Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/545cce-af11-4ef7-9a5d-d35b430af26d/1/HEwmJz2igh_OJgdaoKbiMB7ISSc.mft
File: HEwmJz2igh_OJgdaoKbiMB7ISSc.mft (raw, json)
Hash identifier: 4E5T6ViZ93rz3GVuquBqGpbeB42mO2z7seZejMs5t0w=
Subject key identifier: 55:3A:05:C1:03:47:94:B0:88:03:7B:47:44:8C:92:70:F4:C5:07:1D
Authority key identifier: 1C:4C:26:27:3D:A2:82:1F:CE:26:07:5A:A0:A6:E2:30:1E:C8:49:27
Certificate issuer: /CN=1c4c26273da2821fce26075aa0a6e2301ec84927
Certificate serial: 019CE5C8A5A756F74D42D57B187C947EF3AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HEwmJz2igh_OJgdaoKbiMB7ISSc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/545cce-af11-4ef7-9a5d-d35b430af26d/1/HEwmJz2igh_OJgdaoKbiMB7ISSc.mft
Manifest number: 17F5
Signing time: Fri 13 Mar 2026 06:00:57 +0000
Manifest this update: Fri 13 Mar 2026 06:00:57 +0000
Manifest next update: Sat 14 Mar 2026 06:00:57 +0000
Files and hashes: 1: Ao01yBlxvJ843s8rmXALqicuFL4.roa (hash: mObGzmDyz7K0J3EGcnRV4ZYxrkCBxp3ntfUTw3IpS/Y=)
2: HEwmJz2igh_OJgdaoKbiMB7ISSc.crl (hash: K9B4QblsGLatZ0TIOyASv1exQD1MUnXlbhUOqyEWuW8=)
3: nMd-Xw4DDeNMARsDmT0tnDJOIKY.roa (hash: IL7Kn+tf2yZBt5W5A2bV1BTlZ8XATxRpIlXULrCuaRY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/545cce-af11-4ef7-9a5d-d35b430af26d/1/HEwmJz2igh_OJgdaoKbiMB7ISSc.crl
rsync://rpki.ripe.net/repository/DEFAULT/d5/545cce-af11-4ef7-9a5d-d35b430af26d/1/HEwmJz2igh_OJgdaoKbiMB7ISSc.mft
rsync://rpki.ripe.net/repository/DEFAULT/HEwmJz2igh_OJgdaoKbiMB7ISSc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 14 Mar 2026 00:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:e5:c8:a5:a7:56:f7:4d:42:d5:7b:18:7c:94:7e:f3:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c4c26273da2821fce26075aa0a6e2301ec84927
Validity
Not Before: Mar 13 06:00:57 2026 GMT
Not After : Mar 14 06:00:57 2026 GMT
Subject: CN=553a05c1034794b088037b47448c9270f4c5071d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:cc:de:3e:48:04:aa:bc:af:4e:76:a7:f9:25:
4b:fb:66:93:ff:63:31:71:6f:a1:c8:4b:2a:d4:16:
dd:6c:f4:aa:41:10:68:b6:80:2e:89:58:0c:3f:ba:
92:9e:a5:a7:29:00:a4:23:2e:22:fe:15:1c:95:9c:
da:45:61:4f:92:37:7c:02:ab:d0:d1:11:68:45:ad:
a9:be:1c:5d:52:55:b2:45:f5:56:88:ce:24:a6:df:
6b:b6:8c:a4:b6:21:4f:46:fa:04:42:13:55:10:9e:
69:3d:47:85:36:c6:1c:8d:70:66:41:7e:54:58:4d:
0c:4d:b7:48:57:70:46:d8:3a:f9:e3:5a:21:e9:c6:
f2:c0:00:91:ec:0b:8f:70:5b:7b:fa:1a:c1:31:26:
e8:4b:08:2f:9e:c4:c0:0f:39:0f:f7:fa:05:61:07:
d0:90:6f:e8:27:4c:fc:af:39:87:d0:08:06:7e:67:
5e:3a:05:aa:53:97:74:9f:c5:e6:44:e0:ba:3d:a0:
d5:39:30:b5:a3:20:fc:56:5c:06:2f:ec:a1:5b:29:
ff:4f:76:94:ee:55:c9:ab:af:52:88:15:1f:d4:ec:
64:5a:f1:97:db:2b:42:15:10:0d:ab:23:1e:d9:b7:
12:2f:4c:8c:44:85:ff:91:5b:5d:e3:d9:a3:c3:54:
e8:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:3A:05:C1:03:47:94:B0:88:03:7B:47:44:8C:92:70:F4:C5:07:1D
X509v3 Authority Key Identifier:
