Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/627987-235d-4194-96b1-af8c75a93cd1/1/r_HNv5fWyiB-XciFq8_2ccwVyRA.mft
File: r_HNv5fWyiB-XciFq8_2ccwVyRA.mft (raw, json)
Hash identifier: kTMXND0YinHSgPdz2PjJUzgl8Jq570Z742qEuIqQq/o=
Subject key identifier: 85:76:00:60:BF:92:ED:74:0C:1B:84:05:52:1D:32:89:A6:26:92:C7
Authority key identifier: AF:F1:CD:BF:97:D6:CA:20:7E:5D:C8:85:AB:CF:F6:71:CC:15:C9:10
Certificate issuer: /CN=aff1cdbf97d6ca207e5dc885abcff671cc15c910
Certificate serial: 019D382E8DDDA53007CB5C048688D713D5BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r_HNv5fWyiB-XciFq8_2ccwVyRA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/627987-235d-4194-96b1-af8c75a93cd1/1/r_HNv5fWyiB-XciFq8_2ccwVyRA.mft
Manifest number: 0D84
Signing time: Sun 29 Mar 2026 06:01:08 +0000
Manifest this update: Sun 29 Mar 2026 06:01:08 +0000
Manifest next update: Mon 30 Mar 2026 06:01:08 +0000
Files and hashes: 1: r_HNv5fWyiB-XciFq8_2ccwVyRA.crl (hash: LuhppNrOiID3LurgpL3Sj8AmdeEMoofjVhc2/XBQGMo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/627987-235d-4194-96b1-af8c75a93cd1/1/r_HNv5fWyiB-XciFq8_2ccwVyRA.crl
rsync://rpki.ripe.net/repository/DEFAULT/da/627987-235d-4194-96b1-af8c75a93cd1/1/r_HNv5fWyiB-XciFq8_2ccwVyRA.mft
rsync://rpki.ripe.net/repository/DEFAULT/r_HNv5fWyiB-XciFq8_2ccwVyRA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 06:01:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:2e:8d:dd:a5:30:07:cb:5c:04:86:88:d7:13:d5:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aff1cdbf97d6ca207e5dc885abcff671cc15c910
Validity
Not Before: Mar 29 06:01:08 2026 GMT
Not After : Mar 30 06:01:08 2026 GMT
Subject: CN=85760060bf92ed740c1b8405521d3289a62692c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:3b:0b:e7:b3:2b:0d:83:f9:b9:29:ce:28:78:
bb:6b:de:03:7a:37:40:50:71:4b:b4:d4:a9:73:45:
0a:4a:36:05:f5:9d:52:fc:4b:61:17:95:70:c0:df:
b4:37:dd:a3:f3:34:86:7a:14:2d:61:24:cf:55:0e:
98:d6:aa:89:95:b6:5d:ce:72:a5:68:7d:35:fc:db:
ea:1a:f3:67:bf:31:d0:1c:18:35:48:c2:7b:2b:75:
30:3c:46:a8:8c:42:ef:0a:79:a5:db:16:8c:a8:49:
b0:4c:c3:2e:6d:4f:a4:7b:78:43:14:cc:4c:e5:0e:
ca:6f:4e:1f:0f:d2:2b:ff:47:20:45:1b:0a:04:74:
af:7b:bc:2a:4e:0c:d7:ef:d5:3f:0b:c8:d7:66:8e:
df:49:d7:5c:42:87:18:d5:d4:68:1b:0b:98:50:ae:
11:1e:e1:0d:fd:86:5f:3f:2f:6a:c8:e2:e7:42:ef:
02:cc:95:b1:6d:7c:6b:54:e1:87:7a:dd:16:7a:d6:
ab:6f:7e:37:ad:7b:a1:b0:a5:2d:21:04:e2:89:06:
af:a9:7b:48:a8:d5:fb:de:44:38:4d:9f:4b:f1:f2:
46:a0:dd:b7:ef:d8:0d:bf:bd:c8:2b:f0:8e:ef:84:
b5:a3:70:52:d0:26:89:6f:21:0b:86:cb:ef:9e:5c:
2b:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:76:00:60:BF:92:ED:74:0C:1B:84:05:52:1D:32:89:A6:26:92:C7
X509v3 Authority Key Identifier:
