Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/ca4114-2fb9-43d1-b528-032af836c172/1/hSOM5-r2mlui8JR7K6BTOUtFts0.mft
File: hSOM5-r2mlui8JR7K6BTOUtFts0.mft (raw, json)
Hash identifier: 3+wFSfE7YgRQ2Ukv4e6tbOAzbz1VS0xz0OjQCzQzWmc=
Subject key identifier: B6:71:3F:AC:7F:68:69:FD:BC:C1:10:29:DE:8C:61:FA:1F:80:5E:3F
Authority key identifier: 85:23:8C:E7:EA:F6:9A:5B:A2:F0:94:7B:2B:A0:53:39:4B:45:B6:CD
Certificate issuer: /CN=85238ce7eaf69a5ba2f0947b2ba053394b45b6cd
Certificate serial: 019CAEDA196DE2434D7292945D67AB9F05A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hSOM5-r2mlui8JR7K6BTOUtFts0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/ca4114-2fb9-43d1-b528-032af836c172/1/hSOM5-r2mlui8JR7K6BTOUtFts0.mft
Manifest number: 17D9
Signing time: Mon 02 Mar 2026 14:00:54 +0000
Manifest this update: Mon 02 Mar 2026 14:00:54 +0000
Manifest next update: Tue 03 Mar 2026 14:00:54 +0000
Files and hashes: 1: 9WDzni9fLgS4Y1Z4NykfP7TpMa0.roa (hash: tKJRFaY2YcR7s8GJcJFATvbLWJiSSXElLCi1btrAeAw=)
2: hSOM5-r2mlui8JR7K6BTOUtFts0.crl (hash: BxxfDL89pDl/MUPY6webL1e4hQ56aCfgAM3aSHsVCNU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/ca4114-2fb9-43d1-b528-032af836c172/1/hSOM5-r2mlui8JR7K6BTOUtFts0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/ca4114-2fb9-43d1-b528-032af836c172/1/hSOM5-r2mlui8JR7K6BTOUtFts0.mft
rsync://rpki.ripe.net/repository/DEFAULT/hSOM5-r2mlui8JR7K6BTOUtFts0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 14:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ae:da:19:6d:e2:43:4d:72:92:94:5d:67:ab:9f:05:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85238ce7eaf69a5ba2f0947b2ba053394b45b6cd
Validity
Not Before: Mar 2 14:00:54 2026 GMT
Not After : Mar 3 14:00:54 2026 GMT
Subject: CN=b6713fac7f6869fdbcc11029de8c61fa1f805e3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:e9:e9:08:6f:0e:b2:d0:83:cc:7d:f5:49:10:
ba:97:d3:89:10:7e:98:02:19:24:7e:99:9c:c1:d4:
b2:f1:e7:cb:8a:0d:6a:d7:4a:26:aa:f9:7b:33:3d:
d8:18:48:c1:80:e6:1e:4b:5a:b8:7b:4b:7f:de:e0:
33:e9:15:51:bc:3b:b4:e0:ed:d3:1d:1a:50:28:aa:
61:51:7d:59:62:7d:01:fb:f4:13:6a:45:a8:07:b5:
b5:83:5f:07:53:3e:4a:7f:38:d4:58:92:27:7f:d7:
a9:db:47:f7:d0:44:d8:02:6b:06:65:f7:8f:78:a8:
55:92:17:80:48:82:97:5a:26:15:3a:5a:75:09:9a:
7e:3c:db:81:e9:42:c6:e9:15:da:26:a9:e8:d4:0c:
b3:3f:a4:77:f8:13:dc:38:62:9b:75:57:94:84:ad:
36:ea:9f:54:36:ad:09:9f:ed:dd:cb:97:60:f5:8d:
77:92:69:bd:ed:ac:fb:59:b8:8a:2a:9b:78:13:f2:
05:6a:22:f1:75:47:96:55:29:e1:cd:f1:4d:c6:dc:
cd:77:b3:4f:d2:9b:0e:3f:c6:0d:21:c8:7e:77:43:
08:79:16:c8:0f:43:5d:fa:01:69:fc:2c:5a:00:22:
65:94:48:6a:ec:41:6f:d4:09:84:70:70:27:7c:18:
5d:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:71:3F:AC:7F:68:69:FD:BC:C1:10:29:DE:8C:61:FA:1F:80:5E:3F
X509v3 Authority Key Identifier:
keyid:85:23:8C:E7:EA:F6:9A:5B:A2:F0:94:7B:2B:A0:53:39:4B:45:B6:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hSOM5-r2mlui8JR7K6BTOUtFts0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/ca4114-2fb9-43d1-b528-032af836c172/1/hSOM5-r2mlui8JR7K6BTOUtFts0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/ca4114-2fb9-43d1-b528-032af836c172/1/hSOM5-r2mlui8JR7K6BTOUtFts0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0e:36:2d:ba:3e:a7:33:a9:ab:bb:4a:88:05:c2:ad:26:62:37:
ee:0c:ae:ff:c5:8b:d2:72:6d:3b:e8:24:3b:50:f5:22:89:ab:
af:5c:60:d3:4c:7e:e0:7f:4e:5f:87:48:2e:5b:72:f6:88:49:
00:60:63:bf:2f:f6:74:07:e5:4a:bb:ba:cb:96:68:6e:33:7f:
13:4b:0b:c0:b5:24:20:7b:39:5b:b3:02:93:8a:34:75:ba:d1:
f8:37:19:e8:d2:93:0a:0e:0f:61:28:6f:97:e3:4f:3e:a0:ae:
53:6f:f2:d1:75:88:94:e7:fb:35:6a:b6:af:a1:01:d4:bd:e1:
48:6d:b5:a5:bd:41:36:db:a6:f9:88:3b:29:16:89:92:4c:35:
99:65:1b:84:ab:46:2b:00:76:e5:a5:a5:a6:7d:a6:27:e6:4e:
29:7e:2b:4b:86:c4:ec:f3:3a:47:b4:f0:a9:7a:bc:48:c7:cf:
c0:2e:ec:03:83:04:23:75:c0:a1:70:7f:1d:e0:61:78:08:fc:
54:9f:39:40:3d:39:e4:9c:9d:f7:90:97:1c:65:24:d0:b7:a4:
75:bd:03:c7:b4:d5:cc:5a:37:3e:91:4b:31:55:32:8b:6b:37:
ea:39:7c:21:80:a4:2d:ab:2d:b6:21:a9:c8:c7:4e:f4:07:86:
b4:8c:5c:06
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyu2hlt4kNNcpKUXWernwWiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MjM4Y2U3ZWFmNjlhNWJhMmYwOTQ3YjJiYTA1MzM5NGI0
NWI2Y2QwHhcNMjYwMzAyMTQwMDU0WhcNMjYwMzAzMTQwMDU0WjAzMTEwLwYDVQQD
EyhiNjcxM2ZhYzdmNjg2OWZkYmNjMTEwMjlkZThjNjFmYTFmODA1ZTNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsenpCG8OstCDzH31SRC6l9OJEH6Y
AhkkfpmcwdSy8efLig1q10omqvl7Mz3YGEjBgOYeS1q4e0t/3uAz6RVRvDu04O3T
HRpQKKphUX1ZYn0B+/QTakWoB7W1g18HUz5KfzjUWJInf9ep20f30ETYAmsGZfeP
eKhVkheASIKXWiYVOlp1CZp+PNuB6ULG6RXaJqno1AyzP6R3+BPcOGKbdVeUhK02
6p9UNq0Jn+3dy5dg9Y13kmm97az7WbiKKpt4E/IFaiLxdUeWVSnhzfFNxtzNd7NP
0psOP8YNIch+d0MIeRbID0Nd+gFp/CxaACJllEhq7EFv1AmEcHAnfBhdAwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLZxP6x/aGn9vMEQKd6MYfofgF4/MB8GA1UdIwQY
MBaAFIUjjOfq9ppbovCUeyugUzlLRbbNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFNPTTUtcjJtbHVpOEpSN0s2QlRPVXRGdHMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy9jYTQxMTQtMmZiOS00M2QxLWI1Mjgt
MDMyYWY4MzZjMTcyLzEvaFNPTTUtcjJtbHVpOEpSN0s2QlRPVXRGdHMwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy9jYTQxMTQtMmZiOS00M2QxLWI1MjgtMDMyYWY4MzZjMTcy
LzEvaFNPTTUtcjJtbHVpOEpSN0s2QlRPVXRGdHMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADjYtuj6n
M6mru0qIBcKtJmI37gyu/8WL0nJtO+gkO1D1Iomrr1xg00x+4H9OX4dILlty9ohJ
AGBjvy/2dAflSru6y5ZobjN/E0sLwLUkIHs5W7MCk4o0dbrR+DcZ6NKTCg4PYShv
l+NPPqCuU2/y0XWIlOf7NWq2r6EB1L3hSG21pb1BNtum+Yg7KRaJkkw1mWUbhKtG
KwB25aWlpn2mJ+ZOKX4rS4bE7PM6R7TwqXq8SMfPwC7sA4MEI3XAoXB/HeBheAj8
VJ85QD055Jyd95CXHGUk0Lekdb0Dx7TVzFo3PpFLMVUyi2s36jl8IYCkLasttiGp
yMdO9AeGtIxcBg==
-----END CERTIFICATE-----
Generated at Mon Mar 2 19:08:49 2026 by rpki-client