Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/3fd774-3d79-44b1-878a-6028c2654940/1/hpA1wxdzT2Ybv4XCGEFVofNhat0.mft
File: hpA1wxdzT2Ybv4XCGEFVofNhat0.mft (raw, json)
Hash identifier: ouQgYPFM5Cc2ylKuFcZVKPGqBd8kPMczWsdW1dmjAw0=
Subject key identifier: 87:51:AB:40:59:FC:4C:5E:4F:41:43:C0:EB:11:11:96:B8:5D:1D:F8
Authority key identifier: 86:90:35:C3:17:73:4F:66:1B:BF:85:C2:18:41:55:A1:F3:61:6A:DD
Certificate issuer: /CN=869035c317734f661bbf85c2184155a1f3616add
Certificate serial: 019CAC104EB421ACC11D0F1ACB5588A65543
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hpA1wxdzT2Ybv4XCGEFVofNhat0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/3fd774-3d79-44b1-878a-6028c2654940/1/hpA1wxdzT2Ybv4XCGEFVofNhat0.mft
Manifest number: 13CD
Signing time: Mon 02 Mar 2026 01:01:15 +0000
Manifest this update: Mon 02 Mar 2026 01:01:15 +0000
Manifest next update: Tue 03 Mar 2026 01:01:15 +0000
Files and hashes: 1: hpA1wxdzT2Ybv4XCGEFVofNhat0.crl (hash: elTruCHYGZGeEiGi4jH1g7y01xy6GAID9iK+UNkgmXw=)
2: xICMKArLvTx29numTiutzmAayDM.roa (hash: Lqd0tIHATER1ygDumfjqbLFR0sPowEmoXTK5gpQqBN0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/3fd774-3d79-44b1-878a-6028c2654940/1/hpA1wxdzT2Ybv4XCGEFVofNhat0.crl
rsync://rpki.ripe.net/repository/DEFAULT/01/3fd774-3d79-44b1-878a-6028c2654940/1/hpA1wxdzT2Ybv4XCGEFVofNhat0.mft
rsync://rpki.ripe.net/repository/DEFAULT/hpA1wxdzT2Ybv4XCGEFVofNhat0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ac:10:4e:b4:21:ac:c1:1d:0f:1a:cb:55:88:a6:55:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=869035c317734f661bbf85c2184155a1f3616add
Validity
Not Before: Mar 2 01:01:15 2026 GMT
Not After : Mar 3 01:01:15 2026 GMT
Subject: CN=8751ab4059fc4c5e4f4143c0eb111196b85d1df8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:30:62:16:d2:ef:3e:c5:e7:d9:bd:a5:0c:c2:
ef:94:06:86:40:f5:92:90:ce:ee:c5:1c:31:a1:22:
79:bb:59:84:15:a4:fb:26:6d:4b:92:a0:c9:65:74:
c5:a6:0e:64:b0:f1:82:00:1a:bc:ce:ff:6b:e5:fc:
cb:69:25:cd:8f:e0:8e:6d:a2:7b:b6:a4:cc:e5:e8:
46:6a:29:f3:d6:ff:5a:05:da:9d:3b:ee:10:96:f5:
1f:44:45:6c:12:c3:e8:eb:62:45:ac:39:9d:97:c4:
08:fc:e9:1b:a6:94:0e:ab:9d:d3:9c:5f:e2:d7:dd:
fe:c5:6e:af:e9:ab:15:3a:e9:b3:6b:51:f2:6c:0c:
c5:c4:a8:1f:40:56:15:d4:ad:f4:d5:42:8a:1c:42:
a0:72:99:1b:f8:6d:0e:8e:4a:19:9c:2f:bf:aa:55:
e0:84:cc:28:47:4c:fd:72:93:41:d7:12:17:18:ed:
a3:50:fb:04:99:2a:c5:ee:61:e0:ac:79:06:07:82:
29:d1:c3:c4:61:e5:1f:7d:d9:06:6c:2a:42:53:9f:
63:6b:62:ce:df:6c:32:01:66:a7:83:5c:72:67:74:
14:07:e6:52:8c:ec:d3:e2:02:f7:71:62:e1:f8:12:
9b:27:c0:0f:8d:52:24:ae:0c:92:82:12:6d:6d:d9:
e8:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:51:AB:40:59:FC:4C:5E:4F:41:43:C0:EB:11:11:96:B8:5D:1D:F8
X509v3 Authority Key Identifier:
