Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/e7b591-0f5e-4141-be96-ddd53d7928a8/1/HeVgH-EiL4m7OqryZPD26nORwTg.mft
File: HeVgH-EiL4m7OqryZPD26nORwTg.mft (raw, json)
Hash identifier: 6bfcMY0LnhfKd+fUJ+oXnvWuSUeBUaRmstU9QpG9ym0=
Subject key identifier: 81:1E:B6:40:67:77:A3:CD:7E:44:34:5C:F8:0F:38:9B:E5:D1:B2:2A
Authority key identifier: 1D:E5:60:1F:E1:22:2F:89:BB:3A:AA:F2:64:F0:F6:EA:73:91:C1:38
Certificate issuer: /CN=1de5601fe1222f89bb3aaaf264f0f6ea7391c138
Certificate serial: 019D27E0220E7A79EE8CF17CA8CF1881FB0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HeVgH-EiL4m7OqryZPD26nORwTg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/e7b591-0f5e-4141-be96-ddd53d7928a8/1/HeVgH-EiL4m7OqryZPD26nORwTg.mft
Manifest number: 0B7D
Signing time: Thu 26 Mar 2026 02:01:33 +0000
Manifest this update: Thu 26 Mar 2026 02:01:33 +0000
Manifest next update: Fri 27 Mar 2026 02:01:33 +0000
Files and hashes: 1: HeVgH-EiL4m7OqryZPD26nORwTg.crl (hash: RBD2lj9U6v2Kc5HhpZbEYDvtN+v5MWIxTfY5X3ES2UI=)
2: nDpg3cf0raF6jX95bMjbAoRFS7U.roa (hash: GVYh5XEIeIuimg63JfOsccl7tRFww+AiTmkbi2YiTYw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/49/e7b591-0f5e-4141-be96-ddd53d7928a8/1/HeVgH-EiL4m7OqryZPD26nORwTg.crl
rsync://rpki.ripe.net/repository/DEFAULT/49/e7b591-0f5e-4141-be96-ddd53d7928a8/1/HeVgH-EiL4m7OqryZPD26nORwTg.mft
rsync://rpki.ripe.net/repository/DEFAULT/HeVgH-EiL4m7OqryZPD26nORwTg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 02:01:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:27:e0:22:0e:7a:79:ee:8c:f1:7c:a8:cf:18:81:fb:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1de5601fe1222f89bb3aaaf264f0f6ea7391c138
Validity
Not Before: Mar 26 02:01:33 2026 GMT
Not After : Mar 27 02:01:33 2026 GMT
Subject: CN=811eb6406777a3cd7e44345cf80f389be5d1b22a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:31:dc:12:b7:77:a5:54:d7:3a:bc:34:ec:32:
ef:77:17:c7:9e:c4:be:d4:ad:58:c1:63:a8:b5:2c:
de:48:47:ef:20:71:fe:b7:ae:cd:37:10:33:4c:10:
0a:48:ae:47:5e:b4:ec:31:ef:52:a6:65:2e:66:2d:
40:51:e2:e4:b7:9e:7a:44:1a:0e:2c:d7:10:26:af:
24:34:d4:da:0d:0e:8e:54:1b:30:32:1e:06:42:0f:
38:7f:18:2f:61:0e:9d:44:3d:b0:fa:fb:72:1d:0e:
51:53:29:fb:05:d2:b5:13:75:2e:d6:9f:d7:eb:98:
75:c6:0d:9b:37:da:13:96:63:44:bb:73:fc:87:78:
04:d6:65:d7:41:10:4f:af:1f:80:39:85:a0:ac:5a:
c3:1f:05:1e:03:08:af:80:1e:a8:f2:6a:c0:eb:13:
28:63:27:ec:bb:2c:cd:15:98:78:87:aa:f6:bf:7d:
fb:53:3e:11:a1:56:7c:8c:bc:7d:e6:34:52:87:5a:
07:6e:21:20:aa:48:70:f6:96:0d:2f:c4:f4:9e:e9:
91:d3:95:44:f8:dc:16:ad:c6:5a:5b:40:5d:fb:20:
1d:45:83:43:06:50:60:fd:1c:f3:bf:2c:b5:1c:22:
d9:dc:cd:aa:ed:ed:f5:84:04:b6:f1:28:95:03:0b:
ac:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:1E:B6:40:67:77:A3:CD:7E:44:34:5C:F8:0F:38:9B:E5:D1:B2:2A
X509v3 Authority Key Identifier:
keyid:1D:E5:60:1F:E1:22:2F:89:BB:3A:AA:F2:64:F0:F6:EA:73:91:C1:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HeVgH-EiL4m7OqryZPD26nORwTg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/e7b591-0f5e-4141-be96-ddd53d7928a8/1/HeVgH-EiL4m7OqryZPD26nORwTg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/e7b591-0f5e-4141-be96-ddd53d7928a8/1/HeVgH-EiL4m7OqryZPD26nORwTg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
ad:46:64:7e:9e:af:2e:e6:e8:1d:8f:26:41:8b:7c:ec:33:f9:
27:15:1f:42:22:a6:4a:8b:3f:f7:4c:d5:f4:a3:d7:9d:e8:7e:
2c:b2:79:5e:65:bb:78:a5:e1:be:49:52:54:71:50:c4:da:04:
e4:ad:cf:b0:a2:fe:f0:db:46:4c:e5:77:79:10:8f:ff:a8:26:
87:14:ba:e9:74:15:f1:ae:77:7a:6f:0e:79:7e:d4:bc:b4:b2:
6d:11:16:70:11:54:03:2c:fe:be:b7:27:31:f7:6a:8a:0b:e0:
62:a6:0b:b7:73:46:6b:e1:b4:15:4c:b6:b4:6f:a2:e2:81:e8:
1b:1f:01:20:68:0e:12:88:4f:c1:fb:66:bb:a7:a1:c8:e5:c0:
09:55:97:fa:90:95:ff:7e:f9:40:e4:60:f6:af:69:ae:8c:79:
0a:05:c5:ae:dd:51:51:f1:a4:f2:80:e7:f7:81:c8:0c:b6:a9:
2f:4a:91:a6:fe:38:7b:6f:2b:02:4c:88:f7:d4:01:5f:4a:2d:
f0:92:0a:94:47:fc:66:8e:dd:e6:db:53:4d:cc:7a:9c:22:a9:
87:73:c8:fe:cb:f0:ca:70:05:54:c7:20:48:c7:b4:6b:c4:11:
a0:e6:d9:c9:06:ac:7c:4a:ea:cc:ec:8b:2d:3d:6c:d3:6d:7a:
13:79:b1:ac
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0n4CIOennujPF8qM8YgfsLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkZTU2MDFmZTEyMjJmODliYjNhYWFmMjY0ZjBmNmVhNzM5
MWMxMzgwHhcNMjYwMzI2MDIwMTMzWhcNMjYwMzI3MDIwMTMzWjAzMTEwLwYDVQQD
Eyg4MTFlYjY0MDY3NzdhM2NkN2U0NDM0NWNmODBmMzg5YmU1ZDFiMjJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7THcErd3pVTXOrw07DLvdxfHnsS+
1K1YwWOotSzeSEfvIHH+t67NNxAzTBAKSK5HXrTsMe9SpmUuZi1AUeLkt556RBoO
LNcQJq8kNNTaDQ6OVBswMh4GQg84fxgvYQ6dRD2w+vtyHQ5RUyn7BdK1E3Uu1p/X
65h1xg2bN9oTlmNEu3P8h3gE1mXXQRBPrx+AOYWgrFrDHwUeAwivgB6o8mrA6xMo
YyfsuyzNFZh4h6r2v337Uz4RoVZ8jLx95jRSh1oHbiEgqkhw9pYNL8T0numR05VE
+NwWrcZaW0Bd+yAdRYNDBlBg/Rzzvyy1HCLZ3M2q7e31hAS28SiVAwus4wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIEetkBnd6PNfkQ0XPgPOJvl0bIqMB8GA1UdIwQY
MBaAFB3lYB/hIi+Juzqq8mTw9upzkcE4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGVWZ0gtRWlMNG03T3FyeVpQRDI2bk9Sd1RnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS9lN2I1OTEtMGY1ZS00MTQxLWJlOTYt
ZGRkNTNkNzkyOGE4LzEvSGVWZ0gtRWlMNG03T3FyeVpQRDI2bk9Sd1RnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS9lN2I1OTEtMGY1ZS00MTQxLWJlOTYtZGRkNTNkNzkyOGE4
LzEvSGVWZ0gtRWlMNG03T3FyeVpQRDI2bk9Sd1RnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArUZkfp6v
LuboHY8mQYt87DP5JxUfQiKmSos/90zV9KPXneh+LLJ5XmW7eKXhvklSVHFQxNoE
5K3PsKL+8NtGTOV3eRCP/6gmhxS66XQV8a53em8OeX7UvLSybREWcBFUAyz+vrcn
MfdqigvgYqYLt3NGa+G0FUy2tG+i4oHoGx8BIGgOEohPwftmu6ehyOXACVWX+pCV
/375QORg9q9prox5CgXFrt1RUfGk8oDn94HIDLapL0qRpv44e28rAkyI99QBX0ot
8JIKlEf8Zo7d5ttTTcx6nCKph3PI/svwynAFVMcgSMe0a8QRoObZyQasfErqzOyL
LT1s0216E3mxrA==
-----END CERTIFICATE-----
Generated at Thu Mar 26 14:09:07 2026 by rpki-client