Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/04ef71-f122-47ce-8a40-cc0f9707140e/1/h94IWXXeZYjgf-0TVROqOKztt2M.mft
File: h94IWXXeZYjgf-0TVROqOKztt2M.mft (raw, json)
Hash identifier: Dlqw2oJPHbUdvs+9tRt5O71V36E8r7u4x5li2yvi104=
Subject key identifier: D9:D4:15:81:BA:CF:6F:A5:0D:C1:62:D0:45:47:33:65:84:67:5C:3C
Authority key identifier: 87:DE:08:59:75:DE:65:88:E0:7F:ED:13:55:13:AA:38:AC:ED:B7:63
Certificate issuer: /CN=87de085975de6588e07fed135513aa38acedb763
Certificate serial: 019D29CDFA9D5A83DC9589D927B0A691B514
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h94IWXXeZYjgf-0TVROqOKztt2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/04ef71-f122-47ce-8a40-cc0f9707140e/1/h94IWXXeZYjgf-0TVROqOKztt2M.mft
Manifest number: 0C70
Signing time: Thu 26 Mar 2026 11:00:57 +0000
Manifest this update: Thu 26 Mar 2026 11:00:57 +0000
Manifest next update: Fri 27 Mar 2026 11:00:57 +0000
Files and hashes: 1: h94IWXXeZYjgf-0TVROqOKztt2M.crl (hash: NZBtQV95nUGORtUN2tX0zxGihvZc4Dfs3qzibHcW+5M=)
2: kGQeneiJZNT_BjB_XoReSyXguQ8.roa (hash: yt9dzzQfHrZsnLkuZ9r3U4v8elv0IkIyoER8sIW2HPM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/12/04ef71-f122-47ce-8a40-cc0f9707140e/1/h94IWXXeZYjgf-0TVROqOKztt2M.crl
rsync://rpki.ripe.net/repository/DEFAULT/12/04ef71-f122-47ce-8a40-cc0f9707140e/1/h94IWXXeZYjgf-0TVROqOKztt2M.mft
rsync://rpki.ripe.net/repository/DEFAULT/h94IWXXeZYjgf-0TVROqOKztt2M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:29:cd:fa:9d:5a:83:dc:95:89:d9:27:b0:a6:91:b5:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87de085975de6588e07fed135513aa38acedb763
Validity
Not Before: Mar 26 11:00:57 2026 GMT
Not After : Mar 27 11:00:57 2026 GMT
Subject: CN=d9d41581bacf6fa50dc162d04547336584675c3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:9b:99:6f:64:3d:a0:90:fe:7d:5c:d8:29:51:
52:dc:ab:6d:9f:ac:f3:69:76:dd:f7:6e:1b:f9:d6:
ee:b3:ed:f6:b9:94:74:cb:48:94:54:13:4f:29:5d:
d4:07:1a:3e:5a:91:0b:9d:76:cc:79:dc:fd:79:86:
14:6c:8c:ce:f2:6d:61:1b:a6:8d:e8:5e:d3:1c:64:
69:4a:7e:b9:19:39:fb:de:e9:ba:12:5c:49:f8:4b:
c0:cd:70:e9:b6:59:e5:59:c3:35:f9:c4:54:46:ee:
94:46:f5:1a:04:b3:73:e4:72:0c:26:7d:17:b5:a1:
10:a5:f3:5d:09:ee:99:ec:ba:4b:90:24:50:5b:03:
f7:70:ed:5a:b0:ae:0f:cf:9f:1d:ba:6d:ce:1b:e4:
3a:51:d0:16:2b:00:b6:60:8b:43:43:f9:27:e5:24:
b6:da:14:78:25:aa:0d:09:66:7e:6f:c9:d6:61:ed:
92:54:ba:c7:40:c8:82:25:8b:17:bc:ab:dd:5d:61:
82:d8:84:6d:a2:a3:3f:23:54:aa:29:b0:a1:68:f6:
ed:b6:71:7d:a8:9f:d4:73:32:54:32:ac:ee:34:fd:
e2:db:26:aa:8c:98:e2:d9:d5:b5:53:b9:14:88:aa:
c0:6f:94:61:cd:4b:e5:01:8d:dc:f5:16:71:11:47:
a2:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:D4:15:81:BA:CF:6F:A5:0D:C1:62:D0:45:47:33:65:84:67:5C:3C
X509v3 Authority Key Identifier:
keyid:87:DE:08:59:75:DE:65:88:E0:7F:ED:13:55:13:AA:38:AC:ED:B7:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h94IWXXeZYjgf-0TVROqOKztt2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/04ef71-f122-47ce-8a40-cc0f9707140e/1/h94IWXXeZYjgf-0TVROqOKztt2M.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/04ef71-f122-47ce-8a40-cc0f9707140e/1/h94IWXXeZYjgf-0TVROqOKztt2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
ca:6b:be:10:71:59:c6:22:08:83:1d:61:36:a7:ae:c0:7a:98:
69:a4:11:b3:8b:f8:2f:98:00:70:95:5f:87:c5:a0:94:29:d7:
ff:d9:b2:ed:2d:b8:99:10:b3:62:4f:f0:65:bf:58:8a:35:03:
aa:70:ac:59:d9:5f:54:6d:26:09:96:55:6f:28:45:fc:e7:5d:
29:b4:65:0b:81:fe:c0:b6:91:6c:ec:ef:85:30:74:7c:74:a1:
aa:a3:b2:a4:6b:51:37:97:6e:48:72:41:97:15:df:93:8a:0f:
be:69:dd:6b:e1:ac:c2:56:0b:76:1a:6b:cd:0b:7a:f4:6a:d7:
19:6a:a5:4b:97:1c:13:19:8a:f1:41:18:27:df:21:35:28:4d:
f5:8f:b9:c9:d9:db:b5:27:93:28:eb:c1:0b:cd:3b:d6:3f:99:
61:82:f9:8a:19:9b:b2:f8:55:2c:1e:f9:7e:2f:35:08:60:2a:
b8:80:7e:59:ad:cd:52:81:a3:34:af:a5:31:71:16:c4:3a:72:
c5:6d:50:4f:af:b9:63:18:fb:f3:25:7b:17:51:9b:bf:f6:08:
f9:1f:0b:fc:ee:a4:ff:1d:82:10:e8:56:c5:61:ec:79:0d:61:
47:40:83:12:86:41:90:6f:3f:f3:83:c6:17:9c:80:64:9f:21:
da:ce:12:1e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pzfqdWoPclYnZJ7CmkbUUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3ZGUwODU5NzVkZTY1ODhlMDdmZWQxMzU1MTNhYTM4YWNl
ZGI3NjMwHhcNMjYwMzI2MTEwMDU3WhcNMjYwMzI3MTEwMDU3WjAzMTEwLwYDVQQD
EyhkOWQ0MTU4MWJhY2Y2ZmE1MGRjMTYyZDA0NTQ3MzM2NTg0Njc1YzNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1puZb2Q9oJD+fVzYKVFS3Kttn6zz
aXbd924b+dbus+32uZR0y0iUVBNPKV3UBxo+WpELnXbMedz9eYYUbIzO8m1hG6aN
6F7THGRpSn65GTn73um6ElxJ+EvAzXDptlnlWcM1+cRURu6URvUaBLNz5HIMJn0X
taEQpfNdCe6Z7LpLkCRQWwP3cO1asK4Pz58dum3OG+Q6UdAWKwC2YItDQ/kn5SS2
2hR4JaoNCWZ+b8nWYe2SVLrHQMiCJYsXvKvdXWGC2IRtoqM/I1SqKbChaPbttnF9
qJ/UczJUMqzuNP3i2yaqjJji2dW1U7kUiKrAb5RhzUvlAY3c9RZxEUeiCQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNnUFYG6z2+lDcFi0EVHM2WEZ1w8MB8GA1UdIwQY
MBaAFIfeCFl13mWI4H/tE1UTqjis7bdjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDk0SVdYWGVaWWpnZi0wVFZST3FPS3p0dDJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi8wNGVmNzEtZjEyMi00N2NlLThhNDAt
Y2MwZjk3MDcxNDBlLzEvaDk0SVdYWGVaWWpnZi0wVFZST3FPS3p0dDJNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi8wNGVmNzEtZjEyMi00N2NlLThhNDAtY2MwZjk3MDcxNDBl
LzEvaDk0SVdYWGVaWWpnZi0wVFZST3FPS3p0dDJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAymu+EHFZ
xiIIgx1hNqeuwHqYaaQRs4v4L5gAcJVfh8WglCnX/9my7S24mRCzYk/wZb9YijUD
qnCsWdlfVG0mCZZVbyhF/OddKbRlC4H+wLaRbOzvhTB0fHShqqOypGtRN5duSHJB
lxXfk4oPvmnda+GswlYLdhprzQt69GrXGWqlS5ccExmK8UEYJ98hNShN9Y+5ydnb
tSeTKOvBC8071j+ZYYL5ihmbsvhVLB75fi81CGAquIB+Wa3NUoGjNK+lMXEWxDpy
xW1QT6+5Yxj78yV7F1Gbv/YI+R8L/O6k/x2CEOhWxWHseQ1hR0CDEoZBkG8/84PG
F5yAZJ8h2s4SHg==
-----END CERTIFICATE-----
Generated at Thu Mar 26 17:44:51 2026 by rpki-client