Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/3f133f-1c81-4a4b-a255-3e3646591aa0/1/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.mft
File: hkq9Q1-JnVcKjl-4O9rRFTRV3uA.mft (raw, json)
Hash identifier: dYMGTZbisoOwv7lN7w2w9cALtDpIuyCpf5X779yQzGs=
Subject key identifier: CA:B8:6B:32:95:0E:27:F0:1C:86:67:23:ED:55:30:3E:0F:21:B5:3E
Authority key identifier: 86:4A:BD:43:5F:89:9D:57:0A:8E:5F:B8:3B:DA:D1:15:34:55:DE:E0
Certificate issuer: /CN=864abd435f899d570a8e5fb83bdad1153455dee0
Certificate serial: 019D9AABC5DAA21FEFCA32A379AAF1483552
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/3f133f-1c81-4a4b-a255-3e3646591aa0/1/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.mft
Manifest number: 18C4
Signing time: Fri 17 Apr 2026 09:00:41 +0000
Manifest this update: Fri 17 Apr 2026 09:00:41 +0000
Manifest next update: Sat 18 Apr 2026 09:00:41 +0000
Files and hashes: 1: FKPDUKEH3RWf-_A6oyRKO4_LVBY.roa (hash: hV9SiFdAv7sVh4TN2I3na70oOpO2IrQF3ksLQ7b5hl8=)
2: hkq9Q1-JnVcKjl-4O9rRFTRV3uA.crl (hash: 82foRieIAwku17o49p+gYMOhi7SMrCLvtbveFFWDyqQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/3f133f-1c81-4a4b-a255-3e3646591aa0/1/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/3f133f-1c81-4a4b-a255-3e3646591aa0/1/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.mft
rsync://rpki.ripe.net/repository/DEFAULT/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9a:ab:c5:da:a2:1f:ef:ca:32:a3:79:aa:f1:48:35:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=864abd435f899d570a8e5fb83bdad1153455dee0
Validity
Not Before: Apr 17 09:00:41 2026 GMT
Not After : Apr 18 09:00:41 2026 GMT
Subject: CN=cab86b32950e27f01c866723ed55303e0f21b53e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:8f:24:6d:76:96:ca:0d:ea:3a:be:7b:ba:a8:
1c:20:96:c8:13:b1:51:c4:43:f8:e2:ac:c6:34:ef:
dc:c5:f3:aa:fb:78:85:60:fa:2f:c9:d8:3e:b8:2d:
bc:05:14:eb:fb:aa:6d:cd:5e:86:a7:44:9d:2e:fb:
d9:bb:46:0a:65:1e:27:b0:58:8b:da:c1:7a:96:2e:
9d:f9:cc:ab:ea:12:cb:ed:cd:c4:a8:f5:82:ae:af:
10:8d:aa:fc:fe:b5:e9:59:e9:51:05:c7:34:f3:d7:
a6:c5:3c:f4:29:6b:ea:28:82:f4:86:4a:20:f7:6e:
ab:c4:60:ed:e6:7a:b4:83:e4:b0:9c:19:24:ed:37:
61:ea:1d:00:6c:4f:a6:3a:24:68:96:67:7e:a5:e4:
1d:f1:6b:1b:86:6d:66:d2:a3:e8:79:e8:48:a5:6e:
cf:00:0f:79:ff:37:42:92:5a:b8:0d:1a:7b:2e:07:
4e:2e:dd:3f:87:01:56:6f:3e:73:84:fc:5d:88:1d:
95:26:f2:2b:b6:cf:19:26:0a:af:85:9d:c6:10:7e:
cd:d9:5b:a5:f2:ac:c4:e3:25:e6:a8:4b:f1:cd:67:
92:ce:e8:48:66:ef:11:88:1e:9e:93:a5:af:b0:17:
7d:97:90:0f:29:b1:25:d9:16:f1:cc:9c:c9:5b:96:
87:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:B8:6B:32:95:0E:27:F0:1C:86:67:23:ED:55:30:3E:0F:21:B5:3E
X509v3 Authority Key Identifier:
