Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/3f133f-1c81-4a4b-a255-3e3646591aa0/1/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.mft
File: hkq9Q1-JnVcKjl-4O9rRFTRV3uA.mft (raw, json)
Hash identifier: U3iRFN+mHQvLIyQpdr6kqSCFfTe/iNmjljnlEWgtJ2M=
Subject key identifier: 5E:77:5B:58:99:3E:FF:5B:C3:D5:54:4A:45:7C:09:D8:53:BE:30:8F
Authority key identifier: 86:4A:BD:43:5F:89:9D:57:0A:8E:5F:B8:3B:DA:D1:15:34:55:DE:E0
Certificate issuer: /CN=864abd435f899d570a8e5fb83bdad1153455dee0
Certificate serial: 019D26CCF1D16B98600DB73D06F3F512A36C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/3f133f-1c81-4a4b-a255-3e3646591aa0/1/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.mft
Manifest number: 1888
Signing time: Wed 25 Mar 2026 21:00:58 +0000
Manifest this update: Wed 25 Mar 2026 21:00:58 +0000
Manifest next update: Thu 26 Mar 2026 21:00:58 +0000
Files and hashes: 1: FKPDUKEH3RWf-_A6oyRKO4_LVBY.roa (hash: hV9SiFdAv7sVh4TN2I3na70oOpO2IrQF3ksLQ7b5hl8=)
2: hkq9Q1-JnVcKjl-4O9rRFTRV3uA.crl (hash: us+we43FRFOsrIH/eiU5S5YQ8EqTQp6tnd7kszT7ZYQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/3f133f-1c81-4a4b-a255-3e3646591aa0/1/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/3f133f-1c81-4a4b-a255-3e3646591aa0/1/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.mft
rsync://rpki.ripe.net/repository/DEFAULT/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:26:cc:f1:d1:6b:98:60:0d:b7:3d:06:f3:f5:12:a3:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=864abd435f899d570a8e5fb83bdad1153455dee0
Validity
Not Before: Mar 25 21:00:58 2026 GMT
Not After : Mar 26 21:00:58 2026 GMT
Subject: CN=5e775b58993eff5bc3d5544a457c09d853be308f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:0d:70:c0:08:0d:06:e6:89:f9:9c:e5:cd:ed:
46:d6:2b:c4:e7:b9:88:b0:d8:82:ba:c8:42:46:31:
91:a1:31:02:c9:e6:fc:72:f0:0f:0e:65:ab:55:db:
f2:dd:1c:37:ea:f8:a4:4c:e5:70:2c:b6:99:92:a5:
fe:90:e4:7c:23:fc:37:3c:61:ac:40:95:17:44:0f:
ec:77:6e:6c:f4:38:20:3b:9b:59:57:3b:26:00:6b:
13:29:2a:84:27:42:8b:26:8e:da:a3:56:c0:10:1d:
b3:5f:6e:c8:31:15:68:f7:de:67:07:83:40:d9:f4:
c4:56:52:a7:84:64:31:85:b9:49:af:ce:af:62:04:
b1:0b:fe:3f:16:28:1d:03:20:69:43:5d:0a:c9:79:
28:8f:05:db:07:93:52:61:bd:0c:a5:7a:10:5d:87:
dd:49:d9:17:4c:ab:c8:47:7b:17:42:6a:cc:ed:3a:
e4:46:0b:ed:ef:00:49:e2:dd:e1:e6:f8:07:94:ae:
e3:22:ee:89:2d:58:06:23:a9:0a:d3:f5:ff:79:16:
10:72:95:b6:93:27:48:81:f2:fb:0a:28:c3:41:8d:
05:17:c8:1d:2f:14:f8:53:27:67:56:1d:7c:b4:3d:
0e:1d:29:43:9c:25:74:5e:67:57:6d:05:60:1b:38:
a0:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:77:5B:58:99:3E:FF:5B:C3:D5:54:4A:45:7C:09:D8:53:BE:30:8F
X509v3 Authority Key Identifier:
keyid:86:4A:BD:43:5F:89:9D:57:0A:8E:5F:B8:3B:DA:D1:15:34:55:DE:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/3f133f-1c81-4a4b-a255-3e3646591aa0/1/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/3f133f-1c81-4a4b-a255-3e3646591aa0/1/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1c:09:d9:3c:2e:55:9a:64:c2:44:87:4c:82:3f:40:3f:8d:98:
b1:66:e6:28:49:41:78:bf:0a:26:45:bb:7d:09:b9:62:85:a6:
ec:3d:cc:e9:aa:a3:93:26:94:26:71:95:45:c0:a9:10:a6:04:
82:bc:0c:91:0e:f0:43:c6:36:c3:81:53:56:44:ec:ee:d0:5b:
f3:6e:7f:7d:71:8a:44:89:64:57:7a:84:d4:ca:b3:75:51:c5:
e5:e1:a7:d6:8f:28:5e:cb:e3:ba:ef:d4:8e:24:0f:da:50:5c:
67:c4:bc:22:45:6a:91:d7:7b:57:cb:34:3f:cc:90:e6:ad:25:
eb:c3:e2:5e:b1:0e:6d:c1:0b:31:25:b8:a9:e3:ce:9d:47:16:
46:28:4d:28:c7:87:18:10:a0:9c:1b:06:ca:ef:a1:2e:e1:33:
68:41:41:3a:fc:15:71:98:1e:a4:a9:c8:32:0e:88:e2:cf:9c:
01:4a:bb:84:41:27:f5:9a:b3:70:7d:29:ab:3d:2a:26:9f:07:
2e:41:45:c1:21:eb:18:f1:95:b6:85:f5:1b:95:3c:2f:54:53:
6e:8e:f4:dd:88:8d:80:70:50:40:d1:1c:7c:47:36:8a:72:f4:
b0:e3:d3:e0:47:78:b8:e9:6e:7a:7f:e5:e4:aa:df:70:0e:f7:
fb:17:f1:ca
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mzPHRa5hgDbc9BvP1EqNsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2NGFiZDQzNWY4OTlkNTcwYThlNWZiODNiZGFkMTE1MzQ1
NWRlZTAwHhcNMjYwMzI1MjEwMDU4WhcNMjYwMzI2MjEwMDU4WjAzMTEwLwYDVQQD
Eyg1ZTc3NWI1ODk5M2VmZjViYzNkNTU0NGE0NTdjMDlkODUzYmUzMDhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAug1wwAgNBuaJ+Zzlze1G1ivE57mI
sNiCushCRjGRoTECyeb8cvAPDmWrVdvy3Rw36vikTOVwLLaZkqX+kOR8I/w3PGGs
QJUXRA/sd25s9DggO5tZVzsmAGsTKSqEJ0KLJo7ao1bAEB2zX27IMRVo995nB4NA
2fTEVlKnhGQxhblJr86vYgSxC/4/FigdAyBpQ10KyXkojwXbB5NSYb0MpXoQXYfd
SdkXTKvIR3sXQmrM7TrkRgvt7wBJ4t3h5vgHlK7jIu6JLVgGI6kK0/X/eRYQcpW2
kydIgfL7CijDQY0FF8gdLxT4UydnVh18tD0OHSlDnCV0XmdXbQVgGziguQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF53W1iZPv9bw9VUSkV8CdhTvjCPMB8GA1UdIwQY
MBaAFIZKvUNfiZ1XCo5fuDva0RU0Vd7gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGtxOVExLUpuVmNLamwtNE85clJGVFJWM3VBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS8zZjEzM2YtMWM4MS00YTRiLWEyNTUt
M2UzNjQ2NTkxYWEwLzEvaGtxOVExLUpuVmNLamwtNE85clJGVFJWM3VBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS8zZjEzM2YtMWM4MS00YTRiLWEyNTUtM2UzNjQ2NTkxYWEw
LzEvaGtxOVExLUpuVmNLamwtNE85clJGVFJWM3VBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHAnZPC5V
mmTCRIdMgj9AP42YsWbmKElBeL8KJkW7fQm5YoWm7D3M6aqjkyaUJnGVRcCpEKYE
grwMkQ7wQ8Y2w4FTVkTs7tBb825/fXGKRIlkV3qE1MqzdVHF5eGn1o8oXsvjuu/U
jiQP2lBcZ8S8IkVqkdd7V8s0P8yQ5q0l68PiXrEObcELMSW4qePOnUcWRihNKMeH
GBCgnBsGyu+hLuEzaEFBOvwVcZgepKnIMg6I4s+cAUq7hEEn9ZqzcH0pqz0qJp8H
LkFFwSHrGPGVtoX1G5U8L1RTbo703YiNgHBQQNEcfEc2inL0sOPT4Ed4uOluen/l
5KrfcA73+xfxyg==
-----END CERTIFICATE-----
Generated at Thu Mar 26 00:57:04 2026 by rpki-client