Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/faea43-f333-4509-a6db-3ac96be285e0/1/hZ1Rdwd7kIGMb5CuTkQzLYysu3Q.mft
File: hZ1Rdwd7kIGMb5CuTkQzLYysu3Q.mft (raw, json)
Hash identifier: zu5SnWqk+0RImEa34C3MdMQuYkb64ZHu45ZacvcLSg4=
Subject key identifier: AE:21:0F:08:6B:CE:84:41:24:3A:42:ED:EF:03:6F:1B:0F:DE:E7:52
Authority key identifier: 85:9D:51:77:07:7B:90:81:8C:6F:90:AE:4E:44:33:2D:8C:AC:BB:74
Certificate issuer: /CN=859d5177077b90818c6f90ae4e44332d8cacbb74
Certificate serial: 019D2695E195FB0A179569A9F5CB05E73109
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hZ1Rdwd7kIGMb5CuTkQzLYysu3Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/faea43-f333-4509-a6db-3ac96be285e0/1/hZ1Rdwd7kIGMb5CuTkQzLYysu3Q.mft
Manifest number: 188A
Signing time: Wed 25 Mar 2026 20:00:49 +0000
Manifest this update: Wed 25 Mar 2026 20:00:49 +0000
Manifest next update: Thu 26 Mar 2026 20:00:49 +0000
Files and hashes: 1: d2YpPYTenafvZ_RaINu156L8Uwo.roa (hash: CMTonUYiOCRZMLmytRZF7eJJ3JvO2VABjeLXssmZVNw=)
2: hZ1Rdwd7kIGMb5CuTkQzLYysu3Q.crl (hash: IS/v/cWP86mtw+8ko7b6hmMdN32Tb3pFMult45/DzmE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/faea43-f333-4509-a6db-3ac96be285e0/1/hZ1Rdwd7kIGMb5CuTkQzLYysu3Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/faea43-f333-4509-a6db-3ac96be285e0/1/hZ1Rdwd7kIGMb5CuTkQzLYysu3Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/hZ1Rdwd7kIGMb5CuTkQzLYysu3Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:26:95:e1:95:fb:0a:17:95:69:a9:f5:cb:05:e7:31:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=859d5177077b90818c6f90ae4e44332d8cacbb74
Validity
Not Before: Mar 25 20:00:49 2026 GMT
Not After : Mar 26 20:00:49 2026 GMT
Subject: CN=ae210f086bce8441243a42edef036f1b0fdee752
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:9e:50:5d:9d:8e:4f:1a:f3:4a:f2:3b:6b:94:
2a:ac:b3:cd:5d:26:2f:a7:dc:c5:f7:1a:b8:aa:9a:
41:80:41:ae:37:01:c7:e4:ef:c2:3d:44:7e:aa:e9:
6b:b6:26:6a:e4:f7:fd:8e:63:31:27:18:aa:85:57:
de:b5:b1:4c:49:79:8b:f8:77:f4:eb:40:ff:78:80:
1e:2e:bf:96:2b:86:94:62:29:58:cc:17:a7:b9:ac:
0f:99:3d:8b:f9:b9:03:85:7c:e4:15:5b:8a:4d:65:
9f:01:58:01:0e:0d:a9:16:39:d4:72:4f:0b:37:39:
49:f3:b6:32:3b:33:01:4b:08:2b:f6:7d:e8:f6:33:
79:e7:4a:c0:d0:f5:56:ee:f0:6f:16:a3:a3:ae:25:
25:37:b0:1f:ef:ab:d9:d1:c0:c8:3b:50:f3:ce:76:
55:6b:57:54:96:eb:2a:74:d3:c4:50:ad:1d:a0:2a:
11:72:41:a0:aa:c8:33:15:57:08:a1:fb:b2:05:fe:
88:24:93:99:44:5e:d6:18:83:6b:ec:70:a1:54:24:
9d:d9:06:e5:3d:4d:8a:5b:f2:c2:3c:dd:6a:a9:36:
1a:7e:17:c2:15:04:62:a9:19:2a:8e:a8:1c:42:21:
c5:e5:3f:75:91:e9:7e:7b:b2:5f:95:d3:00:3e:18:
9b:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:21:0F:08:6B:CE:84:41:24:3A:42:ED:EF:03:6F:1B:0F:DE:E7:52
X509v3 Authority Key Identifier:
