Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/c8406d-a564-4795-98b0-868160668382/1/HK37nPzahCYhLdfYhztf5ItBLyo.mft
File: HK37nPzahCYhLdfYhztf5ItBLyo.mft (raw, json)
Hash identifier: oKKLUqNzM9BLtYh+McuaP4R+oyK/HQ3v7aufvPT4uVk=
Subject key identifier: 4C:41:D0:15:08:0A:27:BB:53:5E:73:EB:B4:20:7D:C0:76:07:80:7C
Authority key identifier: 1C:AD:FB:9C:FC:DA:84:26:21:2D:D7:D8:87:3B:5F:E4:8B:41:2F:2A
Certificate issuer: /CN=1cadfb9cfcda8426212dd7d8873b5fe48b412f2a
Certificate serial: 019D2AE085798E82492F1ADF14C72C798C54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HK37nPzahCYhLdfYhztf5ItBLyo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/c8406d-a564-4795-98b0-868160668382/1/HK37nPzahCYhLdfYhztf5ItBLyo.mft
Manifest number: 1388
Signing time: Thu 26 Mar 2026 16:00:50 +0000
Manifest this update: Thu 26 Mar 2026 16:00:50 +0000
Manifest next update: Fri 27 Mar 2026 16:00:50 +0000
Files and hashes: 1: HK37nPzahCYhLdfYhztf5ItBLyo.crl (hash: hzAweiIXCC3WWs5qmeU3HmqwAOMqKWYojayeQTZgJd0=)
2: XKQN9GdCDnkkYw875rkSfXAvJBg.roa (hash: fV6EdFaVajqg4dj/k6xrLoqomy/vlK7OlhjNnf6pmQA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/43/c8406d-a564-4795-98b0-868160668382/1/HK37nPzahCYhLdfYhztf5ItBLyo.crl
rsync://rpki.ripe.net/repository/DEFAULT/43/c8406d-a564-4795-98b0-868160668382/1/HK37nPzahCYhLdfYhztf5ItBLyo.mft
rsync://rpki.ripe.net/repository/DEFAULT/HK37nPzahCYhLdfYhztf5ItBLyo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:2a:e0:85:79:8e:82:49:2f:1a:df:14:c7:2c:79:8c:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1cadfb9cfcda8426212dd7d8873b5fe48b412f2a
Validity
Not Before: Mar 26 16:00:50 2026 GMT
Not After : Mar 27 16:00:50 2026 GMT
Subject: CN=4c41d015080a27bb535e73ebb4207dc07607807c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:57:31:0e:81:f3:6e:60:98:e7:ae:6f:e3:37:
71:0c:64:d9:72:3b:ce:36:39:6b:da:84:db:b1:e3:
af:65:1c:9b:58:eb:b6:7e:6c:7d:a6:8e:7e:7d:2f:
17:e8:71:ac:5d:a8:e5:c0:76:bf:d2:a4:e6:d3:aa:
34:26:a5:62:f4:51:47:59:21:d5:90:2c:8e:c0:4c:
b2:11:e8:d6:a3:94:23:bf:b7:1d:90:9a:f4:d6:c1:
f9:d5:6c:10:1c:d2:87:70:f8:e9:fe:04:6a:17:4f:
ce:5e:72:50:3d:11:14:4b:77:65:66:f8:29:8d:3f:
79:4b:3e:23:62:49:ad:4b:a2:8e:9f:35:0d:9f:b8:
a3:82:d0:32:b4:8f:8a:f2:30:4c:3f:53:af:f4:a6:
14:87:96:fb:85:d7:cc:82:7f:d1:7c:d7:b3:e0:9b:
2e:c2:4d:90:17:5b:4e:76:3b:36:e0:59:2f:2c:94:
dd:e6:b8:05:f4:27:6b:f1:8c:d7:98:e0:98:ed:7d:
a2:ea:89:32:d7:72:a1:e4:10:59:46:cc:63:02:c1:
8f:27:2e:e3:dd:3b:d7:4f:f6:dd:cf:26:cd:1d:11:
ef:e6:38:0d:d7:72:29:0c:7f:bf:b5:a5:f7:34:68:
5b:0e:e3:b0:0e:4c:f3:93:e8:7e:34:88:31:8a:fc:
b4:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:41:D0:15:08:0A:27:BB:53:5E:73:EB:B4:20:7D:C0:76:07:80:7C
X509v3 Authority Key Identifier:
keyid:1C:AD:FB:9C:FC:DA:84:26:21:2D:D7:D8:87:3B:5F:E4:8B:41:2F:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HK37nPzahCYhLdfYhztf5ItBLyo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/c8406d-a564-4795-98b0-868160668382/1/HK37nPzahCYhLdfYhztf5ItBLyo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/c8406d-a564-4795-98b0-868160668382/1/HK37nPzahCYhLdfYhztf5ItBLyo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
87:17:5d:c3:db:48:c3:67:bf:72:75:2d:5c:56:44:41:d3:25:
10:f6:b2:b6:d8:3c:53:06:dd:c8:61:7e:0f:c6:ab:9f:84:b6:
f4:96:4a:80:f7:ba:9c:39:d2:6d:e2:ec:7d:45:21:04:9b:c7:
23:dc:16:18:50:6f:d8:e4:ed:a5:45:bf:a2:56:58:49:8a:e3:
e7:16:74:fd:75:5b:be:39:0c:a1:a6:97:19:cd:51:2e:ca:76:
9d:e1:a6:ee:ac:21:54:ec:d9:1f:29:b0:48:8b:35:2c:19:7f:
b8:79:14:77:82:45:f8:be:a3:07:ab:26:12:87:ab:90:61:ec:
c7:b9:2c:bd:60:86:84:57:c2:3a:c7:5a:ab:29:13:22:45:9c:
3a:f4:7e:ba:ba:17:6e:19:73:7d:3b:cd:36:48:da:19:bf:c3:
e5:7d:41:8c:8f:a5:04:49:c4:00:c0:78:d1:fa:e7:64:26:e8:
ef:a2:39:75:11:4f:69:9e:0d:45:f7:36:e6:42:fc:39:02:92:
da:08:16:30:f8:87:cc:03:df:c5:b7:a6:12:f1:32:a6:d0:57:
96:87:3b:fb:d0:c5:17:a4:91:f2:2c:88:bb:0b:57:7a:aa:a1:
8f:23:2a:4d:b1:9b:83:ed:89:88:9f:9c:2d:55:1d:ae:45:08:
53:27:06:fb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0q4IV5joJJLxrfFMcseYxUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjYWRmYjljZmNkYTg0MjYyMTJkZDdkODg3M2I1ZmU0OGI0
MTJmMmEwHhcNMjYwMzI2MTYwMDUwWhcNMjYwMzI3MTYwMDUwWjAzMTEwLwYDVQQD
Eyg0YzQxZDAxNTA4MGEyN2JiNTM1ZTczZWJiNDIwN2RjMDc2MDc4MDdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy1cxDoHzbmCY565v4zdxDGTZcjvO
Njlr2oTbseOvZRybWOu2fmx9po5+fS8X6HGsXajlwHa/0qTm06o0JqVi9FFHWSHV
kCyOwEyyEejWo5Qjv7cdkJr01sH51WwQHNKHcPjp/gRqF0/OXnJQPREUS3dlZvgp
jT95Sz4jYkmtS6KOnzUNn7ijgtAytI+K8jBMP1Ov9KYUh5b7hdfMgn/RfNez4Jsu
wk2QF1tOdjs24FkvLJTd5rgF9Cdr8YzXmOCY7X2i6oky13Kh5BBZRsxjAsGPJy7j
3TvXT/bdzybNHRHv5jgN13IpDH+/taX3NGhbDuOwDkzzk+h+NIgxivy0jQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFExB0BUICie7U15z67QgfcB2B4B8MB8GA1UdIwQY
MBaAFByt+5z82oQmIS3X2Ic7X+SLQS8qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEszN25QemFoQ1loTGRmWWh6dGY1SXRCTHlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My9jODQwNmQtYTU2NC00Nzk1LTk4YjAt
ODY4MTYwNjY4MzgyLzEvSEszN25QemFoQ1loTGRmWWh6dGY1SXRCTHlvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My9jODQwNmQtYTU2NC00Nzk1LTk4YjAtODY4MTYwNjY4Mzgy
LzEvSEszN25QemFoQ1loTGRmWWh6dGY1SXRCTHlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhxddw9tI
w2e/cnUtXFZEQdMlEPayttg8UwbdyGF+D8arn4S29JZKgPe6nDnSbeLsfUUhBJvH
I9wWGFBv2OTtpUW/olZYSYrj5xZ0/XVbvjkMoaaXGc1RLsp2neGm7qwhVOzZHymw
SIs1LBl/uHkUd4JF+L6jB6smEoerkGHsx7ksvWCGhFfCOsdaqykTIkWcOvR+uroX
bhlzfTvNNkjaGb/D5X1BjI+lBEnEAMB40frnZCbo76I5dRFPaZ4NRfc25kL8OQKS
2ggWMPiHzAPfxbemEvEyptBXloc7+9DFF6SR8iyIuwtXeqqhjyMqTbGbg+2JiJ+c
LVUdrkUIUycG+w==
-----END CERTIFICATE-----
Generated at Thu Mar 26 18:52:58 2026 by rpki-client