Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/4af4be-70f1-4194-911f-59ab96bc35c6/1/hoRh4GD99IzUHTOtknHIB9Qk60I.mft
File: hoRh4GD99IzUHTOtknHIB9Qk60I.mft (raw, json)
Hash identifier: d1d/nqqgl6KEIdhE7R7sJaUiH3EDQFQCB9kxYYFUFG8=
Subject key identifier: E1:60:1C:8C:CD:16:9F:A7:EB:8F:19:2C:E9:2D:3F:15:0B:34:32:F9
Authority key identifier: 86:84:61:E0:60:FD:F4:8C:D4:1D:33:AD:92:71:C8:07:D4:24:EB:42
Certificate issuer: /CN=868461e060fdf48cd41d33ad9271c807d424eb42
Certificate serial: 019D26CCD56971A671AECA54F15FC826E05F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hoRh4GD99IzUHTOtknHIB9Qk60I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/4af4be-70f1-4194-911f-59ab96bc35c6/1/hoRh4GD99IzUHTOtknHIB9Qk60I.mft
Manifest number: 03AB
Signing time: Wed 25 Mar 2026 21:00:51 +0000
Manifest this update: Wed 25 Mar 2026 21:00:51 +0000
Manifest next update: Thu 26 Mar 2026 21:00:51 +0000
Files and hashes: 1: IyUD0cTbm163_nE6Z_KQkHMo9a0.roa (hash: ckmuLvsLe1WHUbDkzeJOW8KVL9BpPwjboxRuotk+r7Y=)
2: hoRh4GD99IzUHTOtknHIB9Qk60I.crl (hash: Bxk2mWjT7Cw0mbp6m/yFNDgMYvuR9g25RSuFUGhWwTs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/4af4be-70f1-4194-911f-59ab96bc35c6/1/hoRh4GD99IzUHTOtknHIB9Qk60I.crl
rsync://rpki.ripe.net/repository/DEFAULT/53/4af4be-70f1-4194-911f-59ab96bc35c6/1/hoRh4GD99IzUHTOtknHIB9Qk60I.mft
rsync://rpki.ripe.net/repository/DEFAULT/hoRh4GD99IzUHTOtknHIB9Qk60I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 21:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:26:cc:d5:69:71:a6:71:ae:ca:54:f1:5f:c8:26:e0:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=868461e060fdf48cd41d33ad9271c807d424eb42
Validity
Not Before: Mar 25 21:00:51 2026 GMT
Not After : Mar 26 21:00:51 2026 GMT
Subject: CN=e1601c8ccd169fa7eb8f192ce92d3f150b3432f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:fc:3a:74:38:6d:e1:e0:28:e4:72:1e:31:94:
f2:d4:cd:5e:4b:83:16:92:4c:a0:46:e3:43:f3:bf:
f8:da:b0:7a:48:df:a1:db:64:ca:6b:23:78:12:48:
cf:1f:62:1c:5e:10:53:3c:ab:a8:b1:c5:86:8c:81:
8a:2d:ed:51:8b:60:79:fa:eb:fd:ac:80:fc:46:b0:
8e:dd:b4:58:99:e9:4c:84:c9:dc:e5:4e:9c:85:b6:
c9:bb:59:bb:c3:fa:60:4c:d9:62:cc:66:c3:7d:82:
ff:dc:11:bf:e7:60:b7:df:dd:a8:80:cf:67:ee:5f:
59:20:38:8c:ae:4d:5c:31:da:6c:2f:74:80:4a:a0:
91:31:01:3f:d9:e5:d1:1b:5f:ff:1c:f0:fa:8d:5a:
70:6d:c1:1a:01:84:af:ec:7d:63:74:54:6a:90:ae:
af:f1:63:85:a6:24:50:fd:03:8e:ee:37:43:24:a5:
37:9f:53:2a:53:8f:79:6e:82:26:e8:0e:c5:4a:b6:
7f:57:83:97:59:1a:b8:92:76:7f:6a:3f:95:63:5c:
ed:73:4f:3c:c7:81:23:c5:b5:47:81:ad:aa:9d:3c:
65:3f:61:14:72:37:d5:c9:af:ef:56:f7:00:05:cb:
9a:35:c4:68:76:8e:d3:f2:41:65:e4:27:4b:1e:20:
db:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:60:1C:8C:CD:16:9F:A7:EB:8F:19:2C:E9:2D:3F:15:0B:34:32:F9
X509v3 Authority Key Identifier:
keyid:86:84:61:E0:60:FD:F4:8C:D4:1D:33:AD:92:71:C8:07:D4:24:EB:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hoRh4GD99IzUHTOtknHIB9Qk60I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/4af4be-70f1-4194-911f-59ab96bc35c6/1/hoRh4GD99IzUHTOtknHIB9Qk60I.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/4af4be-70f1-4194-911f-59ab96bc35c6/1/hoRh4GD99IzUHTOtknHIB9Qk60I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8b:bb:0f:97:b0:84:cb:ae:9a:02:e1:b8:44:c4:0b:81:68:8a:
19:e6:e6:ad:c2:41:92:69:20:c5:e4:08:f8:e2:09:e5:78:1c:
1c:33:27:a4:34:85:ac:63:f1:81:61:a2:43:b9:57:1a:3a:65:
e9:af:f6:cb:cb:b1:c9:3d:5b:34:84:7e:de:c3:9b:53:95:61:
98:4e:be:81:5e:ed:09:62:80:ea:d4:9f:88:23:0c:ee:3b:0f:
75:61:bd:dd:c5:f8:fa:8c:0a:4e:2a:3c:d7:d3:9f:88:88:f0:
80:90:65:18:f9:82:1a:ba:e4:26:c0:5b:8a:89:c5:a7:8d:d0:
0f:5f:ec:67:41:4b:42:82:7b:63:8d:77:18:be:0e:40:2f:b1:
65:4e:26:5c:38:8c:61:82:27:70:fe:1f:13:95:26:ce:5c:d8:
ec:1a:5b:87:8b:94:1c:21:bc:d4:3e:18:45:7d:20:f2:e6:80:
97:6f:8d:8b:22:be:77:e5:f7:a6:5f:d7:28:53:df:c5:9e:62:
b6:ac:5d:5f:f1:b3:9a:37:f9:e6:28:f7:61:f6:71:b8:6d:3b:
35:0e:88:bc:a1:b3:81:e4:1c:86:2e:46:c6:8a:a1:4c:4a:67:
bc:ec:fd:ea:b9:df:e6:36:c9:75:d4:16:45:e1:3b:17:db:3f:
77:a5:69:05
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mzNVpcaZxrspU8V/IJuBfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ODQ2MWUwNjBmZGY0OGNkNDFkMzNhZDkyNzFjODA3ZDQy
NGViNDIwHhcNMjYwMzI1MjEwMDUxWhcNMjYwMzI2MjEwMDUxWjAzMTEwLwYDVQQD
EyhlMTYwMWM4Y2NkMTY5ZmE3ZWI4ZjE5MmNlOTJkM2YxNTBiMzQzMmY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs/w6dDht4eAo5HIeMZTy1M1eS4MW
kkygRuND87/42rB6SN+h22TKayN4EkjPH2IcXhBTPKuoscWGjIGKLe1Ri2B5+uv9
rID8RrCO3bRYmelMhMnc5U6chbbJu1m7w/pgTNlizGbDfYL/3BG/52C3392ogM9n
7l9ZIDiMrk1cMdpsL3SASqCRMQE/2eXRG1//HPD6jVpwbcEaAYSv7H1jdFRqkK6v
8WOFpiRQ/QOO7jdDJKU3n1MqU495boIm6A7FSrZ/V4OXWRq4knZ/aj+VY1ztc088
x4EjxbVHga2qnTxlP2EUcjfVya/vVvcABcuaNcRodo7T8kFl5CdLHiDbewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOFgHIzNFp+n648ZLOktPxULNDL5MB8GA1UdIwQY
MBaAFIaEYeBg/fSM1B0zrZJxyAfUJOtCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaG9SaDRHRDk5SXpVSFRPdGtuSElCOVFrNjBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My80YWY0YmUtNzBmMS00MTk0LTkxMWYt
NTlhYjk2YmMzNWM2LzEvaG9SaDRHRDk5SXpVSFRPdGtuSElCOVFrNjBJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My80YWY0YmUtNzBmMS00MTk0LTkxMWYtNTlhYjk2YmMzNWM2
LzEvaG9SaDRHRDk5SXpVSFRPdGtuSElCOVFrNjBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAi7sPl7CE
y66aAuG4RMQLgWiKGebmrcJBkmkgxeQI+OIJ5XgcHDMnpDSFrGPxgWGiQ7lXGjpl
6a/2y8uxyT1bNIR+3sObU5VhmE6+gV7tCWKA6tSfiCMM7jsPdWG93cX4+owKTio8
19OfiIjwgJBlGPmCGrrkJsBbionFp43QD1/sZ0FLQoJ7Y413GL4OQC+xZU4mXDiM
YYIncP4fE5UmzlzY7Bpbh4uUHCG81D4YRX0g8uaAl2+NiyK+d+X3pl/XKFPfxZ5i
tqxdX/Gzmjf55ij3YfZxuG07NQ6IvKGzgeQchi5GxoqhTEpnvOz96rnf5jbJddQW
ReE7F9s/d6VpBQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 06:54:00 2026 by rpki-client