Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/ceea91-0a2a-4a4e-917b-c6161ce395af/1/hfuFrdCfSHbqaqqI1NiMgcy2sQo.mft
File: hfuFrdCfSHbqaqqI1NiMgcy2sQo.mft (raw, json)
Hash identifier: u58G1P+8ZzDEaNHyrzSpZByQmUoBvUP66RwzvBFpYpg=
Subject key identifier: FF:BD:B3:2B:55:15:92:00:2A:D5:C0:7A:1C:A8:EF:F7:62:1C:43:75
Authority key identifier: 85:FB:85:AD:D0:9F:48:76:EA:6A:AA:88:D4:D8:8C:81:CC:B6:B1:0A
Certificate issuer: /CN=85fb85add09f4876ea6aaa88d4d88c81ccb6b10a
Certificate serial: 019D27DFE73034590116C2D82232A68112B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hfuFrdCfSHbqaqqI1NiMgcy2sQo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/ceea91-0a2a-4a4e-917b-c6161ce395af/1/hfuFrdCfSHbqaqqI1NiMgcy2sQo.mft
Manifest number: 0B17
Signing time: Thu 26 Mar 2026 02:01:18 +0000
Manifest this update: Thu 26 Mar 2026 02:01:18 +0000
Manifest next update: Fri 27 Mar 2026 02:01:18 +0000
Files and hashes: 1: U967gx6zU2ewhEleCWFHT_7A_9o.roa (hash: rEcp4qFupVQgVYmsA8hG1Q/G6+z2CIRB0Mx5vxsYxf0=)
2: h-KmrUFQix2mPVIgPxijrxKClGw.roa (hash: fc8hHRpimWi4M001kIYlHNuSFZw5gckGt8QS97+VBbM=)
3: hfuFrdCfSHbqaqqI1NiMgcy2sQo.crl (hash: 3j4Mu0eyKU9p1cRW4TY+Wx4X8ZB4M+pydzu6sn/Asm0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/ceea91-0a2a-4a4e-917b-c6161ce395af/1/hfuFrdCfSHbqaqqI1NiMgcy2sQo.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/ceea91-0a2a-4a4e-917b-c6161ce395af/1/hfuFrdCfSHbqaqqI1NiMgcy2sQo.mft
rsync://rpki.ripe.net/repository/DEFAULT/hfuFrdCfSHbqaqqI1NiMgcy2sQo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:27:df:e7:30:34:59:01:16:c2:d8:22:32:a6:81:12:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85fb85add09f4876ea6aaa88d4d88c81ccb6b10a
Validity
Not Before: Mar 26 02:01:18 2026 GMT
Not After : Mar 27 02:01:18 2026 GMT
Subject: CN=ffbdb32b551592002ad5c07a1ca8eff7621c4375
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:0d:80:3c:cb:f6:60:69:9e:3e:bb:77:c3:aa:
3b:bf:a4:04:6e:30:a2:20:48:7d:72:73:6d:4d:0a:
a0:0b:77:d8:1f:96:31:00:09:01:de:fa:c4:8f:50:
6a:cf:81:36:fe:94:b0:5d:c7:fd:16:dd:21:c8:de:
9c:4b:23:d8:f2:00:a7:b9:c3:f7:f3:ee:d4:8f:a3:
6d:9e:b4:52:f8:cc:0c:5c:bd:a5:51:7b:b0:07:da:
fb:06:dc:30:48:1d:2a:4b:13:63:a7:3b:3b:3d:40:
8f:f1:89:d0:55:cf:ed:44:46:e9:fd:17:5c:5b:7d:
a3:69:41:e9:1e:53:70:bc:61:b0:b2:7d:9c:14:15:
aa:27:f5:01:ac:db:2e:5b:68:cb:69:5c:09:99:c4:
ef:bf:c5:e0:7f:97:3e:6e:27:27:b1:bb:1d:40:a9:
05:23:d8:0b:ee:c0:c3:3d:7f:a4:cc:d6:1b:dc:b4:
65:81:f6:94:dc:37:54:83:40:28:54:70:d9:c3:c4:
cf:b7:83:d2:e8:c0:ef:db:ec:75:c8:35:32:06:28:
dd:a9:6e:e4:09:4c:c9:db:07:73:51:99:b5:ac:74:
9d:8c:e7:b1:1b:18:36:75:76:39:b0:df:44:1e:df:
94:32:e4:bf:23:7d:9e:97:da:30:8a:59:69:17:a6:
7e:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:BD:B3:2B:55:15:92:00:2A:D5:C0:7A:1C:A8:EF:F7:62:1C:43:75
X509v3 Authority Key Identifier:
keyid:85:FB:85:AD:D0:9F:48:76:EA:6A:AA:88:D4:D8:8C:81:CC:B6:B1:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hfuFrdCfSHbqaqqI1NiMgcy2sQo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/ceea91-0a2a-4a4e-917b-c6161ce395af/1/hfuFrdCfSHbqaqqI1NiMgcy2sQo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/ceea91-0a2a-4a4e-917b-c6161ce395af/1/hfuFrdCfSHbqaqqI1NiMgcy2sQo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a0:7f:10:93:04:da:3a:6a:84:38:92:c5:ac:94:80:70:62:1c:
6b:55:03:89:cb:7f:2d:5f:78:f1:41:cf:00:ed:b3:42:be:eb:
2f:42:f9:9e:12:c8:fe:02:d9:bf:32:b2:d1:bb:18:dd:58:69:
5a:6b:80:6c:74:35:c9:88:5a:40:87:02:8f:03:2b:48:a4:f7:
50:63:e8:27:17:8d:83:94:de:52:c7:f3:c4:6d:0c:c9:2a:49:
59:8c:4b:69:b2:3e:77:6e:91:9b:02:40:fc:da:66:5f:a3:53:
d7:a7:8f:0a:17:01:20:c4:8e:e7:52:43:a7:4b:e0:77:d4:4d:
5c:45:00:39:1c:54:b7:83:3a:39:1b:81:e2:e3:00:f9:3c:33:
da:4e:63:9b:64:83:0d:d0:17:6d:d9:30:7c:bf:f9:78:6b:eb:
2d:72:d2:98:08:f7:2c:21:d0:15:fb:c8:47:21:33:f2:12:8a:
43:9c:25:ff:4b:ad:d7:50:ab:99:36:c2:75:56:db:83:f0:d9:
72:a3:f4:c4:ac:f3:e2:bc:40:7c:c7:7b:c5:40:23:06:64:b8:
b4:b1:86:ce:f2:22:a0:4c:81:bc:89:c2:89:c4:a8:20:3c:57:
44:98:38:41:c0:0d:de:29:fd:a3:71:3c:52:ba:f0:5a:3e:9b:
79:9f:cf:15
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0n3+cwNFkBFsLYIjKmgRK1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1ZmI4NWFkZDA5ZjQ4NzZlYTZhYWE4OGQ0ZDg4YzgxY2Ni
NmIxMGEwHhcNMjYwMzI2MDIwMTE4WhcNMjYwMzI3MDIwMTE4WjAzMTEwLwYDVQQD
EyhmZmJkYjMyYjU1MTU5MjAwMmFkNWMwN2ExY2E4ZWZmNzYyMWM0Mzc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6Q2APMv2YGmePrt3w6o7v6QEbjCi
IEh9cnNtTQqgC3fYH5YxAAkB3vrEj1Bqz4E2/pSwXcf9Ft0hyN6cSyPY8gCnucP3
8+7Uj6NtnrRS+MwMXL2lUXuwB9r7BtwwSB0qSxNjpzs7PUCP8YnQVc/tREbp/Rdc
W32jaUHpHlNwvGGwsn2cFBWqJ/UBrNsuW2jLaVwJmcTvv8Xgf5c+bicnsbsdQKkF
I9gL7sDDPX+kzNYb3LRlgfaU3DdUg0AoVHDZw8TPt4PS6MDv2+x1yDUyBijdqW7k
CUzJ2wdzUZm1rHSdjOexGxg2dXY5sN9EHt+UMuS/I32el9owillpF6Z+SQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP+9sytVFZIAKtXAehyo7/diHEN1MB8GA1UdIwQY
MBaAFIX7ha3Qn0h26mqqiNTYjIHMtrEKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGZ1RnJkQ2ZTSGJxYXFxSTFOaU1nY3kyc1FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC9jZWVhOTEtMGEyYS00YTRlLTkxN2It
YzYxNjFjZTM5NWFmLzEvaGZ1RnJkQ2ZTSGJxYXFxSTFOaU1nY3kyc1FvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC9jZWVhOTEtMGEyYS00YTRlLTkxN2ItYzYxNjFjZTM5NWFm
LzEvaGZ1RnJkQ2ZTSGJxYXFxSTFOaU1nY3kyc1FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoH8QkwTa
OmqEOJLFrJSAcGIca1UDict/LV948UHPAO2zQr7rL0L5nhLI/gLZvzKy0bsY3Vhp
WmuAbHQ1yYhaQIcCjwMrSKT3UGPoJxeNg5TeUsfzxG0MySpJWYxLabI+d26RmwJA
/NpmX6NT16ePChcBIMSO51JDp0vgd9RNXEUAORxUt4M6ORuB4uMA+Twz2k5jm2SD
DdAXbdkwfL/5eGvrLXLSmAj3LCHQFfvIRyEz8hKKQ5wl/0ut11CrmTbCdVbbg/DZ
cqP0xKzz4rxAfMd7xUAjBmS4tLGGzvIioEyBvInCicSoIDxXRJg4QcAN3in9o3E8
UrrwWj6beZ/PFQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 09:59:21 2026 by rpki-client