Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/3f133f-1c81-4a4b-a255-3e3646591aa0/1/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.mft
File: hkq9Q1-JnVcKjl-4O9rRFTRV3uA.mft (raw, json)
Hash identifier: aY29lTZX0HXFtdk2uHjT2Nivf7VXhZ2HA/1VpDxPowU=
Subject key identifier: CB:3A:CF:17:04:6C:57:CC:01:63:61:35:C3:C4:47:2A:38:8B:00:05
Authority key identifier: 86:4A:BD:43:5F:89:9D:57:0A:8E:5F:B8:3B:DA:D1:15:34:55:DE:E0
Certificate issuer: /CN=864abd435f899d570a8e5fb83bdad1153455dee0
Certificate serial: 019CAD2243AE22135DFE6B612C2770DBB594
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/3f133f-1c81-4a4b-a255-3e3646591aa0/1/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.mft
Manifest number: 1849
Signing time: Mon 02 Mar 2026 06:00:29 +0000
Manifest this update: Mon 02 Mar 2026 06:00:29 +0000
Manifest next update: Tue 03 Mar 2026 06:00:29 +0000
Files and hashes: 1: FKPDUKEH3RWf-_A6oyRKO4_LVBY.roa (hash: hV9SiFdAv7sVh4TN2I3na70oOpO2IrQF3ksLQ7b5hl8=)
2: hkq9Q1-JnVcKjl-4O9rRFTRV3uA.crl (hash: lw2XW+oa7IvdAVe4c8dg0QlEjLQFJFQI9jekkd0XzvI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/3f133f-1c81-4a4b-a255-3e3646591aa0/1/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/3f133f-1c81-4a4b-a255-3e3646591aa0/1/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.mft
rsync://rpki.ripe.net/repository/DEFAULT/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 06:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ad:22:43:ae:22:13:5d:fe:6b:61:2c:27:70:db:b5:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=864abd435f899d570a8e5fb83bdad1153455dee0
Validity
Not Before: Mar 2 06:00:29 2026 GMT
Not After : Mar 3 06:00:29 2026 GMT
Subject: CN=cb3acf17046c57cc01636135c3c4472a388b0005
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:88:c4:a6:cd:3f:27:25:50:05:9d:df:4b:cb:
b4:d7:ab:60:60:23:f1:1f:b3:47:3c:c1:eb:8d:05:
96:92:d8:ab:6f:d3:af:bc:17:06:61:d7:9b:07:6a:
7d:7e:ab:86:fd:c5:b8:98:d6:e8:41:45:30:84:c5:
e4:b1:ce:9f:39:fb:9e:1b:f0:14:7e:35:28:75:b2:
a2:30:00:02:2c:29:0a:7c:8e:2e:4f:5c:29:44:4a:
e3:ea:79:d2:06:0a:e4:62:45:dd:39:0b:50:94:2d:
71:68:d9:d4:28:c1:fb:91:ef:d3:2e:72:fb:fb:3f:
b2:f8:32:8d:ea:7b:5b:9f:e1:71:f6:cf:b8:5e:a7:
a6:2d:43:61:12:d8:7d:45:05:5b:9f:19:06:98:9e:
7a:db:94:81:45:dc:e1:ac:28:48:e1:3e:25:06:56:
47:d3:4b:62:64:ba:d1:0b:5b:05:8c:03:95:47:8d:
02:32:cd:7a:68:8e:a3:a2:00:98:00:b1:a0:71:79:
74:eb:80:93:fa:e4:b8:15:ba:90:3c:8a:29:fd:e7:
a5:83:a1:ee:17:9a:0d:6a:bf:9b:0c:a1:93:49:7c:
f3:97:61:64:15:e5:9a:39:34:61:70:63:ad:57:94:
eb:b9:db:68:17:e1:4f:92:91:74:57:21:a3:20:26:
82:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:3A:CF:17:04:6C:57:CC:01:63:61:35:C3:C4:47:2A:38:8B:00:05
X509v3 Authority Key Identifier:
keyid:86:4A:BD:43:5F:89:9D:57:0A:8E:5F:B8:3B:DA:D1:15:34:55:DE:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/3f133f-1c81-4a4b-a255-3e3646591aa0/1/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/3f133f-1c81-4a4b-a255-3e3646591aa0/1/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
50:92:cc:5d:25:4f:26:b7:7c:25:11:4e:6c:54:d2:ce:d3:03:
9d:c6:e8:45:ea:61:87:08:38:44:63:6f:1d:65:ae:12:c5:53:
17:9e:28:98:51:a7:25:db:db:0a:bb:db:1d:60:e7:12:37:e3:
8e:b6:73:f8:27:9a:1a:4c:38:ea:42:0c:a0:0b:b3:4e:d3:47:
e4:d8:45:e0:ee:29:a3:2e:e6:88:6c:cc:96:c4:94:6f:fe:69:
90:98:b8:28:14:6d:5b:a1:96:df:72:c4:5c:ba:7d:9e:36:e8:
5e:f8:46:84:15:ea:a8:17:21:f2:eb:b6:8c:0e:a8:94:8e:00:
de:15:07:73:73:74:fc:14:c1:0f:73:c1:fd:8d:ef:e3:a9:4c:
90:51:c3:55:aa:9c:3f:0b:10:4e:e3:50:6f:53:56:55:61:4e:
c3:0e:c0:2c:80:cd:d0:c1:5b:93:69:e5:58:95:17:29:d6:ea:
60:0d:d7:ff:6c:32:de:bf:8f:76:24:11:33:9b:7d:c0:5a:a3:
3c:f6:73:7d:a0:8b:f1:60:99:23:d4:45:d4:75:eb:ed:97:1c:
90:3b:ea:0c:4f:a8:5b:75:58:d3:86:f7:0f:bb:11:47:b1:d3:
2d:db:0b:13:9c:b6:37:7c:37:b8:27:1b:80:97:af:49:a7:49:
27:44:9e:b3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytIkOuIhNd/mthLCdw27WUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2NGFiZDQzNWY4OTlkNTcwYThlNWZiODNiZGFkMTE1MzQ1
NWRlZTAwHhcNMjYwMzAyMDYwMDI5WhcNMjYwMzAzMDYwMDI5WjAzMTEwLwYDVQQD
EyhjYjNhY2YxNzA0NmM1N2NjMDE2MzYxMzVjM2M0NDcyYTM4OGIwMDA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqYjEps0/JyVQBZ3fS8u016tgYCPx
H7NHPMHrjQWWktirb9OvvBcGYdebB2p9fquG/cW4mNboQUUwhMXksc6fOfueG/AU
fjUodbKiMAACLCkKfI4uT1wpRErj6nnSBgrkYkXdOQtQlC1xaNnUKMH7ke/TLnL7
+z+y+DKN6ntbn+Fx9s+4XqemLUNhEth9RQVbnxkGmJ5625SBRdzhrChI4T4lBlZH
00tiZLrRC1sFjAOVR40CMs16aI6jogCYALGgcXl064CT+uS4FbqQPIop/eelg6Hu
F5oNar+bDKGTSXzzl2FkFeWaOTRhcGOtV5TrudtoF+FPkpF0VyGjICaCiwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMs6zxcEbFfMAWNhNcPERyo4iwAFMB8GA1UdIwQY
MBaAFIZKvUNfiZ1XCo5fuDva0RU0Vd7gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGtxOVExLUpuVmNLamwtNE85clJGVFJWM3VBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS8zZjEzM2YtMWM4MS00YTRiLWEyNTUt
M2UzNjQ2NTkxYWEwLzEvaGtxOVExLUpuVmNLamwtNE85clJGVFJWM3VBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS8zZjEzM2YtMWM4MS00YTRiLWEyNTUtM2UzNjQ2NTkxYWEw
LzEvaGtxOVExLUpuVmNLamwtNE85clJGVFJWM3VBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUJLMXSVP
Jrd8JRFObFTSztMDncboRephhwg4RGNvHWWuEsVTF54omFGnJdvbCrvbHWDnEjfj
jrZz+CeaGkw46kIMoAuzTtNH5NhF4O4poy7miGzMlsSUb/5pkJi4KBRtW6GW33LE
XLp9njboXvhGhBXqqBch8uu2jA6olI4A3hUHc3N0/BTBD3PB/Y3v46lMkFHDVaqc
PwsQTuNQb1NWVWFOww7ALIDN0MFbk2nlWJUXKdbqYA3X/2wy3r+PdiQRM5t9wFqj
PPZzfaCL8WCZI9RF1HXr7ZcckDvqDE+oW3VY04b3D7sRR7HTLdsLE5y2N3w3uCcb
gJevSadJJ0Sesw==
-----END CERTIFICATE-----
Generated at Mon Mar 2 15:33:07 2026 by rpki-client