Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/cad521-dabe-49a8-bce4-0c6a67820a58/1/h0tZG12PB26vRy4-pF07XI4TUKE.mft
File: h0tZG12PB26vRy4-pF07XI4TUKE.mft (raw, json)
Hash identifier: gaOiVWWcnSCpXeKqBXo1IuIl5foFBHYmDdJQ/BihGww=
Subject key identifier: B8:92:B4:C4:07:2C:D7:BF:9C:DB:51:ED:6F:B1:E6:75:5A:91:82:BA
Authority key identifier: 87:4B:59:1B:5D:8F:07:6E:AF:47:2E:3E:A4:5D:3B:5C:8E:13:50:A1
Certificate issuer: /CN=874b591b5d8f076eaf472e3ea45d3b5c8e1350a1
Certificate serial: 019CABA212D0827EB07210415F3C953A9F4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h0tZG12PB26vRy4-pF07XI4TUKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/cad521-dabe-49a8-bce4-0c6a67820a58/1/h0tZG12PB26vRy4-pF07XI4TUKE.mft
Manifest number: 184A
Signing time: Sun 01 Mar 2026 23:00:51 +0000
Manifest this update: Sun 01 Mar 2026 23:00:51 +0000
Manifest next update: Mon 02 Mar 2026 23:00:51 +0000
Files and hashes: 1: JqglYn9oExlpuQ-Y68kS4ik8jRI.roa (hash: lo9W0LCZNdcrhkqYexTlEJ9bxvUJuTPrwpGw86jlaFk=)
2: h0tZG12PB26vRy4-pF07XI4TUKE.crl (hash: d+Yd7yYxh1r58RcKm8Xtqn08BpicZqq6gQFIyAev0CM=)
3: vAlQFpaLpXoMpWo27m8dZRrzZKc.roa (hash: V3cMkhkIFwXZN0a+IEYOXNX5PaTP19/XRl5SDnAT0cg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/cad521-dabe-49a8-bce4-0c6a67820a58/1/h0tZG12PB26vRy4-pF07XI4TUKE.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/cad521-dabe-49a8-bce4-0c6a67820a58/1/h0tZG12PB26vRy4-pF07XI4TUKE.mft
rsync://rpki.ripe.net/repository/DEFAULT/h0tZG12PB26vRy4-pF07XI4TUKE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 23:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ab:a2:12:d0:82:7e:b0:72:10:41:5f:3c:95:3a:9f:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=874b591b5d8f076eaf472e3ea45d3b5c8e1350a1
Validity
Not Before: Mar 1 23:00:51 2026 GMT
Not After : Mar 2 23:00:51 2026 GMT
Subject: CN=b892b4c4072cd7bf9cdb51ed6fb1e6755a9182ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:d0:6f:59:21:23:80:b9:36:5c:bf:6b:d3:c4:
98:7c:59:d3:7b:e7:8f:b3:7c:d4:73:b5:66:9b:3e:
52:08:3e:0c:c1:09:97:9d:ab:e8:fc:dc:ae:8e:52:
5a:a5:07:a7:e4:f0:a9:55:13:19:22:1f:db:bd:d1:
29:45:3a:d3:e8:07:2b:86:37:86:d4:af:a1:14:ba:
9a:bf:be:57:83:d0:9c:36:54:5a:6f:85:de:c2:0a:
d9:45:fd:4d:7f:a9:ab:93:d2:4c:13:b2:57:72:67:
f0:58:b4:91:d7:5c:0d:7d:2c:d9:5d:c8:cb:1a:e3:
d3:bb:16:a3:0d:9e:e7:2c:58:41:3c:cf:e6:eb:f2:
cf:98:20:ad:1a:44:56:43:64:9f:c8:bd:d5:71:84:
ab:94:05:5e:32:90:4c:e5:ed:ed:2c:27:ed:60:9b:
dd:ca:78:a3:8d:f5:7a:68:47:2c:12:9e:ef:60:5e:
87:e7:36:09:44:d1:89:d0:5b:50:f0:e0:89:ad:ed:
df:00:a6:b5:dd:60:1a:98:cf:74:f1:0d:fc:66:46:
e4:a5:22:1b:ae:92:ce:69:94:e3:59:8a:d4:1c:cf:
de:e3:72:23:f6:2a:9b:d5:8a:8c:3c:d1:54:27:9f:
e6:58:73:1a:75:26:c0:df:7f:d3:46:50:a6:ab:c7:
aa:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:92:B4:C4:07:2C:D7:BF:9C:DB:51:ED:6F:B1:E6:75:5A:91:82:BA
X509v3 Authority Key Identifier:
keyid:87:4B:59:1B:5D:8F:07:6E:AF:47:2E:3E:A4:5D:3B:5C:8E:13:50:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h0tZG12PB26vRy4-pF07XI4TUKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/cad521-dabe-49a8-bce4-0c6a67820a58/1/h0tZG12PB26vRy4-pF07XI4TUKE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/cad521-dabe-49a8-bce4-0c6a67820a58/1/h0tZG12PB26vRy4-pF07XI4TUKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8e:4f:ab:89:52:cb:2d:28:dd:59:7b:55:9c:bf:25:88:5d:9f:
24:1e:df:81:b1:b0:eb:6b:f0:2c:08:82:fb:5c:0b:e8:d1:2e:
60:a6:5d:ed:12:26:3a:ad:0c:d2:ae:e3:1a:30:93:a4:60:fd:
46:e9:88:9e:90:b8:05:e0:ff:c1:54:85:a4:3e:77:5b:1a:0e:
79:47:99:54:51:cd:38:eb:5e:71:e1:b9:78:bf:b5:8e:c6:c0:
9d:3f:16:d8:16:98:7e:3f:07:c4:69:79:da:06:38:7b:1a:ce:
b0:58:d8:c1:a8:89:4a:fd:26:ba:96:cf:45:41:f5:9c:0d:9e:
fb:0c:4b:a7:f4:51:c2:61:76:65:93:90:6c:ac:79:d2:d9:1e:
e3:50:b2:28:e9:5f:5b:2a:cf:ec:b3:91:45:42:0c:6f:28:d7:
54:d8:b3:e6:bd:69:d3:d6:5f:17:f5:ee:d9:d0:88:ce:f2:87:
6a:f8:e1:51:16:45:ca:79:d2:90:f6:a2:48:37:64:62:bc:77:
2f:66:44:e9:46:5e:4e:df:e1:73:23:76:38:82:97:af:3a:86:
ea:d6:e0:92:58:e5:95:1a:93:32:72:2c:36:a6:50:1f:5e:d4:
e0:36:3f:aa:48:1f:18:4d:2c:fe:88:35:a7:53:b1:ba:30:83:
c4:3f:4a:65
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyrohLQgn6wchBBXzyVOp9OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NGI1OTFiNWQ4ZjA3NmVhZjQ3MmUzZWE0NWQzYjVjOGUx
MzUwYTEwHhcNMjYwMzAxMjMwMDUxWhcNMjYwMzAyMjMwMDUxWjAzMTEwLwYDVQQD
EyhiODkyYjRjNDA3MmNkN2JmOWNkYjUxZWQ2ZmIxZTY3NTVhOTE4MmJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA09BvWSEjgLk2XL9r08SYfFnTe+eP
s3zUc7Vmmz5SCD4MwQmXnavo/NyujlJapQen5PCpVRMZIh/bvdEpRTrT6AcrhjeG
1K+hFLqav75Xg9CcNlRab4XewgrZRf1Nf6mrk9JME7JXcmfwWLSR11wNfSzZXcjL
GuPTuxajDZ7nLFhBPM/m6/LPmCCtGkRWQ2SfyL3VcYSrlAVeMpBM5e3tLCftYJvd
ynijjfV6aEcsEp7vYF6H5zYJRNGJ0FtQ8OCJre3fAKa13WAamM908Q38ZkbkpSIb
rpLOaZTjWYrUHM/e43Ij9iqb1YqMPNFUJ5/mWHMadSbA33/TRlCmq8eqnwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLiStMQHLNe/nNtR7W+x5nVakYK6MB8GA1UdIwQY
MBaAFIdLWRtdjwdur0cuPqRdO1yOE1ChMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDB0WkcxMlBCMjZ2Unk0LXBGMDdYSTRUVUtFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9jYWQ1MjEtZGFiZS00OWE4LWJjZTQt
MGM2YTY3ODIwYTU4LzEvaDB0WkcxMlBCMjZ2Unk0LXBGMDdYSTRUVUtFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9jYWQ1MjEtZGFiZS00OWE4LWJjZTQtMGM2YTY3ODIwYTU4
LzEvaDB0WkcxMlBCMjZ2Unk0LXBGMDdYSTRUVUtFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjk+riVLL
LSjdWXtVnL8liF2fJB7fgbGw62vwLAiC+1wL6NEuYKZd7RImOq0M0q7jGjCTpGD9
RumInpC4BeD/wVSFpD53WxoOeUeZVFHNOOteceG5eL+1jsbAnT8W2BaYfj8HxGl5
2gY4exrOsFjYwaiJSv0mupbPRUH1nA2e+wxLp/RRwmF2ZZOQbKx50tke41CyKOlf
WyrP7LORRUIMbyjXVNiz5r1p09ZfF/Xu2dCIzvKHavjhURZFynnSkPaiSDdkYrx3
L2ZE6UZeTt/hcyN2OIKXrzqG6tbgkljllRqTMnIsNqZQH17U4DY/qkgfGE0s/og1
p1OxujCDxD9KZQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 09:23:44 2026 by rpki-client