Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/d7be5e-8546-4aca-8b6e-a33e8eb5a538/1/HCN7aINpeRKVf40zc3AryQbSZEU.mft
File: HCN7aINpeRKVf40zc3AryQbSZEU.mft (raw, json)
Hash identifier: Nr4/Empld7owsnawEEN3x2HRo0p4gLkf65y6ACxH8Do=
Subject key identifier: 98:A4:BE:7D:8F:FB:78:61:A7:4E:4B:2C:73:17:76:85:44:D9:A1:09
Authority key identifier: 1C:23:7B:68:83:69:79:12:95:7F:8D:33:73:70:2B:C9:06:D2:64:45
Certificate issuer: /CN=1c237b6883697912957f8d3373702bc906d26445
Certificate serial: 019D254C9358091CA26FDA001605A0BA288E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HCN7aINpeRKVf40zc3AryQbSZEU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/d7be5e-8546-4aca-8b6e-a33e8eb5a538/1/HCN7aINpeRKVf40zc3AryQbSZEU.mft
Manifest number: 149D
Signing time: Wed 25 Mar 2026 14:01:08 +0000
Manifest this update: Wed 25 Mar 2026 14:01:08 +0000
Manifest next update: Thu 26 Mar 2026 14:01:08 +0000
Files and hashes: 1: FMHMs5u6nqIr6z09yDsjzYxfks8.roa (hash: cXOK9Ev2UNFSti3Tqnxxgi2cL3wHqDi6S1Qe8D5ON6A=)
2: HCN7aINpeRKVf40zc3AryQbSZEU.crl (hash: wATEIBGjszUYduUtauEoa6pU8ajGn/22YgMTjQcf8D8=)
3: SgzTZO7h0qw0lQtLCLQDxdwtTHc.asa (hash: YpjRapR2fvquPrVNxyf5Ct4ddLeyNJ16sV02TNO6WCo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ef/d7be5e-8546-4aca-8b6e-a33e8eb5a538/1/HCN7aINpeRKVf40zc3AryQbSZEU.crl
rsync://rpki.ripe.net/repository/DEFAULT/ef/d7be5e-8546-4aca-8b6e-a33e8eb5a538/1/HCN7aINpeRKVf40zc3AryQbSZEU.mft
rsync://rpki.ripe.net/repository/DEFAULT/HCN7aINpeRKVf40zc3AryQbSZEU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 14:01:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:25:4c:93:58:09:1c:a2:6f:da:00:16:05:a0:ba:28:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c237b6883697912957f8d3373702bc906d26445
Validity
Not Before: Mar 25 14:01:08 2026 GMT
Not After : Mar 26 14:01:08 2026 GMT
Subject: CN=98a4be7d8ffb7861a74e4b2c7317768544d9a109
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:d1:a8:e4:8f:e4:f7:36:63:f2:47:01:55:c1:
07:05:a6:9a:b5:c9:3a:d0:90:b7:db:8f:df:88:0e:
af:50:22:7b:6e:0b:a3:e0:99:c3:af:b6:5a:3f:ed:
83:f3:3c:48:05:db:a4:ed:13:94:f4:0a:a7:5f:39:
fc:f6:89:28:96:65:1a:63:8c:74:16:2f:64:5b:74:
c3:fa:8d:99:f9:4e:89:5b:7a:99:33:7e:34:e3:d5:
97:bd:6a:b5:cd:a3:cd:43:cb:3b:2d:76:b7:2b:c1:
d5:6c:fd:35:c1:d7:35:dd:0c:83:bc:1a:b8:d3:09:
96:c4:4f:c1:e6:8a:68:1f:9a:ed:fe:6f:e0:6e:bf:
ae:ff:4b:8b:5b:6f:b8:99:1c:87:da:e2:f4:1b:7d:
34:67:fa:d4:fb:54:e0:3d:cf:7f:14:a8:3b:ed:5f:
4a:dc:d8:12:92:bf:01:27:01:d9:f2:16:84:98:61:
4f:f2:91:dd:d5:e4:1a:41:62:b5:23:c6:28:a6:0a:
11:d6:52:0c:13:67:eb:96:24:d3:8b:0f:0a:c2:89:
52:53:30:28:fa:5f:bb:e5:b6:4c:47:ab:6a:28:a3:
3c:f5:4c:77:3a:9e:2e:dd:fa:87:4d:9b:13:af:60:
d5:03:e7:ba:0c:fe:6f:37:bf:26:ae:76:ae:f4:7c:
fb:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:A4:BE:7D:8F:FB:78:61:A7:4E:4B:2C:73:17:76:85:44:D9:A1:09
X509v3 Authority Key Identifier:
keyid:1C:23:7B:68:83:69:79:12:95:7F:8D:33:73:70:2B:C9:06:D2:64:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HCN7aINpeRKVf40zc3AryQbSZEU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/d7be5e-8546-4aca-8b6e-a33e8eb5a538/1/HCN7aINpeRKVf40zc3AryQbSZEU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/d7be5e-8546-4aca-8b6e-a33e8eb5a538/1/HCN7aINpeRKVf40zc3AryQbSZEU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
83:c2:10:11:75:4d:8d:55:0d:1a:e4:8b:2a:be:14:4f:e8:e8:
17:da:15:26:24:cb:6e:67:21:a3:d4:5b:04:ba:56:18:92:32:
c5:c6:59:48:bc:68:59:bb:15:8c:69:c5:cf:61:b3:29:54:1c:
9c:85:6c:01:5a:c5:06:13:4d:58:b2:be:4f:e5:2a:c5:1d:99:
19:9f:66:91:a9:4f:f0:be:28:e1:5a:d4:34:47:d5:19:79:75:
b4:41:d0:b2:66:92:94:11:f6:b2:8e:86:0a:26:90:4a:90:88:
09:b8:47:49:9f:86:f7:1f:3b:01:85:c2:38:7e:c6:73:a7:d0:
7e:dc:f7:97:32:88:c2:8f:5c:0f:bb:45:c2:70:c1:ba:51:4d:
6e:cc:83:f5:cd:81:61:b6:d2:89:e8:53:21:23:45:54:9a:47:
04:59:b3:c7:3f:40:8b:f7:8b:ae:6d:0b:2f:ed:47:bb:9f:39:
08:05:b3:b7:90:3d:48:40:57:d6:fb:e1:ef:e6:e3:02:de:53:
4d:76:5c:59:f9:9d:b5:aa:bb:42:24:66:b5:2d:1a:a4:31:f3:
9a:37:9e:1a:7d:20:df:91:74:d7:8b:b2:57:46:d6:db:d4:53:
98:49:f0:ae:8a:f3:c7:15:8f:f9:95:5a:bb:db:74:02:08:6f:
59:9d:f1:56
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0lTJNYCRyib9oAFgWguiiOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMjM3YjY4ODM2OTc5MTI5NTdmOGQzMzczNzAyYmM5MDZk
MjY0NDUwHhcNMjYwMzI1MTQwMTA4WhcNMjYwMzI2MTQwMTA4WjAzMTEwLwYDVQQD
Eyg5OGE0YmU3ZDhmZmI3ODYxYTc0ZTRiMmM3MzE3NzY4NTQ0ZDlhMTA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwtGo5I/k9zZj8kcBVcEHBaaatck6
0JC324/fiA6vUCJ7bguj4JnDr7ZaP+2D8zxIBduk7ROU9AqnXzn89okolmUaY4x0
Fi9kW3TD+o2Z+U6JW3qZM34049WXvWq1zaPNQ8s7LXa3K8HVbP01wdc13QyDvBq4
0wmWxE/B5opoH5rt/m/gbr+u/0uLW2+4mRyH2uL0G300Z/rU+1TgPc9/FKg77V9K
3NgSkr8BJwHZ8haEmGFP8pHd1eQaQWK1I8YopgoR1lIME2frliTTiw8KwolSUzAo
+l+75bZMR6tqKKM89Ux3Op4u3fqHTZsTr2DVA+e6DP5vN78mrnau9Hz74wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJikvn2P+3hhp05LLHMXdoVE2aEJMB8GA1UdIwQY
MBaAFBwje2iDaXkSlX+NM3NwK8kG0mRFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSENON2FJTnBlUktWZjQwemMzQXJ5UWJTWkVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi9kN2JlNWUtODU0Ni00YWNhLThiNmUt
YTMzZThlYjVhNTM4LzEvSENON2FJTnBlUktWZjQwemMzQXJ5UWJTWkVVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi9kN2JlNWUtODU0Ni00YWNhLThiNmUtYTMzZThlYjVhNTM4
LzEvSENON2FJTnBlUktWZjQwemMzQXJ5UWJTWkVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAg8IQEXVN
jVUNGuSLKr4UT+joF9oVJiTLbmcho9RbBLpWGJIyxcZZSLxoWbsVjGnFz2GzKVQc
nIVsAVrFBhNNWLK+T+UqxR2ZGZ9mkalP8L4o4VrUNEfVGXl1tEHQsmaSlBH2so6G
CiaQSpCICbhHSZ+G9x87AYXCOH7Gc6fQftz3lzKIwo9cD7tFwnDBulFNbsyD9c2B
YbbSiehTISNFVJpHBFmzxz9Ai/eLrm0LL+1Hu585CAWzt5A9SEBX1vvh7+bjAt5T
TXZcWfmdtaq7QiRmtS0apDHzmjeeGn0g35F014uyV0bW29RTmEnwrorzxxWP+ZVa
u9t0AghvWZ3xVg==
-----END CERTIFICATE-----
Generated at Wed Mar 25 21:21:58 2026 by rpki-client