Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/93256b-c913-495a-a7f9-67fc8d2065b1/1/hD524S0l3izPRxnfAlToU5UO7rk.mft
File: hD524S0l3izPRxnfAlToU5UO7rk.mft (raw, json)
Hash identifier: de3oaW7ykacxNYBMlNMzMzK61wTd/cBhghkWXUHSdgU=
Subject key identifier: 99:45:3A:21:7C:A2:94:0B:9C:FF:E7:0A:EA:BB:C7:A4:9D:74:1E:1B
Authority key identifier: 84:3E:76:E1:2D:25:DE:2C:CF:47:19:DF:02:54:E8:53:95:0E:EE:B9
Certificate issuer: /CN=843e76e12d25de2ccf4719df0254e853950eeeb9
Certificate serial: 019D2703CB9C0569693A182C710B80D8645D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hD524S0l3izPRxnfAlToU5UO7rk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/93256b-c913-495a-a7f9-67fc8d2065b1/1/hD524S0l3izPRxnfAlToU5UO7rk.mft
Manifest number: 0EDB
Signing time: Wed 25 Mar 2026 22:00:53 +0000
Manifest this update: Wed 25 Mar 2026 22:00:53 +0000
Manifest next update: Thu 26 Mar 2026 22:00:53 +0000
Files and hashes: 1: hD524S0l3izPRxnfAlToU5UO7rk.crl (hash: usfVv7HavyD/j46rnMde3n7eo1XeaKkOlXHQTfFfKpU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c1/93256b-c913-495a-a7f9-67fc8d2065b1/1/hD524S0l3izPRxnfAlToU5UO7rk.crl
rsync://rpki.ripe.net/repository/DEFAULT/c1/93256b-c913-495a-a7f9-67fc8d2065b1/1/hD524S0l3izPRxnfAlToU5UO7rk.mft
rsync://rpki.ripe.net/repository/DEFAULT/hD524S0l3izPRxnfAlToU5UO7rk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:27:03:cb:9c:05:69:69:3a:18:2c:71:0b:80:d8:64:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=843e76e12d25de2ccf4719df0254e853950eeeb9
Validity
Not Before: Mar 25 22:00:53 2026 GMT
Not After : Mar 26 22:00:53 2026 GMT
Subject: CN=99453a217ca2940b9cffe70aeabbc7a49d741e1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:2b:a8:8f:b8:4e:1d:26:8d:51:ae:c2:2e:3a:
68:c6:c3:f3:3d:69:74:12:14:85:61:a4:15:76:12:
d4:43:ac:42:ed:b2:5d:d7:3a:67:e6:3b:15:66:c6:
91:dd:25:9a:00:56:21:cb:e2:80:8a:d7:29:1f:e6:
8a:2d:24:1f:b2:c7:36:aa:66:0f:b9:6a:30:23:74:
b1:29:1b:c3:4c:89:0f:c8:92:08:9b:d8:8d:b5:60:
0f:2c:6b:72:7d:3e:87:8a:cf:6b:0c:4b:f5:39:23:
50:19:8e:ea:6f:37:80:71:2d:f8:6c:b2:b8:47:9a:
e7:ec:bf:26:6f:0b:dd:fe:fd:d7:81:5f:c5:ba:d0:
cf:b7:d2:57:9c:08:e4:b6:29:da:1e:78:26:ca:33:
de:70:c2:a7:55:fd:1d:0c:e8:10:a6:a6:ec:a4:82:
6b:47:b0:0d:23:5a:f8:9f:89:90:ef:40:69:64:b2:
ac:43:ea:3b:0b:1c:96:e7:4f:65:8d:eb:85:14:da:
a7:e6:f9:fa:88:dc:6d:48:89:6f:51:19:c6:26:43:
7b:fd:2c:7f:32:11:94:a9:7b:3f:e7:d1:87:4f:1b:
ec:c7:0e:68:c1:8e:59:24:97:47:dd:15:ac:98:d7:
83:84:ba:a3:16:95:35:d1:ab:b4:4d:db:3d:eb:87:
eb:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:45:3A:21:7C:A2:94:0B:9C:FF:E7:0A:EA:BB:C7:A4:9D:74:1E:1B
X509v3 Authority Key Identifier:
keyid:84:3E:76:E1:2D:25:DE:2C:CF:47:19:DF:02:54:E8:53:95:0E:EE:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hD524S0l3izPRxnfAlToU5UO7rk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/93256b-c913-495a-a7f9-67fc8d2065b1/1/hD524S0l3izPRxnfAlToU5UO7rk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/93256b-c913-495a-a7f9-67fc8d2065b1/1/hD524S0l3izPRxnfAlToU5UO7rk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
03:fe:a6:d0:ad:9e:1b:17:8e:6c:ba:b2:94:43:86:e2:cd:5b:
7a:48:71:92:27:da:13:9b:50:10:8a:98:30:56:d8:c3:78:52:
67:5a:94:9f:93:45:11:f9:af:98:f5:ac:a6:7b:91:7a:91:a9:
1e:94:43:5b:c1:18:b8:e5:4d:54:76:42:d6:91:d3:a7:bd:60:
07:64:3b:07:b8:52:6d:30:84:6d:97:16:fc:c1:b7:d2:45:c6:
c4:e3:00:11:22:82:47:eb:ca:4b:30:42:0b:a1:38:97:40:8d:
8d:39:57:d9:b7:25:12:a2:f0:b5:b2:9b:a9:da:41:61:73:e2:
5f:c5:c7:f8:49:fb:b9:7b:3a:01:44:cf:56:f7:43:25:2e:72:
e4:c3:f5:27:c5:3b:09:d6:aa:89:0e:bb:07:e0:e9:c6:6d:b8:
2a:76:c1:7a:2e:1b:da:64:d7:59:83:3b:6d:28:a1:35:32:1c:
d5:55:8a:11:82:41:9f:91:a1:74:ac:e2:97:c8:da:81:13:a3:
17:ef:bf:f0:4e:12:34:b6:7b:a7:04:54:4b:21:ad:17:65:4c:
8f:7d:4f:a6:d7:c8:c9:0a:af:65:29:f6:41:7f:f7:2f:60:73:
4f:42:f6:a6:13:68:61:2c:da:39:14:90:57:6d:e9:e4:6e:58:
7b:fc:4c:32
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nA8ucBWlpOhgscQuA2GRdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0M2U3NmUxMmQyNWRlMmNjZjQ3MTlkZjAyNTRlODUzOTUw
ZWVlYjkwHhcNMjYwMzI1MjIwMDUzWhcNMjYwMzI2MjIwMDUzWjAzMTEwLwYDVQQD
Eyg5OTQ1M2EyMTdjYTI5NDBiOWNmZmU3MGFlYWJiYzdhNDlkNzQxZTFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5Suoj7hOHSaNUa7CLjpoxsPzPWl0
EhSFYaQVdhLUQ6xC7bJd1zpn5jsVZsaR3SWaAFYhy+KAitcpH+aKLSQfssc2qmYP
uWowI3SxKRvDTIkPyJIIm9iNtWAPLGtyfT6His9rDEv1OSNQGY7qbzeAcS34bLK4
R5rn7L8mbwvd/v3XgV/FutDPt9JXnAjktinaHngmyjPecMKnVf0dDOgQpqbspIJr
R7ANI1r4n4mQ70BpZLKsQ+o7CxyW509ljeuFFNqn5vn6iNxtSIlvURnGJkN7/Sx/
MhGUqXs/59GHTxvsxw5owY5ZJJdH3RWsmNeDhLqjFpU10au0Tds964frVwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJlFOiF8opQLnP/nCuq7x6SddB4bMB8GA1UdIwQY
MBaAFIQ+duEtJd4sz0cZ3wJU6FOVDu65MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEQ1MjRTMGwzaXpQUnhuZkFsVG9VNVVPN3JrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS85MzI1NmItYzkxMy00OTVhLWE3Zjkt
NjdmYzhkMjA2NWIxLzEvaEQ1MjRTMGwzaXpQUnhuZkFsVG9VNVVPN3JrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS85MzI1NmItYzkxMy00OTVhLWE3ZjktNjdmYzhkMjA2NWIx
LzEvaEQ1MjRTMGwzaXpQUnhuZkFsVG9VNVVPN3JrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAA/6m0K2e
GxeObLqylEOG4s1bekhxkifaE5tQEIqYMFbYw3hSZ1qUn5NFEfmvmPWspnuRepGp
HpRDW8EYuOVNVHZC1pHTp71gB2Q7B7hSbTCEbZcW/MG30kXGxOMAESKCR+vKSzBC
C6E4l0CNjTlX2bclEqLwtbKbqdpBYXPiX8XH+En7uXs6AUTPVvdDJS5y5MP1J8U7
CdaqiQ67B+Dpxm24KnbBei4b2mTXWYM7bSihNTIc1VWKEYJBn5GhdKzil8jagROj
F++/8E4SNLZ7pwRUSyGtF2VMj31PptfIyQqvZSn2QX/3L2BzT0L2phNoYSzaORSQ
V23p5G5Ye/xMMg==
-----END CERTIFICATE-----
Generated at Thu Mar 26 02:17:41 2026 by rpki-client