Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/65cf0a-ade3-40b1-9987-8c34e4cf9026/1/h5WLpmHENczSXCBgRi72ANJxnuA.mft
File: h5WLpmHENczSXCBgRi72ANJxnuA.mft (raw, json)
Hash identifier: sM1tyCRxvx2A8TynPYW53db/5OMLFi0q7HpP4/ACvKA=
Subject key identifier: 83:8F:B4:23:BD:12:03:41:BF:CE:91:2E:C8:52:BB:60:E6:18:86:26
Authority key identifier: 87:95:8B:A6:61:C4:35:CC:D2:5C:20:60:46:2E:F6:00:D2:71:9E:E0
Certificate issuer: /CN=87958ba661c435ccd25c2060462ef600d2719ee0
Certificate serial: 019D2960E2505765496512838003FFC51D1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h5WLpmHENczSXCBgRi72ANJxnuA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/65cf0a-ade3-40b1-9987-8c34e4cf9026/1/h5WLpmHENczSXCBgRi72ANJxnuA.mft
Manifest number: 1889
Signing time: Thu 26 Mar 2026 09:01:48 +0000
Manifest this update: Thu 26 Mar 2026 09:01:48 +0000
Manifest next update: Fri 27 Mar 2026 09:01:48 +0000
Files and hashes: 1: ff3rWotipxB5dvlUy4f5nYkMPs0.roa (hash: 0kFsDh0f69aGD5kG+8GzoVmb9MJyy9m9HMkqJTww73U=)
2: h5WLpmHENczSXCBgRi72ANJxnuA.crl (hash: naTuqiwfXFiq+5RAnFxdqlsygPYxiEpTAoGuPl+P4uo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/65cf0a-ade3-40b1-9987-8c34e4cf9026/1/h5WLpmHENczSXCBgRi72ANJxnuA.crl
rsync://rpki.ripe.net/repository/DEFAULT/86/65cf0a-ade3-40b1-9987-8c34e4cf9026/1/h5WLpmHENczSXCBgRi72ANJxnuA.mft
rsync://rpki.ripe.net/repository/DEFAULT/h5WLpmHENczSXCBgRi72ANJxnuA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:29:60:e2:50:57:65:49:65:12:83:80:03:ff:c5:1d:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87958ba661c435ccd25c2060462ef600d2719ee0
Validity
Not Before: Mar 26 09:01:48 2026 GMT
Not After : Mar 27 09:01:48 2026 GMT
Subject: CN=838fb423bd120341bfce912ec852bb60e6188626
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:c4:2a:50:00:55:20:b2:6e:2e:cf:4d:a2:93:
47:da:1a:78:b2:ab:2e:7d:ee:e8:25:8a:be:99:cd:
99:39:9d:fa:de:f1:c6:b1:01:ce:97:2a:a5:ad:c4:
30:8f:90:f4:1f:11:81:6a:fb:ce:9d:8f:ef:cf:cc:
d2:53:bf:f2:98:58:8e:21:22:03:65:8f:8f:87:a7:
65:dc:94:06:19:5a:34:d1:a5:6c:08:5a:3b:94:48:
48:25:a5:6f:d8:f0:9b:ee:2b:1c:cb:67:56:a0:6e:
ed:a3:c9:45:9d:3f:13:41:1b:dd:14:52:f7:eb:d9:
9c:8b:ea:52:b1:d7:cd:0d:bf:e8:ca:34:e8:3b:3c:
19:60:bf:a2:61:07:2f:bd:e9:fe:3f:bf:13:85:d9:
b8:77:d3:8f:4c:de:4b:5b:c1:f2:72:c8:25:88:bb:
c5:d7:3e:e6:4e:ff:74:d2:19:2b:d6:89:cc:35:02:
4a:f3:08:9c:07:13:2b:b6:88:de:0d:6f:1c:d3:18:
c1:2b:4a:95:08:90:c9:c3:e2:ed:e5:0a:30:bb:2d:
c1:15:88:86:48:f2:74:f7:61:f2:90:18:2a:5c:ca:
e4:cf:74:eb:c5:a4:03:27:c7:f2:ae:bb:34:56:fb:
81:39:d3:f0:db:4f:f1:2c:12:a3:7c:f2:90:77:2c:
e7:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:8F:B4:23:BD:12:03:41:BF:CE:91:2E:C8:52:BB:60:E6:18:86:26
X509v3 Authority Key Identifier:
