Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/29c015-d747-4fc7-932b-df5cb9f0e3a4/1/CNHx-LQddPfYZrHlrf0Yr-ICcQg.mft
File: CNHx-LQddPfYZrHlrf0Yr-ICcQg.mft (raw, json)
Hash identifier: PSJNctsQ43umLE78FGi1VCiXrhBk8aBNUyTwuFR/ZfQ=
Subject key identifier: AD:C8:95:D2:8C:39:25:50:B2:9B:D6:FA:0B:C7:C0:64:DE:49:1B:AC
Authority key identifier: 08:D1:F1:F8:B4:1D:74:F7:D8:66:B1:E5:AD:FD:18:AF:E2:02:71:08
Certificate issuer: /CN=08d1f1f8b41d74f7d866b1e5adfd18afe2027108
Certificate serial: 019D382DEAF1CC61F28BEC96729A79F06C29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CNHx-LQddPfYZrHlrf0Yr-ICcQg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/29c015-d747-4fc7-932b-df5cb9f0e3a4/1/CNHx-LQddPfYZrHlrf0Yr-ICcQg.mft
Manifest number: 1493
Signing time: Sun 29 Mar 2026 06:00:26 +0000
Manifest this update: Sun 29 Mar 2026 06:00:26 +0000
Manifest next update: Mon 30 Mar 2026 06:00:26 +0000
Files and hashes: 1: CNHx-LQddPfYZrHlrf0Yr-ICcQg.crl (hash: YcduhNRVphyfv9ZGcLupICnUo3CxWL6dE9+FgP9l9h8=)
2: t_3KExq4t288IjtqVXAOQe_Eba8.roa (hash: ChTQhqA/DHUVGryflG/Am/U8Pp4mklmr4RiBocThAjs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e3/29c015-d747-4fc7-932b-df5cb9f0e3a4/1/CNHx-LQddPfYZrHlrf0Yr-ICcQg.crl
rsync://rpki.ripe.net/repository/DEFAULT/e3/29c015-d747-4fc7-932b-df5cb9f0e3a4/1/CNHx-LQddPfYZrHlrf0Yr-ICcQg.mft
rsync://rpki.ripe.net/repository/DEFAULT/CNHx-LQddPfYZrHlrf0Yr-ICcQg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 06:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:2d:ea:f1:cc:61:f2:8b:ec:96:72:9a:79:f0:6c:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08d1f1f8b41d74f7d866b1e5adfd18afe2027108
Validity
Not Before: Mar 29 06:00:26 2026 GMT
Not After : Mar 30 06:00:26 2026 GMT
Subject: CN=adc895d28c392550b29bd6fa0bc7c064de491bac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:d9:fd:14:83:92:97:82:54:f3:66:b7:53:b4:
c5:1f:a0:fc:ba:e0:ce:99:f4:9f:7d:d4:b1:0b:86:
40:e3:ed:e5:cb:99:b0:29:bc:66:cb:37:e4:36:64:
e5:1c:bb:43:b9:25:ac:7f:b5:e3:74:9a:19:8b:b2:
03:0c:84:fe:f2:c6:e4:d1:05:ce:e1:22:08:c9:ad:
fa:f8:0c:39:0c:20:13:4a:6b:22:14:35:5a:5b:9e:
88:c2:57:5c:ca:5d:28:f5:0a:93:8c:4f:bc:47:de:
43:0f:da:29:83:93:06:d3:ab:6f:fe:06:12:de:c0:
ae:c6:ae:14:de:a2:66:86:7d:eb:18:e6:fc:a2:a0:
d5:0c:9a:97:ab:99:aa:67:06:bf:32:ea:27:7e:f9:
7c:72:4d:10:92:55:48:2e:8c:77:3e:f9:d9:22:71:
49:14:8c:64:e0:72:40:4a:8c:b2:73:4a:cc:55:c2:
1d:32:5c:29:5c:bc:db:04:f7:0b:e4:65:1b:86:23:
77:e2:66:77:cd:59:d7:a6:fa:39:b1:d3:ae:5a:a5:
d0:e6:5f:8f:c5:54:da:81:11:b6:3a:4d:c5:50:a4:
5f:13:af:54:f9:47:13:3e:ae:fb:cc:08:8d:cd:e8:
8c:3c:ea:d0:a7:14:9b:13:12:59:73:3a:bc:0c:e0:
47:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:C8:95:D2:8C:39:25:50:B2:9B:D6:FA:0B:C7:C0:64:DE:49:1B:AC
X509v3 Authority Key Identifier:
keyid:08:D1:F1:F8:B4:1D:74:F7:D8:66:B1:E5:AD:FD:18:AF:E2:02:71:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CNHx-LQddPfYZrHlrf0Yr-ICcQg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/29c015-d747-4fc7-932b-df5cb9f0e3a4/1/CNHx-LQddPfYZrHlrf0Yr-ICcQg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/29c015-d747-4fc7-932b-df5cb9f0e3a4/1/CNHx-LQddPfYZrHlrf0Yr-ICcQg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8f:ef:89:dd:2d:9a:e3:5e:a3:b8:72:25:0c:28:44:c7:7a:58:
01:c4:9b:68:49:f7:f2:81:23:7b:7b:40:52:c3:6b:54:b1:a7:
76:89:0c:94:f2:ed:05:de:49:5b:be:5d:b9:b8:92:71:dc:22:
c5:d2:1a:48:95:15:a6:5c:ec:5b:f5:e2:76:1a:29:7d:c3:4d:
50:e0:2e:bd:0e:90:52:f0:9c:24:5e:2e:a8:11:b6:77:38:04:
95:59:24:69:d1:25:e8:6e:4d:6f:2b:8d:21:df:e4:3f:6c:48:
25:19:8b:48:c2:51:8e:38:7a:99:fe:0f:00:ed:0f:64:21:21:
2e:54:33:94:0c:67:31:40:54:34:11:eb:63:10:7d:83:1b:83:
c7:d0:4f:7a:06:84:79:e4:4c:20:b0:bd:c3:d7:f6:91:1d:0f:
c4:35:43:a4:44:bd:03:ce:ef:06:7d:36:9e:e5:69:00:d1:85:
14:8c:b7:e2:ac:57:a0:b4:9e:8a:fd:24:42:ec:a3:84:c9:16:
21:40:22:ba:cc:91:f6:75:37:e4:e9:1e:db:71:61:82:78:5e:
a6:48:cd:29:d4:b1:c4:da:25:d5:01:1c:ed:e1:c9:a4:cd:4c:
24:6a:2d:e9:27:6e:e4:de:d9:84:4d:b2:1b:98:b9:94:94:65:
a7:59:e4:0c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04LerxzGHyi+yWcpp58GwpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4ZDFmMWY4YjQxZDc0ZjdkODY2YjFlNWFkZmQxOGFmZTIw
MjcxMDgwHhcNMjYwMzI5MDYwMDI2WhcNMjYwMzMwMDYwMDI2WjAzMTEwLwYDVQQD
EyhhZGM4OTVkMjhjMzkyNTUwYjI5YmQ2ZmEwYmM3YzA2NGRlNDkxYmFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsdn9FIOSl4JU82a3U7TFH6D8uuDO
mfSffdSxC4ZA4+3ly5mwKbxmyzfkNmTlHLtDuSWsf7XjdJoZi7IDDIT+8sbk0QXO
4SIIya36+Aw5DCATSmsiFDVaW56Iwldcyl0o9QqTjE+8R95DD9opg5MG06tv/gYS
3sCuxq4U3qJmhn3rGOb8oqDVDJqXq5mqZwa/Muonfvl8ck0QklVILox3PvnZInFJ
FIxk4HJASoyyc0rMVcIdMlwpXLzbBPcL5GUbhiN34mZ3zVnXpvo5sdOuWqXQ5l+P
xVTagRG2Ok3FUKRfE69U+UcTPq77zAiNzeiMPOrQpxSbExJZczq8DOBHiwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK3IldKMOSVQspvW+gvHwGTeSRusMB8GA1UdIwQY
MBaAFAjR8fi0HXT32Gax5a39GK/iAnEIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ05IeC1MUWRkUGZZWnJIbHJmMFlyLUlDY1FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy8yOWMwMTUtZDc0Ny00ZmM3LTkzMmIt
ZGY1Y2I5ZjBlM2E0LzEvQ05IeC1MUWRkUGZZWnJIbHJmMFlyLUlDY1FnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy8yOWMwMTUtZDc0Ny00ZmM3LTkzMmItZGY1Y2I5ZjBlM2E0
LzEvQ05IeC1MUWRkUGZZWnJIbHJmMFlyLUlDY1FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAj++J3S2a
416juHIlDChEx3pYAcSbaEn38oEje3tAUsNrVLGndokMlPLtBd5JW75dubiScdwi
xdIaSJUVplzsW/XidhopfcNNUOAuvQ6QUvCcJF4uqBG2dzgElVkkadEl6G5NbyuN
Id/kP2xIJRmLSMJRjjh6mf4PAO0PZCEhLlQzlAxnMUBUNBHrYxB9gxuDx9BPegaE
eeRMILC9w9f2kR0PxDVDpES9A87vBn02nuVpANGFFIy34qxXoLSeiv0kQuyjhMkW
IUAiusyR9nU35Oke23FhgnhepkjNKdSxxNol1QEc7eHJpM1MJGot6Sdu5N7ZhE2y
G5i5lJRlp1nkDA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:39:07 2026 by rpki-client