Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/c550e3-f024-46b8-87ec-450e24e0891d/1/HZwHLy2z7x8mBQW7-g7-oYwpcLE.mft
File: HZwHLy2z7x8mBQW7-g7-oYwpcLE.mft (raw, json)
Hash identifier: SYr2HwhucoCDvjScClzevTI33ifNQ+euPejwZz+4seE=
Subject key identifier: CA:20:BF:61:A3:2A:8D:ED:03:F7:54:FE:3B:3D:65:68:42:0B:3D:92
Authority key identifier: 1D:9C:07:2F:2D:B3:EF:1F:26:05:05:BB:FA:0E:FE:A1:8C:29:70:B1
Certificate issuer: /CN=1d9c072f2db3ef1f260505bbfa0efea18c2970b1
Certificate serial: 019D28BB7C7F68F0E9D65CD99CDE65346343
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HZwHLy2z7x8mBQW7-g7-oYwpcLE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/c550e3-f024-46b8-87ec-450e24e0891d/1/HZwHLy2z7x8mBQW7-g7-oYwpcLE.mft
Manifest number: 14AD
Signing time: Thu 26 Mar 2026 06:01:08 +0000
Manifest this update: Thu 26 Mar 2026 06:01:08 +0000
Manifest next update: Fri 27 Mar 2026 06:01:08 +0000
Files and hashes: 1: HZwHLy2z7x8mBQW7-g7-oYwpcLE.crl (hash: PC79fYbhUhSVM9Yrug7F9pwwBqzYMhpQvf4HXGBPm8E=)
2: c57yC7tB1OJCUcmD7P1hLz2EMFE.roa (hash: ZXukYGaWgtp5a3QMVvyaz5oNdYorD6FVcR+u7jbZN30=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/c550e3-f024-46b8-87ec-450e24e0891d/1/HZwHLy2z7x8mBQW7-g7-oYwpcLE.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/c550e3-f024-46b8-87ec-450e24e0891d/1/HZwHLy2z7x8mBQW7-g7-oYwpcLE.mft
rsync://rpki.ripe.net/repository/DEFAULT/HZwHLy2z7x8mBQW7-g7-oYwpcLE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 06:01:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:28:bb:7c:7f:68:f0:e9:d6:5c:d9:9c:de:65:34:63:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d9c072f2db3ef1f260505bbfa0efea18c2970b1
Validity
Not Before: Mar 26 06:01:08 2026 GMT
Not After : Mar 27 06:01:08 2026 GMT
Subject: CN=ca20bf61a32a8ded03f754fe3b3d6568420b3d92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:e1:37:bc:9f:7d:65:3c:ab:cc:69:19:39:ff:
fa:26:3c:ef:48:67:ee:c5:4b:51:4b:36:ef:f3:ad:
58:da:61:a7:29:c3:a5:f2:57:97:34:6e:3c:0c:2a:
af:fd:c4:aa:71:0e:3d:2c:b9:81:f0:f3:53:91:62:
06:21:42:dc:d8:3d:ac:d3:2b:6b:ff:8f:2a:a9:1d:
05:dc:2c:ee:70:a2:95:d0:44:b0:1d:3e:4c:41:46:
61:9d:15:ff:87:77:83:a5:63:19:99:6d:92:e5:21:
98:ac:aa:72:d9:d8:a4:2a:7c:7d:5e:a6:9f:24:f1:
78:56:51:82:cc:4d:73:0d:8a:d7:46:23:7f:05:bd:
9c:86:62:ad:73:1e:2e:44:2a:f6:f9:5d:63:f9:47:
cd:de:69:46:80:db:7f:7d:de:a5:21:cc:eb:ee:01:
42:0e:0a:c1:a5:dc:c2:6b:ab:ed:ef:9f:74:4e:e1:
30:a0:c4:06:a7:ef:7d:43:1c:75:74:1b:ed:32:89:
c6:ee:45:c5:16:62:42:dc:88:e3:3b:27:30:84:4e:
56:ac:75:78:7d:b3:70:d5:3a:86:3e:85:c5:64:94:
9e:d5:0d:72:e4:dd:36:44:b0:6e:57:d2:2b:f2:ec:
9b:1a:e8:7e:55:90:89:d5:bf:5d:81:ce:85:40:98:
bf:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:20:BF:61:A3:2A:8D:ED:03:F7:54:FE:3B:3D:65:68:42:0B:3D:92
X509v3 Authority Key Identifier:
keyid:1D:9C:07:2F:2D:B3:EF:1F:26:05:05:BB:FA:0E:FE:A1:8C:29:70:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HZwHLy2z7x8mBQW7-g7-oYwpcLE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/c550e3-f024-46b8-87ec-450e24e0891d/1/HZwHLy2z7x8mBQW7-g7-oYwpcLE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/c550e3-f024-46b8-87ec-450e24e0891d/1/HZwHLy2z7x8mBQW7-g7-oYwpcLE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6c:40:19:01:8e:c0:fb:f6:21:25:2f:62:ab:aa:78:09:c2:bf:
62:f9:bf:33:99:c4:ca:97:cc:b5:17:b5:cb:8d:b1:1d:79:56:
e5:9a:05:b3:9f:4a:8c:e9:fa:bf:1b:c4:8b:bb:bf:7f:81:ef:
db:9f:f7:3c:32:84:42:6a:5b:3b:f0:33:c5:5c:e0:e8:f1:f1:
87:c5:10:b7:7f:24:c9:5a:73:9a:2d:ff:85:18:57:c8:6d:b3:
3d:c9:a0:35:57:1e:0a:86:52:0e:27:31:33:ec:5c:76:ea:f8:
cc:ed:84:40:4f:40:55:33:c1:0d:3c:cb:f2:50:c4:85:a0:80:
88:b3:f7:22:f7:48:b2:ad:67:cf:4e:df:85:14:b0:a9:16:d1:
20:65:58:b7:60:96:f0:2f:ed:d3:f8:7b:9e:c4:26:2e:f7:25:
d0:c0:e5:c8:be:76:41:f3:36:e3:18:93:9f:1b:fc:17:b8:6a:
4e:d2:ec:fe:a6:84:f9:37:d8:7d:1a:48:62:9e:d0:a8:5d:97:
40:be:56:5a:6a:01:33:fc:db:7e:34:7a:9b:a3:cb:59:45:7f:
b6:f9:35:f8:bd:13:64:89:74:7b:53:e8:f3:f4:14:54:1b:89:
19:ac:73:f5:79:64:0b:1d:4d:53:51:20:89:17:c0:ab:fc:12:
d5:38:a4:c0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ou3x/aPDp1lzZnN5lNGNDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkOWMwNzJmMmRiM2VmMWYyNjA1MDViYmZhMGVmZWExOGMy
OTcwYjEwHhcNMjYwMzI2MDYwMTA4WhcNMjYwMzI3MDYwMTA4WjAzMTEwLwYDVQQD
EyhjYTIwYmY2MWEzMmE4ZGVkMDNmNzU0ZmUzYjNkNjU2ODQyMGIzZDkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAteE3vJ99ZTyrzGkZOf/6JjzvSGfu
xUtRSzbv861Y2mGnKcOl8leXNG48DCqv/cSqcQ49LLmB8PNTkWIGIULc2D2s0ytr
/48qqR0F3CzucKKV0ESwHT5MQUZhnRX/h3eDpWMZmW2S5SGYrKpy2dikKnx9Xqaf
JPF4VlGCzE1zDYrXRiN/Bb2chmKtcx4uRCr2+V1j+UfN3mlGgNt/fd6lIczr7gFC
DgrBpdzCa6vt7590TuEwoMQGp+99Qxx1dBvtMonG7kXFFmJC3IjjOycwhE5WrHV4
fbNw1TqGPoXFZJSe1Q1y5N02RLBuV9Ir8uybGuh+VZCJ1b9dgc6FQJi/TwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMogv2GjKo3tA/dU/js9ZWhCCz2SMB8GA1UdIwQY
MBaAFB2cBy8ts+8fJgUFu/oO/qGMKXCxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFp3SEx5Mno3eDhtQlFXNy1nNy1vWXdwY0xFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9jNTUwZTMtZjAyNC00NmI4LTg3ZWMt
NDUwZTI0ZTA4OTFkLzEvSFp3SEx5Mno3eDhtQlFXNy1nNy1vWXdwY0xFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9jNTUwZTMtZjAyNC00NmI4LTg3ZWMtNDUwZTI0ZTA4OTFk
LzEvSFp3SEx5Mno3eDhtQlFXNy1nNy1vWXdwY0xFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbEAZAY7A
+/YhJS9iq6p4CcK/Yvm/M5nEypfMtRe1y42xHXlW5ZoFs59KjOn6vxvEi7u/f4Hv
25/3PDKEQmpbO/AzxVzg6PHxh8UQt38kyVpzmi3/hRhXyG2zPcmgNVceCoZSDicx
M+xcdur4zO2EQE9AVTPBDTzL8lDEhaCAiLP3IvdIsq1nz07fhRSwqRbRIGVYt2CW
8C/t0/h7nsQmLvcl0MDlyL52QfM24xiTnxv8F7hqTtLs/qaE+TfYfRpIYp7QqF2X
QL5WWmoBM/zbfjR6m6PLWUV/tvk1+L0TZIl0e1Po8/QUVBuJGaxz9XlkCx1NU1Eg
iRfAq/wS1TikwA==
-----END CERTIFICATE-----
Generated at Thu Mar 26 15:08:29 2026 by rpki-client