keyid:86:4A:BD:43:5F:89:9D:57:0A:8E:5F:B8:3B:DA:D1:15:34:55:DE:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/3f133f-1c81-4a4b-a255-3e3646591aa0/1/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/3f133f-1c81-4a4b-a255-3e3646591aa0/1/hkq9Q1-JnVcKjl-4O9rRFTRV3uA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
32:72:ec:46:c5:18:1b:52:27:d5:93:99:99:a0:dd:b0:30:6f:
9e:5c:22:84:c5:c4:57:f3:32:c2:58:e9:50:07:5f:b3:0e:3f:
4d:28:e8:5a:b9:4a:f8:79:9b:06:97:36:51:6e:5c:7b:f8:ed:
13:44:b3:cc:a9:b8:e8:e6:a9:99:05:99:fd:ab:b1:2f:d1:bb:
66:9e:86:17:40:73:19:4b:41:83:50:84:6f:33:df:8a:38:50:
f6:06:1a:50:bc:d1:7d:74:18:7d:a2:6f:a7:7b:d6:d1:dd:ce:
28:d5:be:06:af:ab:62:70:04:09:2c:03:59:c3:7c:50:36:c3:
77:01:cc:b6:cb:ca:1a:64:68:f7:7a:b5:83:fa:3c:19:03:7f:
c5:44:2e:9e:d3:f7:71:2e:10:aa:9e:82:55:c5:91:89:06:3d:
b5:8b:ea:bf:fc:8a:e3:24:07:18:7b:a7:57:bd:51:c3:c8:44:
e1:d6:82:1b:aa:1e:9b:51:1c:04:53:2d:0d:44:46:ab:31:a3:
0a:35:8d:f9:9d:26:d7:7c:b0:4d:8b:3e:87:7f:6f:43:36:99:
ab:a1:e8:b4:ed:e7:aa:e9:5e:9b:c2:d9:0b:91:50:b5:b9:9c:
7d:c0:fd:9b:7d:13:44:ad:09:e1:4c:77:38:d8:57:a0:f9:e6:
7c:58:11:6b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2aq8Xaoh/vyjKjearxSDVSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2NGFiZDQzNWY4OTlkNTcwYThlNWZiODNiZGFkMTE1MzQ1
NWRlZTAwHhcNMjYwNDE3MDkwMDQxWhcNMjYwNDE4MDkwMDQxWjAzMTEwLwYDVQQD
EyhjYWI4NmIzMjk1MGUyN2YwMWM4NjY3MjNlZDU1MzAzZTBmMjFiNTNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxI8kbXaWyg3qOr57uqgcIJbIE7FR
xEP44qzGNO/cxfOq+3iFYPovydg+uC28BRTr+6ptzV6Gp0SdLvvZu0YKZR4nsFiL
2sF6li6d+cyr6hLL7c3EqPWCrq8Qjar8/rXpWelRBcc089emxTz0KWvqKIL0hkog
926rxGDt5nq0g+SwnBkk7Tdh6h0AbE+mOiRolmd+peQd8Wsbhm1m0qPoeehIpW7P
AA95/zdCklq4DRp7LgdOLt0/hwFWbz5zhPxdiB2VJvIrts8ZJgqvhZ3GEH7N2Vul
8qzE4yXmqEvxzWeSzuhIZu8RiB6ek6WvsBd9l5APKbEl2RbxzJzJW5aHhQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMq4azKVDifwHIZnI+1VMD4PIbU+MB8GA1UdIwQY
MBaAFIZKvUNfiZ1XCo5fuDva0RU0Vd7gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGtxOVExLUpuVmNLamwtNE85clJGVFJWM3VBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS8zZjEzM2YtMWM4MS00YTRiLWEyNTUt
M2UzNjQ2NTkxYWEwLzEvaGtxOVExLUpuVmNLamwtNE85clJGVFJWM3VBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS8zZjEzM2YtMWM4MS00YTRiLWEyNTUtM2UzNjQ2NTkxYWEw
LzEvaGtxOVExLUpuVmNLamwtNE85clJGVFJWM3VBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMnLsRsUY
G1In1ZOZmaDdsDBvnlwihMXEV/MywljpUAdfsw4/TSjoWrlK+HmbBpc2UW5ce/jt
E0SzzKm46OapmQWZ/auxL9G7Zp6GF0BzGUtBg1CEbzPfijhQ9gYaULzRfXQYfaJv
p3vW0d3OKNW+Bq+rYnAECSwDWcN8UDbDdwHMtsvKGmRo93q1g/o8GQN/xUQuntP3
cS4Qqp6CVcWRiQY9tYvqv/yK4yQHGHunV71Rw8hE4daCG6oem1EcBFMtDURGqzGj
CjWN+Z0m13ywTYs+h39vQzaZq6HotO3nqulem8LZC5FQtbmcfcD9m30TRK0J4Ux3
ONhXoPnmfFgRaw==
-----END CERTIFICATE-----
Generated at Fri Apr 17 15:58:50 2026 by rpki-client