Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/cad521-dabe-49a8-bce4-0c6a67820a58/1/h0tZG12PB26vRy4-pF07XI4TUKE.mft
File: h0tZG12PB26vRy4-pF07XI4TUKE.mft (raw, json)
Hash identifier: O6xdgMusb2Y510Q3ksJuDnQzqLs+VsLnBgeHO+OeGIc=
Subject key identifier: 35:81:65:8B:5D:46:26:41:55:73:BC:1D:A5:5A:53:23:17:68:13:2A
Authority key identifier: 87:4B:59:1B:5D:8F:07:6E:AF:47:2E:3E:A4:5D:3B:5C:8E:13:50:A1
Certificate issuer: /CN=874b591b5d8f076eaf472e3ea45d3b5c8e1350a1
Certificate serial: 019D9B19F42B9247BB731CA072618E0629B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h0tZG12PB26vRy4-pF07XI4TUKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/cad521-dabe-49a8-bce4-0c6a67820a58/1/h0tZG12PB26vRy4-pF07XI4TUKE.mft
Manifest number: 18C6
Signing time: Fri 17 Apr 2026 11:01:02 +0000
Manifest this update: Fri 17 Apr 2026 11:01:02 +0000
Manifest next update: Sat 18 Apr 2026 11:01:02 +0000
Files and hashes: 1: JqglYn9oExlpuQ-Y68kS4ik8jRI.roa (hash: lo9W0LCZNdcrhkqYexTlEJ9bxvUJuTPrwpGw86jlaFk=)
2: h0tZG12PB26vRy4-pF07XI4TUKE.crl (hash: awQwNZIJzwP3nYjqolEfHwmw2XSuc8RUIKzMXxJXh/M=)
3: vAlQFpaLpXoMpWo27m8dZRrzZKc.roa (hash: V3cMkhkIFwXZN0a+IEYOXNX5PaTP19/XRl5SDnAT0cg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/cad521-dabe-49a8-bce4-0c6a67820a58/1/h0tZG12PB26vRy4-pF07XI4TUKE.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/cad521-dabe-49a8-bce4-0c6a67820a58/1/h0tZG12PB26vRy4-pF07XI4TUKE.mft
rsync://rpki.ripe.net/repository/DEFAULT/h0tZG12PB26vRy4-pF07XI4TUKE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 11:01:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9b:19:f4:2b:92:47:bb:73:1c:a0:72:61:8e:06:29:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=874b591b5d8f076eaf472e3ea45d3b5c8e1350a1
Validity
Not Before: Apr 17 11:01:02 2026 GMT
Not After : Apr 18 11:01:02 2026 GMT
Subject: CN=3581658b5d4626415573bc1da55a53231768132a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:19:70:5b:c3:e8:9c:53:1d:87:e2:05:13:31:
30:3b:23:1b:dd:d2:f3:98:35:56:c7:de:7b:fa:42:
65:df:df:32:e0:2a:63:c5:5d:57:6f:49:59:59:b5:
9d:9b:91:f7:c0:47:91:90:1c:61:07:20:ba:ee:ba:
d9:40:e1:68:21:4f:e2:70:68:e9:38:4a:d8:b4:bc:
b8:70:96:b0:37:10:a9:bb:10:9e:a6:f3:a8:ba:37:
ab:9e:db:72:64:1f:17:49:fe:29:a6:f5:cf:c1:36:
cf:eb:de:46:72:72:89:2d:8a:81:c2:7d:8c:c4:3b:
1f:ea:80:37:54:ab:45:bd:32:ed:51:ca:12:c4:0d:
41:29:d7:93:11:03:d4:f3:a7:92:2b:de:fb:ef:6f:
e2:17:58:b6:d2:5f:59:a4:79:d0:38:e9:c9:42:e8:
82:18:ef:e9:0a:0b:2f:f4:3e:cb:e4:a6:b7:ee:9e:
b2:6c:9a:83:6f:8c:7a:49:4c:1c:f4:db:ac:f8:46:
f7:b4:76:74:a6:c2:ef:8f:f9:65:13:0e:72:b7:13:
a0:6d:59:c6:87:b0:1f:d0:84:0b:c9:c5:52:a5:1b:
9a:e6:87:c6:01:84:ea:55:da:db:af:f0:9e:48:c1:
b6:6c:6b:25:56:cd:e7:9b:e9:14:a8:19:94:a3:70:
69:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:81:65:8B:5D:46:26:41:55:73:BC:1D:A5:5A:53:23:17:68:13:2A
X509v3 Authority Key Identifier:
keyid:87:4B:59:1B:5D:8F:07:6E:AF:47:2E:3E:A4:5D:3B:5C:8E:13:50:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h0tZG12PB26vRy4-pF07XI4TUKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/cad521-dabe-49a8-bce4-0c6a67820a58/1/h0tZG12PB26vRy4-pF07XI4TUKE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/cad521-dabe-49a8-bce4-0c6a67820a58/1/h0tZG12PB26vRy4-pF07XI4TUKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4f:b9:06:85:55:39:2d:26:71:ea:f8:6d:09:bd:1d:01:24:c8:
fb:6f:0f:c8:e9:fd:f1:06:f5:ad:a6:0c:6c:a4:12:df:a7:1c:
98:13:69:36:0b:98:35:05:9c:76:77:9b:73:ba:27:38:62:c9:
86:7b:be:8e:a6:ae:ea:61:ab:27:03:57:0f:6a:04:22:1d:af:
5e:12:92:f7:7b:11:97:c4:5e:29:e4:02:a4:9a:26:55:15:d0:
7e:86:61:e3:ec:00:65:e2:25:04:bc:49:ed:63:9a:a7:d4:f2:
da:a2:73:87:f3:6d:7c:78:6c:b4:88:d0:3d:12:e3:80:66:a8:
4d:ec:e0:3b:50:cb:2b:77:b8:f4:68:f6:a0:da:6e:8e:77:a7:
10:46:1f:b4:02:fa:72:af:41:38:1b:c9:55:49:1b:1a:ba:7e:
ab:89:5b:bd:ba:e2:0d:97:fd:aa:ba:22:5d:7a:a4:58:49:dc:
41:e5:00:ac:6b:7f:a9:40:0e:7f:d8:f5:37:1c:54:6c:ff:9f:
23:f7:21:4b:08:52:4e:bb:0e:49:d8:fd:a6:82:a8:66:2f:63:
e3:0d:87:42:ce:b9:e4:0e:79:46:64:a2:3f:64:75:dc:7f:09:
c2:ad:84:b1:f4:ac:f8:78:ea:63:25:4b:05:31:15:76:04:23:
b4:4e:27:33
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2bGfQrkke7cxygcmGOBimyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NGI1OTFiNWQ4ZjA3NmVhZjQ3MmUzZWE0NWQzYjVjOGUx
MzUwYTEwHhcNMjYwNDE3MTEwMTAyWhcNMjYwNDE4MTEwMTAyWjAzMTEwLwYDVQQD
EygzNTgxNjU4YjVkNDYyNjQxNTU3M2JjMWRhNTVhNTMyMzE3NjgxMzJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwBlwW8PonFMdh+IFEzEwOyMb3dLz
mDVWx957+kJl398y4CpjxV1Xb0lZWbWdm5H3wEeRkBxhByC67rrZQOFoIU/icGjp
OErYtLy4cJawNxCpuxCepvOoujernttyZB8XSf4ppvXPwTbP695GcnKJLYqBwn2M
xDsf6oA3VKtFvTLtUcoSxA1BKdeTEQPU86eSK97772/iF1i20l9ZpHnQOOnJQuiC
GO/pCgsv9D7L5Ka37p6ybJqDb4x6SUwc9Nus+Eb3tHZ0psLvj/llEw5ytxOgbVnG
h7Af0IQLycVSpRua5ofGAYTqVdrbr/CeSMG2bGslVs3nm+kUqBmUo3BpwwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDWBZYtdRiZBVXO8HaVaUyMXaBMqMB8GA1UdIwQY
MBaAFIdLWRtdjwdur0cuPqRdO1yOE1ChMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDB0WkcxMlBCMjZ2Unk0LXBGMDdYSTRUVUtFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9jYWQ1MjEtZGFiZS00OWE4LWJjZTQt
MGM2YTY3ODIwYTU4LzEvaDB0WkcxMlBCMjZ2Unk0LXBGMDdYSTRUVUtFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9jYWQ1MjEtZGFiZS00OWE4LWJjZTQtMGM2YTY3ODIwYTU4
LzEvaDB0WkcxMlBCMjZ2Unk0LXBGMDdYSTRUVUtFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAT7kGhVU5
LSZx6vhtCb0dASTI+28PyOn98Qb1raYMbKQS36ccmBNpNguYNQWcdnebc7onOGLJ
hnu+jqau6mGrJwNXD2oEIh2vXhKS93sRl8ReKeQCpJomVRXQfoZh4+wAZeIlBLxJ
7WOap9Ty2qJzh/NtfHhstIjQPRLjgGaoTezgO1DLK3e49Gj2oNpujnenEEYftAL6
cq9BOBvJVUkbGrp+q4lbvbriDZf9qroiXXqkWEncQeUArGt/qUAOf9j1NxxUbP+f
I/chSwhSTrsOSdj9poKoZi9j4w2HQs655A55RmSiP2R13H8Jwq2EsfSs+HjqYyVL
BTEVdgQjtE4nMw==
-----END CERTIFICATE-----
Generated at Fri Apr 17 18:27:58 2026 by rpki-client