keyid:1C:4C:26:27:3D:A2:82:1F:CE:26:07:5A:A0:A6:E2:30:1E:C8:49:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HEwmJz2igh_OJgdaoKbiMB7ISSc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/545cce-af11-4ef7-9a5d-d35b430af26d/1/HEwmJz2igh_OJgdaoKbiMB7ISSc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/545cce-af11-4ef7-9a5d-d35b430af26d/1/HEwmJz2igh_OJgdaoKbiMB7ISSc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
81:e1:50:c5:3b:2c:0a:df:5a:c8:75:82:4b:4a:dc:aa:df:fa:
74:45:3e:a2:0f:b4:56:35:0d:2f:dc:8d:ba:c7:da:40:2f:48:
d7:87:48:62:cd:dd:62:2b:23:6a:c3:cb:7d:3d:2c:93:ce:64:
6e:fa:e8:c4:7c:0d:ac:0e:a7:14:54:66:c0:75:93:80:5a:ba:
51:89:a0:6b:f4:9f:cc:df:20:62:c4:d0:88:f4:07:a8:42:90:
a5:f2:18:55:00:27:c1:0e:ed:15:52:ad:7b:4e:cb:57:df:c0:
53:c5:b4:1a:fb:9c:8d:d0:04:2b:95:e5:76:e5:b2:3f:2a:fd:
2f:80:c6:08:6f:f6:7e:ec:9e:0f:40:19:db:04:f7:fd:04:62:
2a:7b:a5:af:38:30:81:4d:3b:90:cb:a7:29:48:53:10:7f:cb:
c2:a2:16:7e:00:49:9f:84:47:de:25:ae:5e:ea:cb:7c:57:6c:
e9:06:d6:9e:5b:8b:82:fe:4d:68:8f:39:81:2d:98:21:f6:fb:
7b:f6:0c:13:f6:f8:d5:bc:28:08:f1:f8:6f:1a:46:39:1d:7c:
15:30:fd:4c:c4:da:2d:e1:9d:4e:f2:2c:3c:64:2f:d8:4c:fc:
21:aa:ab:28:8a:cf:1a:6f:3a:45:fd:e7:4e:dd:82:d4:90:64:
d8:bb:e4:f6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZzlyKWnVvdNQtV7GHyUfvOrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjNGMyNjI3M2RhMjgyMWZjZTI2MDc1YWEwYTZlMjMwMWVj
ODQ5MjcwHhcNMjYwMzEzMDYwMDU3WhcNMjYwMzE0MDYwMDU3WjAzMTEwLwYDVQQD
Eyg1NTNhMDVjMTAzNDc5NGIwODgwMzdiNDc0NDhjOTI3MGY0YzUwNzFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuczePkgEqryvTnan+SVL+2aT/2Mx
cW+hyEsq1BbdbPSqQRBotoAuiVgMP7qSnqWnKQCkIy4i/hUclZzaRWFPkjd8AqvQ
0RFoRa2pvhxdUlWyRfVWiM4kpt9rtoyktiFPRvoEQhNVEJ5pPUeFNsYcjXBmQX5U
WE0MTbdIV3BG2Dr541oh6cbywACR7AuPcFt7+hrBMSboSwgvnsTADzkP9/oFYQfQ
kG/oJ0z8rzmH0AgGfmdeOgWqU5d0n8XmROC6PaDVOTC1oyD8VlwGL+yhWyn/T3aU
7lXJq69SiBUf1OxkWvGX2ytCFRANqyMe2bcSL0yMRIX/kVtd49mjw1To0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFU6BcEDR5SwiAN7R0SMknD0xQcdMB8GA1UdIwQY
MBaAFBxMJic9ooIfziYHWqCm4jAeyEknMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEV3bUp6MmlnaF9PSmdkYW9LYmlNQjdJU1NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS81NDVjY2UtYWYxMS00ZWY3LTlhNWQt
ZDM1YjQzMGFmMjZkLzEvSEV3bUp6MmlnaF9PSmdkYW9LYmlNQjdJU1NjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS81NDVjY2UtYWYxMS00ZWY3LTlhNWQtZDM1YjQzMGFmMjZk
LzEvSEV3bUp6MmlnaF9PSmdkYW9LYmlNQjdJU1NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgeFQxTss
Ct9ayHWCS0rcqt/6dEU+og+0VjUNL9yNusfaQC9I14dIYs3dYisjasPLfT0sk85k
bvroxHwNrA6nFFRmwHWTgFq6UYmga/SfzN8gYsTQiPQHqEKQpfIYVQAnwQ7tFVKt
e07LV9/AU8W0GvucjdAEK5XlduWyPyr9L4DGCG/2fuyeD0AZ2wT3/QRiKnulrzgw
gU07kMunKUhTEH/LwqIWfgBJn4RH3iWuXurLfFds6QbWnluLgv5NaI85gS2YIfb7
e/YME/b41bwoCPH4bxpGOR18FTD9TMTaLeGdTvIsPGQv2Ez8IaqrKIrPGm86Rf3n
Tt2C1JBk2Lvk9g==
-----END CERTIFICATE-----
Generated at Fri Mar 13 10:53:49 2026 by rpki-client