keyid:87:95:8B:A6:61:C4:35:CC:D2:5C:20:60:46:2E:F6:00:D2:71:9E:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h5WLpmHENczSXCBgRi72ANJxnuA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/65cf0a-ade3-40b1-9987-8c34e4cf9026/1/h5WLpmHENczSXCBgRi72ANJxnuA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/65cf0a-ade3-40b1-9987-8c34e4cf9026/1/h5WLpmHENczSXCBgRi72ANJxnuA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
97:2c:75:c9:26:4c:0b:d3:32:c0:ab:7e:3f:03:38:59:4c:d0:
32:2f:c5:c0:b4:70:44:a9:99:4a:a5:89:38:61:d0:d9:c9:31:
3c:9c:8a:ad:a6:14:d0:91:d2:ef:bb:1f:b4:8f:c2:0b:01:35:
4e:0b:fa:e9:a4:0a:68:21:8c:0c:c7:8e:82:e8:85:74:5a:5c:
54:84:51:8f:b8:c4:63:73:2b:8f:3d:eb:40:41:0a:51:21:ee:
fd:8b:74:1d:32:b4:10:58:eb:65:a9:23:c2:7c:1f:f9:0a:ec:
c0:51:8c:a1:af:d5:a0:bc:16:44:da:ab:b5:8c:08:18:2c:fb:
6d:68:4d:d6:87:41:27:c9:41:98:11:2b:8d:fe:ee:8c:55:16:
ea:62:39:c0:74:00:bd:38:51:d0:68:07:68:e8:a0:69:ea:45:
1b:ee:d3:92:18:68:67:b5:fb:20:7a:f0:5a:6d:3d:0e:4d:58:
d7:b2:65:65:ce:6e:ed:8d:73:23:41:95:24:ab:13:da:c8:f5:
f3:33:84:ab:c5:80:8c:bf:db:7e:2d:3e:f9:8a:3a:ef:41:10:
ae:72:1a:3b:38:b2:92:53:fd:62:75:a1:1a:d2:4c:09:fc:5a:
70:b3:70:c1:5d:a6:4d:34:10:9a:ea:e1:42:27:f1:33:d0:62:
1e:62:d2:ec
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pYOJQV2VJZRKDgAP/xR0bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3OTU4YmE2NjFjNDM1Y2NkMjVjMjA2MDQ2MmVmNjAwZDI3
MTllZTAwHhcNMjYwMzI2MDkwMTQ4WhcNMjYwMzI3MDkwMTQ4WjAzMTEwLwYDVQQD
Eyg4MzhmYjQyM2JkMTIwMzQxYmZjZTkxMmVjODUyYmI2MGU2MTg4NjI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4cQqUABVILJuLs9NopNH2hp4sqsu
fe7oJYq+mc2ZOZ363vHGsQHOlyqlrcQwj5D0HxGBavvOnY/vz8zSU7/ymFiOISID
ZY+Ph6dl3JQGGVo00aVsCFo7lEhIJaVv2PCb7iscy2dWoG7to8lFnT8TQRvdFFL3
69mci+pSsdfNDb/oyjToOzwZYL+iYQcvven+P78Thdm4d9OPTN5LW8HycsgliLvF
1z7mTv900hkr1onMNQJK8wicBxMrtojeDW8c0xjBK0qVCJDJw+Lt5Qowuy3BFYiG
SPJ092HykBgqXMrkz3TrxaQDJ8fyrrs0VvuBOdPw20/xLBKjfPKQdyzn/QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIOPtCO9EgNBv86RLshSu2DmGIYmMB8GA1UdIwQY
MBaAFIeVi6ZhxDXM0lwgYEYu9gDScZ7gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDVXTHBtSEVOY3pTWENCZ1JpNzJBTkp4bnVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni82NWNmMGEtYWRlMy00MGIxLTk5ODct
OGMzNGU0Y2Y5MDI2LzEvaDVXTHBtSEVOY3pTWENCZ1JpNzJBTkp4bnVBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni82NWNmMGEtYWRlMy00MGIxLTk5ODctOGMzNGU0Y2Y5MDI2
LzEvaDVXTHBtSEVOY3pTWENCZ1JpNzJBTkp4bnVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlyx1ySZM
C9MywKt+PwM4WUzQMi/FwLRwRKmZSqWJOGHQ2ckxPJyKraYU0JHS77sftI/CCwE1
Tgv66aQKaCGMDMeOguiFdFpcVIRRj7jEY3Mrjz3rQEEKUSHu/Yt0HTK0EFjrZakj
wnwf+QrswFGMoa/VoLwWRNqrtYwIGCz7bWhN1odBJ8lBmBErjf7ujFUW6mI5wHQA
vThR0GgHaOigaepFG+7TkhhoZ7X7IHrwWm09Dk1Y17JlZc5u7Y1zI0GVJKsT2sj1
8zOEq8WAjL/bfi0++Yo670EQrnIaOziyklP9YnWhGtJMCfxacLNwwV2mTTQQmurh
QifxM9BiHmLS7A==
-----END CERTIFICATE-----
Generated at Thu Mar 26 17:35:05 2026 by rpki-client