Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/624f64-0a4a-4d25-afce-0f39c4b3431d/1/hk8wHlkLg-qjj8EhtmCf9v5SuGg.mft
File: hk8wHlkLg-qjj8EhtmCf9v5SuGg.mft (raw, json)
Hash identifier: 9eOhGvsGtQ2EezIwyjvOuJOa+xY5ANIMILBDBg7E0wY=
Subject key identifier: 63:CC:F8:6B:D8:50:AD:C4:88:77:79:19:EE:34:3A:D7:77:7F:28:B0
Authority key identifier: 86:4F:30:1E:59:0B:83:EA:A3:8F:C1:21:B6:60:9F:F6:FE:52:B8:68
Certificate issuer: /CN=864f301e590b83eaa38fc121b6609ff6fe52b868
Certificate serial: 019D254CC1734EAE67E626C0BC77C1453085
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hk8wHlkLg-qjj8EhtmCf9v5SuGg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/624f64-0a4a-4d25-afce-0f39c4b3431d/1/hk8wHlkLg-qjj8EhtmCf9v5SuGg.mft
Manifest number: 1468
Signing time: Wed 25 Mar 2026 14:01:20 +0000
Manifest this update: Wed 25 Mar 2026 14:01:20 +0000
Manifest next update: Thu 26 Mar 2026 14:01:20 +0000
Files and hashes: 1: 2nBYNNpL7DUTWC7t7_01sfvjbSY.roa (hash: gZ0dRZlvFm+YPFIz5Atx1f7qRtb0ULpGbzwkVg6VEJ0=)
2: hk8wHlkLg-qjj8EhtmCf9v5SuGg.crl (hash: APQzcXxkb6LlrSAeg5Dd8y3l7IEVbwzloCOE/aN7RgA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8b/624f64-0a4a-4d25-afce-0f39c4b3431d/1/hk8wHlkLg-qjj8EhtmCf9v5SuGg.crl
rsync://rpki.ripe.net/repository/DEFAULT/8b/624f64-0a4a-4d25-afce-0f39c4b3431d/1/hk8wHlkLg-qjj8EhtmCf9v5SuGg.mft
rsync://rpki.ripe.net/repository/DEFAULT/hk8wHlkLg-qjj8EhtmCf9v5SuGg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 14:01:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:25:4c:c1:73:4e:ae:67:e6:26:c0:bc:77:c1:45:30:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=864f301e590b83eaa38fc121b6609ff6fe52b868
Validity
Not Before: Mar 25 14:01:20 2026 GMT
Not After : Mar 26 14:01:20 2026 GMT
Subject: CN=63ccf86bd850adc488777919ee343ad7777f28b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:f4:94:98:b1:c4:b2:3e:e1:58:33:b8:bc:f7:
cf:6c:9e:c1:5a:d1:34:c1:3d:a9:20:42:59:3e:76:
78:2e:ea:a6:45:9c:57:9b:37:5d:b7:d5:8e:c7:11:
fe:9f:94:6e:a4:e8:27:0a:07:d6:ee:1f:35:ad:0e:
5e:d7:a6:2d:ce:54:b9:ec:f2:9e:e0:2e:4b:a7:35:
18:eb:02:95:13:22:29:bb:0f:d4:e0:25:43:ca:50:
df:8a:7a:05:a4:2d:ec:c5:7b:f8:72:ed:4c:45:98:
c8:40:48:b0:d4:ad:03:4e:a1:5b:44:da:e8:e0:b7:
92:23:16:bc:48:ed:b7:a5:c6:e9:85:8f:7f:15:e4:
5f:b0:f0:da:da:e5:9f:96:46:74:68:ec:4d:44:bc:
18:8b:bd:40:7d:f3:17:fd:f3:1f:dc:6d:5e:df:af:
2c:d8:6b:47:74:b3:f8:4e:6b:af:7d:06:44:d9:4c:
18:72:a1:cb:d8:b3:b1:ed:cd:07:a4:17:58:9b:5b:
50:4c:bb:20:b4:6d:d5:db:86:1d:a1:72:e6:25:6b:
14:b9:c1:8d:c3:43:77:de:34:4b:97:fc:fb:06:59:
42:29:bf:01:93:f9:3f:98:e5:3c:17:9c:ae:24:fa:
fe:12:b6:c0:6e:7e:52:6d:a7:64:9a:fa:bc:50:81:
ac:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:CC:F8:6B:D8:50:AD:C4:88:77:79:19:EE:34:3A:D7:77:7F:28:B0
X509v3 Authority Key Identifier:
keyid:86:4F:30:1E:59:0B:83:EA:A3:8F:C1:21:B6:60:9F:F6:FE:52:B8:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hk8wHlkLg-qjj8EhtmCf9v5SuGg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/624f64-0a4a-4d25-afce-0f39c4b3431d/1/hk8wHlkLg-qjj8EhtmCf9v5SuGg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/624f64-0a4a-4d25-afce-0f39c4b3431d/1/hk8wHlkLg-qjj8EhtmCf9v5SuGg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3a:f8:47:c4:50:53:46:3b:a8:01:0f:df:c5:98:3e:47:e6:eb:
c2:d3:52:f0:09:85:31:15:24:e5:8f:bc:b9:57:e0:f0:d3:0c:
45:f2:96:dd:a5:64:29:ed:46:cc:8b:30:54:8a:6a:29:de:aa:
64:15:31:6a:db:cf:c3:1a:0d:d0:d9:3c:ff:92:1b:84:3b:db:
df:fc:f9:90:ca:41:dc:e4:97:62:7c:ff:90:0d:5c:87:7e:17:
5b:13:c3:a5:1d:62:cb:3a:64:8d:a9:6c:25:b4:a4:06:71:23:
ae:08:10:12:b1:26:2c:f6:5e:4b:74:c6:27:08:b9:be:3c:a5:
e9:4e:5f:5e:04:20:3b:6f:31:49:a1:e7:fc:16:e5:d6:99:0d:
d3:2c:82:2f:9b:3e:9a:9e:2d:c8:6b:44:60:6b:90:d4:f2:94:
10:d4:c7:94:a1:02:8a:92:2e:1a:c2:a5:d3:58:ca:dd:82:69:
62:59:00:96:4c:a8:77:bf:bc:87:a0:d1:4a:a6:51:3d:4d:10:
9e:01:67:5e:1d:a9:5e:d6:aa:6e:4e:ca:ad:b7:18:75:3f:16:
4e:08:91:19:4e:16:74:f8:29:e5:17:8b:48:89:47:d5:37:47:
89:67:f7:d9:e3:32:bf:08:50:b9:dd:27:0f:1f:80:3d:6a:61:
ef:4d:63:df
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0lTMFzTq5n5ibAvHfBRTCFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2NGYzMDFlNTkwYjgzZWFhMzhmYzEyMWI2NjA5ZmY2ZmU1
MmI4NjgwHhcNMjYwMzI1MTQwMTIwWhcNMjYwMzI2MTQwMTIwWjAzMTEwLwYDVQQD
Eyg2M2NjZjg2YmQ4NTBhZGM0ODg3Nzc5MTllZTM0M2FkNzc3N2YyOGIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiPSUmLHEsj7hWDO4vPfPbJ7BWtE0
wT2pIEJZPnZ4LuqmRZxXmzddt9WOxxH+n5RupOgnCgfW7h81rQ5e16YtzlS57PKe
4C5LpzUY6wKVEyIpuw/U4CVDylDfinoFpC3sxXv4cu1MRZjIQEiw1K0DTqFbRNro
4LeSIxa8SO23pcbphY9/FeRfsPDa2uWflkZ0aOxNRLwYi71AffMX/fMf3G1e368s
2GtHdLP4TmuvfQZE2UwYcqHL2LOx7c0HpBdYm1tQTLsgtG3V24YdoXLmJWsUucGN
w0N33jRLl/z7BllCKb8Bk/k/mOU8F5yuJPr+ErbAbn5Sbadkmvq8UIGspwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGPM+GvYUK3EiHd5Ge40Otd3fyiwMB8GA1UdIwQY
MBaAFIZPMB5ZC4Pqo4/BIbZgn/b+UrhoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGs4d0hsa0xnLXFqajhFaHRtQ2Y5djVTdUdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi82MjRmNjQtMGE0YS00ZDI1LWFmY2Ut
MGYzOWM0YjM0MzFkLzEvaGs4d0hsa0xnLXFqajhFaHRtQ2Y5djVTdUdnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi82MjRmNjQtMGE0YS00ZDI1LWFmY2UtMGYzOWM0YjM0MzFk
LzEvaGs4d0hsa0xnLXFqajhFaHRtQ2Y5djVTdUdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOvhHxFBT
RjuoAQ/fxZg+R+brwtNS8AmFMRUk5Y+8uVfg8NMMRfKW3aVkKe1GzIswVIpqKd6q
ZBUxatvPwxoN0Nk8/5IbhDvb3/z5kMpB3OSXYnz/kA1ch34XWxPDpR1iyzpkjals
JbSkBnEjrggQErEmLPZeS3TGJwi5vjyl6U5fXgQgO28xSaHn/Bbl1pkN0yyCL5s+
mp4tyGtEYGuQ1PKUENTHlKECipIuGsKl01jK3YJpYlkAlkyod7+8h6DRSqZRPU0Q
ngFnXh2pXtaqbk7KrbcYdT8WTgiRGU4WdPgp5ReLSIlH1TdHiWf32eMyvwhQud0n
Dx+APWph701j3w==
-----END CERTIFICATE-----
Generated at Thu Mar 26 00:54:46 2026 by rpki-client