Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/391350-a970-4ba1-8a94-3979b800cda8/1/HEIt1-1z0cAEhQAzv5V5tP716dE.mft
File: HEIt1-1z0cAEhQAzv5V5tP716dE.mft (raw, json)
Hash identifier: ERJVi0tSpIm/mA84r9BaFEvScD2kNCLDwj84BrSNJMk=
Subject key identifier: DE:48:87:86:D6:D9:25:7B:88:89:84:81:90:89:8D:8D:F2:67:E4:7F
Authority key identifier: 1C:42:2D:D7:ED:73:D1:C0:04:85:00:33:BF:95:79:B4:FE:F5:E9:D1
Certificate issuer: /CN=1c422dd7ed73d1c004850033bf9579b4fef5e9d1
Certificate serial: 019D2695C519E5257A9DC04CBB48BACFE705
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HEIt1-1z0cAEhQAzv5V5tP716dE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/391350-a970-4ba1-8a94-3979b800cda8/1/HEIt1-1z0cAEhQAzv5V5tP716dE.mft
Manifest number: 034A
Signing time: Wed 25 Mar 2026 20:00:42 +0000
Manifest this update: Wed 25 Mar 2026 20:00:42 +0000
Manifest next update: Thu 26 Mar 2026 20:00:42 +0000
Files and hashes: 1: HEIt1-1z0cAEhQAzv5V5tP716dE.crl (hash: 6PXgK3ZeokM5DDkQRPSoWf+1h+p0TnyT5xKpCO3NwIU=)
2: rMe1K3Pnk5DXwFmZ5iqZqI-4AuI.roa (hash: YS2JSus6g27DEMsfgkNECiXWqWyQcBqe1+Gnt78gLl0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/391350-a970-4ba1-8a94-3979b800cda8/1/HEIt1-1z0cAEhQAzv5V5tP716dE.crl
rsync://rpki.ripe.net/repository/DEFAULT/b4/391350-a970-4ba1-8a94-3979b800cda8/1/HEIt1-1z0cAEhQAzv5V5tP716dE.mft
rsync://rpki.ripe.net/repository/DEFAULT/HEIt1-1z0cAEhQAzv5V5tP716dE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:26:95:c5:19:e5:25:7a:9d:c0:4c:bb:48:ba:cf:e7:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c422dd7ed73d1c004850033bf9579b4fef5e9d1
Validity
Not Before: Mar 25 20:00:42 2026 GMT
Not After : Mar 26 20:00:42 2026 GMT
Subject: CN=de488786d6d9257b8889848190898d8df267e47f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:d3:91:34:2a:da:17:56:02:76:fd:55:88:c6:
33:b6:dc:e6:15:8b:15:0c:80:84:37:3a:69:9b:c1:
15:60:aa:d9:15:29:50:40:a9:14:31:4a:a5:d6:a2:
a5:ee:33:1a:bd:c5:31:9d:5a:66:24:7f:69:f0:fd:
d3:e0:a5:21:1e:d4:87:24:4b:6e:ae:88:6b:81:4b:
71:42:52:b6:c3:58:a0:99:f8:b9:9d:9f:dd:a3:72:
98:55:4e:90:c7:ec:9d:72:c4:20:5e:0a:62:ee:1c:
82:8f:10:61:9d:19:32:ef:a5:e5:28:46:19:92:1d:
9f:33:e4:b3:f8:23:35:f2:87:5c:48:d2:bc:86:48:
f4:6a:09:40:f7:a3:f6:4c:86:3e:8d:97:9d:77:0c:
6f:23:f8:26:34:8c:16:20:54:d1:d6:10:16:42:95:
0e:20:6d:25:e8:37:9b:d1:5e:a5:6c:2e:72:41:78:
59:fe:d5:74:08:d0:93:e8:5f:8c:29:25:af:bb:fa:
c7:38:68:c7:40:bb:a1:d8:f7:2c:8d:1a:ae:e8:f8:
02:7d:ff:9c:2b:07:70:14:37:5b:5f:1d:f7:d2:7f:
66:a3:75:fd:86:bd:95:71:82:0c:94:0b:42:20:19:
cc:82:72:7b:4a:27:12:5d:77:0a:0f:19:34:0b:a4:
8a:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:48:87:86:D6:D9:25:7B:88:89:84:81:90:89:8D:8D:F2:67:E4:7F
X509v3 Authority Key Identifier:
keyid:1C:42:2D:D7:ED:73:D1:C0:04:85:00:33:BF:95:79:B4:FE:F5:E9:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HEIt1-1z0cAEhQAzv5V5tP716dE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/391350-a970-4ba1-8a94-3979b800cda8/1/HEIt1-1z0cAEhQAzv5V5tP716dE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/391350-a970-4ba1-8a94-3979b800cda8/1/HEIt1-1z0cAEhQAzv5V5tP716dE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3b:99:96:f0:66:61:24:c0:6a:6e:8d:07:f0:74:b9:1c:5a:a3:
79:8d:4f:80:eb:aa:07:e0:6b:02:be:c9:99:b4:6e:e5:47:0a:
cc:aa:69:eb:b5:b0:3f:bf:10:bf:64:e2:dc:c4:17:1c:e6:cb:
29:70:c4:2e:58:4e:72:bd:f2:34:23:ba:6c:8b:9f:09:0c:17:
45:27:52:84:d4:bc:28:22:17:9d:64:a9:45:54:c1:de:68:b3:
27:c2:69:1b:8f:67:84:c5:4b:20:23:dc:ba:a5:65:d9:05:d7:
81:26:82:ee:25:75:3a:67:a7:b7:18:69:42:61:d6:b3:1c:a1:
1b:0c:f2:7d:eb:8a:c6:98:80:87:a8:8e:c7:a0:35:b9:87:68:
03:74:41:fa:ed:53:2f:56:b0:c8:09:76:f8:fe:ac:10:14:85:
69:8b:d5:16:6f:b3:37:22:ba:71:32:d2:8e:87:e2:2b:fa:24:
16:fc:a1:f3:fe:6b:0a:22:c7:1b:0e:91:75:c8:fb:89:da:2c:
bb:f1:98:84:55:f2:93:45:2b:4c:fa:10:91:b4:9e:f5:c6:e3:
79:53:99:c5:10:36:d9:07:54:6c:78:06:16:e1:86:f6:6a:51:
5d:ce:fd:21:2c:49:27:75:d7:7d:12:02:c3:bc:fc:d1:a2:c6:
ce:d6:c5:22
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mlcUZ5SV6ncBMu0i6z+cFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjNDIyZGQ3ZWQ3M2QxYzAwNDg1MDAzM2JmOTU3OWI0ZmVm
NWU5ZDEwHhcNMjYwMzI1MjAwMDQyWhcNMjYwMzI2MjAwMDQyWjAzMTEwLwYDVQQD
EyhkZTQ4ODc4NmQ2ZDkyNTdiODg4OTg0ODE5MDg5OGQ4ZGYyNjdlNDdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3NORNCraF1YCdv1ViMYzttzmFYsV
DICENzppm8EVYKrZFSlQQKkUMUql1qKl7jMavcUxnVpmJH9p8P3T4KUhHtSHJEtu
rohrgUtxQlK2w1igmfi5nZ/do3KYVU6Qx+ydcsQgXgpi7hyCjxBhnRky76XlKEYZ
kh2fM+Sz+CM18odcSNK8hkj0aglA96P2TIY+jZeddwxvI/gmNIwWIFTR1hAWQpUO
IG0l6Deb0V6lbC5yQXhZ/tV0CNCT6F+MKSWvu/rHOGjHQLuh2PcsjRqu6PgCff+c
KwdwFDdbXx330n9mo3X9hr2VcYIMlAtCIBnMgnJ7SicSXXcKDxk0C6SKpQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN5Ih4bW2SV7iImEgZCJjY3yZ+R/MB8GA1UdIwQY
MBaAFBxCLdftc9HABIUAM7+VebT+9enRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEVJdDEtMXowY0FFaFFBenY1VjV0UDcxNmRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC8zOTEzNTAtYTk3MC00YmExLThhOTQt
Mzk3OWI4MDBjZGE4LzEvSEVJdDEtMXowY0FFaFFBenY1VjV0UDcxNmRFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC8zOTEzNTAtYTk3MC00YmExLThhOTQtMzk3OWI4MDBjZGE4
LzEvSEVJdDEtMXowY0FFaFFBenY1VjV0UDcxNmRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAO5mW8GZh
JMBqbo0H8HS5HFqjeY1PgOuqB+BrAr7JmbRu5UcKzKpp67WwP78Qv2Ti3MQXHObL
KXDELlhOcr3yNCO6bIufCQwXRSdShNS8KCIXnWSpRVTB3mizJ8JpG49nhMVLICPc
uqVl2QXXgSaC7iV1OmentxhpQmHWsxyhGwzyfeuKxpiAh6iOx6A1uYdoA3RB+u1T
L1awyAl2+P6sEBSFaYvVFm+zNyK6cTLSjofiK/okFvyh8/5rCiLHGw6Rdcj7idos
u/GYhFXyk0UrTPoQkbSe9cbjeVOZxRA22QdUbHgGFuGG9mpRXc79ISxJJ3XXfRIC
w7z80aLGztbFIg==
-----END CERTIFICATE-----
Generated at Thu Mar 26 02:23:28 2026 by rpki-client