Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/094db3-e389-4461-b50e-58169fbecdfa/1/hCIIK4U0vXrmP6gAimhbZfTNJZM.mft
File: hCIIK4U0vXrmP6gAimhbZfTNJZM.mft (raw, json)
Hash identifier: QnuEkKf5ppl/wIVqryxtdM/LVfTLkzjNZt9GCRW1RRg=
Subject key identifier: 2B:94:15:12:18:62:1C:E1:98:9F:3E:1B:E7:A9:EC:6D:5C:C2:38:56
Authority key identifier: 84:22:08:2B:85:34:BD:7A:E6:3F:A8:00:8A:68:5B:65:F4:CD:25:93
Certificate issuer: /CN=8422082b8534bd7ae63fa8008a685b65f4cd2593
Certificate serial: 019D24DF2D8DF890A3B4DCB1E8B687DDD5BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hCIIK4U0vXrmP6gAimhbZfTNJZM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/094db3-e389-4461-b50e-58169fbecdfa/1/hCIIK4U0vXrmP6gAimhbZfTNJZM.mft
Manifest number: 0691
Signing time: Wed 25 Mar 2026 12:01:39 +0000
Manifest this update: Wed 25 Mar 2026 12:01:39 +0000
Manifest next update: Thu 26 Mar 2026 12:01:39 +0000
Files and hashes: 1: 7ObucnjBknjOc9VGyDvq-rah57Q.asa (hash: AfmsB5ElxTW0o9bXlvelsvJ0CpTckZTI7iwTHE4nG1E=)
2: hCIIK4U0vXrmP6gAimhbZfTNJZM.crl (hash: CHEVrF8Uq1IsZf6AYyFapxLaPf5p/bwXT15VwhTFyhI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f5/094db3-e389-4461-b50e-58169fbecdfa/1/hCIIK4U0vXrmP6gAimhbZfTNJZM.crl
rsync://rpki.ripe.net/repository/DEFAULT/f5/094db3-e389-4461-b50e-58169fbecdfa/1/hCIIK4U0vXrmP6gAimhbZfTNJZM.mft
rsync://rpki.ripe.net/repository/DEFAULT/hCIIK4U0vXrmP6gAimhbZfTNJZM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 12:01:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:24:df:2d:8d:f8:90:a3:b4:dc:b1:e8:b6:87:dd:d5:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8422082b8534bd7ae63fa8008a685b65f4cd2593
Validity
Not Before: Mar 25 12:01:39 2026 GMT
Not After : Mar 26 12:01:39 2026 GMT
Subject: CN=2b94151218621ce1989f3e1be7a9ec6d5cc23856
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:5d:ad:43:f8:98:bf:43:84:f6:ac:5c:8d:7c:
8e:9c:c3:a4:9a:26:e6:38:d9:01:22:bd:1d:d5:73:
68:dc:5a:e7:cb:10:76:c8:02:7b:44:c1:c5:36:89:
bc:b4:b2:40:0d:00:b5:26:76:ab:a5:18:da:8c:e0:
ee:ff:06:a1:76:d9:56:26:59:85:ce:83:40:a8:fd:
b1:2b:0d:f0:b8:53:5d:37:ce:5c:e1:c7:6c:cb:65:
69:93:dd:68:6e:b7:eb:80:97:35:b2:80:5d:d2:d7:
d2:b1:a6:b0:9b:27:cf:e2:eb:62:8e:a6:e0:38:e0:
84:5a:f1:aa:d8:da:cf:4c:3e:1a:8a:b7:78:1f:1e:
f6:9d:c5:d0:fc:34:f3:8f:1c:57:17:0b:42:f1:a8:
52:72:c2:9a:c3:0e:66:b6:c1:71:49:88:5b:4d:01:
ce:b3:be:16:24:86:c1:f9:e7:04:2d:12:58:6d:14:
2c:d2:79:0a:bd:ab:8a:db:c4:fc:af:2f:56:52:67:
0c:b8:c3:b8:35:06:0e:03:2c:d6:b4:8a:49:9f:3c:
0c:38:63:cf:73:ee:8a:54:b6:ca:1b:d9:a2:9e:dd:
33:34:d6:0a:a8:ae:3f:2b:1c:b8:29:7d:34:e0:85:
4b:eb:f0:64:6e:d5:ec:8a:6f:96:6e:58:16:77:a9:
3b:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:94:15:12:18:62:1C:E1:98:9F:3E:1B:E7:A9:EC:6D:5C:C2:38:56
X509v3 Authority Key Identifier:
keyid:84:22:08:2B:85:34:BD:7A:E6:3F:A8:00:8A:68:5B:65:F4:CD:25:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hCIIK4U0vXrmP6gAimhbZfTNJZM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/094db3-e389-4461-b50e-58169fbecdfa/1/hCIIK4U0vXrmP6gAimhbZfTNJZM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/094db3-e389-4461-b50e-58169fbecdfa/1/hCIIK4U0vXrmP6gAimhbZfTNJZM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
00:a5:3b:ed:75:3a:be:7c:ab:67:8a:d3:bf:50:a0:0d:83:3c:
86:1b:0c:4d:b8:c0:3d:54:ad:02:cf:75:04:14:62:ac:6a:66:
2c:bb:2f:66:1d:80:6a:d4:61:af:71:ee:89:a4:64:4b:66:59:
df:37:76:cb:57:e1:3f:15:c0:0e:6b:36:b9:4d:11:04:ed:20:
4b:fe:39:d7:76:5e:d1:98:a0:a0:2b:21:de:fc:9b:73:34:f1:
eb:63:06:81:88:4e:a4:59:d8:a7:a7:d1:04:af:a3:ff:19:1e:
15:e3:42:11:b2:e6:b2:9e:ce:bc:de:d1:5b:10:29:97:c5:b5:
09:20:05:c7:d4:f9:05:a2:1e:5b:4e:22:02:ea:3a:a4:79:1c:
c9:57:26:05:44:81:dc:da:27:5f:11:78:50:a0:9f:4d:98:2f:
1f:d5:48:90:c4:fe:87:19:a6:f9:7d:ff:46:a3:fc:4d:e2:6c:
6b:f2:ec:b7:44:c3:ab:bb:03:10:b5:73:c6:19:32:ce:20:be:
c7:57:48:c1:3b:51:b9:67:cc:0f:38:cd:43:3f:48:71:e6:7b:
91:77:ed:11:2e:1f:e4:06:4b:35:e5:fd:c3:f1:8f:9b:bf:7b:
f2:5b:f6:a2:b9:24:26:f9:fc:cf:2a:4b:75:a7:60:fc:a4:72:
0c:d4:a8:c6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0k3y2N+JCjtNyx6LaH3dW/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0MjIwODJiODUzNGJkN2FlNjNmYTgwMDhhNjg1YjY1ZjRj
ZDI1OTMwHhcNMjYwMzI1MTIwMTM5WhcNMjYwMzI2MTIwMTM5WjAzMTEwLwYDVQQD
EygyYjk0MTUxMjE4NjIxY2UxOTg5ZjNlMWJlN2E5ZWM2ZDVjYzIzODU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxV2tQ/iYv0OE9qxcjXyOnMOkmibm
ONkBIr0d1XNo3FrnyxB2yAJ7RMHFNom8tLJADQC1JnarpRjajODu/wahdtlWJlmF
zoNAqP2xKw3wuFNdN85c4cdsy2Vpk91obrfrgJc1soBd0tfSsaawmyfP4utijqbg
OOCEWvGq2NrPTD4aird4Hx72ncXQ/DTzjxxXFwtC8ahScsKaww5mtsFxSYhbTQHO
s74WJIbB+ecELRJYbRQs0nkKvauK28T8ry9WUmcMuMO4NQYOAyzWtIpJnzwMOGPP
c+6KVLbKG9mint0zNNYKqK4/Kxy4KX004IVL6/BkbtXsim+WblgWd6k7qQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCuUFRIYYhzhmJ8+G+ep7G1cwjhWMB8GA1UdIwQY
MBaAFIQiCCuFNL165j+oAIpoW2X0zSWTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaENJSUs0VTB2WHJtUDZnQWltaGJaZlROSlpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS8wOTRkYjMtZTM4OS00NDYxLWI1MGUt
NTgxNjlmYmVjZGZhLzEvaENJSUs0VTB2WHJtUDZnQWltaGJaZlROSlpNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS8wOTRkYjMtZTM4OS00NDYxLWI1MGUtNTgxNjlmYmVjZGZh
LzEvaENJSUs0VTB2WHJtUDZnQWltaGJaZlROSlpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAKU77XU6
vnyrZ4rTv1CgDYM8hhsMTbjAPVStAs91BBRirGpmLLsvZh2AatRhr3HuiaRkS2ZZ
3zd2y1fhPxXADms2uU0RBO0gS/4513Ze0ZigoCsh3vybczTx62MGgYhOpFnYp6fR
BK+j/xkeFeNCEbLmsp7OvN7RWxApl8W1CSAFx9T5BaIeW04iAuo6pHkcyVcmBUSB
3NonXxF4UKCfTZgvH9VIkMT+hxmm+X3/RqP8TeJsa/Lst0TDq7sDELVzxhkyziC+
x1dIwTtRuWfMDzjNQz9IceZ7kXftES4f5AZLNeX9w/GPm7978lv2orkkJvn8zypL
dadg/KRyDNSoxg==
-----END CERTIFICATE-----
Generated at Wed Mar 25 21:19:00 2026 by rpki-client