keyid:AF:F1:CD:BF:97:D6:CA:20:7E:5D:C8:85:AB:CF:F6:71:CC:15:C9:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r_HNv5fWyiB-XciFq8_2ccwVyRA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/627987-235d-4194-96b1-af8c75a93cd1/1/r_HNv5fWyiB-XciFq8_2ccwVyRA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/627987-235d-4194-96b1-af8c75a93cd1/1/r_HNv5fWyiB-XciFq8_2ccwVyRA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5e:d6:16:22:66:d0:52:57:d7:80:f3:3c:26:c5:25:06:fa:5a:
06:d6:1f:02:f9:f8:7a:d0:82:40:59:89:93:03:62:5c:f9:bd:
df:ea:b1:d0:12:54:e6:67:99:33:13:03:2f:2d:71:e3:23:5c:
4a:7e:d8:11:5e:c2:95:02:8e:97:47:ee:10:ee:91:6a:fb:e1:
f5:6a:84:b6:d9:bc:88:91:a0:8e:f4:5f:47:2f:82:a8:a6:98:
f1:16:88:13:be:38:2b:6d:f7:2c:f6:72:39:79:d2:86:12:54:
6a:36:d3:7b:6d:12:3d:7c:e6:69:24:5a:b2:e6:3a:bd:d9:cc:
dd:e8:92:03:37:56:07:d8:8f:4b:a7:76:c5:41:91:bb:c2:92:
82:ad:80:9a:20:ab:9d:54:f7:77:e7:34:fc:32:0d:aa:e4:e7:
21:22:61:00:e7:b9:4d:f7:d8:c4:ae:9a:3a:6b:fd:66:a6:23:
54:49:91:89:0d:c5:a3:a8:01:a6:b1:a7:7e:f8:1c:4a:9a:d7:
99:42:7d:a7:59:b0:db:4c:01:24:38:f4:26:8c:7f:01:45:3e:
0d:7f:3e:67:10:19:aa:87:89:1e:13:90:19:10:fe:4f:95:fd:
74:8c:12:f4:73:8c:53:75:65:82:ec:85:aa:d2:16:57:ba:43:
14:35:0c:38
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04Lo3dpTAHy1wEhojXE9W6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmZjFjZGJmOTdkNmNhMjA3ZTVkYzg4NWFiY2ZmNjcxY2Mx
NWM5MTAwHhcNMjYwMzI5MDYwMTA4WhcNMjYwMzMwMDYwMTA4WjAzMTEwLwYDVQQD
Eyg4NTc2MDA2MGJmOTJlZDc0MGMxYjg0MDU1MjFkMzI4OWE2MjY5MmM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyTsL57MrDYP5uSnOKHi7a94DejdA
UHFLtNSpc0UKSjYF9Z1S/EthF5VwwN+0N92j8zSGehQtYSTPVQ6Y1qqJlbZdznKl
aH01/NvqGvNnvzHQHBg1SMJ7K3UwPEaojELvCnml2xaMqEmwTMMubU+ke3hDFMxM
5Q7Kb04fD9Ir/0cgRRsKBHSve7wqTgzX79U/C8jXZo7fSddcQocY1dRoGwuYUK4R
HuEN/YZfPy9qyOLnQu8CzJWxbXxrVOGHet0Wetarb343rXuhsKUtIQTiiQavqXtI
qNX73kQ4TZ9L8fJGoN2379gNv73IK/CO74S1o3BS0CaJbyELhsvvnlwr8QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIV2AGC/ku10DBuEBVIdMommJpLHMB8GA1UdIwQY
MBaAFK/xzb+X1sogfl3IhavP9nHMFckQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcl9ITnY1Zld5aUItWGNpRnE4XzJjY3dWeVJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS82Mjc5ODctMjM1ZC00MTk0LTk2YjEt
YWY4Yzc1YTkzY2QxLzEvcl9ITnY1Zld5aUItWGNpRnE4XzJjY3dWeVJBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS82Mjc5ODctMjM1ZC00MTk0LTk2YjEtYWY4Yzc1YTkzY2Qx
LzEvcl9ITnY1Zld5aUItWGNpRnE4XzJjY3dWeVJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXtYWImbQ
UlfXgPM8JsUlBvpaBtYfAvn4etCCQFmJkwNiXPm93+qx0BJU5meZMxMDLy1x4yNc
Sn7YEV7ClQKOl0fuEO6Ravvh9WqEttm8iJGgjvRfRy+CqKaY8RaIE744K233LPZy
OXnShhJUajbTe20SPXzmaSRasuY6vdnM3eiSAzdWB9iPS6d2xUGRu8KSgq2AmiCr
nVT3d+c0/DINquTnISJhAOe5TffYxK6aOmv9ZqYjVEmRiQ3Fo6gBprGnfvgcSprX
mUJ9p1mw20wBJDj0Jox/AUU+DX8+ZxAZqoeJHhOQGRD+T5X9dIwS9HOMU3VlguyF
qtIWV7pDFDUMOA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 14:56:23 2026 by rpki-client