Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/001406-2e1f-4aeb-90a7-7528350d4c13/1/ha9TEIBex1YaGiL5yJDJcx-23r8.mft
File: ha9TEIBex1YaGiL5yJDJcx-23r8.mft (raw, json)
Hash identifier: AznYk0NUJ0Jr/IT5xP9q2+oyeg4TObcep0k+FT+wUk0=
Subject key identifier: B8:92:C4:A7:21:A2:FE:C7:8D:E4:CD:6B:8F:3A:5C:51:C0:DD:8B:54
Authority key identifier: 85:AF:53:10:80:5E:C7:56:1A:1A:22:F9:C8:90:C9:73:1F:B6:DE:BF
Certificate issuer: /CN=85af5310805ec7561a1a22f9c890c9731fb6debf
Certificate serial: 019D25841D77E67A142E885B2694176A4BEF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ha9TEIBex1YaGiL5yJDJcx-23r8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/001406-2e1f-4aeb-90a7-7528350d4c13/1/ha9TEIBex1YaGiL5yJDJcx-23r8.mft
Manifest number: 1889
Signing time: Wed 25 Mar 2026 15:01:48 +0000
Manifest this update: Wed 25 Mar 2026 15:01:48 +0000
Manifest next update: Thu 26 Mar 2026 15:01:48 +0000
Files and hashes: 1: CMoH5Cyx1SfbFkp_AVi7WFSimSI.roa (hash: UPKbCnfFUk0J12uscJpZ+uKcHazd2OTNHLlOMouWxhg=)
2: ha9TEIBex1YaGiL5yJDJcx-23r8.crl (hash: x72fbs+7RejILuUlgArNySf04ULSHjXanFwTp3Wn0ac=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/94/001406-2e1f-4aeb-90a7-7528350d4c13/1/ha9TEIBex1YaGiL5yJDJcx-23r8.crl
rsync://rpki.ripe.net/repository/DEFAULT/94/001406-2e1f-4aeb-90a7-7528350d4c13/1/ha9TEIBex1YaGiL5yJDJcx-23r8.mft
rsync://rpki.ripe.net/repository/DEFAULT/ha9TEIBex1YaGiL5yJDJcx-23r8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:01:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:25:84:1d:77:e6:7a:14:2e:88:5b:26:94:17:6a:4b:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85af5310805ec7561a1a22f9c890c9731fb6debf
Validity
Not Before: Mar 25 15:01:48 2026 GMT
Not After : Mar 26 15:01:48 2026 GMT
Subject: CN=b892c4a721a2fec78de4cd6b8f3a5c51c0dd8b54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:60:11:16:5c:01:5c:00:26:37:d2:6e:cb:e5:
9d:8e:eb:56:9c:b2:de:00:4f:69:f3:7c:76:40:bc:
7f:17:23:ca:f6:38:c4:a2:ed:41:d6:86:d4:35:39:
f0:39:93:2c:61:f2:69:d4:43:90:63:d9:f7:a5:94:
a6:88:52:8e:86:0e:37:79:f4:f4:75:2d:77:81:d9:
bc:50:f9:01:60:d1:b1:b5:e6:1d:3e:dc:cd:2c:52:
a1:10:cb:41:20:14:81:9f:5b:b1:cf:d7:ca:93:7d:
33:58:66:4b:6c:53:c9:e2:45:cb:1c:6b:78:9a:4f:
f7:c6:40:fd:c0:00:90:3a:95:03:2b:54:c7:3e:51:
10:aa:53:3f:3e:5d:10:84:59:81:b2:97:08:79:86:
37:b1:7b:29:9b:79:c7:01:f6:8b:ba:c2:3f:c1:c3:
c7:d7:35:ce:60:d6:d7:09:bb:2d:d0:9c:7a:df:4a:
a2:07:b2:e2:4f:43:ea:c5:39:ae:54:d4:da:0a:0d:
34:3e:6e:49:ac:d8:53:4c:dc:a4:50:c7:dc:77:6e:
fa:a2:3c:7c:bd:2f:50:5a:9c:94:83:b6:6f:de:cc:
b5:57:76:04:2f:a6:3e:a4:90:9b:91:39:b8:34:0a:
2e:77:30:a5:5d:c4:fd:d2:90:e2:e6:6a:ab:43:94:
b7:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:92:C4:A7:21:A2:FE:C7:8D:E4:CD:6B:8F:3A:5C:51:C0:DD:8B:54
X509v3 Authority Key Identifier:
keyid:85:AF:53:10:80:5E:C7:56:1A:1A:22:F9:C8:90:C9:73:1F:B6:DE:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ha9TEIBex1YaGiL5yJDJcx-23r8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/001406-2e1f-4aeb-90a7-7528350d4c13/1/ha9TEIBex1YaGiL5yJDJcx-23r8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/001406-2e1f-4aeb-90a7-7528350d4c13/1/ha9TEIBex1YaGiL5yJDJcx-23r8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9b:82:60:5d:89:9f:02:b9:6c:df:4c:73:81:bb:28:95:94:9f:
01:87:f9:b2:3e:57:ff:12:72:b1:0c:54:5e:11:e7:89:81:fc:
38:a3:31:81:c2:1a:eb:a6:cc:a7:36:2a:54:b6:46:f4:03:34:
09:01:6c:d6:a1:f6:a8:e0:e0:9c:37:b5:c6:f0:1c:be:82:72:
32:e0:7b:74:bb:b9:06:1b:1a:79:0e:56:03:7c:a3:52:c6:35:
98:62:8c:ba:4b:b7:b5:36:08:ea:b6:47:d2:8c:26:8c:f5:1c:
58:b9:da:56:0a:a5:d6:1e:86:75:c0:89:1d:5b:74:2f:db:6a:
58:9e:92:99:94:f3:53:cd:77:f9:9c:8b:f1:27:5b:e7:12:63:
85:20:fb:1b:15:71:e8:e6:83:64:81:fd:a6:2c:34:9c:8a:b2:
34:90:ed:f0:86:13:42:9c:77:49:c8:94:0d:7e:9d:67:f6:33:
31:b1:b2:23:88:dd:1f:81:a6:09:f6:38:5b:d0:d7:25:39:45:
c5:82:8e:7e:96:7d:18:60:f0:ef:0e:8a:af:e5:bb:4e:2b:20:
5f:a0:f1:0c:fb:40:d1:55:1c:21:6d:29:d1:ef:c8:94:78:5a:
31:c4:cf:5a:eb:4b:26:b6:e4:29:79:e8:1e:8b:9d:47:02:71:
a0:53:67:b9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0lhB135noULohbJpQXakvvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1YWY1MzEwODA1ZWM3NTYxYTFhMjJmOWM4OTBjOTczMWZi
NmRlYmYwHhcNMjYwMzI1MTUwMTQ4WhcNMjYwMzI2MTUwMTQ4WjAzMTEwLwYDVQQD
EyhiODkyYzRhNzIxYTJmZWM3OGRlNGNkNmI4ZjNhNWM1MWMwZGQ4YjU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArmARFlwBXAAmN9Juy+WdjutWnLLe
AE9p83x2QLx/FyPK9jjEou1B1obUNTnwOZMsYfJp1EOQY9n3pZSmiFKOhg43efT0
dS13gdm8UPkBYNGxteYdPtzNLFKhEMtBIBSBn1uxz9fKk30zWGZLbFPJ4kXLHGt4
mk/3xkD9wACQOpUDK1THPlEQqlM/Pl0QhFmBspcIeYY3sXspm3nHAfaLusI/wcPH
1zXOYNbXCbst0Jx630qiB7LiT0PqxTmuVNTaCg00Pm5JrNhTTNykUMfcd276ojx8
vS9QWpyUg7Zv3sy1V3YEL6Y+pJCbkTm4NAoudzClXcT90pDi5mqrQ5S3/QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLiSxKchov7HjeTNa486XFHA3YtUMB8GA1UdIwQY
MBaAFIWvUxCAXsdWGhoi+ciQyXMftt6/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGE5VEVJQmV4MVlhR2lMNXlKREpjeC0yM3I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC8wMDE0MDYtMmUxZi00YWViLTkwYTct
NzUyODM1MGQ0YzEzLzEvaGE5VEVJQmV4MVlhR2lMNXlKREpjeC0yM3I4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC8wMDE0MDYtMmUxZi00YWViLTkwYTctNzUyODM1MGQ0YzEz
LzEvaGE5VEVJQmV4MVlhR2lMNXlKREpjeC0yM3I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAm4JgXYmf
Arls30xzgbsolZSfAYf5sj5X/xJysQxUXhHniYH8OKMxgcIa66bMpzYqVLZG9AM0
CQFs1qH2qODgnDe1xvAcvoJyMuB7dLu5BhsaeQ5WA3yjUsY1mGKMuku3tTYI6rZH
0owmjPUcWLnaVgql1h6GdcCJHVt0L9tqWJ6SmZTzU813+ZyL8Sdb5xJjhSD7GxVx
6OaDZIH9piw0nIqyNJDt8IYTQpx3SciUDX6dZ/YzMbGyI4jdH4GmCfY4W9DXJTlF
xYKOfpZ9GGDw7w6Kr+W7TisgX6DxDPtA0VUcIW0p0e/IlHhaMcTPWutLJrbkKXno
HoudRwJxoFNnuQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 00:37:45 2026 by rpki-client