Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/7253f0-d825-4dab-801f-9b509e5931f9/1/RPYQ-HLPMbfDIkzSwWacmWg1C3o.mft
File: RPYQ-HLPMbfDIkzSwWacmWg1C3o.mft (raw, json)
Hash identifier: 0e9WARqKA/GFIInS48zqzedOEFXNaxUjUsl6SVTADBY=
Subject key identifier: 0F:73:1E:B6:37:B8:67:F8:27:C9:DD:3C:9A:63:02:A1:50:CF:47:40
Authority key identifier: 44:F6:10:F8:72:CF:31:B7:C3:22:4C:D2:C1:66:9C:99:68:35:0B:7A
Certificate issuer: /CN=44f610f872cf31b7c3224cd2c1669c9968350b7a
Certificate serial: 019D265FE4DF28CDF9DF14F33E2F4F841BAA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RPYQ-HLPMbfDIkzSwWacmWg1C3o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/7253f0-d825-4dab-801f-9b509e5931f9/1/RPYQ-HLPMbfDIkzSwWacmWg1C3o.mft
Manifest number: 1886
Signing time: Wed 25 Mar 2026 19:01:51 +0000
Manifest this update: Wed 25 Mar 2026 19:01:51 +0000
Manifest next update: Thu 26 Mar 2026 19:01:51 +0000
Files and hashes: 1: AT3AwmCGx61Hj5hqdELyQ8fLrSA.roa (hash: XVaOA+4kP/jBW0Nd2clUNIpHrMJJdCt1C6268n4aPw0=)
2: RPYQ-HLPMbfDIkzSwWacmWg1C3o.crl (hash: 6DS/ZZ4LM7f/ocIhEzlmzjbrQhywAdtlRr7hyzh90nI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/7253f0-d825-4dab-801f-9b509e5931f9/1/RPYQ-HLPMbfDIkzSwWacmWg1C3o.crl
rsync://rpki.ripe.net/repository/DEFAULT/29/7253f0-d825-4dab-801f-9b509e5931f9/1/RPYQ-HLPMbfDIkzSwWacmWg1C3o.mft
rsync://rpki.ripe.net/repository/DEFAULT/RPYQ-HLPMbfDIkzSwWacmWg1C3o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 19:01:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:26:5f:e4:df:28:cd:f9:df:14:f3:3e:2f:4f:84:1b:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=44f610f872cf31b7c3224cd2c1669c9968350b7a
Validity
Not Before: Mar 25 19:01:51 2026 GMT
Not After : Mar 26 19:01:51 2026 GMT
Subject: CN=0f731eb637b867f827c9dd3c9a6302a150cf4740
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fd:9e:6a:c0:d9:4d:9c:b6:cb:0f:b3:d0:18:f2:
67:15:04:ff:f8:4f:fe:ca:41:cb:d5:90:0a:5e:19:
56:ce:74:2b:56:52:c9:47:71:49:48:4d:1a:41:8c:
ac:bb:01:42:95:a6:a8:d1:78:fc:bf:0b:0c:5a:72:
23:4d:4d:54:ad:53:40:1c:a4:14:fb:f9:0f:88:06:
db:55:a8:ae:2c:a0:45:0c:d5:ee:49:cf:2e:79:47:
1d:8f:0c:85:ff:2c:91:34:f3:c2:e6:58:65:16:92:
5e:b3:a0:92:46:35:4e:e7:4f:4c:f6:9e:c4:3c:26:
80:58:96:38:4d:3a:81:70:72:0c:4b:9b:c7:2f:b0:
41:24:65:13:53:df:9d:03:cf:ef:c6:15:22:bb:ad:
11:7f:a5:f0:ad:aa:e4:8d:a5:46:39:dd:12:12:b3:
e9:26:f1:12:c4:e2:ce:7d:f2:8d:11:25:2e:a0:77:
b9:25:4d:5b:15:4b:98:c2:b4:3b:51:e9:a8:dd:4b:
8d:dc:fd:6e:67:35:94:20:17:84:95:dc:d5:ef:34:
d6:8c:08:61:77:5c:3d:b9:8d:b8:b3:10:a0:2d:12:
f6:02:ab:9e:62:48:a7:5e:67:d9:30:48:77:03:fb:
09:11:2f:f5:8a:09:7b:3f:e7:66:6e:9b:2f:fa:66:
ca:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:73:1E:B6:37:B8:67:F8:27:C9:DD:3C:9A:63:02:A1:50:CF:47:40
X509v3 Authority Key Identifier:
keyid:44:F6:10:F8:72:CF:31:B7:C3:22:4C:D2:C1:66:9C:99:68:35:0B:7A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RPYQ-HLPMbfDIkzSwWacmWg1C3o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/7253f0-d825-4dab-801f-9b509e5931f9/1/RPYQ-HLPMbfDIkzSwWacmWg1C3o.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/7253f0-d825-4dab-801f-9b509e5931f9/1/RPYQ-HLPMbfDIkzSwWacmWg1C3o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2e:56:68:33:6c:4a:e8:e7:57:1b:d7:7f:d5:96:09:b9:24:d9:
54:62:c1:f1:e7:b0:dc:87:1b:7d:e0:63:f7:f3:5f:dc:5c:1b:
88:03:30:a8:4f:6c:d9:d6:a4:1a:39:a6:bc:c0:00:53:d7:01:
c8:12:42:67:3d:15:3b:aa:3c:20:e3:50:49:09:fb:70:73:a4:
df:78:a1:33:94:6f:29:7e:c2:67:d3:26:9d:28:ad:10:ed:80:
a7:c8:44:67:93:c2:d2:e7:45:1b:b0:ec:6f:6f:ce:dc:0c:65:
44:89:c2:49:4e:b8:2b:15:88:81:b4:12:cd:7d:b4:6d:cf:2a:
04:67:5f:53:e4:b9:b5:61:2d:81:4b:11:95:3a:fd:91:7e:bf:
0f:38:9b:c9:f3:08:71:23:49:e1:54:87:cb:62:2c:0b:f5:6c:
67:5d:41:7a:24:bc:1a:78:61:db:68:d5:58:62:74:ac:d9:25:
90:eb:cb:2c:1e:24:d4:8a:a3:3d:3b:89:f1:33:c0:ce:3b:58:
22:5c:b8:b9:a3:b2:99:ec:6c:d9:98:62:9f:83:60:5c:0e:21:
f4:08:b6:0e:c6:5b:c3:55:22:0b:da:36:fb:68:d2:cb:0b:b6:
7d:84:45:59:e0:9a:5a:bf:b5:5f:42:22:0a:6c:65:36:2d:e0:
a7:b9:ee:a5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mX+TfKM353xTzPi9PhBuqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0ZjYxMGY4NzJjZjMxYjdjMzIyNGNkMmMxNjY5Yzk5Njgz
NTBiN2EwHhcNMjYwMzI1MTkwMTUxWhcNMjYwMzI2MTkwMTUxWjAzMTEwLwYDVQQD
EygwZjczMWViNjM3Yjg2N2Y4MjdjOWRkM2M5YTYzMDJhMTUwY2Y0NzQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/Z5qwNlNnLbLD7PQGPJnFQT/+E/+
ykHL1ZAKXhlWznQrVlLJR3FJSE0aQYysuwFClaao0Xj8vwsMWnIjTU1UrVNAHKQU
+/kPiAbbVaiuLKBFDNXuSc8ueUcdjwyF/yyRNPPC5lhlFpJes6CSRjVO509M9p7E
PCaAWJY4TTqBcHIMS5vHL7BBJGUTU9+dA8/vxhUiu60Rf6XwrarkjaVGOd0SErPp
JvESxOLOffKNESUuoHe5JU1bFUuYwrQ7Uemo3UuN3P1uZzWUIBeEldzV7zTWjAhh
d1w9uY24sxCgLRL2AqueYkinXmfZMEh3A/sJES/1igl7P+dmbpsv+mbKZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA9zHrY3uGf4J8ndPJpjAqFQz0dAMB8GA1UdIwQY
MBaAFET2EPhyzzG3wyJM0sFmnJloNQt6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlBZUS1ITFBNYmZESWt6U3dXYWNtV2cxQzNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS83MjUzZjAtZDgyNS00ZGFiLTgwMWYt
OWI1MDllNTkzMWY5LzEvUlBZUS1ITFBNYmZESWt6U3dXYWNtV2cxQzNvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS83MjUzZjAtZDgyNS00ZGFiLTgwMWYtOWI1MDllNTkzMWY5
LzEvUlBZUS1ITFBNYmZESWt6U3dXYWNtV2cxQzNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALlZoM2xK
6OdXG9d/1ZYJuSTZVGLB8eew3IcbfeBj9/Nf3FwbiAMwqE9s2dakGjmmvMAAU9cB
yBJCZz0VO6o8IONQSQn7cHOk33ihM5RvKX7CZ9MmnSitEO2Ap8hEZ5PC0udFG7Ds
b2/O3AxlRInCSU64KxWIgbQSzX20bc8qBGdfU+S5tWEtgUsRlTr9kX6/DzibyfMI
cSNJ4VSHy2IsC/VsZ11BeiS8Gnhh22jVWGJ0rNklkOvLLB4k1IqjPTuJ8TPAzjtY
Ily4uaOymexs2Zhin4NgXA4h9Ai2DsZbw1UiC9o2+2jSywu2fYRFWeCaWr+1X0Ii
CmxlNi3gp7nupQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 06:58:58 2026 by rpki-client