Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/e81c1a-0c87-4825-bccc-36b7b1de045d/1/H9nOye0f1PQcCx4w77lshhVTvjY.mft
File: H9nOye0f1PQcCx4w77lshhVTvjY.mft (raw, json)
Hash identifier: 2XGgr7uOzDhNDoINQFv26PGMBx4R0IBeriqavjfqFJ8=
Subject key identifier: 9A:80:25:AC:55:27:00:EC:B1:11:39:79:F6:CE:31:AC:14:AB:A9:2E
Authority key identifier: 1F:D9:CE:C9:ED:1F:D4:F4:1C:0B:1E:30:EF:B9:6C:86:15:53:BE:36
Certificate issuer: /CN=1fd9cec9ed1fd4f41c0b1e30efb96c861553be36
Certificate serial: 019D25BAC3B465507046D312D3D2D7766CA3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H9nOye0f1PQcCx4w77lshhVTvjY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/e81c1a-0c87-4825-bccc-36b7b1de045d/1/H9nOye0f1PQcCx4w77lshhVTvjY.mft
Manifest number: 0468
Signing time: Wed 25 Mar 2026 16:01:29 +0000
Manifest this update: Wed 25 Mar 2026 16:01:29 +0000
Manifest next update: Thu 26 Mar 2026 16:01:29 +0000
Files and hashes: 1: AGVrI7h1W1sZnmEHrQIXxLRxF1Q.roa (hash: K1nbjcJomqgMcH/NVsTCJWhMoSmEDtw4c8u/MMrHlso=)
2: H9nOye0f1PQcCx4w77lshhVTvjY.crl (hash: gxDB0s4nq1Y9XbU+p6eLQu1GfmkghbbJTQJdcblyWfQ=)
3: fnZsGtHZZ57ibD1bgR7D-kx03A8.asa (hash: gnq6h8vpZgrDrbXWUtlG5+lFKokphaSsAqWL7zsvVig=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/e81c1a-0c87-4825-bccc-36b7b1de045d/1/H9nOye0f1PQcCx4w77lshhVTvjY.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/e81c1a-0c87-4825-bccc-36b7b1de045d/1/H9nOye0f1PQcCx4w77lshhVTvjY.mft
rsync://rpki.ripe.net/repository/DEFAULT/H9nOye0f1PQcCx4w77lshhVTvjY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:25:ba:c3:b4:65:50:70:46:d3:12:d3:d2:d7:76:6c:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1fd9cec9ed1fd4f41c0b1e30efb96c861553be36
Validity
Not Before: Mar 25 16:01:29 2026 GMT
Not After : Mar 26 16:01:29 2026 GMT
Subject: CN=9a8025ac552700ecb1113979f6ce31ac14aba92e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:8e:ac:2a:65:86:e1:3e:d4:ca:9e:60:b5:86:
92:49:3d:90:a5:3c:55:6e:8e:cb:d3:17:b2:cf:fe:
b7:cc:50:c9:04:6f:65:fb:a2:fa:1d:cf:f1:b8:f7:
0e:89:80:c9:6a:13:04:91:43:de:c1:f8:8b:63:46:
6e:83:37:2e:3b:39:2c:f8:3a:dd:df:8a:a1:fe:3c:
83:2f:17:28:85:d2:5c:90:55:dd:44:53:3f:80:3c:
5a:9a:4e:99:43:9f:ec:7c:b7:d3:fe:13:d4:ea:08:
7a:d7:26:2a:fd:83:a2:06:aa:a1:32:2f:21:e3:95:
eb:62:26:5e:e7:71:94:f4:e1:32:26:5a:97:80:7b:
8c:78:a5:b3:01:85:a0:7a:57:ce:66:bd:08:7d:db:
ef:ce:69:25:20:ae:16:7f:83:c0:05:4c:0b:6e:e7:
96:86:17:27:81:10:28:97:43:09:a8:62:fe:03:2a:
9c:b3:ce:6f:33:08:9a:e4:9e:5c:ba:5e:e2:24:ad:
55:2e:e0:5b:91:17:82:35:b6:85:f7:c4:58:00:d9:
6f:93:8b:44:88:7c:c8:de:1f:e8:b9:5d:8c:8e:de:
f3:19:5c:c5:90:78:41:2a:4e:1f:13:23:bc:90:17:
5e:c5:0d:63:e3:b8:94:d4:3c:d0:46:67:79:ba:07:
82:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:80:25:AC:55:27:00:EC:B1:11:39:79:F6:CE:31:AC:14:AB:A9:2E
X509v3 Authority Key Identifier:
keyid:1F:D9:CE:C9:ED:1F:D4:F4:1C:0B:1E:30:EF:B9:6C:86:15:53:BE:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H9nOye0f1PQcCx4w77lshhVTvjY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/e81c1a-0c87-4825-bccc-36b7b1de045d/1/H9nOye0f1PQcCx4w77lshhVTvjY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/e81c1a-0c87-4825-bccc-36b7b1de045d/1/H9nOye0f1PQcCx4w77lshhVTvjY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
77:94:a6:34:1c:d2:cb:8d:f5:8d:bd:b3:64:1f:c3:e9:d5:b5:
d2:0e:22:4b:cd:a0:44:94:60:a5:79:16:3c:79:73:f8:98:7c:
00:04:b2:8c:90:2b:63:ae:7e:46:18:63:e3:ae:e9:dd:aa:b6:
45:98:3b:1e:26:05:40:f3:69:58:dd:e1:a4:fd:15:db:8b:29:
1f:f9:ae:73:05:aa:82:ab:ca:27:35:95:3d:3c:53:81:ce:8e:
af:75:0d:44:72:58:50:bf:69:d9:46:24:e9:8f:b2:61:76:d8:
e5:67:25:53:e7:29:12:a5:87:e1:c3:75:cf:b5:08:43:61:64:
bf:46:a4:dc:b3:e6:20:ea:ed:6c:ce:7e:96:cb:cb:28:68:a5:
8b:5b:2d:18:f9:be:34:87:64:de:2f:f6:16:b6:94:39:6b:e3:
18:c9:d4:68:c2:30:0f:86:d4:75:db:fd:c9:50:33:b1:df:0f:
65:c3:01:d5:ce:84:00:76:84:95:05:17:43:39:ac:ee:e9:58:
67:30:b5:aa:8c:27:88:3d:00:9c:0d:bf:28:a3:fa:07:77:60:
b2:03:d8:60:93:da:bd:ee:e9:c8:80:2f:74:c2:84:3a:91:10:
83:6c:1d:ed:af:fb:7d:f9:3f:a3:10:8c:87:a5:47:fc:2a:90:
29:78:54:cf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0lusO0ZVBwRtMS09LXdmyjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmZDljZWM5ZWQxZmQ0ZjQxYzBiMWUzMGVmYjk2Yzg2MTU1
M2JlMzYwHhcNMjYwMzI1MTYwMTI5WhcNMjYwMzI2MTYwMTI5WjAzMTEwLwYDVQQD
Eyg5YTgwMjVhYzU1MjcwMGVjYjExMTM5NzlmNmNlMzFhYzE0YWJhOTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlI6sKmWG4T7Uyp5gtYaSST2QpTxV
bo7L0xeyz/63zFDJBG9l+6L6Hc/xuPcOiYDJahMEkUPewfiLY0ZugzcuOzks+Drd
34qh/jyDLxcohdJckFXdRFM/gDxamk6ZQ5/sfLfT/hPU6gh61yYq/YOiBqqhMi8h
45XrYiZe53GU9OEyJlqXgHuMeKWzAYWgelfOZr0IfdvvzmklIK4Wf4PABUwLbueW
hhcngRAol0MJqGL+Ayqcs85vMwia5J5cul7iJK1VLuBbkReCNbaF98RYANlvk4tE
iHzI3h/ouV2Mjt7zGVzFkHhBKk4fEyO8kBdexQ1j47iU1DzQRmd5ugeCqwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJqAJaxVJwDssRE5efbOMawUq6kuMB8GA1UdIwQY
MBaAFB/ZzsntH9T0HAseMO+5bIYVU742MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDluT3llMGYxUFFjQ3g0dzc3bHNoaFZUdmpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9lODFjMWEtMGM4Ny00ODI1LWJjY2Mt
MzZiN2IxZGUwNDVkLzEvSDluT3llMGYxUFFjQ3g0dzc3bHNoaFZUdmpZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9lODFjMWEtMGM4Ny00ODI1LWJjY2MtMzZiN2IxZGUwNDVk
LzEvSDluT3llMGYxUFFjQ3g0dzc3bHNoaFZUdmpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAd5SmNBzS
y431jb2zZB/D6dW10g4iS82gRJRgpXkWPHlz+Jh8AASyjJArY65+Rhhj467p3aq2
RZg7HiYFQPNpWN3hpP0V24spH/mucwWqgqvKJzWVPTxTgc6Or3UNRHJYUL9p2UYk
6Y+yYXbY5WclU+cpEqWH4cN1z7UIQ2Fkv0ak3LPmIOrtbM5+lsvLKGili1stGPm+
NIdk3i/2FraUOWvjGMnUaMIwD4bUddv9yVAzsd8PZcMB1c6EAHaElQUXQzms7ulY
ZzC1qowniD0AnA2/KKP6B3dgsgPYYJPave7pyIAvdMKEOpEQg2wd7a/7ffk/oxCM
h6VH/CqQKXhUzw==
-----END CERTIFICATE-----
Generated at Wed Mar 25 21:25:46 2026 by rpki-client