Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/6381d3-5d01-4abc-bed7-7b21bf303ccc/1/h-2cuDQKwglaTLBSjl6i9zjOpnI.mft
File: h-2cuDQKwglaTLBSjl6i9zjOpnI.mft (raw, json)
Hash identifier: PyyQ3zoEtyiiQ0fvBHAwodykPXEWd6wAUWy9ccz90dg=
Subject key identifier: A9:68:0A:04:4D:92:E5:DD:15:7D:4E:F5:BF:95:02:AD:C2:D8:D2:06
Authority key identifier: 87:ED:9C:B8:34:0A:C2:09:5A:4C:B0:52:8E:5E:A2:F7:38:CE:A6:72
Certificate issuer: /CN=87ed9cb8340ac2095a4cb0528e5ea2f738cea672
Certificate serial: 019D28F25BE8E008FB42E1098C7D916FE0C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h-2cuDQKwglaTLBSjl6i9zjOpnI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/6381d3-5d01-4abc-bed7-7b21bf303ccc/1/h-2cuDQKwglaTLBSjl6i9zjOpnI.mft
Manifest number: 0653
Signing time: Thu 26 Mar 2026 07:01:04 +0000
Manifest this update: Thu 26 Mar 2026 07:01:04 +0000
Manifest next update: Fri 27 Mar 2026 07:01:04 +0000
Files and hashes: 1: ClXL4dT4GSld8lEfAWyCYr5cI3Y.roa (hash: gOfRKf6V+xV3ZsFtbBW86oarsiPBo5VFvmb0v2OnPU0=)
2: h-2cuDQKwglaTLBSjl6i9zjOpnI.crl (hash: 9kkQEwt141g1RhpmCGnUFwDhVvCPZPRrWgc+D1Zvs84=)
3: vT00UMTKIHLp4hINXZvd81w31H4.roa (hash: QI91nZrYvdKW6PkjSidpqTabE42DmbX4YNbp5QsN850=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/6381d3-5d01-4abc-bed7-7b21bf303ccc/1/h-2cuDQKwglaTLBSjl6i9zjOpnI.crl
rsync://rpki.ripe.net/repository/DEFAULT/0b/6381d3-5d01-4abc-bed7-7b21bf303ccc/1/h-2cuDQKwglaTLBSjl6i9zjOpnI.mft
rsync://rpki.ripe.net/repository/DEFAULT/h-2cuDQKwglaTLBSjl6i9zjOpnI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:28:f2:5b:e8:e0:08:fb:42:e1:09:8c:7d:91:6f:e0:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87ed9cb8340ac2095a4cb0528e5ea2f738cea672
Validity
Not Before: Mar 26 07:01:04 2026 GMT
Not After : Mar 27 07:01:04 2026 GMT
Subject: CN=a9680a044d92e5dd157d4ef5bf9502adc2d8d206
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:36:9f:dd:7f:80:b2:7e:a8:19:cd:09:98:6b:
1c:1b:c6:57:37:b2:98:38:f1:b0:e6:c4:f9:b5:f5:
4f:7d:10:da:c1:e6:8c:2a:e9:8f:df:de:be:95:f9:
2e:6b:c1:0e:cb:1f:09:3b:b0:b8:d1:1c:eb:2c:fa:
3c:f9:d2:77:ba:61:0e:4f:9f:59:bf:87:c6:5b:a6:
2f:26:8f:7f:05:60:1e:0c:af:a5:5c:18:94:c0:18:
2b:e0:1b:d2:c7:83:3f:1a:53:a2:31:ae:e6:2b:cf:
a0:71:0a:48:94:d7:9b:26:32:a8:72:3c:b0:dd:51:
03:f0:bf:04:55:0a:aa:7d:8c:e9:ba:be:8b:a6:5c:
56:b7:cb:c7:4b:ab:59:de:5f:09:2b:0a:ba:15:3f:
07:a3:06:ce:c2:28:42:85:f6:40:3b:35:3d:eb:a6:
38:88:3d:7d:d9:74:b5:b3:f1:6e:47:6f:9d:f4:e1:
4d:b9:64:ce:a3:f4:2d:3c:04:96:1a:db:04:fc:09:
b7:cb:39:56:3d:d8:e5:63:4e:a1:5d:51:10:69:ec:
ff:21:ed:9d:a8:b8:c5:ea:d3:b8:f2:ae:b0:5a:c1:
5b:b5:1b:79:44:61:84:24:37:57:ee:4f:33:6c:05:
1e:be:3d:95:0d:c9:d1:fe:85:82:08:8f:20:f2:6b:
ec:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:68:0A:04:4D:92:E5:DD:15:7D:4E:F5:BF:95:02:AD:C2:D8:D2:06
X509v3 Authority Key Identifier:
keyid:87:ED:9C:B8:34:0A:C2:09:5A:4C:B0:52:8E:5E:A2:F7:38:CE:A6:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h-2cuDQKwglaTLBSjl6i9zjOpnI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/6381d3-5d01-4abc-bed7-7b21bf303ccc/1/h-2cuDQKwglaTLBSjl6i9zjOpnI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/6381d3-5d01-4abc-bed7-7b21bf303ccc/1/h-2cuDQKwglaTLBSjl6i9zjOpnI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2f:13:b5:94:d2:76:81:b0:4a:7d:e8:c4:41:d8:a0:63:0d:d4:
bb:6c:9e:46:02:8f:66:7b:ac:02:54:0e:f6:33:5f:59:cd:12:
40:9a:9c:df:62:3b:0c:ba:e4:01:4e:5b:93:75:65:4f:10:95:
69:0e:12:af:74:01:4c:58:27:5a:24:96:6c:f3:62:e0:6a:f1:
e6:8a:c6:5f:df:f5:dd:ed:67:f6:6a:dc:ac:5f:16:55:89:6a:
97:bc:e6:01:b1:f1:4e:17:14:e2:ca:7b:e6:9f:9e:e6:ae:31:
fd:ec:7c:30:2c:7d:48:73:68:59:c1:aa:39:14:20:cb:29:0e:
c3:bb:e7:f9:1a:03:5e:6d:93:d9:d0:b5:4f:f2:09:0c:33:59:
91:f1:b1:cc:1a:49:6b:b7:e5:0d:19:96:e6:74:e8:f0:3a:31:
bb:50:0e:74:ea:05:48:a5:cb:ae:ff:34:22:36:92:37:a0:42:
60:b3:4e:7d:fe:a8:d5:a0:13:d5:c4:8d:26:e0:b1:1b:b5:c8:
60:d2:23:32:75:b1:25:cb:1d:97:9c:a4:5e:48:78:1d:63:8f:
6c:89:09:62:1e:46:e8:86:ea:30:c0:2f:21:c2:66:5d:51:ae:
5c:13:23:db:0d:b3:a2:68:35:4b:d1:81:ee:31:69:3e:eb:ea:
f7:e8:0e:15
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0o8lvo4Aj7QuEJjH2Rb+DBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3ZWQ5Y2I4MzQwYWMyMDk1YTRjYjA1MjhlNWVhMmY3Mzhj
ZWE2NzIwHhcNMjYwMzI2MDcwMTA0WhcNMjYwMzI3MDcwMTA0WjAzMTEwLwYDVQQD
EyhhOTY4MGEwNDRkOTJlNWRkMTU3ZDRlZjViZjk1MDJhZGMyZDhkMjA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsTaf3X+Asn6oGc0JmGscG8ZXN7KY
OPGw5sT5tfVPfRDaweaMKumP396+lfkua8EOyx8JO7C40RzrLPo8+dJ3umEOT59Z
v4fGW6YvJo9/BWAeDK+lXBiUwBgr4BvSx4M/GlOiMa7mK8+gcQpIlNebJjKocjyw
3VED8L8EVQqqfYzpur6LplxWt8vHS6tZ3l8JKwq6FT8HowbOwihChfZAOzU966Y4
iD192XS1s/FuR2+d9OFNuWTOo/QtPASWGtsE/Am3yzlWPdjlY06hXVEQaez/Ie2d
qLjF6tO48q6wWsFbtRt5RGGEJDdX7k8zbAUevj2VDcnR/oWCCI8g8mvsuQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKloCgRNkuXdFX1O9b+VAq3C2NIGMB8GA1UdIwQY
MBaAFIftnLg0CsIJWkywUo5eovc4zqZyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaC0yY3VEUUt3Z2xhVExCU2psNmk5empPcG5JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi82MzgxZDMtNWQwMS00YWJjLWJlZDct
N2IyMWJmMzAzY2NjLzEvaC0yY3VEUUt3Z2xhVExCU2psNmk5empPcG5JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi82MzgxZDMtNWQwMS00YWJjLWJlZDctN2IyMWJmMzAzY2Nj
LzEvaC0yY3VEUUt3Z2xhVExCU2psNmk5empPcG5JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALxO1lNJ2
gbBKfejEQdigYw3Uu2yeRgKPZnusAlQO9jNfWc0SQJqc32I7DLrkAU5bk3VlTxCV
aQ4Sr3QBTFgnWiSWbPNi4Grx5orGX9/13e1n9mrcrF8WVYlql7zmAbHxThcU4sp7
5p+e5q4x/ex8MCx9SHNoWcGqORQgyykOw7vn+RoDXm2T2dC1T/IJDDNZkfGxzBpJ
a7flDRmW5nTo8Doxu1AOdOoFSKXLrv80IjaSN6BCYLNOff6o1aAT1cSNJuCxG7XI
YNIjMnWxJcsdl5ykXkh4HWOPbIkJYh5G6IbqMMAvIcJmXVGuXBMj2w2zomg1S9GB
7jFpPuvq9+gOFQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 12:05:37 2026 by rpki-client