Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/163f4b-de59-487a-9110-463531046c7f/1/hG1FIlzw1PqcZa7oiGHSJhIDrQA.mft
File: hG1FIlzw1PqcZa7oiGHSJhIDrQA.mft (raw, json)
Hash identifier: hx5IbH20bpUiVV4PhPA+hdMt3PgA3Brv6eij2ZulU30=
Subject key identifier: F8:2E:70:C9:E4:49:86:75:9C:FB:9B:0E:15:CA:D0:91:19:98:F0:61
Authority key identifier: 84:6D:45:22:5C:F0:D4:FA:9C:65:AE:E8:88:61:D2:26:12:03:AD:00
Certificate issuer: /CN=846d45225cf0d4fa9c65aee88861d2261203ad00
Certificate serial: 019D2A72A1990F291B2FFFA013CD856E869F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hG1FIlzw1PqcZa7oiGHSJhIDrQA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/163f4b-de59-487a-9110-463531046c7f/1/hG1FIlzw1PqcZa7oiGHSJhIDrQA.mft
Manifest number: 1323
Signing time: Thu 26 Mar 2026 14:00:48 +0000
Manifest this update: Thu 26 Mar 2026 14:00:48 +0000
Manifest next update: Fri 27 Mar 2026 14:00:48 +0000
Files and hashes: 1: MRe9Jn2vQUNBgH-RANmr0FhgGxI.roa (hash: rNl8kN+vuqRjmFOphk7qL6AzwoKLgjg4geeKr4yHMYs=)
2: hG1FIlzw1PqcZa7oiGHSJhIDrQA.crl (hash: vZQP6ZpkU4orOT/tZoXexmYgVm2aZtkQrJF3FPt7kpk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/163f4b-de59-487a-9110-463531046c7f/1/hG1FIlzw1PqcZa7oiGHSJhIDrQA.crl
rsync://rpki.ripe.net/repository/DEFAULT/f0/163f4b-de59-487a-9110-463531046c7f/1/hG1FIlzw1PqcZa7oiGHSJhIDrQA.mft
rsync://rpki.ripe.net/repository/DEFAULT/hG1FIlzw1PqcZa7oiGHSJhIDrQA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:2a:72:a1:99:0f:29:1b:2f:ff:a0:13:cd:85:6e:86:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=846d45225cf0d4fa9c65aee88861d2261203ad00
Validity
Not Before: Mar 26 14:00:48 2026 GMT
Not After : Mar 27 14:00:48 2026 GMT
Subject: CN=f82e70c9e44986759cfb9b0e15cad0911998f061
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:fc:be:d3:ef:b3:0e:52:e3:b5:52:3c:d5:32:
da:bc:2d:46:0c:6d:62:3a:12:67:98:f4:b5:4e:5e:
d7:fa:ea:5f:81:8c:8c:ac:27:e1:74:63:e0:97:2a:
20:10:ff:8b:1d:57:ed:6d:71:c1:e0:86:a3:e7:f8:
65:3f:3e:06:b0:33:0e:1a:f2:42:0a:15:96:9f:4e:
d3:d0:65:ec:00:f2:4c:ac:8a:f4:2d:ef:11:52:7e:
dc:e1:2d:42:b4:d2:5d:67:ed:d8:0a:98:1b:85:5a:
6b:60:c2:94:1d:cd:f2:05:a9:60:7c:c6:fd:c6:bd:
ae:b5:b6:a8:d2:4b:8c:aa:24:43:17:88:5b:cd:f5:
95:b2:9d:24:5f:0a:e2:ac:3f:0b:ea:24:2c:74:b4:
ef:30:e6:c2:13:ac:c9:5c:d3:cc:fe:8a:26:c1:c3:
00:f8:83:f1:e8:63:d0:bc:80:b8:b4:51:a0:a9:46:
c4:4a:65:b6:c9:51:25:96:55:f5:86:e8:55:71:3a:
3f:e0:33:98:1c:15:b9:bd:83:f3:74:54:17:fc:a4:
b4:f5:95:84:d9:fe:27:ea:c9:c1:b6:14:e4:5a:76:
a9:ca:e2:0a:95:aa:96:45:fa:4a:02:c2:40:d1:66:
e1:5a:65:c5:1b:53:6c:64:0e:99:14:8f:19:02:16:
4f:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:2E:70:C9:E4:49:86:75:9C:FB:9B:0E:15:CA:D0:91:19:98:F0:61
X509v3 Authority Key Identifier:
