Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/421e9e-5243-4d20-b447-95045586802e/1/HDP7O3JSC4FpopKNU4LknWda0GA.mft
File: HDP7O3JSC4FpopKNU4LknWda0GA.mft (raw, json)
Hash identifier: Hl8g2vVyCcLPq1s/4Je1IZdTXFGGn+CuuJXn73T8t8w=
Subject key identifier: 84:20:B3:D1:C6:C7:0F:BC:6F:0F:1D:AE:77:71:62:5A:3C:7C:9E:BE
Authority key identifier: 1C:33:FB:3B:72:52:0B:81:69:A2:92:8D:53:82:E4:9D:67:5A:D0:60
Certificate issuer: /CN=1c33fb3b72520b8169a2928d5382e49d675ad060
Certificate serial: 019D2772ACBDE44741A840ED9E4723E0BDA1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HDP7O3JSC4FpopKNU4LknWda0GA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/421e9e-5243-4d20-b447-95045586802e/1/HDP7O3JSC4FpopKNU4LknWda0GA.mft
Manifest number: 1634
Signing time: Thu 26 Mar 2026 00:01:59 +0000
Manifest this update: Thu 26 Mar 2026 00:01:59 +0000
Manifest next update: Fri 27 Mar 2026 00:01:59 +0000
Files and hashes: 1: Gy7ZxbulJ_7Y0tx78zpcZAOHO2I.roa (hash: 8PQOWmSZ9/1/Et2ot0KAAdAS2aYMSpPnN0AQzm11bWE=)
2: HDP7O3JSC4FpopKNU4LknWda0GA.crl (hash: 3NR0hgByxq1z5Gnl496PT111QP84yXkZPm/2CeVQb2I=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f9/421e9e-5243-4d20-b447-95045586802e/1/HDP7O3JSC4FpopKNU4LknWda0GA.crl
rsync://rpki.ripe.net/repository/DEFAULT/f9/421e9e-5243-4d20-b447-95045586802e/1/HDP7O3JSC4FpopKNU4LknWda0GA.mft
rsync://rpki.ripe.net/repository/DEFAULT/HDP7O3JSC4FpopKNU4LknWda0GA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:27:72:ac:bd:e4:47:41:a8:40:ed:9e:47:23:e0:bd:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c33fb3b72520b8169a2928d5382e49d675ad060
Validity
Not Before: Mar 26 00:01:59 2026 GMT
Not After : Mar 27 00:01:59 2026 GMT
Subject: CN=8420b3d1c6c70fbc6f0f1dae7771625a3c7c9ebe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:c2:61:9e:ba:53:53:b4:27:e5:38:69:d8:c5:
b6:dd:39:30:55:7c:d6:3d:d6:17:98:21:01:6d:2e:
8d:22:2e:83:0b:5a:62:d2:49:e3:13:88:15:06:88:
23:51:26:35:e7:71:be:50:82:9b:36:e0:27:93:7a:
cf:ab:be:96:52:6b:bc:46:c1:45:26:c4:2a:e7:f0:
28:36:2f:7f:61:5c:11:79:da:03:e5:0a:f7:8c:e8:
db:e9:6a:51:16:08:cf:8a:32:4e:99:cc:a1:88:c2:
ca:79:bc:85:8b:0c:3d:7f:55:88:b6:8d:a2:50:43:
c7:af:65:0f:a7:89:6f:b9:09:bc:f2:0b:09:54:74:
2b:0b:b2:de:79:08:47:fe:87:1a:56:69:1e:19:9f:
1c:49:fb:88:a5:f4:7b:51:e2:cf:42:c0:63:57:de:
bf:33:1d:0e:ad:af:d7:a8:6d:64:93:46:fa:e5:e2:
51:3f:21:fc:d5:92:24:45:ac:96:ca:28:62:e9:9e:
38:5c:f1:8f:28:a8:8c:1d:18:73:9f:fa:c6:da:e1:
55:c6:3e:d6:4a:a9:26:7a:7e:6b:e0:28:0a:5a:6b:
3b:10:f8:a9:0d:5b:18:ed:a4:c8:38:e6:4c:d4:ef:
ab:1e:e4:4d:34:b7:f9:30:66:57:68:d6:69:02:b1:
f9:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:20:B3:D1:C6:C7:0F:BC:6F:0F:1D:AE:77:71:62:5A:3C:7C:9E:BE
X509v3 Authority Key Identifier:
keyid:1C:33:FB:3B:72:52:0B:81:69:A2:92:8D:53:82:E4:9D:67:5A:D0:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HDP7O3JSC4FpopKNU4LknWda0GA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/421e9e-5243-4d20-b447-95045586802e/1/HDP7O3JSC4FpopKNU4LknWda0GA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/421e9e-5243-4d20-b447-95045586802e/1/HDP7O3JSC4FpopKNU4LknWda0GA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
13:8b:00:7b:4e:b9:2b:13:a7:d5:c0:81:2f:e5:91:41:0d:0e:
1b:ad:40:34:fe:a2:90:d8:6d:fa:3b:f1:f6:f3:25:8a:fe:67:
8c:d1:aa:82:2a:d6:07:52:94:98:89:4f:04:e0:aa:a5:ac:bc:
cd:e4:fb:2c:20:eb:81:34:0a:16:07:39:77:7a:68:79:69:71:
ff:71:b1:d4:49:ce:3b:f7:19:f8:f3:2a:56:24:e6:25:dc:3c:
95:61:4f:b9:91:8b:12:c9:1e:74:c3:61:b6:82:bb:45:6b:03:
82:76:d6:13:19:5a:32:5b:05:ab:b5:3d:4b:55:51:ab:fa:96:
44:c1:35:d8:6a:5e:ae:fc:b4:22:1a:2b:4f:fd:35:66:63:25:
bb:83:df:82:3a:ab:8c:f8:30:43:bb:11:77:1e:35:1e:b7:19:
fd:45:ee:6e:26:99:00:0b:aa:a1:9f:76:90:05:dc:60:eb:2f:
6f:48:45:b1:86:ae:b1:56:b3:33:a0:66:cf:fc:96:6e:d3:4f:
e5:d8:67:5a:9b:5c:73:1e:06:db:4a:d1:49:bd:2a:f7:9c:60:
7a:c3:00:ed:9f:fb:60:0b:4c:e9:6d:5c:bd:b7:e9:88:80:0b:
b4:9a:27:eb:a4:ad:de:52:8b:a8:4e:80:d9:32:fc:ec:9b:05:
39:b2:b7:19
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ncqy95EdBqEDtnkcj4L2hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMzNmYjNiNzI1MjBiODE2OWEyOTI4ZDUzODJlNDlkNjc1
YWQwNjAwHhcNMjYwMzI2MDAwMTU5WhcNMjYwMzI3MDAwMTU5WjAzMTEwLwYDVQQD
Eyg4NDIwYjNkMWM2YzcwZmJjNmYwZjFkYWU3NzcxNjI1YTNjN2M5ZWJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr8JhnrpTU7Qn5Thp2MW23TkwVXzW
PdYXmCEBbS6NIi6DC1pi0knjE4gVBogjUSY153G+UIKbNuAnk3rPq76WUmu8RsFF
JsQq5/AoNi9/YVwRedoD5Qr3jOjb6WpRFgjPijJOmcyhiMLKebyFiww9f1WIto2i
UEPHr2UPp4lvuQm88gsJVHQrC7LeeQhH/ocaVmkeGZ8cSfuIpfR7UeLPQsBjV96/
Mx0Ora/XqG1kk0b65eJRPyH81ZIkRayWyihi6Z44XPGPKKiMHRhzn/rG2uFVxj7W
Sqkmen5r4CgKWms7EPipDVsY7aTIOOZM1O+rHuRNNLf5MGZXaNZpArH5xwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIQgs9HGxw+8bw8drndxYlo8fJ6+MB8GA1UdIwQY
MBaAFBwz+ztyUguBaaKSjVOC5J1nWtBgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSERQN08zSlNDNEZwb3BLTlU0TGtuV2RhMEdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS80MjFlOWUtNTI0My00ZDIwLWI0NDct
OTUwNDU1ODY4MDJlLzEvSERQN08zSlNDNEZwb3BLTlU0TGtuV2RhMEdBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS80MjFlOWUtNTI0My00ZDIwLWI0NDctOTUwNDU1ODY4MDJl
LzEvSERQN08zSlNDNEZwb3BLTlU0TGtuV2RhMEdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAE4sAe065
KxOn1cCBL+WRQQ0OG61ANP6ikNht+jvx9vMliv5njNGqgirWB1KUmIlPBOCqpay8
zeT7LCDrgTQKFgc5d3poeWlx/3Gx1EnOO/cZ+PMqViTmJdw8lWFPuZGLEskedMNh
toK7RWsDgnbWExlaMlsFq7U9S1VRq/qWRME12Gpervy0IhorT/01ZmMlu4Pfgjqr
jPgwQ7sRdx41HrcZ/UXubiaZAAuqoZ92kAXcYOsvb0hFsYausVazM6Bmz/yWbtNP
5dhnWptccx4G20rRSb0q95xgesMA7Z/7YAtM6W1cvbfpiIALtJon66St3lKLqE6A
2TL87JsFObK3GQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 09:48:26 2026 by rpki-client