Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/c60a1e-9080-4b08-95da-437fe50bb4f7/1/hKafxWiJTLOYXt7yIha9mZdN4lE.mft
File: hKafxWiJTLOYXt7yIha9mZdN4lE.mft (raw, json)
Hash identifier: NYLb+jmsFfV5om6D7OMH1mHYp14L8K3OVxIjAZtLcrY=
Subject key identifier: C6:C9:5C:3E:0C:09:EC:08:C7:1F:55:EC:3C:38:8D:7D:AB:81:05:D6
Authority key identifier: 84:A6:9F:C5:68:89:4C:B3:98:5E:DE:F2:22:16:BD:99:97:4D:E2:51
Certificate issuer: /CN=84a69fc568894cb3985edef22216bd99974de251
Certificate serial: 019D2AE04B9BC8A9B2BE7CCA8811B67ED7D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hKafxWiJTLOYXt7yIha9mZdN4lE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/c60a1e-9080-4b08-95da-437fe50bb4f7/1/hKafxWiJTLOYXt7yIha9mZdN4lE.mft
Manifest number: 1552
Signing time: Thu 26 Mar 2026 16:00:35 +0000
Manifest this update: Thu 26 Mar 2026 16:00:35 +0000
Manifest next update: Fri 27 Mar 2026 16:00:35 +0000
Files and hashes: 1: 5yDhnFwC0iVn5DPcpR3QmCvoVv0.roa (hash: ZjrAq68K+mD03JUMhXQCJJAVWYAycmpN3p0OOOXApGI=)
2: hKafxWiJTLOYXt7yIha9mZdN4lE.crl (hash: BPIMMHJ7ZBqZoE3JY6J0Ru+AjgIbD+gSsn8DFxQiAjg=)
3: iimJ_FJ2za4rPb0lbWSF-wMFV-U.roa (hash: 9GhANmHxIYz0vSDlZn19gbsqViraUvvPcjEm2QpG0pw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/c60a1e-9080-4b08-95da-437fe50bb4f7/1/hKafxWiJTLOYXt7yIha9mZdN4lE.crl
rsync://rpki.ripe.net/repository/DEFAULT/0c/c60a1e-9080-4b08-95da-437fe50bb4f7/1/hKafxWiJTLOYXt7yIha9mZdN4lE.mft
rsync://rpki.ripe.net/repository/DEFAULT/hKafxWiJTLOYXt7yIha9mZdN4lE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 16:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:2a:e0:4b:9b:c8:a9:b2:be:7c:ca:88:11:b6:7e:d7:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84a69fc568894cb3985edef22216bd99974de251
Validity
Not Before: Mar 26 16:00:35 2026 GMT
Not After : Mar 27 16:00:35 2026 GMT
Subject: CN=c6c95c3e0c09ec08c71f55ec3c388d7dab8105d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:9d:ac:1a:72:25:a8:85:de:dd:34:b9:f5:19:
07:46:61:a9:63:9c:ce:99:5e:a4:2a:4b:85:90:a2:
e0:6e:e1:9f:5b:2c:60:be:0e:dc:21:3a:7c:67:0e:
c0:4c:3c:85:56:f0:1e:22:bd:b1:8f:38:00:28:00:
4c:62:d6:26:ad:bc:55:a2:00:eb:ba:aa:65:5f:38:
c2:52:ce:f7:5a:94:63:a4:4b:7f:50:73:fd:2a:ae:
90:66:07:98:aa:11:e2:14:1d:dc:98:4d:47:93:66:
01:1b:d0:62:98:97:3d:28:71:d2:23:ce:0b:64:f8:
b3:16:46:1d:5c:06:58:7b:51:eb:19:fb:10:de:2f:
52:13:d3:a0:6c:0f:95:bc:cb:2b:df:98:5d:47:c1:
ab:ba:34:ef:a1:51:b6:ff:fb:10:12:09:19:fb:da:
f6:33:10:42:f9:5d:ef:d4:18:0d:29:19:f3:7b:d0:
08:3b:ba:84:17:ca:88:04:33:42:25:df:64:87:3b:
07:ce:e4:99:65:6c:10:2b:aa:4a:0d:50:9a:6f:d5:
61:9c:f6:57:c8:fc:77:83:03:6a:e6:e3:5d:bd:42:
6f:a0:59:87:10:b8:f4:68:8d:6c:24:2f:cb:35:5e:
03:3b:55:1e:8b:25:60:24:11:6a:f4:83:28:10:0b:
58:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:C9:5C:3E:0C:09:EC:08:C7:1F:55:EC:3C:38:8D:7D:AB:81:05:D6
X509v3 Authority Key Identifier:
keyid:84:A6:9F:C5:68:89:4C:B3:98:5E:DE:F2:22:16:BD:99:97:4D:E2:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hKafxWiJTLOYXt7yIha9mZdN4lE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/c60a1e-9080-4b08-95da-437fe50bb4f7/1/hKafxWiJTLOYXt7yIha9mZdN4lE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/c60a1e-9080-4b08-95da-437fe50bb4f7/1/hKafxWiJTLOYXt7yIha9mZdN4lE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
d0:c7:20:11:92:b4:8e:75:35:d6:c2:56:84:ef:8f:6e:fd:7b:
44:32:6c:5e:05:3e:98:54:b8:69:7a:91:52:c8:73:cf:22:23:
4c:3a:8c:4c:bd:51:4e:04:b0:1e:ab:51:e4:aa:7b:1c:50:75:
06:52:dd:b0:64:e5:ff:61:31:f5:59:14:15:56:17:9b:a5:26:
3b:6e:f6:84:28:09:6b:1e:65:d6:37:8a:a5:e5:39:6e:ef:d1:
b7:b8:b7:bd:cd:ca:ba:bc:12:8b:db:af:b4:4c:c2:a0:bf:41:
ae:51:b7:4a:fd:56:6d:53:34:76:fb:88:d1:1b:1e:ec:87:ed:
d1:84:8c:70:55:d3:2d:7e:74:36:2a:6f:4c:eb:2a:2f:f9:a8:
ba:30:1e:1e:7e:d1:0d:2b:dc:a5:18:5f:73:ae:dc:c1:e5:4c:
0f:3c:05:32:98:5f:7e:19:63:a9:7a:67:ee:fd:d8:2c:df:f7:
2f:0a:24:2d:22:c7:89:5f:ab:1a:f3:8e:93:64:3c:8d:57:78:
6d:e4:15:1d:81:b0:7a:a9:08:ac:e4:be:c0:62:99:84:bb:0b:
0a:a1:2d:9c:52:00:69:75:1e:a4:db:8c:be:e4:00:de:f5:d2:
d4:bc:96:60:da:fa:fa:69:fc:9a:64:47:74:c2:8c:a3:a7:fa:
9f:5a:9d:da
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0q4EubyKmyvnzKiBG2ftfXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0YTY5ZmM1Njg4OTRjYjM5ODVlZGVmMjIyMTZiZDk5OTc0
ZGUyNTEwHhcNMjYwMzI2MTYwMDM1WhcNMjYwMzI3MTYwMDM1WjAzMTEwLwYDVQQD
EyhjNmM5NWMzZTBjMDllYzA4YzcxZjU1ZWMzYzM4OGQ3ZGFiODEwNWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv52sGnIlqIXe3TS59RkHRmGpY5zO
mV6kKkuFkKLgbuGfWyxgvg7cITp8Zw7ATDyFVvAeIr2xjzgAKABMYtYmrbxVogDr
uqplXzjCUs73WpRjpEt/UHP9Kq6QZgeYqhHiFB3cmE1Hk2YBG9BimJc9KHHSI84L
ZPizFkYdXAZYe1HrGfsQ3i9SE9OgbA+VvMsr35hdR8GrujTvoVG2//sQEgkZ+9r2
MxBC+V3v1BgNKRnze9AIO7qEF8qIBDNCJd9khzsHzuSZZWwQK6pKDVCab9VhnPZX
yPx3gwNq5uNdvUJvoFmHELj0aI1sJC/LNV4DO1UeiyVgJBFq9IMoEAtYDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMbJXD4MCewIxx9V7Dw4jX2rgQXWMB8GA1UdIwQY
MBaAFISmn8VoiUyzmF7e8iIWvZmXTeJRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEthZnhXaUpUTE9ZWHQ3eUloYTltWmRONGxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9jNjBhMWUtOTA4MC00YjA4LTk1ZGEt
NDM3ZmU1MGJiNGY3LzEvaEthZnhXaUpUTE9ZWHQ3eUloYTltWmRONGxFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9jNjBhMWUtOTA4MC00YjA4LTk1ZGEtNDM3ZmU1MGJiNGY3
LzEvaEthZnhXaUpUTE9ZWHQ3eUloYTltWmRONGxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA0McgEZK0
jnU11sJWhO+Pbv17RDJsXgU+mFS4aXqRUshzzyIjTDqMTL1RTgSwHqtR5Kp7HFB1
BlLdsGTl/2Ex9VkUFVYXm6UmO272hCgJax5l1jeKpeU5bu/Rt7i3vc3KurwSi9uv
tEzCoL9BrlG3Sv1WbVM0dvuI0Rse7Ift0YSMcFXTLX50NipvTOsqL/moujAeHn7R
DSvcpRhfc67cweVMDzwFMphffhljqXpn7v3YLN/3LwokLSLHiV+rGvOOk2Q8jVd4
beQVHYGweqkIrOS+wGKZhLsLCqEtnFIAaXUepNuMvuQA3vXS1LyWYNr6+mn8mmRH
dMKMo6f6n1qd2g==
-----END CERTIFICATE-----
Generated at Thu Mar 26 22:26:09 2026 by rpki-client