Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/6381d3-5d01-4abc-bed7-7b21bf303ccc/1/h-2cuDQKwglaTLBSjl6i9zjOpnI.mft
File: h-2cuDQKwglaTLBSjl6i9zjOpnI.mft (raw, json)
Hash identifier: lxSagpCeZelqJzWHwiROqk5lnTAz9FXaENqTSlbLNFc=
Subject key identifier: 02:23:BB:81:5C:5B:19:3F:96:3E:40:F7:7F:EB:E4:17:D8:F6:21:B2
Authority key identifier: 87:ED:9C:B8:34:0A:C2:09:5A:4C:B0:52:8E:5E:A2:F7:38:CE:A6:72
Certificate issuer: /CN=87ed9cb8340ac2095a4cb0528e5ea2f738cea672
Certificate serial: 019DA48AF06BA7C2A6103C1C0C3AA727097B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h-2cuDQKwglaTLBSjl6i9zjOpnI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/6381d3-5d01-4abc-bed7-7b21bf303ccc/1/h-2cuDQKwglaTLBSjl6i9zjOpnI.mft
Manifest number: 0693
Signing time: Sun 19 Apr 2026 07:01:02 +0000
Manifest this update: Sun 19 Apr 2026 07:01:02 +0000
Manifest next update: Mon 20 Apr 2026 07:01:02 +0000
Files and hashes: 1: ClXL4dT4GSld8lEfAWyCYr5cI3Y.roa (hash: gOfRKf6V+xV3ZsFtbBW86oarsiPBo5VFvmb0v2OnPU0=)
2: h-2cuDQKwglaTLBSjl6i9zjOpnI.crl (hash: ieosIMBBKazqV0apXmYEQ6dueKvG7hk6alEMpNruMSU=)
3: vT00UMTKIHLp4hINXZvd81w31H4.roa (hash: QI91nZrYvdKW6PkjSidpqTabE42DmbX4YNbp5QsN850=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/6381d3-5d01-4abc-bed7-7b21bf303ccc/1/h-2cuDQKwglaTLBSjl6i9zjOpnI.crl
rsync://rpki.ripe.net/repository/DEFAULT/0b/6381d3-5d01-4abc-bed7-7b21bf303ccc/1/h-2cuDQKwglaTLBSjl6i9zjOpnI.mft
rsync://rpki.ripe.net/repository/DEFAULT/h-2cuDQKwglaTLBSjl6i9zjOpnI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 02:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:a4:8a:f0:6b:a7:c2:a6:10:3c:1c:0c:3a:a7:27:09:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87ed9cb8340ac2095a4cb0528e5ea2f738cea672
Validity
Not Before: Apr 19 07:01:02 2026 GMT
Not After : Apr 20 07:01:02 2026 GMT
Subject: CN=0223bb815c5b193f963e40f77febe417d8f621b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:fb:8a:79:25:3f:ae:d6:e2:72:bb:43:2a:16:
5b:6f:27:5b:95:87:b7:52:ce:7e:53:3f:73:82:86:
aa:64:18:0e:cf:07:1e:a4:3c:5e:c4:7d:c8:c8:6b:
1e:5e:c7:9d:9d:48:91:dd:fc:f4:1f:5e:7c:cc:78:
6b:9b:17:c0:70:b9:f3:33:ea:3a:5e:c8:39:7e:53:
70:28:e2:a5:71:b3:75:62:cb:c8:95:53:a4:7a:f3:
6a:b8:c6:da:d5:16:e2:9a:d2:f2:04:3e:28:5a:a5:
fb:69:00:e5:cc:23:a5:14:68:8c:9e:49:90:97:1f:
3e:32:23:5c:41:93:38:eb:75:b1:0e:9b:ca:20:e1:
58:31:33:95:84:43:b1:6e:1b:7c:f7:75:2f:d2:61:
5f:19:0a:05:0b:5b:f8:ee:e6:3d:2e:79:08:66:b3:
d1:87:cb:44:1f:a4:7d:df:81:0f:82:3c:1c:c2:44:
6f:f1:5f:a5:0a:6e:57:05:58:44:ea:ad:b1:24:03:
3e:59:81:14:8f:8d:f5:68:2a:c6:a1:92:fd:0f:08:
f2:d3:15:10:0e:8e:c9:7b:51:93:71:ab:76:92:25:
f7:92:c0:f5:34:2d:21:e2:27:a2:b8:5d:07:7e:ae:
f1:63:fd:41:9e:c8:78:c5:8f:d9:07:12:05:5d:7d:
a8:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:23:BB:81:5C:5B:19:3F:96:3E:40:F7:7F:EB:E4:17:D8:F6:21:B2
X509v3 Authority Key Identifier:
keyid:87:ED:9C:B8:34:0A:C2:09:5A:4C:B0:52:8E:5E:A2:F7:38:CE:A6:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h-2cuDQKwglaTLBSjl6i9zjOpnI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/6381d3-5d01-4abc-bed7-7b21bf303ccc/1/h-2cuDQKwglaTLBSjl6i9zjOpnI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/6381d3-5d01-4abc-bed7-7b21bf303ccc/1/h-2cuDQKwglaTLBSjl6i9zjOpnI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
83:b1:4b:14:ae:c2:53:22:19:cc:c5:f4:31:52:9d:a4:2a:4d:
d5:6b:21:10:7b:7e:97:ea:86:b2:fe:77:18:bb:9f:57:0f:0d:
ac:bb:fa:41:71:c6:8e:7f:aa:ff:90:f4:1e:fa:6d:b5:22:11:
56:7d:fc:1c:ac:19:5d:d1:d2:d5:21:ff:47:4c:4e:f8:8e:ae:
02:34:b0:49:9b:70:ed:a5:6e:ba:79:a0:13:18:94:ea:60:bc:
32:d2:52:36:06:05:95:95:1d:f9:98:e0:98:10:ac:6a:05:ba:
40:4a:1e:19:28:e8:e4:6b:95:56:7d:3d:be:b4:4c:4b:40:ef:
27:db:d2:7f:6b:3f:72:f2:8b:7d:e4:7d:2a:4a:24:e6:03:4b:
c6:a0:7f:cb:5c:2a:bd:96:b1:c4:2b:be:bf:ac:f4:16:6c:06:
0f:dc:57:fb:00:2e:7b:42:3b:b4:1f:81:5a:bb:0b:e2:9f:a2:
1f:84:d6:91:38:c6:b1:d6:d1:e5:2e:01:45:93:6a:d4:47:79:
6c:c4:38:b9:1b:69:27:22:ac:25:03:d0:a8:1b:d9:1f:aa:bc:
2f:f3:3b:5f:34:3c:da:50:38:67:b9:1e:5e:c2:e5:cc:22:1c:
14:79:65:18:06:d2:42:ed:24:1a:49:e3:18:1c:e9:fc:ec:0d:
c9:e6:a3:c7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2kivBrp8KmEDwcDDqnJwl7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3ZWQ5Y2I4MzQwYWMyMDk1YTRjYjA1MjhlNWVhMmY3Mzhj
ZWE2NzIwHhcNMjYwNDE5MDcwMTAyWhcNMjYwNDIwMDcwMTAyWjAzMTEwLwYDVQQD
EygwMjIzYmI4MTVjNWIxOTNmOTYzZTQwZjc3ZmViZTQxN2Q4ZjYyMWIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyfuKeSU/rtbicrtDKhZbbydblYe3
Us5+Uz9zgoaqZBgOzwcepDxexH3IyGseXsednUiR3fz0H158zHhrmxfAcLnzM+o6
Xsg5flNwKOKlcbN1YsvIlVOkevNquMba1RbimtLyBD4oWqX7aQDlzCOlFGiMnkmQ
lx8+MiNcQZM463WxDpvKIOFYMTOVhEOxbht893Uv0mFfGQoFC1v47uY9LnkIZrPR
h8tEH6R934EPgjwcwkRv8V+lCm5XBVhE6q2xJAM+WYEUj431aCrGoZL9Dwjy0xUQ
Do7Je1GTcat2kiX3ksD1NC0h4ieiuF0Hfq7xY/1Bnsh4xY/ZBxIFXX2oHwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAIju4FcWxk/lj5A93/r5BfY9iGyMB8GA1UdIwQY
MBaAFIftnLg0CsIJWkywUo5eovc4zqZyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaC0yY3VEUUt3Z2xhVExCU2psNmk5empPcG5JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi82MzgxZDMtNWQwMS00YWJjLWJlZDct
N2IyMWJmMzAzY2NjLzEvaC0yY3VEUUt3Z2xhVExCU2psNmk5empPcG5JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi82MzgxZDMtNWQwMS00YWJjLWJlZDctN2IyMWJmMzAzY2Nj
LzEvaC0yY3VEUUt3Z2xhVExCU2psNmk5empPcG5JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAg7FLFK7C
UyIZzMX0MVKdpCpN1WshEHt+l+qGsv53GLufVw8NrLv6QXHGjn+q/5D0HvpttSIR
Vn38HKwZXdHS1SH/R0xO+I6uAjSwSZtw7aVuunmgExiU6mC8MtJSNgYFlZUd+Zjg
mBCsagW6QEoeGSjo5GuVVn09vrRMS0DvJ9vSf2s/cvKLfeR9Kkok5gNLxqB/y1wq
vZaxxCu+v6z0FmwGD9xX+wAue0I7tB+BWrsL4p+iH4TWkTjGsdbR5S4BRZNq1Ed5
bMQ4uRtpJyKsJQPQqBvZH6q8L/M7XzQ82lA4Z7keXsLlzCIcFHllGAbSQu0kGknj
GBzp/OwNyeajxw==
-----END CERTIFICATE-----
Generated at Sun Apr 19 11:05:39 2026 by rpki-client