Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/6381d3-5d01-4abc-bed7-7b21bf303ccc/1/h-2cuDQKwglaTLBSjl6i9zjOpnI.mft
File: h-2cuDQKwglaTLBSjl6i9zjOpnI.mft (raw, json)
Hash identifier: dZSCjITLdg8JhX8UF8f+BbvZXSuid4Kdj0zm+6SD/9Y=
Subject key identifier: 22:0A:EC:34:6D:AC:4F:21:33:C5:66:BB:66:8E:9B:AA:37:E1:FE:5F
Authority key identifier: 87:ED:9C:B8:34:0A:C2:09:5A:4C:B0:52:8E:5E:A2:F7:38:CE:A6:72
Certificate issuer: /CN=87ed9cb8340ac2095a4cb0528e5ea2f738cea672
Certificate serial: 019CAB6AF2E8C8AE3E375B9AF06A1FA78220
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h-2cuDQKwglaTLBSjl6i9zjOpnI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/6381d3-5d01-4abc-bed7-7b21bf303ccc/1/h-2cuDQKwglaTLBSjl6i9zjOpnI.mft
Manifest number: 0612
Signing time: Sun 01 Mar 2026 22:00:38 +0000
Manifest this update: Sun 01 Mar 2026 22:00:38 +0000
Manifest next update: Mon 02 Mar 2026 22:00:38 +0000
Files and hashes: 1: ClXL4dT4GSld8lEfAWyCYr5cI3Y.roa (hash: gOfRKf6V+xV3ZsFtbBW86oarsiPBo5VFvmb0v2OnPU0=)
2: h-2cuDQKwglaTLBSjl6i9zjOpnI.crl (hash: 5VNzhjYO1h+ErbDC3ZOs9K2KEDvZH5b0lAiG/5XeZws=)
3: vT00UMTKIHLp4hINXZvd81w31H4.roa (hash: QI91nZrYvdKW6PkjSidpqTabE42DmbX4YNbp5QsN850=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/6381d3-5d01-4abc-bed7-7b21bf303ccc/1/h-2cuDQKwglaTLBSjl6i9zjOpnI.crl
rsync://rpki.ripe.net/repository/DEFAULT/0b/6381d3-5d01-4abc-bed7-7b21bf303ccc/1/h-2cuDQKwglaTLBSjl6i9zjOpnI.mft
rsync://rpki.ripe.net/repository/DEFAULT/h-2cuDQKwglaTLBSjl6i9zjOpnI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 22:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ab:6a:f2:e8:c8:ae:3e:37:5b:9a:f0:6a:1f:a7:82:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87ed9cb8340ac2095a4cb0528e5ea2f738cea672
Validity
Not Before: Mar 1 22:00:38 2026 GMT
Not After : Mar 2 22:00:38 2026 GMT
Subject: CN=220aec346dac4f2133c566bb668e9baa37e1fe5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:7c:80:a1:23:34:83:d7:60:34:22:61:2c:7b:
ab:52:03:2f:15:62:b0:50:b2:f0:86:f6:0d:02:e4:
9b:63:84:01:bb:96:d7:28:e9:1f:04:06:ef:be:0c:
82:b7:bf:91:ea:64:a5:47:84:20:f8:15:15:25:c8:
75:f5:63:43:6c:62:a3:39:31:b1:f1:cd:87:f2:ce:
aa:3c:1c:ec:3f:1d:21:36:3b:e4:b5:90:72:bf:1f:
16:1d:26:d3:b1:0f:99:bb:50:6f:83:fa:f8:45:02:
0c:63:19:a2:8e:4d:11:b0:78:9d:13:ba:b1:00:92:
ba:a4:f6:36:8b:bc:24:24:d8:f2:43:18:fa:5d:e0:
4a:2f:07:6d:bb:5b:84:41:90:61:1b:c4:8d:8c:5d:
cd:85:64:08:78:2e:97:e7:1a:30:10:16:c0:75:40:
62:77:ac:3c:cf:3b:a8:74:ec:e6:cf:8b:89:c1:b6:
b2:69:9e:0d:02:5f:80:d0:01:22:19:68:db:9d:40:
9d:24:17:4b:24:69:86:b9:5e:22:71:44:dd:ac:a0:
2b:2e:e9:3f:3b:79:e4:c9:db:9d:b3:ad:8b:bd:84:
2f:2c:26:a7:22:d0:a1:d1:ee:0d:95:bc:4d:91:1c:
ad:3c:0e:6f:82:4e:3b:c4:ba:71:cc:45:63:ca:87:
0c:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:0A:EC:34:6D:AC:4F:21:33:C5:66:BB:66:8E:9B:AA:37:E1:FE:5F
X509v3 Authority Key Identifier:
