Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/c1a754-1f96-4500-8102-91140f329eaa/1/hkl2gukwfEaHk1AIFzFH0TKijGQ.mft
File: hkl2gukwfEaHk1AIFzFH0TKijGQ.mft (raw, json)
Hash identifier: VyKrbIBYd3A0O+7tMYSEQ+M+Y/0IjFTRnF36xiH6Vs4=
Subject key identifier: 1B:40:DF:05:80:81:EA:CA:2C:82:EB:E8:F5:8F:0E:F1:97:77:98:C7
Authority key identifier: 86:49:76:82:E9:30:7C:46:87:93:50:08:17:31:47:D1:32:A2:8C:64
Certificate issuer: /CN=86497682e9307c4687935008173147d132a28c64
Certificate serial: 019D28BB5549B2660D1665C3E49CAB1E46A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hkl2gukwfEaHk1AIFzFH0TKijGQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/c1a754-1f96-4500-8102-91140f329eaa/1/hkl2gukwfEaHk1AIFzFH0TKijGQ.mft
Manifest number: 1454
Signing time: Thu 26 Mar 2026 06:00:58 +0000
Manifest this update: Thu 26 Mar 2026 06:00:58 +0000
Manifest next update: Fri 27 Mar 2026 06:00:58 +0000
Files and hashes: 1: Me7XtuRdIVZUbFTlkKpYNs199RM.roa (hash: 2FYoEiQSEHRljfdP8hVbR34ZxR+Jq9T0ORhGnMfjG70=)
2: hkl2gukwfEaHk1AIFzFH0TKijGQ.crl (hash: jdavnFD5yDXDpWIbtw9H8SHKNrFgVFkAQyJVHjyBvlk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/95/c1a754-1f96-4500-8102-91140f329eaa/1/hkl2gukwfEaHk1AIFzFH0TKijGQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/95/c1a754-1f96-4500-8102-91140f329eaa/1/hkl2gukwfEaHk1AIFzFH0TKijGQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/hkl2gukwfEaHk1AIFzFH0TKijGQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:28:bb:55:49:b2:66:0d:16:65:c3:e4:9c:ab:1e:46:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86497682e9307c4687935008173147d132a28c64
Validity
Not Before: Mar 26 06:00:58 2026 GMT
Not After : Mar 27 06:00:58 2026 GMT
Subject: CN=1b40df058081eaca2c82ebe8f58f0ef1977798c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:2d:06:31:e5:1b:90:57:75:bd:f1:b7:4e:38:
8c:7d:97:9e:cb:da:8e:9f:fe:5b:f6:99:da:06:6c:
74:16:bf:af:2a:c3:e0:f2:7a:f3:2f:05:c4:2f:64:
9c:91:f5:89:95:ed:82:0c:90:f6:8b:fa:d9:da:40:
74:e1:e0:e4:45:d8:c4:cb:e5:5c:ca:0e:e0:dc:c6:
7e:7b:1c:2c:a7:3b:34:a4:3d:93:6c:7e:a2:9a:3c:
3f:87:97:42:94:69:b9:ea:b0:ed:ae:7b:1e:09:39:
58:e2:9c:06:46:af:da:db:b7:a8:77:7d:4c:64:c1:
47:05:d7:00:2b:d3:75:80:fc:2d:86:75:82:08:06:
3f:e2:b3:c0:4a:13:36:17:ff:b0:e4:aa:85:72:54:
3d:49:ef:40:c8:2d:63:ca:e7:a2:0d:13:58:6b:79:
00:68:83:fc:db:4a:90:c6:ed:b2:01:65:63:d6:2c:
d0:20:b3:68:55:54:bc:75:0c:07:91:96:c1:d1:be:
7d:d8:8a:10:fa:f9:5d:b4:09:63:05:a2:0f:cc:b3:
b3:13:ef:2b:2f:77:c2:eb:1e:ac:7f:a6:af:57:05:
8e:bb:42:e2:28:df:5a:45:23:92:ca:63:3f:82:e2:
dd:39:5f:3f:2b:28:f3:68:b1:6c:e0:e7:6b:ef:f4:
49:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:40:DF:05:80:81:EA:CA:2C:82:EB:E8:F5:8F:0E:F1:97:77:98:C7
X509v3 Authority Key Identifier:
