Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/bb6f34-347b-4bae-8f92-ea84a51eb3dc/1/hfhwEZ5ZIb8SSV3JAtz-PY1KN9g.mft
File: hfhwEZ5ZIb8SSV3JAtz-PY1KN9g.mft (raw, json)
Hash identifier: AmQnFTStolNXK2kVPxpdYYjmXDeAd9vIhNJLpX2j4YQ=
Subject key identifier: 3A:B4:02:55:E2:6F:23:11:CB:70:11:33:3E:A2:B9:1A:CD:01:F4:F1
Authority key identifier: 85:F8:70:11:9E:59:21:BF:12:49:5D:C9:02:DC:FE:3D:8D:4A:37:D8
Certificate issuer: /CN=85f870119e5921bf12495dc902dcfe3d8d4a37d8
Certificate serial: 019D265EF481180588EEE7F2AB3872EFE4F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hfhwEZ5ZIb8SSV3JAtz-PY1KN9g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/bb6f34-347b-4bae-8f92-ea84a51eb3dc/1/hfhwEZ5ZIb8SSV3JAtz-PY1KN9g.mft
Manifest number: 0430
Signing time: Wed 25 Mar 2026 19:00:50 +0000
Manifest this update: Wed 25 Mar 2026 19:00:50 +0000
Manifest next update: Thu 26 Mar 2026 19:00:50 +0000
Files and hashes: 1: hfhwEZ5ZIb8SSV3JAtz-PY1KN9g.crl (hash: 3gtS7HJAgFmn//RdTqlHCZ+ReNqCmrknvM4QNM0DI/Q=)
2: y9uehOeQeqw3aXtpz02BRppyIDw.roa (hash: DkoCOynUoTvS6BEYZLogyktfjmzSkzrDWMdKSZGF36c=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a5/bb6f34-347b-4bae-8f92-ea84a51eb3dc/1/hfhwEZ5ZIb8SSV3JAtz-PY1KN9g.crl
rsync://rpki.ripe.net/repository/DEFAULT/a5/bb6f34-347b-4bae-8f92-ea84a51eb3dc/1/hfhwEZ5ZIb8SSV3JAtz-PY1KN9g.mft
rsync://rpki.ripe.net/repository/DEFAULT/hfhwEZ5ZIb8SSV3JAtz-PY1KN9g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 19:00:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:26:5e:f4:81:18:05:88:ee:e7:f2:ab:38:72:ef:e4:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85f870119e5921bf12495dc902dcfe3d8d4a37d8
Validity
Not Before: Mar 25 19:00:50 2026 GMT
Not After : Mar 26 19:00:50 2026 GMT
Subject: CN=3ab40255e26f2311cb7011333ea2b91acd01f4f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:1c:60:67:5f:d3:6a:73:65:a7:da:e5:98:c8:
58:ff:93:92:87:16:64:28:2b:d1:0a:14:67:9d:ae:
af:bd:77:e3:b8:c3:f2:6a:3a:93:8c:cf:c7:4f:09:
7c:1b:44:f7:d8:d5:cb:01:4d:ce:fe:a1:9f:cf:d6:
fd:11:08:48:fe:7f:79:2f:4e:2f:a7:86:de:5f:1e:
cb:18:24:b4:03:60:2d:e9:37:d8:51:31:b7:2b:6b:
04:a8:45:55:a5:ff:b4:61:e0:e5:e1:14:58:68:d9:
1c:85:25:eb:f0:fc:28:cf:c5:51:1a:86:00:a5:9a:
7c:6a:6c:1f:c7:f0:1e:48:6c:a3:13:d5:5f:2a:e4:
f6:d9:56:91:a6:79:5b:73:2d:22:9a:26:02:f7:5d:
79:aa:51:9d:2e:96:05:b5:78:a0:b9:2b:4f:a5:23:
f2:b5:a0:69:23:41:81:26:1a:12:37:30:3c:16:b2:
33:44:84:8e:35:b5:14:c4:f8:21:a7:8f:7d:4b:52:
9d:c1:a7:4c:d0:8b:cc:8e:3c:78:0b:96:b0:2a:14:
25:ed:f5:52:79:94:76:89:fe:52:d3:4f:fd:d6:24:
9e:a3:a7:d4:d5:36:b5:77:4e:b5:cd:ad:92:e7:d2:
90:ce:38:1d:d6:b4:c4:56:24:ef:ae:75:0f:20:41:
09:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:B4:02:55:E2:6F:23:11:CB:70:11:33:3E:A2:B9:1A:CD:01:F4:F1
X509v3 Authority Key Identifier:
keyid:85:F8:70:11:9E:59:21:BF:12:49:5D:C9:02:DC:FE:3D:8D:4A:37:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hfhwEZ5ZIb8SSV3JAtz-PY1KN9g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/bb6f34-347b-4bae-8f92-ea84a51eb3dc/1/hfhwEZ5ZIb8SSV3JAtz-PY1KN9g.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/bb6f34-347b-4bae-8f92-ea84a51eb3dc/1/hfhwEZ5ZIb8SSV3JAtz-PY1KN9g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b4:d0:7b:84:77:b4:00:25:e2:c3:d4:65:12:24:d4:06:cd:c4:
9b:89:5d:89:ea:c8:c1:57:ce:24:ed:12:cd:0e:76:c1:ee:b2:
f5:d8:bd:6f:22:f1:ee:5b:df:a2:17:d4:03:83:23:03:a8:d0:
9d:8c:d8:ef:da:88:2d:36:d9:3f:d3:98:6d:54:9c:20:9c:28:
b4:f0:dc:3b:18:23:7e:58:11:7c:f0:06:25:0a:f2:71:ba:4b:
c3:64:cf:72:d6:98:9f:63:b8:01:30:40:36:a1:76:51:23:ed:
d7:4e:7f:59:41:78:7e:6f:53:eb:2d:d0:f9:c7:8e:0e:2b:6b:
90:cf:0b:a8:71:bd:43:92:8a:f1:70:13:61:3d:3e:e2:f1:1d:
c9:b7:e0:55:f4:bd:6c:95:25:1e:be:28:d0:8d:45:ed:69:38:
3b:91:8a:56:ea:af:14:8a:9b:26:cd:b3:bd:65:23:61:cd:fb:
9f:1e:1b:fd:e2:46:32:fb:6b:d1:91:06:2c:a5:a8:d5:c0:bf:
04:03:5d:ee:4b:4f:a6:c4:80:d8:1a:57:91:2e:e1:21:b6:df:
2f:da:c9:61:af:3c:9d:1d:2c:5f:b8:97:ac:fc:c2:2f:23:c6:
03:d4:d7:05:fa:66:5d:af:8a:32:56:70:c0:c2:ce:14:86:f9:
29:86:72:63
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mXvSBGAWI7ufyqzhy7+T2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1Zjg3MDExOWU1OTIxYmYxMjQ5NWRjOTAyZGNmZTNkOGQ0
YTM3ZDgwHhcNMjYwMzI1MTkwMDUwWhcNMjYwMzI2MTkwMDUwWjAzMTEwLwYDVQQD
EygzYWI0MDI1NWUyNmYyMzExY2I3MDExMzMzZWEyYjkxYWNkMDFmNGYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0xxgZ1/TanNlp9rlmMhY/5OShxZk
KCvRChRnna6vvXfjuMPyajqTjM/HTwl8G0T32NXLAU3O/qGfz9b9EQhI/n95L04v
p4beXx7LGCS0A2At6TfYUTG3K2sEqEVVpf+0YeDl4RRYaNkchSXr8Pwoz8VRGoYA
pZp8amwfx/AeSGyjE9VfKuT22VaRpnlbcy0imiYC9115qlGdLpYFtXiguStPpSPy
taBpI0GBJhoSNzA8FrIzRISONbUUxPghp499S1KdwadM0IvMjjx4C5awKhQl7fVS
eZR2if5S00/91iSeo6fU1Ta1d061za2S59KQzjgd1rTEViTvrnUPIEEJIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDq0AlXibyMRy3ARMz6iuRrNAfTxMB8GA1UdIwQY
MBaAFIX4cBGeWSG/EkldyQLc/j2NSjfYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGZod0VaNVpJYjhTU1YzSkF0ei1QWTFLTjlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS9iYjZmMzQtMzQ3Yi00YmFlLThmOTIt
ZWE4NGE1MWViM2RjLzEvaGZod0VaNVpJYjhTU1YzSkF0ei1QWTFLTjlnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS9iYjZmMzQtMzQ3Yi00YmFlLThmOTItZWE4NGE1MWViM2Rj
LzEvaGZod0VaNVpJYjhTU1YzSkF0ei1QWTFLTjlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtNB7hHe0
ACXiw9RlEiTUBs3Em4ldierIwVfOJO0SzQ52we6y9di9byLx7lvfohfUA4MjA6jQ
nYzY79qILTbZP9OYbVScIJwotPDcOxgjflgRfPAGJQrycbpLw2TPctaYn2O4ATBA
NqF2USPt105/WUF4fm9T6y3Q+ceODitrkM8LqHG9Q5KK8XATYT0+4vEdybfgVfS9
bJUlHr4o0I1F7Wk4O5GKVuqvFIqbJs2zvWUjYc37nx4b/eJGMvtr0ZEGLKWo1cC/
BANd7ktPpsSA2BpXkS7hIbbfL9rJYa88nR0sX7iXrPzCLyPGA9TXBfpmXa+KMlZw
wMLOFIb5KYZyYw==
-----END CERTIFICATE-----
Generated at Thu Mar 26 06:45:16 2026 by rpki-client