keyid:87:ED:9C:B8:34:0A:C2:09:5A:4C:B0:52:8E:5E:A2:F7:38:CE:A6:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h-2cuDQKwglaTLBSjl6i9zjOpnI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/6381d3-5d01-4abc-bed7-7b21bf303ccc/1/h-2cuDQKwglaTLBSjl6i9zjOpnI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/6381d3-5d01-4abc-bed7-7b21bf303ccc/1/h-2cuDQKwglaTLBSjl6i9zjOpnI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
23:95:a7:98:50:d9:5a:40:8c:32:c2:24:59:3b:a2:7d:ae:9d:
eb:63:c0:e2:f0:79:5a:1b:c6:a5:de:61:bb:2c:6b:79:a6:54:
6b:09:ca:ba:ed:e2:9e:70:95:51:2a:3f:dd:e0:84:51:72:2d:
e2:17:0a:b1:ab:e7:34:49:af:17:70:4a:9c:d2:fa:bb:bc:1a:
fe:1d:7f:9b:12:21:c2:0e:6b:db:f0:57:e1:6c:52:ec:e0:7f:
fe:c7:94:bc:84:e1:1c:67:92:08:80:c8:45:5f:b8:97:33:93:
5a:5b:79:47:15:7d:dc:b2:3b:e0:a0:a9:c9:38:93:ba:32:9c:
3c:61:6e:73:ed:a8:3d:70:47:e1:97:66:62:85:76:c5:50:fb:
eb:ff:5b:74:4f:3f:8f:41:66:8a:1a:02:40:58:b7:b8:38:35:
97:8b:9f:a6:ee:a1:48:c1:66:85:76:77:e7:fb:f2:b2:38:14:
e5:95:37:28:f4:c2:79:49:60:93:52:40:38:34:30:b2:4f:1f:
9a:54:8e:f8:03:d8:6c:02:a9:c9:e7:d9:33:c6:c5:a0:07:33:
bd:07:e1:92:82:fb:f0:df:26:73:67:12:8b:a1:3d:92:05:99:
55:f0:c1:54:9c:2f:db:2e:4c:47:eb:30:64:da:51:da:2e:7e:
23:ec:7a:98
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyravLoyK4+N1ua8Gofp4IgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3ZWQ5Y2I4MzQwYWMyMDk1YTRjYjA1MjhlNWVhMmY3Mzhj
ZWE2NzIwHhcNMjYwMzAxMjIwMDM4WhcNMjYwMzAyMjIwMDM4WjAzMTEwLwYDVQQD
EygyMjBhZWMzNDZkYWM0ZjIxMzNjNTY2YmI2NjhlOWJhYTM3ZTFmZTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqXyAoSM0g9dgNCJhLHurUgMvFWKw
ULLwhvYNAuSbY4QBu5bXKOkfBAbvvgyCt7+R6mSlR4Qg+BUVJch19WNDbGKjOTGx
8c2H8s6qPBzsPx0hNjvktZByvx8WHSbTsQ+Zu1Bvg/r4RQIMYxmijk0RsHidE7qx
AJK6pPY2i7wkJNjyQxj6XeBKLwdtu1uEQZBhG8SNjF3NhWQIeC6X5xowEBbAdUBi
d6w8zzuodOzmz4uJwbayaZ4NAl+A0AEiGWjbnUCdJBdLJGmGuV4icUTdrKArLuk/
O3nkyduds62LvYQvLCanItCh0e4NlbxNkRytPA5vgk47xLpxzEVjyocM4QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCIK7DRtrE8hM8Vmu2aOm6o34f5fMB8GA1UdIwQY
MBaAFIftnLg0CsIJWkywUo5eovc4zqZyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaC0yY3VEUUt3Z2xhVExCU2psNmk5empPcG5JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi82MzgxZDMtNWQwMS00YWJjLWJlZDct
N2IyMWJmMzAzY2NjLzEvaC0yY3VEUUt3Z2xhVExCU2psNmk5empPcG5JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi82MzgxZDMtNWQwMS00YWJjLWJlZDctN2IyMWJmMzAzY2Nj
LzEvaC0yY3VEUUt3Z2xhVExCU2psNmk5empPcG5JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAI5WnmFDZ
WkCMMsIkWTuifa6d62PA4vB5WhvGpd5huyxreaZUawnKuu3innCVUSo/3eCEUXIt
4hcKsavnNEmvF3BKnNL6u7wa/h1/mxIhwg5r2/BX4WxS7OB//seUvIThHGeSCIDI
RV+4lzOTWlt5RxV93LI74KCpyTiTujKcPGFuc+2oPXBH4ZdmYoV2xVD76/9bdE8/
j0FmihoCQFi3uDg1l4ufpu6hSMFmhXZ35/vysjgU5ZU3KPTCeUlgk1JAODQwsk8f
mlSO+APYbAKpyefZM8bFoAczvQfhkoL78N8mc2cSi6E9kgWZVfDBVJwv2y5MR+sw
ZNpR2i5+I+x6mA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 07:46:25 2026 by rpki-client