Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/417ab2-fcb3-405d-a0c8-5325a5200ba9/1/HKy3fiC3gUfUf4OUKU8Re1yE714.mft
File: HKy3fiC3gUfUf4OUKU8Re1yE714.mft (raw, json)
Hash identifier: 9vlfYbNFw4PnXNKKRfXxKc3do7ZPZaaI+Nnepbxufog=
Subject key identifier: 23:47:5A:34:0A:B5:FD:D9:71:BF:24:27:4F:80:4D:8C:85:F2:D8:7B
Authority key identifier: 1C:AC:B7:7E:20:B7:81:47:D4:7F:83:94:29:4F:11:7B:5C:84:EF:5E
Certificate issuer: /CN=1cacb77e20b78147d47f8394294f117b5c84ef5e
Certificate serial: 019D28F298F55529CB6F721EE92F8DF400FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HKy3fiC3gUfUf4OUKU8Re1yE714.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/417ab2-fcb3-405d-a0c8-5325a5200ba9/1/HKy3fiC3gUfUf4OUKU8Re1yE714.mft
Manifest number: 133A
Signing time: Thu 26 Mar 2026 07:01:20 +0000
Manifest this update: Thu 26 Mar 2026 07:01:20 +0000
Manifest next update: Fri 27 Mar 2026 07:01:20 +0000
Files and hashes: 1: HKy3fiC3gUfUf4OUKU8Re1yE714.crl (hash: k9+BnV+Gcbrf454XfAmUGAH0oyFHs9Ng3IStoPxS+io=)
2: dAblp8vp-pMAwa1_Vthxc2gt8k8.roa (hash: wEmjefANEUzkZ5hvuYtJ5mos9QLC+6Qw68fr7kd+5go=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5c/417ab2-fcb3-405d-a0c8-5325a5200ba9/1/HKy3fiC3gUfUf4OUKU8Re1yE714.crl
rsync://rpki.ripe.net/repository/DEFAULT/5c/417ab2-fcb3-405d-a0c8-5325a5200ba9/1/HKy3fiC3gUfUf4OUKU8Re1yE714.mft
rsync://rpki.ripe.net/repository/DEFAULT/HKy3fiC3gUfUf4OUKU8Re1yE714.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:28:f2:98:f5:55:29:cb:6f:72:1e:e9:2f:8d:f4:00:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1cacb77e20b78147d47f8394294f117b5c84ef5e
Validity
Not Before: Mar 26 07:01:20 2026 GMT
Not After : Mar 27 07:01:20 2026 GMT
Subject: CN=23475a340ab5fdd971bf24274f804d8c85f2d87b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:a8:b4:b9:4f:2c:30:00:bf:11:32:cb:fd:b6:
e6:9c:93:e7:12:ec:e1:e0:bd:5c:ca:e1:00:98:a9:
fb:6e:8d:b0:1f:c9:94:97:3a:9d:09:94:c5:96:5a:
c2:1a:4e:60:13:fd:e6:68:d1:ce:2f:26:36:1f:b9:
c8:db:90:45:69:ce:08:36:01:c6:7a:4b:6e:e7:04:
f1:0e:c3:07:c1:6c:46:b9:69:a8:e2:8e:24:ad:ca:
4c:b7:0b:ee:e6:af:2e:d4:52:62:1e:fe:b1:33:64:
6d:0d:20:6e:8d:88:eb:a0:29:de:cd:84:25:6e:a5:
1a:8f:64:e6:bc:b5:57:8c:e5:87:6d:58:56:4f:d0:
72:ba:6c:19:52:1d:ae:7e:59:38:fc:a9:69:d9:5f:
77:07:95:b4:dd:dc:27:a2:f6:98:6f:0d:2d:89:8f:
c1:17:de:89:ef:a2:12:92:54:11:13:ca:1c:43:05:
d3:1d:58:8d:d6:5c:70:1f:b7:e6:25:ba:0c:55:c6:
f5:14:f3:26:07:d9:a7:fc:ba:91:1f:98:bf:a0:a8:
8d:ad:d3:08:0d:22:dc:bd:59:25:87:a5:a8:4c:9e:
ef:ce:30:0f:00:08:1b:1f:5e:81:63:fe:3e:52:0e:
c6:1a:b4:87:e7:1c:42:f6:cb:b6:4f:bb:01:2f:01:
23:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:47:5A:34:0A:B5:FD:D9:71:BF:24:27:4F:80:4D:8C:85:F2:D8:7B
X509v3 Authority Key Identifier:
