Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/9d64ff-d4da-4dc9-8825-7118f8384c77/1/5HQG9JgrYYJMj9RLge3gqZ_HJOA.mft
File: 5HQG9JgrYYJMj9RLge3gqZ_HJOA.mft (raw, json)
Hash identifier: 7xw8t0v2Y+HJ4v39jaUyWnMjoD48A+gObKkdHRUC5Rw=
Subject key identifier: 98:9E:8C:71:F1:8E:82:A5:C9:06:4D:C2:E6:3F:27:4B:DC:E7:EB:A5
Authority key identifier: E4:74:06:F4:98:2B:61:82:4C:8F:D4:4B:81:ED:E0:A9:9F:C7:24:E0
Certificate issuer: /CN=e47406f4982b61824c8fd44b81ede0a99fc724e0
Certificate serial: 019D2A3C52EE730EE5B01B406C6A940F0479
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5HQG9JgrYYJMj9RLge3gqZ_HJOA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/9d64ff-d4da-4dc9-8825-7118f8384c77/1/5HQG9JgrYYJMj9RLge3gqZ_HJOA.mft
Manifest number: 0D3D
Signing time: Thu 26 Mar 2026 13:01:29 +0000
Manifest this update: Thu 26 Mar 2026 13:01:29 +0000
Manifest next update: Fri 27 Mar 2026 13:01:29 +0000
Files and hashes: 1: 5HQG9JgrYYJMj9RLge3gqZ_HJOA.crl (hash: ywcs5I8+U8nAvsBELGcW59eSQR2C7+TdW7fJvxXsCN8=)
2: 5IiWlb3vHBWlCp6tIVca2yVQHto.roa (hash: STYN3zexlvKSLuiZ3ZMU8hJ7HbklvtNxc22+hhIPD74=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/99/9d64ff-d4da-4dc9-8825-7118f8384c77/1/5HQG9JgrYYJMj9RLge3gqZ_HJOA.crl
rsync://rpki.ripe.net/repository/DEFAULT/99/9d64ff-d4da-4dc9-8825-7118f8384c77/1/5HQG9JgrYYJMj9RLge3gqZ_HJOA.mft
rsync://rpki.ripe.net/repository/DEFAULT/5HQG9JgrYYJMj9RLge3gqZ_HJOA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:2a:3c:52:ee:73:0e:e5:b0:1b:40:6c:6a:94:0f:04:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e47406f4982b61824c8fd44b81ede0a99fc724e0
Validity
Not Before: Mar 26 13:01:29 2026 GMT
Not After : Mar 27 13:01:29 2026 GMT
Subject: CN=989e8c71f18e82a5c9064dc2e63f274bdce7eba5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:b7:6d:60:9e:59:87:2a:e4:9f:91:0f:b1:bd:
15:0e:b4:55:4b:06:9c:f2:05:f7:e2:d7:a1:23:cc:
96:76:0b:ef:45:2d:8b:16:b2:fe:1c:8c:2b:e5:b7:
4c:09:ac:0f:b1:59:e1:ed:54:b0:b3:0a:74:b4:8d:
5e:dd:b0:9c:9a:90:20:80:64:84:a4:2e:a6:41:c7:
17:82:34:ab:ac:ba:22:00:c7:a4:3c:fb:d2:f5:f8:
02:8b:6b:dd:3c:15:19:00:ec:4c:3f:4c:71:b3:e5:
2f:2f:b8:a7:7e:1e:76:d9:5a:30:36:02:fe:ec:02:
70:8b:de:93:43:e9:16:b9:a7:49:d9:13:74:37:1b:
46:bf:a0:66:80:ad:b7:0e:6c:4c:06:23:ec:29:5b:
18:27:60:35:12:5e:46:28:02:8d:cc:87:4a:1e:10:
ba:75:72:bf:fd:3f:1c:c0:be:21:cd:c8:ec:4a:c5:
95:2c:ad:04:58:9b:67:63:53:2d:b4:cd:ad:eb:cf:
21:bc:c3:82:35:40:84:53:51:2d:27:34:29:d9:19:
5a:1c:9d:c4:e6:ab:3a:6a:be:8f:c2:3c:ae:04:fe:
42:a4:41:21:59:1c:22:47:3d:3f:d7:ae:82:c8:c4:
ce:96:52:f1:dc:7f:ac:d4:e5:4f:d0:85:f6:3c:97:
2f:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:9E:8C:71:F1:8E:82:A5:C9:06:4D:C2:E6:3F:27:4B:DC:E7:EB:A5
X509v3 Authority Key Identifier:
keyid:E4:74:06:F4:98:2B:61:82:4C:8F:D4:4B:81:ED:E0:A9:9F:C7:24:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5HQG9JgrYYJMj9RLge3gqZ_HJOA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/9d64ff-d4da-4dc9-8825-7118f8384c77/1/5HQG9JgrYYJMj9RLge3gqZ_HJOA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/9d64ff-d4da-4dc9-8825-7118f8384c77/1/5HQG9JgrYYJMj9RLge3gqZ_HJOA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
21:c5:52:a7:0c:8c:5e:04:a7:38:c1:c4:85:de:fd:7a:a4:b1:
1d:5e:ae:3f:15:c2:ec:92:1a:0a:fa:d4:8d:aa:ce:e8:3b:8a:
e7:ba:67:12:44:46:b9:6e:26:c0:db:1f:4b:a3:9f:a7:be:aa:
df:c3:1c:4b:c3:eb:1f:be:de:4c:dc:ea:a3:a7:60:0d:41:ef:
4f:e7:b7:7f:4e:ca:d5:58:b7:5b:95:8f:c9:25:4f:be:a4:6f:
df:e7:d2:b6:19:d0:e2:fe:92:21:64:5f:65:f6:bc:36:c1:fa:
9c:f3:dc:76:94:58:ed:8d:de:80:7a:db:8d:60:97:89:31:9b:
81:ab:26:56:17:d1:47:1b:c6:05:46:10:2d:30:bf:94:b0:bf:
ef:87:f4:8d:5a:1c:2a:db:c2:40:87:e9:5d:1f:db:4f:ac:c5:
4f:d9:0d:0d:bd:6e:1e:40:5e:d5:28:e8:4d:25:c3:83:a4:35:
a5:70:09:8d:28:2e:07:42:27:fa:43:9b:dd:11:e2:33:8d:f9:
82:d5:9e:8e:77:3c:03:26:fc:94:f3:2d:08:10:1f:04:d4:e0:
20:d0:20:1d:62:89:36:4e:eb:2f:3f:a6:18:b2:d1:26:7a:ac:
62:fc:db:55:fc:b8:c4:e7:78:7a:80:40:7a:d0:d0:a2:63:ba:
09:60:ea:e0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0qPFLucw7lsBtAbGqUDwR5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0NzQwNmY0OTgyYjYxODI0YzhmZDQ0YjgxZWRlMGE5OWZj
NzI0ZTAwHhcNMjYwMzI2MTMwMTI5WhcNMjYwMzI3MTMwMTI5WjAzMTEwLwYDVQQD
Eyg5ODllOGM3MWYxOGU4MmE1YzkwNjRkYzJlNjNmMjc0YmRjZTdlYmE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu7dtYJ5Zhyrkn5EPsb0VDrRVSwac
8gX34tehI8yWdgvvRS2LFrL+HIwr5bdMCawPsVnh7VSwswp0tI1e3bCcmpAggGSE
pC6mQccXgjSrrLoiAMekPPvS9fgCi2vdPBUZAOxMP0xxs+UvL7infh522VowNgL+
7AJwi96TQ+kWuadJ2RN0NxtGv6BmgK23DmxMBiPsKVsYJ2A1El5GKAKNzIdKHhC6
dXK//T8cwL4hzcjsSsWVLK0EWJtnY1MttM2t688hvMOCNUCEU1EtJzQp2RlaHJ3E
5qs6ar6PwjyuBP5CpEEhWRwiRz0/166CyMTOllLx3H+s1OVP0IX2PJcvvQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJiejHHxjoKlyQZNwuY/J0vc5+ulMB8GA1UdIwQY
MBaAFOR0BvSYK2GCTI/US4Ht4KmfxyTgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUhRRzlKZ3JZWUpNajlSTGdlM2dxWl9ISk9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS85ZDY0ZmYtZDRkYS00ZGM5LTg4MjUt
NzExOGY4Mzg0Yzc3LzEvNUhRRzlKZ3JZWUpNajlSTGdlM2dxWl9ISk9BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS85ZDY0ZmYtZDRkYS00ZGM5LTg4MjUtNzExOGY4Mzg0Yzc3
LzEvNUhRRzlKZ3JZWUpNajlSTGdlM2dxWl9ISk9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIcVSpwyM
XgSnOMHEhd79eqSxHV6uPxXC7JIaCvrUjarO6DuK57pnEkRGuW4mwNsfS6Ofp76q
38McS8PrH77eTNzqo6dgDUHvT+e3f07K1Vi3W5WPySVPvqRv3+fSthnQ4v6SIWRf
Zfa8NsH6nPPcdpRY7Y3egHrbjWCXiTGbgasmVhfRRxvGBUYQLTC/lLC/74f0jVoc
KtvCQIfpXR/bT6zFT9kNDb1uHkBe1SjoTSXDg6Q1pXAJjSguB0In+kOb3RHiM435
gtWejnc8Ayb8lPMtCBAfBNTgINAgHWKJNk7rLz+mGLLRJnqsYvzbVfy4xOd4eoBA
etDQomO6CWDq4A==
-----END CERTIFICATE-----
Generated at Thu Mar 26 18:48:18 2026 by rpki-client