Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/16cf7d-a151-49ec-8d8a-3a288c2c852c/1/HzjUsMuomcJPTjQHOE1tP6jVGl8.mft
File: HzjUsMuomcJPTjQHOE1tP6jVGl8.mft (raw, json)
Hash identifier: 4T5UNnn2bCrAJF0DeZjI13+qIcN4wDF1hn4kqJoDTJM=
Subject key identifier: B0:E8:8D:21:75:09:57:01:0C:87:8C:64:A7:BF:E4:4D:66:73:D8:21
Authority key identifier: 1F:38:D4:B0:CB:A8:99:C2:4F:4E:34:07:38:4D:6D:3F:A8:D5:1A:5F
Certificate issuer: /CN=1f38d4b0cba899c24f4e3407384d6d3fa8d51a5f
Certificate serial: 019D27727F7DF56F5C39F30EE7ADACBF0E06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HzjUsMuomcJPTjQHOE1tP6jVGl8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/16cf7d-a151-49ec-8d8a-3a288c2c852c/1/HzjUsMuomcJPTjQHOE1tP6jVGl8.mft
Manifest number: 0650
Signing time: Thu 26 Mar 2026 00:01:47 +0000
Manifest this update: Thu 26 Mar 2026 00:01:47 +0000
Manifest next update: Fri 27 Mar 2026 00:01:47 +0000
Files and hashes: 1: HzjUsMuomcJPTjQHOE1tP6jVGl8.crl (hash: gLRfM1RckOj6aDfUmcJD27fERc3RMGSF0UdUrKBP9E0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/99/16cf7d-a151-49ec-8d8a-3a288c2c852c/1/HzjUsMuomcJPTjQHOE1tP6jVGl8.crl
rsync://rpki.ripe.net/repository/DEFAULT/99/16cf7d-a151-49ec-8d8a-3a288c2c852c/1/HzjUsMuomcJPTjQHOE1tP6jVGl8.mft
rsync://rpki.ripe.net/repository/DEFAULT/HzjUsMuomcJPTjQHOE1tP6jVGl8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:27:72:7f:7d:f5:6f:5c:39:f3:0e:e7:ad:ac:bf:0e:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f38d4b0cba899c24f4e3407384d6d3fa8d51a5f
Validity
Not Before: Mar 26 00:01:47 2026 GMT
Not After : Mar 27 00:01:47 2026 GMT
Subject: CN=b0e88d21750957010c878c64a7bfe44d6673d821
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:1c:bd:4c:e8:26:65:2f:e1:df:63:19:9f:c2:
2c:a1:8b:7b:42:b2:62:a0:da:20:d7:cc:c7:da:8c:
87:41:80:d1:9f:50:7a:63:6c:42:52:9e:99:a1:8f:
a3:ac:53:ce:f7:95:db:92:de:2c:4b:e4:df:90:49:
58:56:0d:d8:9e:c6:bb:0d:6d:68:6e:c9:b4:8a:d0:
0c:b6:9c:2d:0e:1e:90:e8:36:8a:22:76:48:2a:20:
2c:4b:76:06:6b:28:ec:d9:38:7c:04:64:c1:09:ab:
2a:e3:22:5a:7a:7b:3c:2f:eb:5d:66:7f:77:87:e0:
93:7f:9b:87:31:d7:fe:24:93:11:56:49:4a:3b:d0:
05:43:ef:88:47:f8:a2:c7:e7:64:b8:81:a6:80:58:
40:ed:e4:4d:9c:c2:27:a7:c4:c5:9a:d6:f5:d4:07:
75:ca:24:f8:92:6f:79:a3:f4:cd:5c:7e:eb:5c:d3:
e9:21:a2:95:1f:84:09:e8:d3:c4:7a:35:4b:61:7f:
53:f4:29:42:e3:19:9c:82:77:20:06:4c:1f:1e:04:
06:d5:4c:77:d7:2c:6c:70:3d:0f:d0:39:2b:f8:91:
19:b7:66:49:19:45:a2:1e:1a:0b:30:c8:c7:47:aa:
f0:dc:18:f1:37:25:8e:06:e2:d6:0a:c4:87:7f:b8:
5f:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:E8:8D:21:75:09:57:01:0C:87:8C:64:A7:BF:E4:4D:66:73:D8:21
X509v3 Authority Key Identifier:
keyid:1F:38:D4:B0:CB:A8:99:C2:4F:4E:34:07:38:4D:6D:3F:A8:D5:1A:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HzjUsMuomcJPTjQHOE1tP6jVGl8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/16cf7d-a151-49ec-8d8a-3a288c2c852c/1/HzjUsMuomcJPTjQHOE1tP6jVGl8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/16cf7d-a151-49ec-8d8a-3a288c2c852c/1/HzjUsMuomcJPTjQHOE1tP6jVGl8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b1:27:00:83:e7:cc:da:b0:e1:f0:4e:20:37:e7:a5:f7:00:b8:
fe:a1:4b:2c:b3:d4:0b:f1:b8:00:80:b0:05:7f:83:e6:68:92:
6e:9b:c4:19:bf:78:c9:e2:aa:49:66:ca:8b:44:59:87:05:eb:
6e:ab:de:d0:f9:67:9d:a3:52:19:3a:92:2a:b8:67:6d:be:f7:
d0:11:0d:23:99:62:79:e9:ac:62:9f:50:66:70:b7:5e:f1:b9:
4b:02:37:d0:d2:28:71:5c:20:b1:e6:94:62:fd:66:32:20:05:
e2:a8:f3:14:98:3f:ba:49:c0:90:95:31:b6:22:f9:71:9b:b6:
9f:03:5b:e5:52:dc:77:0c:fe:9d:90:49:db:b7:4e:ca:07:aa:
78:7d:fd:01:51:0f:ac:20:9a:ee:59:05:f6:4d:f5:d5:74:1e:
31:54:36:26:61:de:ab:cf:c2:81:bd:bf:be:32:4d:fa:03:66:
29:77:da:9b:d1:0d:6a:07:a9:97:00:69:fd:13:a7:ec:cc:6f:
42:d3:c5:68:cd:bb:75:eb:46:9e:dc:83:11:37:9d:79:c7:7d:
00:17:94:aa:1b:cc:fa:d2:29:75:d5:a3:f3:2e:f5:8e:7a:65:
30:7a:cf:54:85:f9:16:a0:8a:9a:62:d0:ea:d0:a6:a0:33:79:
65:1e:57:2b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ncn999W9cOfMO562svw4GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmMzhkNGIwY2JhODk5YzI0ZjRlMzQwNzM4NGQ2ZDNmYThk
NTFhNWYwHhcNMjYwMzI2MDAwMTQ3WhcNMjYwMzI3MDAwMTQ3WjAzMTEwLwYDVQQD
EyhiMGU4OGQyMTc1MDk1NzAxMGM4NzhjNjRhN2JmZTQ0ZDY2NzNkODIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApxy9TOgmZS/h32MZn8IsoYt7QrJi
oNog18zH2oyHQYDRn1B6Y2xCUp6ZoY+jrFPO95Xbkt4sS+TfkElYVg3Ynsa7DW1o
bsm0itAMtpwtDh6Q6DaKInZIKiAsS3YGayjs2Th8BGTBCasq4yJaens8L+tdZn93
h+CTf5uHMdf+JJMRVklKO9AFQ++IR/iix+dkuIGmgFhA7eRNnMInp8TFmtb11Ad1
yiT4km95o/TNXH7rXNPpIaKVH4QJ6NPEejVLYX9T9ClC4xmcgncgBkwfHgQG1Ux3
1yxscD0P0Dkr+JEZt2ZJGUWiHhoLMMjHR6rw3BjxNyWOBuLWCsSHf7hf0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLDojSF1CVcBDIeMZKe/5E1mc9ghMB8GA1UdIwQY
MBaAFB841LDLqJnCT040BzhNbT+o1RpfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHpqVXNNdW9tY0pQVGpRSE9FMXRQNmpWR2w4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS8xNmNmN2QtYTE1MS00OWVjLThkOGEt
M2EyODhjMmM4NTJjLzEvSHpqVXNNdW9tY0pQVGpRSE9FMXRQNmpWR2w4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS8xNmNmN2QtYTE1MS00OWVjLThkOGEtM2EyODhjMmM4NTJj
LzEvSHpqVXNNdW9tY0pQVGpRSE9FMXRQNmpWR2w4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsScAg+fM
2rDh8E4gN+el9wC4/qFLLLPUC/G4AICwBX+D5miSbpvEGb94yeKqSWbKi0RZhwXr
bqve0PlnnaNSGTqSKrhnbb730BENI5lieemsYp9QZnC3XvG5SwI30NIocVwgseaU
Yv1mMiAF4qjzFJg/uknAkJUxtiL5cZu2nwNb5VLcdwz+nZBJ27dOygeqeH39AVEP
rCCa7lkF9k311XQeMVQ2JmHeq8/Cgb2/vjJN+gNmKXfam9ENageplwBp/ROn7Mxv
QtPFaM27detGntyDETedecd9ABeUqhvM+tIpddWj8y71jnplMHrPVIX5FqCKmmLQ
6tCmoDN5ZR5XKw==
-----END CERTIFICATE-----
Generated at Thu Mar 26 05:11:22 2026 by rpki-client