keyid:84:6D:45:22:5C:F0:D4:FA:9C:65:AE:E8:88:61:D2:26:12:03:AD:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hG1FIlzw1PqcZa7oiGHSJhIDrQA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/163f4b-de59-487a-9110-463531046c7f/1/hG1FIlzw1PqcZa7oiGHSJhIDrQA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/163f4b-de59-487a-9110-463531046c7f/1/hG1FIlzw1PqcZa7oiGHSJhIDrQA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7c:b2:a2:78:86:f1:05:e5:0e:fa:3e:fe:53:93:09:33:f3:7b:
89:5b:05:96:c2:29:db:1f:33:29:41:0f:68:7e:9d:bf:92:83:
65:ed:ae:ee:52:9e:08:90:14:38:ce:bd:38:dd:07:0f:b7:53:
5f:dd:85:99:8e:40:83:63:fb:bc:6e:72:a8:76:17:17:82:fc:
f1:31:a1:99:50:1c:72:b1:e3:3b:88:2d:bc:22:86:57:94:82:
b4:eb:d2:2d:51:f5:65:f7:31:af:4a:aa:fc:30:ef:6e:93:d8:
4c:8b:3e:2d:3d:31:69:ba:33:2a:47:71:a4:66:49:20:db:da:
4e:a7:02:e4:a9:17:01:1e:92:e9:c9:48:08:e1:cd:b7:71:2d:
91:0d:85:dc:a0:34:31:63:ff:02:a1:49:99:0e:36:f4:fb:e2:
95:1f:fd:a9:56:7b:69:52:e6:e8:75:b0:95:ef:90:b1:78:81:
04:2e:7d:9d:e4:41:c4:cd:e5:25:ab:ba:8c:0e:5e:cf:16:a2:
b7:c8:7a:22:44:05:23:34:da:e9:f3:71:cf:4e:72:ff:64:91:
26:2c:98:c6:2a:a5:73:04:12:e2:77:7d:50:61:5a:29:ab:c4:
f9:db:72:3e:33:c0:20:d5:f2:89:37:a0:0b:6d:b9:ef:99:f9:
23:a0:cf:0b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0qcqGZDykbL/+gE82FboafMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0NmQ0NTIyNWNmMGQ0ZmE5YzY1YWVlODg4NjFkMjI2MTIw
M2FkMDAwHhcNMjYwMzI2MTQwMDQ4WhcNMjYwMzI3MTQwMDQ4WjAzMTEwLwYDVQQD
EyhmODJlNzBjOWU0NDk4Njc1OWNmYjliMGUxNWNhZDA5MTE5OThmMDYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw/y+0++zDlLjtVI81TLavC1GDG1i
OhJnmPS1Tl7X+upfgYyMrCfhdGPglyogEP+LHVftbXHB4Iaj5/hlPz4GsDMOGvJC
ChWWn07T0GXsAPJMrIr0Le8RUn7c4S1CtNJdZ+3YCpgbhVprYMKUHc3yBalgfMb9
xr2utbao0kuMqiRDF4hbzfWVsp0kXwrirD8L6iQsdLTvMObCE6zJXNPM/oomwcMA
+IPx6GPQvIC4tFGgqUbESmW2yVElllX1huhVcTo/4DOYHBW5vYPzdFQX/KS09ZWE
2f4n6snBthTkWnapyuIKlaqWRfpKAsJA0WbhWmXFG1NsZA6ZFI8ZAhZPSQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPgucMnkSYZ1nPubDhXK0JEZmPBhMB8GA1UdIwQY
MBaAFIRtRSJc8NT6nGWu6Ihh0iYSA60AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEcxRklsencxUHFjWmE3b2lHSFNKaElEclFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC8xNjNmNGItZGU1OS00ODdhLTkxMTAt
NDYzNTMxMDQ2YzdmLzEvaEcxRklsencxUHFjWmE3b2lHSFNKaElEclFBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC8xNjNmNGItZGU1OS00ODdhLTkxMTAtNDYzNTMxMDQ2Yzdm
LzEvaEcxRklsencxUHFjWmE3b2lHSFNKaElEclFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfLKieIbx
BeUO+j7+U5MJM/N7iVsFlsIp2x8zKUEPaH6dv5KDZe2u7lKeCJAUOM69ON0HD7dT
X92FmY5Ag2P7vG5yqHYXF4L88TGhmVAccrHjO4gtvCKGV5SCtOvSLVH1Zfcxr0qq
/DDvbpPYTIs+LT0xabozKkdxpGZJINvaTqcC5KkXAR6S6clICOHNt3EtkQ2F3KA0
MWP/AqFJmQ429PvilR/9qVZ7aVLm6HWwle+QsXiBBC59neRBxM3lJau6jA5ezxai
t8h6IkQFIzTa6fNxz05y/2SRJiyYxiqlcwQS4nd9UGFaKavE+dtyPjPAINXyiTeg
C22575n5I6DPCw==
-----END CERTIFICATE-----
Generated at Thu Mar 26 16:27:07 2026 by rpki-client