Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/e76a1a-3724-495b-ac72-472040b247f6/1/hq-q4uPgVAc6OKq2NdyWRg7vSH4.mft
File: hq-q4uPgVAc6OKq2NdyWRg7vSH4.mft (raw, json)
Hash identifier: bOYDMHTL9r9bZ8FU5rLP+TbqlztebkDpswVI+evh9Ws=
Subject key identifier: 8B:F9:35:7B:9E:F9:DD:35:22:D0:AA:00:5C:51:7E:F9:B7:A8:ED:2E
Authority key identifier: 86:AF:AA:E2:E3:E0:54:07:3A:38:AA:B6:35:DC:96:46:0E:EF:48:7E
Certificate issuer: /CN=86afaae2e3e054073a38aab635dc96460eef487e
Certificate serial: 019D29CE80B14627497B592D02D858070394
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hq-q4uPgVAc6OKq2NdyWRg7vSH4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/e76a1a-3724-495b-ac72-472040b247f6/1/hq-q4uPgVAc6OKq2NdyWRg7vSH4.mft
Manifest number: 1543
Signing time: Thu 26 Mar 2026 11:01:32 +0000
Manifest this update: Thu 26 Mar 2026 11:01:32 +0000
Manifest next update: Fri 27 Mar 2026 11:01:32 +0000
Files and hashes: 1: RU_UuRETls46VjhGYbgF61QltwU.roa (hash: sHTczNIle1k6tQFdcTEb3DGjeRRmo8cAmzWwk836Wyg=)
2: hq-q4uPgVAc6OKq2NdyWRg7vSH4.crl (hash: QVBPabsRhk14DImWkIH/8RlHs2bP//r3zYbbAoyXlpE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/e76a1a-3724-495b-ac72-472040b247f6/1/hq-q4uPgVAc6OKq2NdyWRg7vSH4.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/e76a1a-3724-495b-ac72-472040b247f6/1/hq-q4uPgVAc6OKq2NdyWRg7vSH4.mft
rsync://rpki.ripe.net/repository/DEFAULT/hq-q4uPgVAc6OKq2NdyWRg7vSH4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 11:01:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:29:ce:80:b1:46:27:49:7b:59:2d:02:d8:58:07:03:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86afaae2e3e054073a38aab635dc96460eef487e
Validity
Not Before: Mar 26 11:01:32 2026 GMT
Not After : Mar 27 11:01:32 2026 GMT
Subject: CN=8bf9357b9ef9dd3522d0aa005c517ef9b7a8ed2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:b5:31:ae:4a:83:b6:12:bd:aa:4f:c4:c1:f3:
37:8c:25:b7:de:44:5e:e5:ba:bc:c8:fd:b9:dd:28:
07:3c:08:a6:1c:58:04:38:97:57:31:1d:4a:62:2d:
6e:c3:9b:5e:32:4b:5b:86:12:db:80:3b:7d:5b:a3:
c9:5f:39:7c:73:d9:d1:f5:0e:87:ea:36:21:d0:67:
a7:a0:2d:0a:02:5f:31:10:d0:99:e9:8e:a6:b6:d3:
10:84:3e:9e:0f:65:92:be:3c:d9:61:f9:a5:23:3f:
69:fb:6d:25:c5:d8:ab:4d:af:8e:d9:21:25:e8:0b:
3a:e3:40:35:45:e4:b7:a4:96:d0:37:53:b2:c1:07:
92:cd:51:8f:ad:a6:8a:03:6a:ce:7b:eb:ea:89:b4:
20:26:dd:6b:b2:b7:dc:2d:d7:13:86:f7:3a:1c:f0:
25:40:88:de:74:62:27:d9:4b:ea:1d:66:8f:9a:1f:
06:2a:5d:21:de:e1:03:28:1c:08:8b:f9:a2:68:0f:
af:d7:8e:81:3c:cb:75:a6:54:b4:44:4e:b6:77:e8:
d4:f5:ab:2d:ec:00:68:25:86:05:96:31:41:84:7f:
46:a6:e6:04:dd:44:99:ee:35:6f:01:04:8b:dc:83:
dc:c0:cf:7b:12:72:3e:53:8a:91:1e:96:cd:9c:f2:
12:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:F9:35:7B:9E:F9:DD:35:22:D0:AA:00:5C:51:7E:F9:B7:A8:ED:2E
X509v3 Authority Key Identifier:
keyid:86:AF:AA:E2:E3:E0:54:07:3A:38:AA:B6:35:DC:96:46:0E:EF:48:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hq-q4uPgVAc6OKq2NdyWRg7vSH4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/e76a1a-3724-495b-ac72-472040b247f6/1/hq-q4uPgVAc6OKq2NdyWRg7vSH4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/e76a1a-3724-495b-ac72-472040b247f6/1/hq-q4uPgVAc6OKq2NdyWRg7vSH4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4a:77:d4:53:69:a0:79:dd:04:04:3f:cd:9a:29:29:be:a7:09:
64:11:2d:f5:f5:aa:2a:a6:b5:f3:0e:9c:2c:6e:bb:83:33:6d:
52:71:54:24:0a:17:db:c8:51:23:be:98:0a:43:a1:1d:ab:9e:
3d:10:68:e8:6b:f1:c8:b9:aa:1b:4a:cf:dc:29:0a:5b:97:89:
ab:1a:58:cb:20:85:ca:50:3e:ec:62:82:52:62:d4:6e:a4:c3:
f6:cb:4b:9e:34:50:d2:fd:a0:bd:ee:16:b3:7a:2c:42:d3:16:
26:94:0e:b2:33:f3:b7:9e:f7:a6:58:64:83:84:a5:4f:92:88:
06:22:2a:23:04:6a:ad:97:83:d9:fd:ea:a5:f9:e5:7c:7d:80:
c0:fc:53:4c:b0:58:db:80:4b:65:60:28:24:2e:88:17:5f:86:
b5:0e:18:d1:17:29:53:87:d5:3e:3c:9c:25:61:a1:fe:71:3d:
48:fd:08:f4:62:c0:eb:0b:ce:5d:6c:b0:97:a0:c0:77:3b:e4:
1b:d6:7d:98:5d:4b:60:f1:27:d4:7a:03:92:71:bd:94:77:50:
0c:8a:3b:ce:ce:09:de:32:78:db:22:2d:fd:48:4e:f2:c7:7c:
1c:f4:17:cf:1a:61:a3:80:12:99:9e:96:c5:e1:a0:0f:c3:7b:
c0:93:66:88
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pzoCxRidJe1ktAthYBwOUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2YWZhYWUyZTNlMDU0MDczYTM4YWFiNjM1ZGM5NjQ2MGVl
ZjQ4N2UwHhcNMjYwMzI2MTEwMTMyWhcNMjYwMzI3MTEwMTMyWjAzMTEwLwYDVQQD
Eyg4YmY5MzU3YjllZjlkZDM1MjJkMGFhMDA1YzUxN2VmOWI3YThlZDJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjrUxrkqDthK9qk/EwfM3jCW33kRe
5bq8yP253SgHPAimHFgEOJdXMR1KYi1uw5teMktbhhLbgDt9W6PJXzl8c9nR9Q6H
6jYh0GenoC0KAl8xENCZ6Y6mttMQhD6eD2WSvjzZYfmlIz9p+20lxdirTa+O2SEl
6As640A1ReS3pJbQN1OywQeSzVGPraaKA2rOe+vqibQgJt1rsrfcLdcThvc6HPAl
QIjedGIn2UvqHWaPmh8GKl0h3uEDKBwIi/miaA+v146BPMt1plS0RE62d+jU9ast
7ABoJYYFljFBhH9GpuYE3USZ7jVvAQSL3IPcwM97EnI+U4qRHpbNnPISYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIv5NXue+d01ItCqAFxRfvm3qO0uMB8GA1UdIwQY
MBaAFIavquLj4FQHOjiqtjXclkYO70h+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHEtcTR1UGdWQWM2T0txMk5keVdSZzd2U0g0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9lNzZhMWEtMzcyNC00OTViLWFjNzIt
NDcyMDQwYjI0N2Y2LzEvaHEtcTR1UGdWQWM2T0txMk5keVdSZzd2U0g0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9lNzZhMWEtMzcyNC00OTViLWFjNzItNDcyMDQwYjI0N2Y2
LzEvaHEtcTR1UGdWQWM2T0txMk5keVdSZzd2U0g0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASnfUU2mg
ed0EBD/NmikpvqcJZBEt9fWqKqa18w6cLG67gzNtUnFUJAoX28hRI76YCkOhHaue
PRBo6GvxyLmqG0rP3CkKW5eJqxpYyyCFylA+7GKCUmLUbqTD9stLnjRQ0v2gve4W
s3osQtMWJpQOsjPzt573plhkg4SlT5KIBiIqIwRqrZeD2f3qpfnlfH2AwPxTTLBY
24BLZWAoJC6IF1+GtQ4Y0RcpU4fVPjycJWGh/nE9SP0I9GLA6wvOXWywl6DAdzvk
G9Z9mF1LYPEn1HoDknG9lHdQDIo7zs4J3jJ42yIt/UhO8sd8HPQXzxpho4ASmZ6W
xeGgD8N7wJNmiA==
-----END CERTIFICATE-----
Generated at Thu Mar 26 20:37:36 2026 by rpki-client