMT
Subject: CN=58ce39ffe2a0a3f438878675566ceb8e473d8b44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:12:1f:31:49:1c:06:65:ce:32:17:9d:78:3a:
43:2b:5a:d9:ee:8e:41:c8:47:59:15:40:88:62:1a:
43:37:4b:a4:f3:04:96:ac:ba:b6:b6:eb:ae:c5:bb:
23:74:30:ac:fe:35:92:4a:91:75:39:cc:3a:62:63:
12:9e:bb:a6:6a:62:a6:67:37:02:26:66:8b:57:d5:
3e:bd:5a:ef:36:8a:25:a1:db:40:e2:37:28:e4:98:
1d:25:3d:78:be:90:f7:7e:fe:e2:bf:0c:81:4b:cd:
1b:04:5f:56:77:9e:0a:3e:79:41:9c:69:dc:e1:a1:
37:d2:e6:19:17:cf:6e:ec:ad:3a:e5:57:32:dc:12:
38:92:5f:dc:d8:05:78:de:67:b7:9a:81:d9:05:ea:
02:44:f4:27:88:2e:8f:d0:00:9b:c1:d2:a8:a9:5c:
55:83:2a:86:48:41:12:4a:ee:6b:2f:50:63:95:9b:
23:e3:e6:a5:32:a1:a2:15:12:11:c9:1d:de:2e:c0:
84:5c:f9:f7:a4:29:6d:ca:04:e9:d0:ab:01:7d:36:
9d:98:1a:0a:16:85:b9:1d:4e:79:b3:79:7f:ec:8e:
c4:c3:1a:1a:37:97:6c:c5:bc:79:a1:dc:9c:51:54:
44:b8:73:77:c7:65:d9:b5:27:d5:22:d9:a5:7e:aa:
de:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:CE:39:FF:E2:A0:A3:F4:38:87:86:75:56:6C:EB:8E:47:3D:8B:44
X509v3 Authority Key Identifier:
keyid:1C:4C:26:27:3D:A2:82:1F:CE:26:07:5A:A0:A6:E2:30:1E:C8:49:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HEwmJz2igh_OJgdaoKbiMB7ISSc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/545cce-af11-4ef7-9a5d-d35b430af26d/1/HEwmJz2igh_OJgdaoKbiMB7ISSc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/545cce-af11-4ef7-9a5d-d35b430af26d/1/HEwmJz2igh_OJgdaoKbiMB7ISSc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
90:1e:e7:0d:88:89:be:2d:fd:82:c9:a2:8e:46:f5:78:8a:82:
3b:f5:4e:32:4d:44:0b:fa:db:20:92:7b:0f:0c:e0:6d:43:68:
ae:2b:9b:3a:2d:4c:ee:7a:1e:65:3b:43:f2:d1:f2:e9:40:54:
da:78:f7:a6:03:8c:9a:bc:21:cd:19:f5:88:78:57:e7:de:66:
15:7a:d7:6b:cc:89:8b:af:ff:e4:3a:a0:01:7a:ce:df:3e:d1:
4c:af:f0:fe:77:cb:5d:c3:06:9b:dc:05:23:d7:ae:05:ff:c5:
d6:98:94:3c:7d:74:08:b8:8d:ac:3b:5a:97:7a:17:64:2b:af:
e8:08:e4:2a:81:3c:90:57:00:58:fc:58:e1:db:a2:9b:0d:c2:
bb:ac:ed:ff:64:de:f2:a8:fd:b7:e6:67:87:17:65:2b:86:06:
f8:2a:23:50:b5:b6:91:72:dc:82:66:0a:65:ca:27:15:b8:85:
3c:8a:5a:ad:dc:5f:7a:7e:39:2a:6e:44:10:56:ae:9e:a6:8e:
a4:df:e4:b1:b2:94:71:35:d2:2a:26:c0:df:8d:e0:b5:31:c0:
9c:d0:b6:af:c2:aa:b0:0f:bb:44:a9:b3:3b:bb:9a:82:09:bd:
2d:0b:e3:13:3e:17:e4:e3:cc:0b:ea:b8:d6:dd:62:d8:cf:d3:
15:09:c3:e9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ3PdQjPlexPkltRawb8uyxDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjNGMyNjI3M2RhMjgyMWZjZTI2MDc1YWEwYTZlMjMwMWVj
ODQ5MjcwHhcNMjYwNDI3MTUwMDQ2WhcNMjYwNDI4MTUwMDQ2WjAzMTEwLwYDVQQD
Eyg1OGNlMzlmZmUyYTBhM2Y0Mzg4Nzg2NzU1NjZjZWI4ZTQ3M2Q4YjQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAthIfMUkcBmXOMhedeDpDK1rZ7o5B
yEdZFUCIYhpDN0uk8wSWrLq2tuuuxbsjdDCs/jWSSpF1Ocw6YmMSnrumamKmZzcC
JmaLV9U+vVrvNoolodtA4jco5JgdJT14vpD3fv7ivwyBS80bBF9Wd54KPnlBnGnc
4aE30uYZF89u7K065Vcy3BI4kl/c2AV43me3moHZBeoCRPQniC6P0ACbwdKoqVxV
gyqGSEESSu5rL1BjlZsj4+alMqGiFRIRyR3eLsCEXPn3pCltygTp0KsBfTadmBoK
FoW5HU55s3l/7I7EwxoaN5dsxbx5odycUVREuHN3x2XZtSfVItmlfqretwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFjOOf/ioKP0OIeGdVZs645HPYtEMB8GA1UdIwQY
MBaAFBxMJic9ooIfziYHWqCm4jAeyEknMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEV3bUp6MmlnaF9PSmdkYW9LYmlNQjdJU1NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS81NDVjY2UtYWYxMS00ZWY3LTlhNWQt
ZDM1YjQzMGFmMjZkLzEvSEV3bUp6MmlnaF9PSmdkYW9LYmlNQjdJU1NjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS81NDVjY2UtYWYxMS00ZWY3LTlhNWQtZDM1YjQzMGFmMjZk
LzEvSEV3bUp6MmlnaF9PSmdkYW9LYmlNQjdJU1NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkB7nDYiJ
vi39gsmijkb1eIqCO/VOMk1EC/rbIJJ7DwzgbUNoriubOi1M7noeZTtD8tHy6UBU
2nj3pgOMmrwhzRn1iHhX595mFXrXa8yJi6//5DqgAXrO3z7RTK/w/nfLXcMGm9wF
I9euBf/F1piUPH10CLiNrDtal3oXZCuv6AjkKoE8kFcAWPxY4duimw3Cu6zt/2Te
8qj9t+ZnhxdlK4YG+CojULW2kXLcgmYKZconFbiFPIpardxfen45Km5EEFaunqaO
pN/ksbKUcTXSKibA343gtTHAnNC2r8KqsA+7RKmzO7uaggm9LQvjEz4X5OPMC+q4
1t1i2M/TFQnD6Q==
-----END CERTIFICATE-----
Generated at Mon Apr 27 21:05:41 2026 by rpki-client