keyid:86:49:76:82:E9:30:7C:46:87:93:50:08:17:31:47:D1:32:A2:8C:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hkl2gukwfEaHk1AIFzFH0TKijGQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/c1a754-1f96-4500-8102-91140f329eaa/1/hkl2gukwfEaHk1AIFzFH0TKijGQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/c1a754-1f96-4500-8102-91140f329eaa/1/hkl2gukwfEaHk1AIFzFH0TKijGQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
08:7b:3e:bc:5a:9a:58:58:c0:42:ea:50:50:95:54:44:09:29:
0d:d0:0d:a5:fd:56:ec:b7:c8:aa:05:f7:42:fc:1f:5c:3d:49:
24:94:aa:5a:48:d0:3a:e9:19:06:6f:8c:62:9b:9a:9e:2e:b3:
c1:b1:4e:b6:fc:ae:8f:e5:52:e6:62:ab:da:1b:ec:cb:3f:46:
5f:8e:42:2a:96:83:0f:04:61:59:64:ca:2e:31:80:3a:a8:8c:
d2:e0:7c:a8:c9:1b:ba:c9:a6:6e:bc:83:d1:f4:4f:a7:3f:58:
7d:ca:fd:2b:32:36:ff:7d:c6:2c:ec:ab:e1:dc:a7:25:20:39:
8b:df:42:8f:51:fa:05:99:ec:55:a8:5e:2e:2c:35:a8:86:79:
c7:8b:30:bb:5d:3c:56:02:aa:72:00:bc:3a:e5:20:81:33:52:
10:dc:cb:67:68:a4:f6:9b:7b:28:9f:a6:58:5c:4c:76:78:a6:
59:a8:39:30:72:db:50:8c:05:30:49:4f:f8:43:4f:b9:72:5b:
f8:97:0f:a5:25:31:6c:66:67:a1:fa:d0:2e:dd:8d:be:35:0c:
84:e1:be:fc:c4:c2:80:de:29:e0:b3:47:8a:85:fe:e7:a4:58:
c5:56:83:0a:aa:aa:4f:88:99:05:d1:5b:f9:f7:3f:7d:cd:84:
28:2b:2a:c7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ou1VJsmYNFmXD5JyrHkajMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2NDk3NjgyZTkzMDdjNDY4NzkzNTAwODE3MzE0N2QxMzJh
MjhjNjQwHhcNMjYwMzI2MDYwMDU4WhcNMjYwMzI3MDYwMDU4WjAzMTEwLwYDVQQD
EygxYjQwZGYwNTgwODFlYWNhMmM4MmViZThmNThmMGVmMTk3Nzc5OGM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAni0GMeUbkFd1vfG3TjiMfZeey9qO
n/5b9pnaBmx0Fr+vKsPg8nrzLwXEL2SckfWJle2CDJD2i/rZ2kB04eDkRdjEy+Vc
yg7g3MZ+exwspzs0pD2TbH6imjw/h5dClGm56rDtrnseCTlY4pwGRq/a27eod31M
ZMFHBdcAK9N1gPwthnWCCAY/4rPAShM2F/+w5KqFclQ9Se9AyC1jyueiDRNYa3kA
aIP820qQxu2yAWVj1izQILNoVVS8dQwHkZbB0b592IoQ+vldtAljBaIPzLOzE+8r
L3fC6x6sf6avVwWOu0LiKN9aRSOSymM/guLdOV8/KyjzaLFs4Odr7/RJVQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBtA3wWAgerKLILr6PWPDvGXd5jHMB8GA1UdIwQY
MBaAFIZJdoLpMHxGh5NQCBcxR9EyooxkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGtsMmd1a3dmRWFIazFBSUZ6RkgwVEtpakdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS9jMWE3NTQtMWY5Ni00NTAwLTgxMDIt
OTExNDBmMzI5ZWFhLzEvaGtsMmd1a3dmRWFIazFBSUZ6RkgwVEtpakdRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS9jMWE3NTQtMWY5Ni00NTAwLTgxMDItOTExNDBmMzI5ZWFh
LzEvaGtsMmd1a3dmRWFIazFBSUZ6RkgwVEtpakdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACHs+vFqa
WFjAQupQUJVURAkpDdANpf1W7LfIqgX3QvwfXD1JJJSqWkjQOukZBm+MYpuani6z
wbFOtvyuj+VS5mKr2hvsyz9GX45CKpaDDwRhWWTKLjGAOqiM0uB8qMkbusmmbryD
0fRPpz9Yfcr9KzI2/33GLOyr4dynJSA5i99Cj1H6BZnsVaheLiw1qIZ5x4swu108
VgKqcgC8OuUggTNSENzLZ2ik9pt7KJ+mWFxMdnimWag5MHLbUIwFMElP+ENPuXJb
+JcPpSUxbGZnofrQLt2NvjUMhOG+/MTCgN4p4LNHioX+56RYxVaDCqqqT4iZBdFb
+fc/fc2EKCsqxw==
-----END CERTIFICATE-----
Generated at Thu Mar 26 18:02:47 2026 by rpki-client