Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/a400b2-bab4-4119-a3d1-89981c8f9e7b/1/MHXYfBl6D6BNqPIlNY0_r3hvfQs.mft
File: MHXYfBl6D6BNqPIlNY0_r3hvfQs.mft (raw, json)
Hash identifier: CgY6PPdxi7jzZw82UMbGX/R2AkMz2/r5jCL7cD1kggg=
Subject key identifier: 89:83:8F:2C:61:63:64:72:CD:E5:58:C6:3C:5C:05:5E:49:4C:BE:29
Authority key identifier: 30:75:D8:7C:19:7A:0F:A0:4D:A8:F2:25:35:8D:3F:AF:78:6F:7D:0B
Certificate issuer: /CN=3075d87c197a0fa04da8f225358d3faf786f7d0b
Certificate serial: 019CABA1DFECEEDA5FE168099073C4C64AB3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MHXYfBl6D6BNqPIlNY0_r3hvfQs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/a400b2-bab4-4119-a3d1-89981c8f9e7b/1/MHXYfBl6D6BNqPIlNY0_r3hvfQs.mft
Manifest number: 0631
Signing time: Sun 01 Mar 2026 23:00:38 +0000
Manifest this update: Sun 01 Mar 2026 23:00:38 +0000
Manifest next update: Mon 02 Mar 2026 23:00:38 +0000
Files and hashes: 1: MHXYfBl6D6BNqPIlNY0_r3hvfQs.crl (hash: +fBo9zuQz11VWjJF0MfkKOw/OE+iGuUr0Sx2EzZRLCo=)
2: e6hHV9sCUc7s1khP8XoEDf8NVHo.roa (hash: TMmfCLj9EVDBcAPJhOcf7tnYbYq8PeLIXmBm9+66U44=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/a400b2-bab4-4119-a3d1-89981c8f9e7b/1/MHXYfBl6D6BNqPIlNY0_r3hvfQs.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/a400b2-bab4-4119-a3d1-89981c8f9e7b/1/MHXYfBl6D6BNqPIlNY0_r3hvfQs.mft
rsync://rpki.ripe.net/repository/DEFAULT/MHXYfBl6D6BNqPIlNY0_r3hvfQs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ab:a1:df:ec:ee:da:5f:e1:68:09:90:73:c4:c6:4a:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3075d87c197a0fa04da8f225358d3faf786f7d0b
Validity
Not Before: Mar 1 23:00:38 2026 GMT
Not After : Mar 2 23:00:38 2026 GMT
Subject: CN=89838f2c61636472cde558c63c5c055e494cbe29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:29:01:7f:03:6f:2e:70:38:0d:3c:65:26:90:
80:5d:c7:a3:a8:d7:88:e1:24:ce:9c:c0:61:db:8d:
74:c7:73:d3:2f:25:38:92:e9:63:93:5c:c5:5b:ec:
46:c6:9f:90:84:5a:e1:4f:ec:e9:30:f3:bf:30:48:
89:e2:90:73:6b:85:96:f9:4b:fc:38:55:a6:a9:65:
0f:f5:71:7f:62:77:27:f9:e3:7a:83:d6:2f:32:0c:
cb:c0:6e:bd:a6:7a:05:b6:ca:d1:15:b0:07:08:be:
9e:79:02:f2:89:c4:ab:cb:6a:9a:bd:12:d3:27:aa:
77:4a:40:95:1b:10:8c:e6:d9:66:03:19:34:a6:2e:
88:89:9a:df:5f:b4:c7:7a:4d:b6:db:68:f4:83:e1:
79:bc:f6:72:50:18:40:a7:c5:cf:9d:e5:3c:99:f2:
f1:47:cb:6f:ae:eb:08:44:4f:98:1c:bf:70:a6:2f:
cb:ad:89:ca:39:8c:3a:1c:fd:c8:a7:ed:e5:d9:f1:
a6:c9:22:39:87:9a:ef:1b:fe:8e:db:29:29:51:54:
7e:93:67:da:69:d7:e4:96:0d:ac:f9:04:49:70:68:
57:9b:05:63:95:e1:a2:58:58:b6:65:e4:84:e1:74:
fc:9f:76:d4:f0:4e:31:2d:c0:af:68:88:63:1a:6a:
c1:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:83:8F:2C:61:63:64:72:CD:E5:58:C6:3C:5C:05:5E:49:4C:BE:29
X509v3 Authority Key Identifier:
keyid:30:75:D8:7C:19:7A:0F:A0:4D:A8:F2:25:35:8D:3F:AF:78:6F:7D:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MHXYfBl6D6BNqPIlNY0_r3hvfQs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/a400b2-bab4-4119-a3d1-89981c8f9e7b/1/MHXYfBl6D6BNqPIlNY0_r3hvfQs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/a400b2-bab4-4119-a3d1-89981c8f9e7b/1/MHXYfBl6D6BNqPIlNY0_r3hvfQs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
79:26:3c:cf:b8:d0:48:79:00:53:d1:65:a2:93:c8:2c:42:54:
2f:7b:e4:94:62:e0:84:5f:cf:65:3a:e7:0e:66:af:5f:77:2c:
61:e8:0b:c8:7c:a3:15:a1:c0:91:81:3d:26:ed:d9:85:2f:f0:
25:66:32:da:4b:6b:4c:b6:fe:be:5c:fa:c5:be:a6:84:e1:80:
1f:50:e8:ca:6f:93:9f:62:c3:54:df:09:79:a1:06:f3:22:94:
00:ff:fa:88:b3:52:4b:73:74:46:af:d1:1c:0b:b5:39:83:fa:
61:a3:6a:45:4e:f6:52:a9:d7:4a:2f:f8:0e:44:c9:34:46:aa:
af:8e:4d:88:eb:a2:21:96:bf:76:14:ac:dc:0f:80:a2:78:4a:
15:d1:57:10:e5:4c:9e:b9:ed:38:d7:a8:ae:c3:01:cf:df:d5:
8b:e6:f2:fe:b1:cb:7d:dd:40:ff:35:88:74:d9:48:f4:ff:ae:
59:23:25:e1:4f:df:70:e5:e1:a8:89:0d:04:53:ad:05:44:6b:
c7:ad:04:cf:29:83:c9:91:21:58:55:31:b9:8f:fa:cb:76:39:
8d:1d:17:8c:5e:da:ac:94:46:a6:97:fe:8e:5b:2a:3d:f4:ff:
31:d5:08:5b:de:ad:50:4d:ff:83:63:1e:36:9a:b0:bf:67:61:
c6:b1:99:b8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyrod/s7tpf4WgJkHPExkqzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwNzVkODdjMTk3YTBmYTA0ZGE4ZjIyNTM1OGQzZmFmNzg2
ZjdkMGIwHhcNMjYwMzAxMjMwMDM4WhcNMjYwMzAyMjMwMDM4WjAzMTEwLwYDVQQD
Eyg4OTgzOGYyYzYxNjM2NDcyY2RlNTU4YzYzYzVjMDU1ZTQ5NGNiZTI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyikBfwNvLnA4DTxlJpCAXcejqNeI
4STOnMBh2410x3PTLyU4kuljk1zFW+xGxp+QhFrhT+zpMPO/MEiJ4pBza4WW+Uv8
OFWmqWUP9XF/Yncn+eN6g9YvMgzLwG69pnoFtsrRFbAHCL6eeQLyicSry2qavRLT
J6p3SkCVGxCM5tlmAxk0pi6IiZrfX7THek2222j0g+F5vPZyUBhAp8XPneU8mfLx
R8tvrusIRE+YHL9wpi/LrYnKOYw6HP3Ip+3l2fGmySI5h5rvG/6O2ykpUVR+k2fa
adfklg2s+QRJcGhXmwVjleGiWFi2ZeSE4XT8n3bU8E4xLcCvaIhjGmrBsQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFImDjyxhY2RyzeVYxjxcBV5JTL4pMB8GA1UdIwQY
MBaAFDB12HwZeg+gTajyJTWNP694b30LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUhYWWZCbDZENkJOcVBJbE5ZMF9yM2h2ZlFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9hNDAwYjItYmFiNC00MTE5LWEzZDEt
ODk5ODFjOGY5ZTdiLzEvTUhYWWZCbDZENkJOcVBJbE5ZMF9yM2h2ZlFzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9hNDAwYjItYmFiNC00MTE5LWEzZDEtODk5ODFjOGY5ZTdi
LzEvTUhYWWZCbDZENkJOcVBJbE5ZMF9yM2h2ZlFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeSY8z7jQ
SHkAU9FlopPILEJUL3vklGLghF/PZTrnDmavX3csYegLyHyjFaHAkYE9Ju3ZhS/w
JWYy2ktrTLb+vlz6xb6mhOGAH1Doym+Tn2LDVN8JeaEG8yKUAP/6iLNSS3N0Rq/R
HAu1OYP6YaNqRU72UqnXSi/4DkTJNEaqr45NiOuiIZa/dhSs3A+AonhKFdFXEOVM
nrntONeorsMBz9/Vi+by/rHLfd1A/zWIdNlI9P+uWSMl4U/fcOXhqIkNBFOtBURr
x60EzymDyZEhWFUxuY/6y3Y5jR0XjF7arJRGppf+jlsqPfT/MdUIW96tUE3/g2Me
Npqwv2dhxrGZuA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 02:14:08 2026 by rpki-client