Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/e81c1a-0c87-4825-bccc-36b7b1de045d/1/H9nOye0f1PQcCx4w77lshhVTvjY.mft
File: H9nOye0f1PQcCx4w77lshhVTvjY.mft (raw, json)
Hash identifier: rnotzBS9+rWVSX0C+58mEk29VSiHerhaBnND3p0r60g=
Subject key identifier: FA:D4:BA:69:FA:BC:EE:68:13:FB:05:02:28:6B:7C:AC:66:2B:09:46
Authority key identifier: 1F:D9:CE:C9:ED:1F:D4:F4:1C:0B:1E:30:EF:B9:6C:86:15:53:BE:36
Certificate issuer: /CN=1fd9cec9ed1fd4f41c0b1e30efb96c861553be36
Certificate serial: 019E1CEC0B66D80CD42FDC30AAE07B331CD5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H9nOye0f1PQcCx4w77lshhVTvjY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/e81c1a-0c87-4825-bccc-36b7b1de045d/1/H9nOye0f1PQcCx4w77lshhVTvjY.mft
Manifest number: 04E8
Signing time: Tue 12 May 2026 16:01:31 +0000
Manifest this update: Tue 12 May 2026 16:01:31 +0000
Manifest next update: Wed 13 May 2026 16:01:31 +0000
Files and hashes: 1: AGVrI7h1W1sZnmEHrQIXxLRxF1Q.roa (hash: K1nbjcJomqgMcH/NVsTCJWhMoSmEDtw4c8u/MMrHlso=)
2: H9nOye0f1PQcCx4w77lshhVTvjY.crl (hash: Bl3hqTJnlu9+o6JKJn5QSc/e/FMYG3B+qMDpo5FU1m4=)
3: fnZsGtHZZ57ibD1bgR7D-kx03A8.asa (hash: gnq6h8vpZgrDrbXWUtlG5+lFKokphaSsAqWL7zsvVig=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/e81c1a-0c87-4825-bccc-36b7b1de045d/1/H9nOye0f1PQcCx4w77lshhVTvjY.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/e81c1a-0c87-4825-bccc-36b7b1de045d/1/H9nOye0f1PQcCx4w77lshhVTvjY.mft
rsync://rpki.ripe.net/repository/DEFAULT/H9nOye0f1PQcCx4w77lshhVTvjY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 16:01:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:1c:ec:0b:66:d8:0c:d4:2f:dc:30:aa:e0:7b:33:1c:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1fd9cec9ed1fd4f41c0b1e30efb96c861553be36
Validity
Not Before: May 12 16:01:31 2026 GMT
Not After : May 13 16:01:31 2026 GMT
Subject: CN=fad4ba69fabcee6813fb0502286b7cac662b0946
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:c6:15:78:fa:6f:9b:2b:9f:81:14:6c:0d:e1:
6d:a7:88:0e:64:a9:f6:01:39:ab:7c:3f:b9:43:f1:
47:20:f7:4d:11:77:a8:63:b5:f9:16:a0:e1:c2:7b:
7d:e2:0b:b8:ee:b1:64:67:86:a7:60:4a:89:17:9b:
3e:33:d1:e3:4a:50:e5:53:d7:4c:c3:83:72:c9:e2:
88:a6:74:78:11:03:e0:b3:49:7e:e8:99:9d:8f:30:
fd:28:da:ca:bb:fd:3f:e4:c5:0f:f0:c0:0d:6d:0b:
59:2a:d0:be:c4:0a:c0:ed:b1:70:a3:b3:32:31:13:
a7:5e:31:55:b3:73:cd:f6:24:e2:44:a9:f4:50:90:
55:6f:53:9d:27:64:83:1b:54:0b:c0:14:8c:0d:1e:
4a:5c:a6:4f:1d:cc:a6:3a:ab:8a:09:e9:30:26:fc:
ff:5a:9b:95:0b:fd:f9:64:49:3f:3c:27:f2:0e:37:
bd:03:3b:43:7f:e3:65:f1:51:e3:72:0f:57:e0:77:
b5:52:d7:8d:7c:07:49:cf:ac:d4:ff:29:ac:64:94:
cc:4b:03:a5:1f:05:c1:ab:ec:85:1f:03:4d:65:36:
e3:54:80:65:6d:8e:df:da:7b:24:f7:d6:11:0f:ca:
53:51:19:18:7b:26:18:b2:74:93:b9:96:9a:3b:32:
14:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:D4:BA:69:FA:BC:EE:68:13:FB:05:02:28:6B:7C:AC:66:2B:09:46
X509v3 Authority Key Identifier:
keyid:1F:D9:CE:C9:ED:1F:D4:F4:1C:0B:1E:30:EF:B9:6C:86:15:53:BE:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H9nOye0f1PQcCx4w77lshhVTvjY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/e81c1a-0c87-4825-bccc-36b7b1de045d/1/H9nOye0f1PQcCx4w77lshhVTvjY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/e81c1a-0c87-4825-bccc-36b7b1de045d/1/H9nOye0f1PQcCx4w77lshhVTvjY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5f:65:ab:8e:14:8a:b2:0d:56:00:15:6a:55:cc:f9:f4:94:ea:
8c:0a:b3:38:f5:e8:7f:04:1b:f2:86:e7:80:c0:13:2b:ad:fb:
10:3c:51:cd:65:c6:9a:26:ae:7b:0a:60:eb:21:2b:eb:88:52:
e4:be:96:04:c5:10:eb:4f:8b:11:7d:fa:2c:43:de:1b:6c:23:
ac:1a:c8:24:2d:a6:2e:55:35:0f:24:44:dc:c5:08:05:0a:66:
0d:c6:1c:c7:c9:c1:78:2f:5e:66:df:20:84:81:c1:5d:65:6b:
45:94:9b:2f:6d:72:21:8b:c2:eb:7e:b6:a2:2b:a8:d3:8d:c4:
f5:84:8e:1e:c9:0d:71:21:36:e7:ff:a4:6b:e4:3b:ca:00:10:
53:77:da:dc:22:1c:aa:74:c9:fc:c3:f8:d6:82:4f:a2:0c:ca:
1e:00:d5:e6:c0:39:04:a0:09:7b:9e:d5:8b:56:a5:6d:67:7e:
d3:3e:0d:9e:fc:43:1f:d2:9c:43:93:89:0f:7e:17:e8:86:dd:
70:55:ce:2b:4a:b1:90:82:00:1f:98:c2:e2:7b:43:af:a0:ca:
83:8d:f9:93:71:0c:cb:60:78:ed:12:1b:29:2a:65:d6:3e:ab:
db:09:ec:27:3c:c5:19:23:4a:28:50:ec:e6:34:fb:21:9b:a9:
d7:5f:2f:65
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4c7Atm2AzUL9wwquB7MxzVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmZDljZWM5ZWQxZmQ0ZjQxYzBiMWUzMGVmYjk2Yzg2MTU1
M2JlMzYwHhcNMjYwNTEyMTYwMTMxWhcNMjYwNTEzMTYwMTMxWjAzMTEwLwYDVQQD
EyhmYWQ0YmE2OWZhYmNlZTY4MTNmYjA1MDIyODZiN2NhYzY2MmIwOTQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkMYVePpvmyufgRRsDeFtp4gOZKn2
ATmrfD+5Q/FHIPdNEXeoY7X5FqDhwnt94gu47rFkZ4anYEqJF5s+M9HjSlDlU9dM
w4NyyeKIpnR4EQPgs0l+6JmdjzD9KNrKu/0/5MUP8MANbQtZKtC+xArA7bFwo7My
MROnXjFVs3PN9iTiRKn0UJBVb1OdJ2SDG1QLwBSMDR5KXKZPHcymOquKCekwJvz/
WpuVC/35ZEk/PCfyDje9AztDf+Nl8VHjcg9X4He1UteNfAdJz6zU/ymsZJTMSwOl
HwXBq+yFHwNNZTbjVIBlbY7f2nsk99YRD8pTURkYeyYYsnSTuZaaOzIU3wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPrUumn6vO5oE/sFAihrfKxmKwlGMB8GA1UdIwQY
MBaAFB/ZzsntH9T0HAseMO+5bIYVU742MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDluT3llMGYxUFFjQ3g0dzc3bHNoaFZUdmpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9lODFjMWEtMGM4Ny00ODI1LWJjY2Mt
MzZiN2IxZGUwNDVkLzEvSDluT3llMGYxUFFjQ3g0dzc3bHNoaFZUdmpZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9lODFjMWEtMGM4Ny00ODI1LWJjY2MtMzZiN2IxZGUwNDVk
LzEvSDluT3llMGYxUFFjQ3g0dzc3bHNoaFZUdmpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAX2WrjhSK
sg1WABVqVcz59JTqjAqzOPXofwQb8obngMATK637EDxRzWXGmiauewpg6yEr64hS
5L6WBMUQ60+LEX36LEPeG2wjrBrIJC2mLlU1DyRE3MUIBQpmDcYcx8nBeC9eZt8g
hIHBXWVrRZSbL21yIYvC6362oiuo043E9YSOHskNcSE25/+ka+Q7ygAQU3fa3CIc
qnTJ/MP41oJPogzKHgDV5sA5BKAJe57Vi1albWd+0z4NnvxDH9KcQ5OJD34X6Ibd
cFXOK0qxkIIAH5jC4ntDr6DKg435k3EMy2B47RIbKSpl1j6r2wnsJzzFGSNKKFDs
5jT7IZup118vZQ==
-----END CERTIFICATE-----
Generated at Wed May 13 03:43:43 2026 by rpki-client