keyid:1C:AC:B7:7E:20:B7:81:47:D4:7F:83:94:29:4F:11:7B:5C:84:EF:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HKy3fiC3gUfUf4OUKU8Re1yE714.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/417ab2-fcb3-405d-a0c8-5325a5200ba9/1/HKy3fiC3gUfUf4OUKU8Re1yE714.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/417ab2-fcb3-405d-a0c8-5325a5200ba9/1/HKy3fiC3gUfUf4OUKU8Re1yE714.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
94:cc:57:a5:9e:01:1c:64:66:25:e6:58:15:08:b9:dd:99:fb:
8b:b6:d1:59:d9:89:30:9d:2a:8a:e8:5d:53:99:d5:e2:d5:a1:
0b:f5:ad:dd:3d:a1:bf:81:60:eb:49:b6:5b:12:cf:05:ea:9d:
36:20:92:21:2a:cf:49:cf:20:25:0f:44:89:f7:a5:1a:6c:2e:
e0:ae:ed:1d:4a:ec:df:f6:c2:5d:e3:c0:3c:86:f6:d8:5e:29:
1c:99:c4:a4:8f:9c:9d:d7:da:c3:54:03:d9:ce:bc:62:6d:0f:
08:a3:9d:4a:43:f6:97:31:bb:f8:88:25:2f:78:5f:a4:4f:a6:
6f:da:44:f8:8e:b1:f1:51:58:a9:77:c6:5a:32:c8:cf:09:41:
ee:e6:78:61:d3:53:4a:6f:b6:d2:28:07:d3:ed:3b:48:5b:2e:
07:b5:f8:e1:63:ba:95:6c:bb:48:85:be:5f:79:13:b1:b9:21:
98:14:1a:14:d3:cc:86:95:9b:c6:a0:8e:fb:17:f9:94:de:06:
ad:4a:0a:f7:fa:6f:dd:91:ce:e4:16:8b:6a:cf:e9:60:e6:69:
3b:3a:0d:b7:3f:58:34:91:7c:42:89:c1:aa:87:df:8d:63:45:
d9:55:97:c9:8b:fc:d6:5a:c3:33:4d:10:c1:6b:7b:42:63:5a:
71:c0:8c:59
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0o8pj1VSnLb3Ie6S+N9AD6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjYWNiNzdlMjBiNzgxNDdkNDdmODM5NDI5NGYxMTdiNWM4
NGVmNWUwHhcNMjYwMzI2MDcwMTIwWhcNMjYwMzI3MDcwMTIwWjAzMTEwLwYDVQQD
EygyMzQ3NWEzNDBhYjVmZGQ5NzFiZjI0Mjc0ZjgwNGQ4Yzg1ZjJkODdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKi0uU8sMAC/ETLL/bbmnJPnEuzh
4L1cyuEAmKn7bo2wH8mUlzqdCZTFllrCGk5gE/3maNHOLyY2H7nI25BFac4INgHG
ektu5wTxDsMHwWxGuWmo4o4krcpMtwvu5q8u1FJiHv6xM2RtDSBujYjroCnezYQl
bqUaj2TmvLVXjOWHbVhWT9ByumwZUh2uflk4/Klp2V93B5W03dwnovaYbw0tiY/B
F96J76ISklQRE8ocQwXTHViN1lxwH7fmJboMVcb1FPMmB9mn/LqRH5i/oKiNrdMI
DSLcvVklh6WoTJ7vzjAPAAgbH16BY/4+Ug7GGrSH5xxC9su2T7sBLwEj1wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCNHWjQKtf3Zcb8kJ0+ATYyF8th7MB8GA1UdIwQY
MBaAFByst34gt4FH1H+DlClPEXtchO9eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEt5M2ZpQzNnVWZVZjRPVUtVOFJlMXlFNzE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy80MTdhYjItZmNiMy00MDVkLWEwYzgt
NTMyNWE1MjAwYmE5LzEvSEt5M2ZpQzNnVWZVZjRPVUtVOFJlMXlFNzE0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy80MTdhYjItZmNiMy00MDVkLWEwYzgtNTMyNWE1MjAwYmE5
LzEvSEt5M2ZpQzNnVWZVZjRPVUtVOFJlMXlFNzE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlMxXpZ4B
HGRmJeZYFQi53Zn7i7bRWdmJMJ0qiuhdU5nV4tWhC/Wt3T2hv4Fg60m2WxLPBeqd
NiCSISrPSc8gJQ9EifelGmwu4K7tHUrs3/bCXePAPIb22F4pHJnEpI+cndfaw1QD
2c68Ym0PCKOdSkP2lzG7+IglL3hfpE+mb9pE+I6x8VFYqXfGWjLIzwlB7uZ4YdNT
Sm+20igH0+07SFsuB7X44WO6lWy7SIW+X3kTsbkhmBQaFNPMhpWbxqCO+xf5lN4G
rUoK9/pv3ZHO5BaLas/pYOZpOzoNtz9YNJF8QonBqoffjWNF2VWXyYv81lrDM00Q
wWt7QmNaccCMWQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 12:23:38 2026 by rpki-client