keyid:85:9D:51:77:07:7B:90:81:8C:6F:90:AE:4E:44:33:2D:8C:AC:BB:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hZ1Rdwd7kIGMb5CuTkQzLYysu3Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/faea43-f333-4509-a6db-3ac96be285e0/1/hZ1Rdwd7kIGMb5CuTkQzLYysu3Q.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/faea43-f333-4509-a6db-3ac96be285e0/1/hZ1Rdwd7kIGMb5CuTkQzLYysu3Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
98:f4:28:cd:a6:1a:e8:4f:e0:2e:a8:0f:2a:21:a6:e7:f2:17:
bf:3f:12:97:56:76:76:57:31:bb:ef:1d:8d:f6:3f:e5:f0:63:
f4:96:8a:eb:d6:bf:7e:10:7a:67:23:26:06:71:ba:a5:ab:41:
bf:b3:13:97:2b:a6:9b:d4:16:2f:09:c7:43:15:6f:d5:38:b1:
df:4d:3c:4c:7c:1d:a0:58:2e:d7:dc:30:a3:16:e7:97:72:b2:
33:96:71:72:26:42:24:e1:01:55:d4:98:e9:51:92:ff:3e:91:
fc:bb:8b:eb:f8:23:f1:53:10:b3:75:18:96:f3:e1:f2:44:15:
38:16:75:a1:73:81:cd:80:65:93:1c:05:e8:28:f5:bc:11:69:
06:ce:9d:27:08:ce:40:36:d3:87:88:42:a1:3b:ff:1a:ae:7c:
d6:9d:ff:b1:18:ee:86:4a:9a:cd:b1:88:27:ad:cf:bf:de:da:
3a:87:22:46:47:1d:18:85:0f:28:8b:d7:90:ee:ae:d7:b8:c2:
d6:1b:d9:1c:1d:22:e6:67:38:2b:6c:6a:bb:91:84:ce:b5:43:
d7:f6:a7:12:0c:16:bc:37:6f:b9:ac:40:02:8a:c0:bb:b8:27:
63:2e:98:04:98:a5:39:f4:51:5e:9b:18:31:b1:7f:aa:4b:6d:
03:b9:cf:51
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mleGV+woXlWmp9csF5zEJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1OWQ1MTc3MDc3YjkwODE4YzZmOTBhZTRlNDQzMzJkOGNh
Y2JiNzQwHhcNMjYwMzI1MjAwMDQ5WhcNMjYwMzI2MjAwMDQ5WjAzMTEwLwYDVQQD
EyhhZTIxMGYwODZiY2U4NDQxMjQzYTQyZWRlZjAzNmYxYjBmZGVlNzUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2p5QXZ2OTxrzSvI7a5QqrLPNXSYv
p9zF9xq4qppBgEGuNwHH5O/CPUR+qulrtiZq5Pf9jmMxJxiqhVfetbFMSXmL+Hf0
60D/eIAeLr+WK4aUYilYzBenuawPmT2L+bkDhXzkFVuKTWWfAVgBDg2pFjnUck8L
NzlJ87YyOzMBSwgr9n3o9jN550rA0PVW7vBvFqOjriUlN7Af76vZ0cDIO1DzznZV
a1dUlusqdNPEUK0doCoRckGgqsgzFVcIofuyBf6IJJOZRF7WGINr7HChVCSd2Qbl
PU2KW/LCPN1qqTYafhfCFQRiqRkqjqgcQiHF5T91kel+e7JfldMAPhibLQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK4hDwhrzoRBJDpC7e8DbxsP3udSMB8GA1UdIwQY
MBaAFIWdUXcHe5CBjG+Qrk5EMy2MrLt0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFoxUmR3ZDdrSUdNYjVDdVRrUXpMWXlzdTNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi9mYWVhNDMtZjMzMy00NTA5LWE2ZGIt
M2FjOTZiZTI4NWUwLzEvaFoxUmR3ZDdrSUdNYjVDdVRrUXpMWXlzdTNRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi9mYWVhNDMtZjMzMy00NTA5LWE2ZGItM2FjOTZiZTI4NWUw
LzEvaFoxUmR3ZDdrSUdNYjVDdVRrUXpMWXlzdTNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmPQozaYa
6E/gLqgPKiGm5/IXvz8Sl1Z2dlcxu+8djfY/5fBj9JaK69a/fhB6ZyMmBnG6patB
v7MTlyumm9QWLwnHQxVv1Tix3008THwdoFgu19wwoxbnl3KyM5ZxciZCJOEBVdSY
6VGS/z6R/LuL6/gj8VMQs3UYlvPh8kQVOBZ1oXOBzYBlkxwF6Cj1vBFpBs6dJwjO
QDbTh4hCoTv/Gq581p3/sRjuhkqazbGIJ63Pv97aOociRkcdGIUPKIvXkO6u17jC
1hvZHB0i5mc4K2xqu5GEzrVD1/anEgwWvDdvuaxAAorAu7gnYy6YBJilOfRRXpsY
MbF/qkttA7nPUQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 02:21:23 2026 by rpki-client