Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/df4945-f532-4a01-a7fa-53a998de63e3/1/heFWexaBgzyUSl8mQKngO-jvC_Q.mft
File: heFWexaBgzyUSl8mQKngO-jvC_Q.mft (raw, json)
Hash identifier: NQjVo7r5liCqrBzl49hvb4GDIdFOb9bflHcQS/QPc+4=
Subject key identifier: EF:F4:6F:4A:CB:6D:94:74:02:3E:52:38:D9:D1:38:7F:41:B3:84:53
Authority key identifier: 85:E1:56:7B:16:81:83:3C:94:4A:5F:26:40:A9:E0:3B:E8:EF:0B:F4
Certificate issuer: /CN=85e1567b1681833c944a5f2640a9e03be8ef0bf4
Certificate serial: 019D284D7FB8C958F9178534FCB03532DFF9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/heFWexaBgzyUSl8mQKngO-jvC_Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/df4945-f532-4a01-a7fa-53a998de63e3/1/heFWexaBgzyUSl8mQKngO-jvC_Q.mft
Manifest number: 1195
Signing time: Thu 26 Mar 2026 04:01:00 +0000
Manifest this update: Thu 26 Mar 2026 04:01:00 +0000
Manifest next update: Fri 27 Mar 2026 04:01:00 +0000
Files and hashes: 1: Hh7KFktywM-1-107eqrB5yEmn-8.roa (hash: QGn4U4QC+cKt83SkTXHhg4z++P/aykfUDnj2eiXvebY=)
2: heFWexaBgzyUSl8mQKngO-jvC_Q.crl (hash: NyXKDjpXJCrM9ZFjDnsyJZQzf1I7qOIjRj4QkDXcLtY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2c/df4945-f532-4a01-a7fa-53a998de63e3/1/heFWexaBgzyUSl8mQKngO-jvC_Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/2c/df4945-f532-4a01-a7fa-53a998de63e3/1/heFWexaBgzyUSl8mQKngO-jvC_Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/heFWexaBgzyUSl8mQKngO-jvC_Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 04:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:28:4d:7f:b8:c9:58:f9:17:85:34:fc:b0:35:32:df:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85e1567b1681833c944a5f2640a9e03be8ef0bf4
Validity
Not Before: Mar 26 04:01:00 2026 GMT
Not After : Mar 27 04:01:00 2026 GMT
Subject: CN=eff46f4acb6d9474023e5238d9d1387f41b38453
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:40:dd:dc:a9:66:f5:4e:cc:c1:f1:7b:3d:92:
26:2b:f3:e0:4b:d8:6a:15:1d:9f:25:24:82:57:8a:
ae:2d:3a:31:52:88:8e:1c:a1:5d:d8:a0:f6:3f:ff:
19:8d:91:b9:79:4e:8e:ea:d6:a8:e8:11:9b:6b:c8:
cd:f8:e0:14:30:27:6a:22:43:7e:81:de:12:d7:fa:
99:9b:ce:46:26:ad:e0:5e:ab:25:e9:63:b9:51:1f:
70:32:b0:03:8e:45:2b:80:9c:06:e9:e7:ce:98:34:
f5:96:55:ea:08:5b:e4:8a:60:f1:84:53:59:63:cc:
12:97:87:2e:2b:54:0a:93:16:c2:e0:dc:69:0b:03:
7d:3e:f7:df:f2:21:37:31:35:21:4e:02:21:06:68:
9d:9a:20:82:58:1a:41:12:6f:4d:18:e1:b0:8e:ab:
15:b1:38:91:b0:6d:3e:a6:70:8e:b7:a5:12:eb:e9:
a1:b5:ac:0f:34:b1:f0:d7:1a:fe:6d:4d:30:75:5d:
da:68:4d:cd:64:d4:2b:9d:a2:55:b6:5f:01:81:ac:
66:a2:50:97:2c:93:53:23:86:e4:ea:0a:f0:9e:ec:
8f:30:d0:bc:26:2b:bc:ad:04:6c:53:ba:63:c7:63:
2a:70:56:98:a7:9a:69:fc:a8:6e:d1:c0:1d:5f:10:
ef:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:F4:6F:4A:CB:6D:94:74:02:3E:52:38:D9:D1:38:7F:41:B3:84:53
X509v3 Authority Key Identifier:
keyid:85:E1:56:7B:16:81:83:3C:94:4A:5F:26:40:A9:E0:3B:E8:EF:0B:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/heFWexaBgzyUSl8mQKngO-jvC_Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/df4945-f532-4a01-a7fa-53a998de63e3/1/heFWexaBgzyUSl8mQKngO-jvC_Q.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/df4945-f532-4a01-a7fa-53a998de63e3/1/heFWexaBgzyUSl8mQKngO-jvC_Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
60:b2:75:43:82:c9:25:e1:17:54:ba:7e:68:c4:97:b0:0e:e1:
bb:a0:12:7c:e7:e8:a4:4d:1b:05:aa:1d:69:39:bf:f5:b9:86:
57:d1:65:7a:69:7e:0b:be:0b:2b:98:e4:49:22:8e:ec:a3:f5:
a6:be:ea:25:de:5f:44:40:09:ff:f6:d1:39:e4:15:b5:28:26:
97:ea:96:9c:4a:80:3e:f0:a1:13:f3:2a:8f:d0:83:4f:71:58:
94:13:79:33:12:28:d1:9d:e1:6c:3b:ff:23:b9:10:52:b6:4e:
af:fa:26:b8:18:f7:10:e4:35:ae:49:f1:83:44:04:cf:da:1e:
22:b9:63:9e:1b:17:d5:80:d2:cb:ec:ec:f7:19:cd:0e:1f:94:
19:6f:50:34:a4:a8:82:78:b8:1d:52:a3:91:60:80:a2:cd:14:
78:26:64:d2:6e:69:49:85:54:78:b7:94:37:b2:3e:81:5d:3b:
d4:2a:87:26:09:2f:c8:55:4f:23:c4:98:58:44:34:13:c1:d3:
45:61:73:c9:03:82:cb:2d:ea:c4:22:5a:f3:f9:7f:df:06:b9:
01:3c:9a:b9:d2:6b:c5:15:e5:98:0d:1c:70:b4:78:f5:5d:4e:
fb:c9:93:5a:92:ee:cd:75:ad:16:b2:03:81:02:6b:b0:e5:a2:
01:5d:8b:83
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0oTX+4yVj5F4U0/LA1Mt/5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1ZTE1NjdiMTY4MTgzM2M5NDRhNWYyNjQwYTllMDNiZThl
ZjBiZjQwHhcNMjYwMzI2MDQwMTAwWhcNMjYwMzI3MDQwMTAwWjAzMTEwLwYDVQQD
EyhlZmY0NmY0YWNiNmQ5NDc0MDIzZTUyMzhkOWQxMzg3ZjQxYjM4NDUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn0Dd3Klm9U7MwfF7PZImK/PgS9hq
FR2fJSSCV4quLToxUoiOHKFd2KD2P/8ZjZG5eU6O6tao6BGba8jN+OAUMCdqIkN+
gd4S1/qZm85GJq3gXqsl6WO5UR9wMrADjkUrgJwG6efOmDT1llXqCFvkimDxhFNZ
Y8wSl4cuK1QKkxbC4NxpCwN9Pvff8iE3MTUhTgIhBmidmiCCWBpBEm9NGOGwjqsV
sTiRsG0+pnCOt6US6+mhtawPNLHw1xr+bU0wdV3aaE3NZNQrnaJVtl8BgaxmolCX
LJNTI4bk6grwnuyPMNC8Jiu8rQRsU7pjx2MqcFaYp5pp/Khu0cAdXxDvnQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO/0b0rLbZR0Aj5SONnROH9Bs4RTMB8GA1UdIwQY
MBaAFIXhVnsWgYM8lEpfJkCp4Dvo7wv0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGVGV2V4YUJnenlVU2w4bVFLbmdPLWp2Q19RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy9kZjQ5NDUtZjUzMi00YTAxLWE3ZmEt
NTNhOTk4ZGU2M2UzLzEvaGVGV2V4YUJnenlVU2w4bVFLbmdPLWp2Q19RLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy9kZjQ5NDUtZjUzMi00YTAxLWE3ZmEtNTNhOTk4ZGU2M2Uz
LzEvaGVGV2V4YUJnenlVU2w4bVFLbmdPLWp2Q19RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYLJ1Q4LJ
JeEXVLp+aMSXsA7hu6ASfOfopE0bBaodaTm/9bmGV9Fleml+C74LK5jkSSKO7KP1
pr7qJd5fREAJ//bROeQVtSgml+qWnEqAPvChE/Mqj9CDT3FYlBN5MxIo0Z3hbDv/
I7kQUrZOr/omuBj3EOQ1rknxg0QEz9oeIrljnhsX1YDSy+zs9xnNDh+UGW9QNKSo
gni4HVKjkWCAos0UeCZk0m5pSYVUeLeUN7I+gV071CqHJgkvyFVPI8SYWEQ0E8HT
RWFzyQOCyy3qxCJa8/l/3wa5ATyaudJrxRXlmA0ccLR49V1O+8mTWpLuzXWtFrID
gQJrsOWiAV2Lgw==
-----END CERTIFICATE-----
Generated at Thu Mar 26 15:43:13 2026 by rpki-client