Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/9ae221-c101-497f-91fe-508099c133bb/1/h3qtMHrTMOu4z0TsITiaFwQ2_VM.mft
File: h3qtMHrTMOu4z0TsITiaFwQ2_VM.mft (raw, json)
Hash identifier: 4jMldxDZ7MYzmlHW/14Qb7gVSQLUxMOxO4Y0XYHLu5U=
Subject key identifier: D3:A6:08:30:E9:B5:87:F5:4E:CF:D5:DE:A1:CA:D6:26:E5:57:22:B9
Authority key identifier: 87:7A:AD:30:7A:D3:30:EB:B8:CF:44:EC:21:38:9A:17:04:36:FD:53
Certificate issuer: /CN=877aad307ad330ebb8cf44ec21389a170436fd53
Certificate serial: 019D27A8A3F647C6744B5D465908138DD75D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h3qtMHrTMOu4z0TsITiaFwQ2_VM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/9ae221-c101-497f-91fe-508099c133bb/1/h3qtMHrTMOu4z0TsITiaFwQ2_VM.mft
Manifest number: 1889
Signing time: Thu 26 Mar 2026 01:00:56 +0000
Manifest this update: Thu 26 Mar 2026 01:00:56 +0000
Manifest next update: Fri 27 Mar 2026 01:00:56 +0000
Files and hashes: 1: 4O7JXBvPOYztRW27KQbfsJapV8I.roa (hash: CnJtkzBJ3WzY6WSIQ98/SBNuBHldMzltsiyedt5bTUA=)
2: h3qtMHrTMOu4z0TsITiaFwQ2_VM.crl (hash: PwiCZm+uDSdbIwOOjoEyr+EwaLgxOt5JrescImwxiqI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/9ae221-c101-497f-91fe-508099c133bb/1/h3qtMHrTMOu4z0TsITiaFwQ2_VM.crl
rsync://rpki.ripe.net/repository/DEFAULT/aa/9ae221-c101-497f-91fe-508099c133bb/1/h3qtMHrTMOu4z0TsITiaFwQ2_VM.mft
rsync://rpki.ripe.net/repository/DEFAULT/h3qtMHrTMOu4z0TsITiaFwQ2_VM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:27:a8:a3:f6:47:c6:74:4b:5d:46:59:08:13:8d:d7:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=877aad307ad330ebb8cf44ec21389a170436fd53
Validity
Not Before: Mar 26 01:00:56 2026 GMT
Not After : Mar 27 01:00:56 2026 GMT
Subject: CN=d3a60830e9b587f54ecfd5dea1cad626e55722b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:30:f5:fc:ed:11:26:c5:d7:d8:ea:c6:cf:d6:
8c:ce:5c:4d:71:fc:13:5d:67:ed:99:f3:66:87:c8:
d0:8d:50:06:b4:a0:5a:95:49:60:91:73:56:ab:a7:
38:4c:26:d1:96:69:07:e8:de:4c:b6:71:48:60:b1:
ec:d1:7c:2e:ab:3d:48:13:d7:b1:d6:5b:8f:c4:dc:
26:d8:a0:b4:7e:fc:a7:0e:55:27:d7:25:ff:a5:fb:
3c:c5:d1:17:99:4e:1d:66:e5:da:70:60:8e:29:0c:
fe:35:c7:d7:9b:62:99:6e:ec:63:f6:38:5f:aa:7c:
fe:ae:34:c5:63:66:89:d2:94:3c:f3:35:a8:45:ca:
51:c3:b4:00:e9:29:5a:07:f4:82:6a:56:35:b9:f6:
b0:9f:61:6e:06:3c:2e:72:4e:5f:de:eb:ca:c2:d3:
b6:7d:bd:b4:46:7c:df:fb:c8:e7:89:bf:ed:31:c1:
e4:28:bc:e0:81:67:64:f0:38:b0:b1:14:e7:7b:f5:
68:c9:a5:0a:d7:b2:7c:81:50:00:63:a6:35:d1:8a:
cc:09:eb:85:9e:2c:a7:82:65:f1:36:40:76:8f:45:
8c:41:74:68:f0:3c:fd:b4:19:fb:61:80:13:63:18:
99:70:78:5f:d3:5c:bc:ca:c1:9f:12:68:b6:2c:00:
47:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:A6:08:30:E9:B5:87:F5:4E:CF:D5:DE:A1:CA:D6:26:E5:57:22:B9
X509v3 Authority Key Identifier:
keyid:87:7A:AD:30:7A:D3:30:EB:B8:CF:44:EC:21:38:9A:17:04:36:FD:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h3qtMHrTMOu4z0TsITiaFwQ2_VM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/9ae221-c101-497f-91fe-508099c133bb/1/h3qtMHrTMOu4z0TsITiaFwQ2_VM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/9ae221-c101-497f-91fe-508099c133bb/1/h3qtMHrTMOu4z0TsITiaFwQ2_VM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b8:04:8e:ac:68:da:b3:cb:3d:2f:95:c8:b6:02:aa:44:d5:c8:
4c:7e:f2:7d:af:20:be:4b:23:21:e2:51:74:11:bc:42:db:7e:
f2:6c:f4:67:a1:41:95:a7:cf:ff:39:ec:91:24:c5:f9:91:09:
4c:d6:68:72:bd:1d:28:77:b9:75:b2:b3:6a:83:f1:d9:42:1b:
23:02:5a:18:c9:c3:17:45:aa:36:e4:f7:e1:a6:36:d7:76:f4:
00:16:39:6d:d1:0e:94:d1:fb:06:31:d3:66:df:a5:eb:93:d9:
d8:80:70:df:05:26:d5:ad:7b:10:c3:68:3f:01:d8:f2:f6:3b:
bf:af:31:2e:34:03:95:90:4e:b4:d9:82:ae:3f:9a:2d:6d:ef:
5c:eb:56:29:f6:a6:7e:3c:d8:3f:33:b9:f1:3a:94:6d:7f:c4:
5b:d6:6d:53:cb:2e:c2:92:7c:c8:fb:00:c7:9b:30:e6:b4:fe:
66:0a:e9:f0:9e:33:84:ed:96:a6:f0:83:de:c5:96:24:95:c3:
5a:e3:ab:55:5e:c6:12:9d:d9:86:3a:d1:46:c4:8f:f6:84:af:
f6:61:4d:92:f3:62:b6:3d:59:da:5e:1b:02:ae:15:3c:a3:1b:
c2:a7:4b:d2:44:cf:dd:48:30:41:a3:29:94:49:17:c8:cb:53:
42:d1:aa:46
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nqKP2R8Z0S11GWQgTjdddMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3N2FhZDMwN2FkMzMwZWJiOGNmNDRlYzIxMzg5YTE3MDQz
NmZkNTMwHhcNMjYwMzI2MDEwMDU2WhcNMjYwMzI3MDEwMDU2WjAzMTEwLwYDVQQD
EyhkM2E2MDgzMGU5YjU4N2Y1NGVjZmQ1ZGVhMWNhZDYyNmU1NTcyMmI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtDD1/O0RJsXX2OrGz9aMzlxNcfwT
XWftmfNmh8jQjVAGtKBalUlgkXNWq6c4TCbRlmkH6N5MtnFIYLHs0Xwuqz1IE9ex
1luPxNwm2KC0fvynDlUn1yX/pfs8xdEXmU4dZuXacGCOKQz+NcfXm2KZbuxj9jhf
qnz+rjTFY2aJ0pQ88zWoRcpRw7QA6SlaB/SCalY1ufawn2FuBjwuck5f3uvKwtO2
fb20Rnzf+8jnib/tMcHkKLzggWdk8DiwsRTne/VoyaUK17J8gVAAY6Y10YrMCeuF
niyngmXxNkB2j0WMQXRo8Dz9tBn7YYATYxiZcHhf01y8ysGfEmi2LABHtQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNOmCDDptYf1Ts/V3qHK1iblVyK5MB8GA1UdIwQY
MBaAFId6rTB60zDruM9E7CE4mhcENv1TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDNxdE1IclRNT3U0ejBUc0lUaWFGd1EyX1ZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS85YWUyMjEtYzEwMS00OTdmLTkxZmUt
NTA4MDk5YzEzM2JiLzEvaDNxdE1IclRNT3U0ejBUc0lUaWFGd1EyX1ZNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS85YWUyMjEtYzEwMS00OTdmLTkxZmUtNTA4MDk5YzEzM2Ji
LzEvaDNxdE1IclRNT3U0ejBUc0lUaWFGd1EyX1ZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuASOrGja
s8s9L5XItgKqRNXITH7yfa8gvksjIeJRdBG8Qtt+8mz0Z6FBlafP/znskSTF+ZEJ
TNZocr0dKHe5dbKzaoPx2UIbIwJaGMnDF0WqNuT34aY213b0ABY5bdEOlNH7BjHT
Zt+l65PZ2IBw3wUm1a17EMNoPwHY8vY7v68xLjQDlZBOtNmCrj+aLW3vXOtWKfam
fjzYPzO58TqUbX/EW9ZtU8suwpJ8yPsAx5sw5rT+Zgrp8J4zhO2WpvCD3sWWJJXD
WuOrVV7GEp3ZhjrRRsSP9oSv9mFNkvNitj1Z2l4bAq4VPKMbwqdL0kTP3UgwQaMp
lEkXyMtTQtGqRg==
-----END CERTIFICATE-----
Generated at Thu Mar 26 08:54:05 2026 by rpki-client