Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/bf1589-6adf-44b3-9746-81c4055148e0/1/hR1ONNTkhTnBcEUdTiYTiIf26SI.mft
File: hR1ONNTkhTnBcEUdTiYTiIf26SI.mft (raw, json)
Hash identifier: 0hy7HzEjRspJOJo/lyx2I4nn0RA8/pfaZXeZ8LaanTo=
Subject key identifier: 2C:23:C8:BD:39:55:1C:60:6D:AA:36:34:03:64:59:E8:17:0F:17:6A
Authority key identifier: 85:1D:4E:34:D4:E4:85:39:C1:70:45:1D:4E:26:13:88:87:F6:E9:22
Certificate issuer: /CN=851d4e34d4e48539c170451d4e26138887f6e922
Certificate serial: 019D27E01E2AB74006B589ABD4BDCD2D1DE1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hR1ONNTkhTnBcEUdTiYTiIf26SI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/bf1589-6adf-44b3-9746-81c4055148e0/1/hR1ONNTkhTnBcEUdTiYTiIf26SI.mft
Manifest number: 1433
Signing time: Thu 26 Mar 2026 02:01:32 +0000
Manifest this update: Thu 26 Mar 2026 02:01:32 +0000
Manifest next update: Fri 27 Mar 2026 02:01:32 +0000
Files and hashes: 1: 7Ybe3VwVebBn_3Dp58ErIFU2DCI.roa (hash: uLq5WfI4V9hrlBMvr6SbcLDBsN0jQny54rAkYdIdE3k=)
2: XkEF2FpoYMDNdSJQTi_LayA4Ol4.roa (hash: XlXxPv3rPuv4OjwQn/aSmAl+EcMC4mB71Uh0o84lUwM=)
3: hR1ONNTkhTnBcEUdTiYTiIf26SI.crl (hash: Ui+/S2HkRlMJBTciva7CrpVxqK1zUZfeAJWl0KdlNKY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/bf1589-6adf-44b3-9746-81c4055148e0/1/hR1ONNTkhTnBcEUdTiYTiIf26SI.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/bf1589-6adf-44b3-9746-81c4055148e0/1/hR1ONNTkhTnBcEUdTiYTiIf26SI.mft
rsync://rpki.ripe.net/repository/DEFAULT/hR1ONNTkhTnBcEUdTiYTiIf26SI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:27:e0:1e:2a:b7:40:06:b5:89:ab:d4:bd:cd:2d:1d:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=851d4e34d4e48539c170451d4e26138887f6e922
Validity
Not Before: Mar 26 02:01:32 2026 GMT
Not After : Mar 27 02:01:32 2026 GMT
Subject: CN=2c23c8bd39551c606daa3634036459e8170f176a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:33:b9:70:c7:5a:5c:9d:fb:38:cc:38:e7:8c:
45:89:65:5c:a4:75:e9:1f:17:e7:11:a2:37:7b:f4:
de:db:b6:fe:95:12:70:02:d9:05:57:5e:25:6d:1f:
ad:7a:82:5a:74:70:96:45:56:95:1b:a2:96:52:d0:
7f:47:aa:69:6d:e3:e1:fa:36:d5:94:61:87:49:a4:
a7:a5:3c:e2:fa:0b:d9:8f:9b:52:5d:58:36:d7:74:
a2:8b:ae:bc:e9:72:ca:83:ff:5e:f8:8d:69:8c:a6:
81:e9:27:4b:82:c3:b1:0e:b3:ed:83:4b:d7:a0:9e:
83:6c:76:7b:7c:16:8f:bb:96:83:34:9a:7e:f9:e8:
45:56:c6:6f:00:ba:58:e2:8e:2b:af:0f:19:a7:3f:
89:76:dc:7e:c9:0b:89:e5:37:2b:90:ac:2d:8a:ab:
19:78:d0:8b:45:5b:13:21:bd:7e:50:a8:7a:19:77:
40:c8:3d:0c:0a:4c:ca:68:89:c4:00:86:84:44:53:
1a:4a:75:5f:6a:fc:b3:f9:9b:83:a7:1f:63:07:22:
2a:d2:be:46:7e:76:17:7d:7c:51:67:93:a0:50:5a:
8b:c9:e1:37:e2:1e:88:2e:10:59:1f:16:fc:ca:68:
44:d1:ca:7d:f8:01:83:75:c6:d2:64:e0:7e:94:bc:
2f:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:23:C8:BD:39:55:1C:60:6D:AA:36:34:03:64:59:E8:17:0F:17:6A
X509v3 Authority Key Identifier:
keyid:85:1D:4E:34:D4:E4:85:39:C1:70:45:1D:4E:26:13:88:87:F6:E9:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hR1ONNTkhTnBcEUdTiYTiIf26SI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/bf1589-6adf-44b3-9746-81c4055148e0/1/hR1ONNTkhTnBcEUdTiYTiIf26SI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/bf1589-6adf-44b3-9746-81c4055148e0/1/hR1ONNTkhTnBcEUdTiYTiIf26SI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9a:b5:b2:da:a6:4d:19:4e:4a:e9:33:d3:da:21:9a:98:bf:49:
d0:0e:d6:34:5f:e7:fc:13:8d:1a:22:cf:ea:83:3f:ab:8e:3c:
47:88:b8:6f:67:4d:64:22:1b:4c:c7:ec:b6:3b:ba:44:73:a0:
e1:7c:cd:1d:7d:30:16:71:87:4e:0a:25:24:cb:b2:c1:9e:78:
93:6b:e4:e8:08:dd:dc:9e:50:2d:0b:43:12:26:6d:98:f6:ea:
65:17:e6:f7:19:c1:e2:5d:7e:57:81:d8:19:2e:c1:7f:9f:9a:
b3:2e:d8:97:8f:2a:c1:b6:a7:ac:87:5a:6c:3f:71:e4:57:80:
6f:c6:ff:0b:91:c6:0a:44:e3:04:7e:8c:47:a3:ea:fe:bc:ae:
f9:f8:5f:93:9f:15:a4:03:a1:7f:10:17:b5:f2:af:3c:17:24:
0e:c3:64:91:c1:56:8f:98:ff:4c:2c:29:e4:c3:67:5d:bb:da:
c8:7d:43:65:5a:28:75:b9:cf:af:72:f1:9d:38:cd:df:b1:dc:
78:76:73:41:43:d8:f5:bc:a8:5e:0f:62:46:d6:8f:76:c5:15:
bf:2d:37:10:f8:e3:dc:3d:8a:92:ed:51:3a:fb:91:01:b5:cb:
b6:64:83:da:fe:45:06:ca:9b:26:79:74:eb:9b:c5:0c:a9:eb:
d3:ff:ae:05
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0n4B4qt0AGtYmr1L3NLR3hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MWQ0ZTM0ZDRlNDg1MzljMTcwNDUxZDRlMjYxMzg4ODdm
NmU5MjIwHhcNMjYwMzI2MDIwMTMyWhcNMjYwMzI3MDIwMTMyWjAzMTEwLwYDVQQD
EygyYzIzYzhiZDM5NTUxYzYwNmRhYTM2MzQwMzY0NTllODE3MGYxNzZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4DO5cMdaXJ37OMw454xFiWVcpHXp
HxfnEaI3e/Te27b+lRJwAtkFV14lbR+teoJadHCWRVaVG6KWUtB/R6ppbePh+jbV
lGGHSaSnpTzi+gvZj5tSXVg213Sii6686XLKg/9e+I1pjKaB6SdLgsOxDrPtg0vX
oJ6DbHZ7fBaPu5aDNJp++ehFVsZvALpY4o4rrw8Zpz+Jdtx+yQuJ5TcrkKwtiqsZ
eNCLRVsTIb1+UKh6GXdAyD0MCkzKaInEAIaERFMaSnVfavyz+ZuDpx9jByIq0r5G
fnYXfXxRZ5OgUFqLyeE34h6ILhBZHxb8ymhE0cp9+AGDdcbSZOB+lLwvawIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCwjyL05VRxgbao2NANkWegXDxdqMB8GA1UdIwQY
MBaAFIUdTjTU5IU5wXBFHU4mE4iH9ukiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFIxT05OVGtoVG5CY0VVZFRpWVRpSWYyNlNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS9iZjE1ODktNmFkZi00NGIzLTk3NDYt
ODFjNDA1NTE0OGUwLzEvaFIxT05OVGtoVG5CY0VVZFRpWVRpSWYyNlNJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS9iZjE1ODktNmFkZi00NGIzLTk3NDYtODFjNDA1NTE0OGUw
LzEvaFIxT05OVGtoVG5CY0VVZFRpWVRpSWYyNlNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmrWy2qZN
GU5K6TPT2iGamL9J0A7WNF/n/BONGiLP6oM/q448R4i4b2dNZCIbTMfstju6RHOg
4XzNHX0wFnGHTgolJMuywZ54k2vk6Ajd3J5QLQtDEiZtmPbqZRfm9xnB4l1+V4HY
GS7Bf5+asy7Yl48qwbanrIdabD9x5FeAb8b/C5HGCkTjBH6MR6Pq/ryu+fhfk58V
pAOhfxAXtfKvPBckDsNkkcFWj5j/TCwp5MNnXbvayH1DZVoodbnPr3LxnTjN37Hc
eHZzQUPY9byoXg9iRtaPdsUVvy03EPjj3D2Kku1ROvuRAbXLtmSD2v5FBsqbJnl0
65vFDKnr0/+uBQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 05:23:35 2026 by rpki-client