Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/1295d0-3911-4a18-a8d2-752d59a042c2/1/hUxfKY2BrMVXP9WfsF3YbyCry6g.mft
File: hUxfKY2BrMVXP9WfsF3YbyCry6g.mft (raw, json)
Hash identifier: lR/zo4L4FuKSMIM67tiFvXyORA7TwPOQWL2YcF7auME=
Subject key identifier: FD:44:8A:51:64:75:5F:1F:C7:C4:12:21:74:23:64:09:0A:A5:5D:72
Authority key identifier: 85:4C:5F:29:8D:81:AC:C5:57:3F:D5:9F:B0:5D:D8:6F:20:AB:CB:A8
Certificate issuer: /CN=854c5f298d81acc5573fd59fb05dd86f20abcba8
Certificate serial: 019D2996C79A238D1A701FC3D103E1BAC5A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hUxfKY2BrMVXP9WfsF3YbyCry6g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/1295d0-3911-4a18-a8d2-752d59a042c2/1/hUxfKY2BrMVXP9WfsF3YbyCry6g.mft
Manifest number: 1307
Signing time: Thu 26 Mar 2026 10:00:40 +0000
Manifest this update: Thu 26 Mar 2026 10:00:40 +0000
Manifest next update: Fri 27 Mar 2026 10:00:40 +0000
Files and hashes: 1: KDlCkTZJ_trioChGEq3qqR2sW-g.roa (hash: jNNvN3keVzRoRmynZdoMPevs+yPDhsuaoYcA8SI2cJs=)
2: hUxfKY2BrMVXP9WfsF3YbyCry6g.crl (hash: uYUZH9iA1amJo2O5d9dQrqekvoM3LjQ5eWdHLYxPCxc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/1295d0-3911-4a18-a8d2-752d59a042c2/1/hUxfKY2BrMVXP9WfsF3YbyCry6g.crl
rsync://rpki.ripe.net/repository/DEFAULT/a3/1295d0-3911-4a18-a8d2-752d59a042c2/1/hUxfKY2BrMVXP9WfsF3YbyCry6g.mft
rsync://rpki.ripe.net/repository/DEFAULT/hUxfKY2BrMVXP9WfsF3YbyCry6g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:29:96:c7:9a:23:8d:1a:70:1f:c3:d1:03:e1:ba:c5:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=854c5f298d81acc5573fd59fb05dd86f20abcba8
Validity
Not Before: Mar 26 10:00:40 2026 GMT
Not After : Mar 27 10:00:40 2026 GMT
Subject: CN=fd448a5164755f1fc7c41221742364090aa55d72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:a7:d1:29:9d:10:50:6c:4f:6f:8d:8b:c9:d6:
c4:77:e9:50:73:b4:ae:59:5b:6b:17:d9:d7:c0:97:
81:ec:42:c1:5d:3c:cb:58:7c:eb:66:1a:87:28:34:
a1:a6:ce:18:39:61:9e:a6:25:09:0b:b3:ff:88:9a:
e8:e4:5d:62:09:47:30:35:5f:ad:a9:06:95:17:e6:
9e:f5:44:4c:24:7c:a2:96:f0:93:37:dc:48:a2:73:
b4:c9:ef:7a:00:2e:2f:29:a5:17:73:19:c5:1e:90:
f4:3b:c0:a4:84:41:ce:0a:9a:02:78:b2:f2:24:47:
9f:90:45:ec:30:70:ba:fe:14:0a:b5:98:e3:4b:2c:
ea:cc:58:4a:78:d6:45:1c:a8:bf:3b:17:d3:99:fa:
a2:45:19:56:48:04:dc:70:f1:b5:4c:8d:f3:5e:2f:
ff:53:fc:c1:a0:4d:59:84:31:8b:7a:7a:e8:7d:1e:
57:76:11:f2:9a:b7:cb:12:8f:7d:85:b3:ae:c9:ad:
fd:ce:fa:be:d0:4f:ca:89:98:5e:9d:51:81:08:34:
48:57:92:6d:6d:d6:6e:b8:66:a3:5d:c0:47:71:44:
eb:0b:59:be:05:af:50:f5:dd:db:dc:b2:2c:1e:fc:
c5:af:5f:0e:88:aa:d2:15:97:95:27:98:f6:18:d1:
19:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:44:8A:51:64:75:5F:1F:C7:C4:12:21:74:23:64:09:0A:A5:5D:72
X509v3 Authority Key Identifier:
keyid:85:4C:5F:29:8D:81:AC:C5:57:3F:D5:9F:B0:5D:D8:6F:20:AB:CB:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hUxfKY2BrMVXP9WfsF3YbyCry6g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/1295d0-3911-4a18-a8d2-752d59a042c2/1/hUxfKY2BrMVXP9WfsF3YbyCry6g.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/1295d0-3911-4a18-a8d2-752d59a042c2/1/hUxfKY2BrMVXP9WfsF3YbyCry6g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
33:19:ef:65:b6:70:e9:c4:9d:67:9d:bd:a0:24:1d:9e:ce:4b:
fe:f5:69:1d:c6:c1:9c:58:13:d6:77:ce:6f:ec:4f:11:4b:82:
ac:76:34:35:6c:9f:0f:8c:ac:81:32:82:7c:72:c8:bb:80:1d:
e7:4d:cd:a2:2c:02:ea:31:8c:f5:a6:d3:58:30:0b:c2:e1:d4:
e3:4d:96:bc:15:f9:1f:c4:41:f8:08:62:72:44:bc:2d:54:47:
74:3b:21:02:96:9d:d5:ff:ce:c7:2c:41:2c:52:a5:6c:48:85:
97:0a:fc:50:67:db:d3:3f:b5:c6:74:d3:86:4b:19:f6:2b:6c:
d3:97:1f:5b:79:a4:cf:ef:aa:2f:be:8e:84:59:52:92:b7:77:
3d:ac:4a:7a:bd:ae:2a:c2:8f:a3:66:4a:38:09:88:87:71:0b:
b1:d7:17:6c:2c:2d:1d:d6:14:73:50:21:c0:d9:a3:be:a1:1b:
ae:32:74:a0:e0:f6:f5:37:f4:c3:29:82:55:37:6b:f5:15:a4:
60:45:d7:7f:62:86:51:69:6d:fc:d2:d4:5c:73:0f:21:74:8c:
ed:b2:dc:8d:54:7a:64:6c:54:65:36:85:dd:0a:2f:02:3c:6e:
7a:54:c5:34:c0:97:f6:37:23:3e:dc:3c:00:00:1a:83:71:89:
8c:74:b6:d8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0plseaI40acB/D0QPhusWjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1NGM1ZjI5OGQ4MWFjYzU1NzNmZDU5ZmIwNWRkODZmMjBh
YmNiYTgwHhcNMjYwMzI2MTAwMDQwWhcNMjYwMzI3MTAwMDQwWjAzMTEwLwYDVQQD
EyhmZDQ0OGE1MTY0NzU1ZjFmYzdjNDEyMjE3NDIzNjQwOTBhYTU1ZDcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvafRKZ0QUGxPb42LydbEd+lQc7Su
WVtrF9nXwJeB7ELBXTzLWHzrZhqHKDShps4YOWGepiUJC7P/iJro5F1iCUcwNV+t
qQaVF+ae9URMJHyilvCTN9xIonO0ye96AC4vKaUXcxnFHpD0O8CkhEHOCpoCeLLy
JEefkEXsMHC6/hQKtZjjSyzqzFhKeNZFHKi/OxfTmfqiRRlWSATccPG1TI3zXi//
U/zBoE1ZhDGLenrofR5XdhHymrfLEo99hbOuya39zvq+0E/KiZhenVGBCDRIV5Jt
bdZuuGajXcBHcUTrC1m+Ba9Q9d3b3LIsHvzFr18OiKrSFZeVJ5j2GNEZIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP1EilFkdV8fx8QSIXQjZAkKpV1yMB8GA1UdIwQY
MBaAFIVMXymNgazFVz/Vn7Bd2G8gq8uoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFV4ZktZMkJyTVZYUDlXZnNGM1lieUNyeTZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy8xMjk1ZDAtMzkxMS00YTE4LWE4ZDIt
NzUyZDU5YTA0MmMyLzEvaFV4ZktZMkJyTVZYUDlXZnNGM1lieUNyeTZnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy8xMjk1ZDAtMzkxMS00YTE4LWE4ZDItNzUyZDU5YTA0MmMy
LzEvaFV4ZktZMkJyTVZYUDlXZnNGM1lieUNyeTZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMxnvZbZw
6cSdZ529oCQdns5L/vVpHcbBnFgT1nfOb+xPEUuCrHY0NWyfD4ysgTKCfHLIu4Ad
503NoiwC6jGM9abTWDALwuHU402WvBX5H8RB+AhickS8LVRHdDshApad1f/OxyxB
LFKlbEiFlwr8UGfb0z+1xnTThksZ9its05cfW3mkz++qL76OhFlSkrd3PaxKer2u
KsKPo2ZKOAmIh3ELsdcXbCwtHdYUc1AhwNmjvqEbrjJ0oOD29Tf0wymCVTdr9RWk
YEXXf2KGUWlt/NLUXHMPIXSM7bLcjVR6ZGxUZTaF3QovAjxuelTFNMCX9jcjPtw8
AAAag3GJjHS22A==
-----END CERTIFICATE-----
Generated at Thu Mar 26 14:27:15 2026 by rpki-client