keyid:86:90:35:C3:17:73:4F:66:1B:BF:85:C2:18:41:55:A1:F3:61:6A:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hpA1wxdzT2Ybv4XCGEFVofNhat0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/3fd774-3d79-44b1-878a-6028c2654940/1/hpA1wxdzT2Ybv4XCGEFVofNhat0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/3fd774-3d79-44b1-878a-6028c2654940/1/hpA1wxdzT2Ybv4XCGEFVofNhat0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
81:66:d5:54:cb:e8:2b:f3:c0:8f:34:f2:ce:ff:03:91:e6:ed:
eb:a4:4a:aa:16:ba:50:7a:72:93:f4:27:10:03:90:8b:05:70:
20:3d:05:ac:84:2b:3d:1d:b5:14:bd:78:d7:69:8c:ac:ad:c4:
07:3f:7b:16:b3:eb:b6:7f:da:08:6c:51:75:d6:d5:42:dd:1a:
dd:c5:1f:8e:2d:51:f6:f4:cd:82:c6:3e:f8:04:88:be:39:97:
f3:93:96:ab:e1:56:70:b5:05:12:f4:b1:fa:f7:fe:a8:9b:e3:
8d:ef:13:9d:73:b5:22:b0:06:0c:9a:2f:57:d5:64:7c:be:0a:
f1:32:ff:5e:51:f8:9a:92:8d:59:b8:21:85:4b:de:c2:c7:8c:
ba:c5:18:61:08:0a:51:a2:a3:1f:7e:d7:8c:56:36:97:92:87:
93:2b:f2:97:f1:df:61:cd:f1:7a:e0:2c:d5:0d:94:23:30:1e:
e9:2e:8d:03:d2:75:2f:82:5a:02:31:9f:13:64:3f:a7:77:9f:
9c:7e:9d:49:26:85:46:c1:5e:de:b7:ae:c2:cb:41:5f:9c:7b:
21:17:89:af:5e:0c:0d:f1:0c:4d:d2:35:d9:29:1b:63:d6:60:
9f:ef:bc:3d:37:13:78:84:ba:e1:43:d6:04:d9:83:45:ce:50:
c0:8e:60:f8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZysEE60IazBHQ8ay1WIplVDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2OTAzNWMzMTc3MzRmNjYxYmJmODVjMjE4NDE1NWExZjM2
MTZhZGQwHhcNMjYwMzAyMDEwMTE1WhcNMjYwMzAzMDEwMTE1WjAzMTEwLwYDVQQD
Eyg4NzUxYWI0MDU5ZmM0YzVlNGY0MTQzYzBlYjExMTE5NmI4NWQxZGY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyTBiFtLvPsXn2b2lDMLvlAaGQPWS
kM7uxRwxoSJ5u1mEFaT7Jm1LkqDJZXTFpg5ksPGCABq8zv9r5fzLaSXNj+CObaJ7
tqTM5ehGainz1v9aBdqdO+4QlvUfREVsEsPo62JFrDmdl8QI/OkbppQOq53TnF/i
193+xW6v6asVOumza1HybAzFxKgfQFYV1K301UKKHEKgcpkb+G0OjkoZnC+/qlXg
hMwoR0z9cpNB1xIXGO2jUPsEmSrF7mHgrHkGB4Ip0cPEYeUffdkGbCpCU59ja2LO
32wyAWang1xyZ3QUB+ZSjOzT4gL3cWLh+BKbJ8APjVIkrgySghJtbdnoHQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIdRq0BZ/ExeT0FDwOsREZa4XR34MB8GA1UdIwQY
MBaAFIaQNcMXc09mG7+FwhhBVaHzYWrdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHBBMXd4ZHpUMllidjRYQ0dFRlZvZk5oYXQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS8zZmQ3NzQtM2Q3OS00NGIxLTg3OGEt
NjAyOGMyNjU0OTQwLzEvaHBBMXd4ZHpUMllidjRYQ0dFRlZvZk5oYXQwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS8zZmQ3NzQtM2Q3OS00NGIxLTg3OGEtNjAyOGMyNjU0OTQw
LzEvaHBBMXd4ZHpUMllidjRYQ0dFRlZvZk5oYXQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgWbVVMvo
K/PAjzTyzv8Dkebt66RKqha6UHpyk/QnEAOQiwVwID0FrIQrPR21FL1412mMrK3E
Bz97FrPrtn/aCGxRddbVQt0a3cUfji1R9vTNgsY++ASIvjmX85OWq+FWcLUFEvSx
+vf+qJvjje8TnXO1IrAGDJovV9VkfL4K8TL/XlH4mpKNWbghhUvewseMusUYYQgK
UaKjH37XjFY2l5KHkyvyl/HfYc3xeuAs1Q2UIzAe6S6NA9J1L4JaAjGfE2Q/p3ef
nH6dSSaFRsFe3reuwstBX5x7IReJr14MDfEMTdI12SkbY9Zgn++8PTcTeIS64UPW
BNmDRc5QwI5g+A==
-----END CERTIFICATE-----
Generated at Mon Mar 2 06:51:47 2026 by rpki-client