Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/7efe01-ec74-40ac-a238-a9b1df44ce2f/1/hQTr-dsXEKR7rkUIza-BMeFnSlQ.mft
File: hQTr-dsXEKR7rkUIza-BMeFnSlQ.mft (raw, json)
Hash identifier: j/UTk66Fse5VNRLesvedqi/207TG18gjJg7bJeF4bBo=
Subject key identifier: 8A:0B:BA:FC:0C:79:84:12:17:C7:94:02:73:FE:D6:5F:A7:71:C8:8F
Authority key identifier: 85:04:EB:F9:DB:17:10:A4:7B:AE:45:08:CD:AF:81:31:E1:67:4A:54
Certificate issuer: /CN=8504ebf9db1710a47bae4508cdaf8131e1674a54
Certificate serial: 019D389BFDE192F573A732ECE9967BD94B34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hQTr-dsXEKR7rkUIza-BMeFnSlQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d6/7efe01-ec74-40ac-a238-a9b1df44ce2f/1/hQTr-dsXEKR7rkUIza-BMeFnSlQ.mft
Manifest number: 1892
Signing time: Sun 29 Mar 2026 08:00:40 +0000
Manifest this update: Sun 29 Mar 2026 08:00:40 +0000
Manifest next update: Mon 30 Mar 2026 08:00:40 +0000
Files and hashes: 1: hQTr-dsXEKR7rkUIza-BMeFnSlQ.crl (hash: q9CclAc4ynR5smykfrddb4SMC5QJtzxwdvhyCyTV/aY=)
2: vFI_szTdwGut2KUofHDh3zwoi1k.roa (hash: MxrZSZTPx1kjzcHF3plautdDk7QOfOy+oz7wimPfgjE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d6/7efe01-ec74-40ac-a238-a9b1df44ce2f/1/hQTr-dsXEKR7rkUIza-BMeFnSlQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/d6/7efe01-ec74-40ac-a238-a9b1df44ce2f/1/hQTr-dsXEKR7rkUIza-BMeFnSlQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/hQTr-dsXEKR7rkUIza-BMeFnSlQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:9b:fd:e1:92:f5:73:a7:32:ec:e9:96:7b:d9:4b:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8504ebf9db1710a47bae4508cdaf8131e1674a54
Validity
Not Before: Mar 29 08:00:40 2026 GMT
Not After : Mar 30 08:00:40 2026 GMT
Subject: CN=8a0bbafc0c79841217c7940273fed65fa771c88f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:0b:a4:32:d7:7a:4e:02:32:a1:71:e8:42:3d:
06:f5:e0:30:13:26:8c:27:73:a7:ef:8e:73:03:b3:
90:1c:11:3d:84:05:a4:18:6a:61:1f:3b:cc:d6:95:
24:16:6b:5e:1b:37:0c:3d:55:f9:dc:d1:4e:31:11:
ff:3a:77:88:2b:a3:92:6b:8a:3d:00:1a:87:67:78:
db:9f:10:b5:1c:9d:87:b6:f0:0e:e0:03:a1:96:cc:
cd:1c:96:4c:3e:57:cd:6a:b7:53:36:32:bc:01:a5:
b6:d6:b4:ab:0d:b2:80:9f:82:93:e9:6b:bb:dc:59:
ef:11:d9:4d:60:1d:38:c8:d8:5c:e5:45:4f:a1:94:
78:5f:86:08:52:a3:a3:b4:68:ad:60:ac:b7:51:02:
47:07:13:60:4c:df:c4:60:e5:ca:a0:b8:3f:03:90:
b8:a6:59:53:6a:3f:29:6c:d8:ac:60:7c:3d:20:71:
4d:4e:85:15:4a:2e:d7:75:e5:1b:9a:93:af:bc:26:
a6:69:04:2b:7a:33:99:a5:54:c0:8f:96:ee:d1:c3:
44:1b:8c:ae:0e:cd:af:5b:03:8a:13:2f:33:f7:a2:
f1:75:fc:b9:a9:37:c3:4c:a4:d8:de:42:9e:4b:d0:
ae:81:55:f1:44:91:76:31:9c:a6:b8:62:ef:c9:db:
80:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:0B:BA:FC:0C:79:84:12:17:C7:94:02:73:FE:D6:5F:A7:71:C8:8F
X509v3 Authority Key Identifier:
keyid:85:04:EB:F9:DB:17:10:A4:7B:AE:45:08:CD:AF:81:31:E1:67:4A:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hQTr-dsXEKR7rkUIza-BMeFnSlQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/7efe01-ec74-40ac-a238-a9b1df44ce2f/1/hQTr-dsXEKR7rkUIza-BMeFnSlQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/7efe01-ec74-40ac-a238-a9b1df44ce2f/1/hQTr-dsXEKR7rkUIza-BMeFnSlQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
dc:5f:8f:4d:6d:29:a4:e5:47:ca:cf:a0:96:87:08:43:6b:59:
3b:e5:19:1d:dd:9f:cd:18:73:de:86:45:17:4a:5e:f9:a9:fc:
28:95:b8:4e:68:cc:cb:84:7c:f3:15:95:25:55:58:7e:37:66:
e5:ff:3d:1d:58:43:3b:b6:cc:dc:06:d9:12:97:19:ae:97:89:
bf:6f:e6:92:34:cf:0c:55:37:8c:9e:bf:7a:eb:8f:d6:96:a4:
0f:31:91:3b:0c:f3:85:bd:c2:49:aa:e8:74:94:92:37:d4:27:
81:cd:52:c8:f3:13:93:6b:dd:29:3e:b0:ff:e8:a6:f4:6f:3a:
d9:c4:d6:7c:fa:2a:2a:b7:bb:a0:7d:c7:80:c1:9d:90:58:c3:
08:3b:e7:68:b8:2e:8d:1f:78:07:50:2e:e4:6b:90:c4:ab:77:
8b:ed:f5:46:87:72:0b:c8:d1:90:12:1c:fe:fb:fc:30:66:80:
f3:e3:db:be:01:03:da:d0:b8:a4:50:d0:59:02:b3:54:b8:3c:
8f:a1:16:43:fa:75:a6:71:5b:e2:28:d5:bf:92:ff:d2:15:91:
ce:cd:19:3b:c7:17:3a:ed:db:06:c2:ff:53:2c:90:76:d8:90:
f7:29:77:ad:25:7e:23:ae:17:a9:e9:ba:b5:32:2f:53:b5:4a:
63:6e:68:72
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04m/3hkvVzpzLs6ZZ72Us0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MDRlYmY5ZGIxNzEwYTQ3YmFlNDUwOGNkYWY4MTMxZTE2
NzRhNTQwHhcNMjYwMzI5MDgwMDQwWhcNMjYwMzMwMDgwMDQwWjAzMTEwLwYDVQQD
Eyg4YTBiYmFmYzBjNzk4NDEyMTdjNzk0MDI3M2ZlZDY1ZmE3NzFjODhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvgukMtd6TgIyoXHoQj0G9eAwEyaM
J3On745zA7OQHBE9hAWkGGphHzvM1pUkFmteGzcMPVX53NFOMRH/OneIK6OSa4o9
ABqHZ3jbnxC1HJ2HtvAO4AOhlszNHJZMPlfNardTNjK8AaW21rSrDbKAn4KT6Wu7
3FnvEdlNYB04yNhc5UVPoZR4X4YIUqOjtGitYKy3UQJHBxNgTN/EYOXKoLg/A5C4
pllTaj8pbNisYHw9IHFNToUVSi7XdeUbmpOvvCamaQQrejOZpVTAj5bu0cNEG4yu
Ds2vWwOKEy8z96Lxdfy5qTfDTKTY3kKeS9CugVXxRJF2MZymuGLvyduAswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIoLuvwMeYQSF8eUAnP+1l+ncciPMB8GA1UdIwQY
MBaAFIUE6/nbFxCke65FCM2vgTHhZ0pUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFFUci1kc1hFS1I3cmtVSXphLUJNZUZuU2xRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi83ZWZlMDEtZWM3NC00MGFjLWEyMzgt
YTliMWRmNDRjZTJmLzEvaFFUci1kc1hFS1I3cmtVSXphLUJNZUZuU2xRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi83ZWZlMDEtZWM3NC00MGFjLWEyMzgtYTliMWRmNDRjZTJm
LzEvaFFUci1kc1hFS1I3cmtVSXphLUJNZUZuU2xRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA3F+PTW0p
pOVHys+glocIQ2tZO+UZHd2fzRhz3oZFF0pe+an8KJW4TmjMy4R88xWVJVVYfjdm
5f89HVhDO7bM3AbZEpcZrpeJv2/mkjTPDFU3jJ6/euuP1pakDzGROwzzhb3CSaro
dJSSN9Qngc1SyPMTk2vdKT6w/+im9G862cTWfPoqKre7oH3HgMGdkFjDCDvnaLgu
jR94B1Au5GuQxKt3i+31RodyC8jRkBIc/vv8MGaA8+PbvgED2tC4pFDQWQKzVLg8
j6EWQ/p1pnFb4ijVv5L/0hWRzs0ZO8cXOu3bBsL/UyyQdtiQ9yl3rSV+I64Xqem6
tTIvU7VKY25ocg==
-----END CERTIFICATE-----
Generated at Sun Mar 29 17:44:53 2026 by rpki-client