Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/c8406d-a564-4795-98b0-868160668382/1/HK37nPzahCYhLdfYhztf5ItBLyo.mft
File: HK37nPzahCYhLdfYhztf5ItBLyo.mft (raw, json)
Hash identifier: tIWZMhh/T5Oz3nn0oMvHuowqMJ+9g4PVg2GYY2vAy0o=
Subject key identifier: 9C:80:33:50:95:27:C0:11:E4:3A:88:1E:5D:7B:C7:3F:16:AA:A5:51
Authority key identifier: 1C:AD:FB:9C:FC:DA:84:26:21:2D:D7:D8:87:3B:5F:E4:8B:41:2F:2A
Certificate issuer: /CN=1cadfb9cfcda8426212dd7d8873b5fe48b412f2a
Certificate serial: 019D28F318D5C01D85450120D398B3732C50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HK37nPzahCYhLdfYhztf5ItBLyo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/c8406d-a564-4795-98b0-868160668382/1/HK37nPzahCYhLdfYhztf5ItBLyo.mft
Manifest number: 1387
Signing time: Thu 26 Mar 2026 07:01:53 +0000
Manifest this update: Thu 26 Mar 2026 07:01:53 +0000
Manifest next update: Fri 27 Mar 2026 07:01:53 +0000
Files and hashes: 1: HK37nPzahCYhLdfYhztf5ItBLyo.crl (hash: 7GqRuQKIMlWXXRzMDAxmxwbVVm5beGqQAMtSQzPDAGc=)
2: XKQN9GdCDnkkYw875rkSfXAvJBg.roa (hash: fV6EdFaVajqg4dj/k6xrLoqomy/vlK7OlhjNnf6pmQA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/43/c8406d-a564-4795-98b0-868160668382/1/HK37nPzahCYhLdfYhztf5ItBLyo.crl
rsync://rpki.ripe.net/repository/DEFAULT/43/c8406d-a564-4795-98b0-868160668382/1/HK37nPzahCYhLdfYhztf5ItBLyo.mft
rsync://rpki.ripe.net/repository/DEFAULT/HK37nPzahCYhLdfYhztf5ItBLyo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 07:01:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:28:f3:18:d5:c0:1d:85:45:01:20:d3:98:b3:73:2c:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1cadfb9cfcda8426212dd7d8873b5fe48b412f2a
Validity
Not Before: Mar 26 07:01:53 2026 GMT
Not After : Mar 27 07:01:53 2026 GMT
Subject: CN=9c8033509527c011e43a881e5d7bc73f16aaa551
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:40:e7:62:20:4b:8f:e6:a2:eb:31:73:1d:bc:
6d:a6:ca:e8:17:29:15:7a:5f:e1:02:4c:9b:af:e5:
cf:93:c9:ff:a7:11:b4:08:a8:1a:4c:c4:9f:83:07:
72:c8:db:76:b1:ea:c8:ed:78:74:d0:86:39:61:22:
b5:0c:82:84:b1:10:fc:a9:35:d9:41:af:68:88:c5:
45:e8:ea:28:42:f3:98:1f:b4:84:31:cb:cc:2f:37:
13:c5:65:fb:0d:a3:1d:ce:a9:29:6f:fe:ac:6d:2d:
a0:c9:d2:ff:a8:49:04:ae:6f:fd:08:c1:a4:a3:11:
89:33:e5:89:d2:e7:9f:91:ff:b3:21:22:e7:10:98:
02:37:1d:40:6f:8c:42:e0:62:e2:dd:a6:33:7b:f5:
e4:7a:97:22:f9:e0:2a:78:b6:bf:cb:8b:dd:06:14:
4b:da:62:60:cd:fd:5c:d5:8d:52:99:31:25:1d:5b:
9c:59:73:d6:aa:7f:8f:9b:c0:3b:91:26:2c:9e:97:
c5:82:a6:96:f3:be:d2:2b:2a:b4:76:11:95:b5:09:
d9:49:16:94:ee:27:24:f4:74:56:25:b2:db:2b:6e:
e3:84:f3:e0:3c:81:0d:60:0d:73:83:2b:e1:82:a2:
e6:6e:b0:fe:30:a2:81:2a:98:b0:b2:dd:9d:f1:e4:
1b:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:80:33:50:95:27:C0:11:E4:3A:88:1E:5D:7B:C7:3F:16:AA:A5:51
X509v3 Authority Key Identifier:
keyid:1C:AD:FB:9C:FC:DA:84:26:21:2D:D7:D8:87:3B:5F:E4:8B:41:2F:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HK37nPzahCYhLdfYhztf5ItBLyo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/c8406d-a564-4795-98b0-868160668382/1/HK37nPzahCYhLdfYhztf5ItBLyo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/c8406d-a564-4795-98b0-868160668382/1/HK37nPzahCYhLdfYhztf5ItBLyo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
61:9c:0d:c8:7e:1a:29:ad:2c:cd:f2:6a:79:20:39:1c:1a:31:
93:d5:a3:dc:d2:6e:cd:13:44:1c:ef:b2:e4:f4:cf:5c:69:bd:
fe:3c:97:5f:d5:59:f3:c5:37:85:b0:c7:41:99:7b:f7:16:50:
3b:ad:1a:6a:c6:1e:e5:b0:18:53:6e:43:22:90:62:88:2f:d5:
85:88:76:25:e4:e6:39:b5:2e:29:7a:f3:20:7b:d2:1a:64:5e:
b9:98:07:68:de:2e:39:dc:a6:1f:6a:32:c2:0a:f2:ea:42:3c:
80:5f:6c:f6:1c:8d:70:ee:d7:63:4d:cf:03:0d:6c:19:fd:45:
9e:af:0e:2c:58:b5:73:79:1b:9e:ef:6a:07:5f:1d:fa:b7:1d:
e5:a5:fe:5c:8a:a3:38:3c:af:ef:a0:15:05:da:fa:34:3e:93:
db:f4:61:75:47:15:f1:da:00:98:8a:23:12:f1:ff:33:9a:a6:
60:e7:fb:f5:df:92:d2:e6:cf:f2:46:d7:4d:31:f7:48:ef:8e:
2c:19:46:46:b0:40:34:41:00:15:f8:d7:7e:19:9a:97:c0:9a:
f0:c8:fe:14:94:79:b7:02:31:3a:cd:8b:04:fb:7c:e4:83:84:
b9:e4:fb:55:44:d9:e3:c2:24:fa:a2:c3:fd:c0:43:b2:5e:a6:
be:75:ca:b2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0o8xjVwB2FRQEg05izcyxQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjYWRmYjljZmNkYTg0MjYyMTJkZDdkODg3M2I1ZmU0OGI0
MTJmMmEwHhcNMjYwMzI2MDcwMTUzWhcNMjYwMzI3MDcwMTUzWjAzMTEwLwYDVQQD
Eyg5YzgwMzM1MDk1MjdjMDExZTQzYTg4MWU1ZDdiYzczZjE2YWFhNTUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp0DnYiBLj+ai6zFzHbxtpsroFykV
el/hAkybr+XPk8n/pxG0CKgaTMSfgwdyyNt2serI7Xh00IY5YSK1DIKEsRD8qTXZ
Qa9oiMVF6OooQvOYH7SEMcvMLzcTxWX7DaMdzqkpb/6sbS2gydL/qEkErm/9CMGk
oxGJM+WJ0uefkf+zISLnEJgCNx1Ab4xC4GLi3aYze/Xkepci+eAqeLa/y4vdBhRL
2mJgzf1c1Y1SmTElHVucWXPWqn+Pm8A7kSYsnpfFgqaW877SKyq0dhGVtQnZSRaU
7ick9HRWJbLbK27jhPPgPIENYA1zgyvhgqLmbrD+MKKBKpiwst2d8eQbmQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJyAM1CVJ8AR5DqIHl17xz8WqqVRMB8GA1UdIwQY
MBaAFByt+5z82oQmIS3X2Ic7X+SLQS8qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEszN25QemFoQ1loTGRmWWh6dGY1SXRCTHlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My9jODQwNmQtYTU2NC00Nzk1LTk4YjAt
ODY4MTYwNjY4MzgyLzEvSEszN25QemFoQ1loTGRmWWh6dGY1SXRCTHlvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My9jODQwNmQtYTU2NC00Nzk1LTk4YjAtODY4MTYwNjY4Mzgy
LzEvSEszN25QemFoQ1loTGRmWWh6dGY1SXRCTHlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYZwNyH4a
Ka0szfJqeSA5HBoxk9Wj3NJuzRNEHO+y5PTPXGm9/jyXX9VZ88U3hbDHQZl79xZQ
O60aasYe5bAYU25DIpBiiC/VhYh2JeTmObUuKXrzIHvSGmReuZgHaN4uOdymH2oy
wgry6kI8gF9s9hyNcO7XY03PAw1sGf1Fnq8OLFi1c3kbnu9qB18d+rcd5aX+XIqj
ODyv76AVBdr6ND6T2/RhdUcV8doAmIojEvH/M5qmYOf79d+S0ubP8kbXTTH3SO+O
LBlGRrBANEEAFfjXfhmal8Ca8Mj+FJR5twIxOs2LBPt85IOEueT7VUTZ48Ik+qLD
/cBDsl6mvnXKsg==
-----END CERTIFICATE-----
Generated at Thu Mar 26 16:44:21 2026 by rpki-client