Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/e81c1a-0c87-4825-bccc-36b7b1de045d/1/H9nOye0f1PQcCx4w77lshhVTvjY.mft
File: H9nOye0f1PQcCx4w77lshhVTvjY.mft (raw, json)
Hash identifier: SdAGhXr+mz0wTgNjdm+CbuPYONw1PUejiP7PvVhxsVU=
Subject key identifier: A7:9F:26:83:0A:EE:FC:A9:81:0E:E3:4C:3E:49:7A:C7:5D:58:7C:08
Authority key identifier: 1F:D9:CE:C9:ED:1F:D4:F4:1C:0B:1E:30:EF:B9:6C:86:15:53:BE:36
Certificate issuer: /CN=1fd9cec9ed1fd4f41c0b1e30efb96c861553be36
Certificate serial: 019CAA21C53E839C1536BE02C5A7CE3591BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H9nOye0f1PQcCx4w77lshhVTvjY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/e81c1a-0c87-4825-bccc-36b7b1de045d/1/H9nOye0f1PQcCx4w77lshhVTvjY.mft
Manifest number: 0428
Signing time: Sun 01 Mar 2026 16:01:05 +0000
Manifest this update: Sun 01 Mar 2026 16:01:05 +0000
Manifest next update: Mon 02 Mar 2026 16:01:05 +0000
Files and hashes: 1: AGVrI7h1W1sZnmEHrQIXxLRxF1Q.roa (hash: K1nbjcJomqgMcH/NVsTCJWhMoSmEDtw4c8u/MMrHlso=)
2: H9nOye0f1PQcCx4w77lshhVTvjY.crl (hash: iYNaOtclJSxwL7uxOKAIT+diOBY0C76o15hI28yWI7o=)
3: fnZsGtHZZ57ibD1bgR7D-kx03A8.asa (hash: gnq6h8vpZgrDrbXWUtlG5+lFKokphaSsAqWL7zsvVig=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/e81c1a-0c87-4825-bccc-36b7b1de045d/1/H9nOye0f1PQcCx4w77lshhVTvjY.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/e81c1a-0c87-4825-bccc-36b7b1de045d/1/H9nOye0f1PQcCx4w77lshhVTvjY.mft
rsync://rpki.ripe.net/repository/DEFAULT/H9nOye0f1PQcCx4w77lshhVTvjY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 09:38:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:aa:21:c5:3e:83:9c:15:36:be:02:c5:a7:ce:35:91:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1fd9cec9ed1fd4f41c0b1e30efb96c861553be36
Validity
Not Before: Mar 1 16:01:05 2026 GMT
Not After : Mar 2 16:01:05 2026 GMT
Subject: CN=a79f26830aeefca9810ee34c3e497ac75d587c08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:3a:e9:e6:0b:61:48:b5:08:46:fb:3d:0c:79:
46:94:e9:c0:9a:5b:6c:8f:17:6b:4b:0b:82:ca:c6:
fc:99:e8:67:c8:83:cc:1b:a1:e2:88:23:18:11:74:
41:2e:05:e4:4a:b8:b9:a5:e1:40:29:14:11:39:e7:
e0:e3:cf:b6:89:d9:10:87:7c:a9:1c:7b:8d:3a:19:
e7:03:9f:13:5c:38:64:2b:36:2a:e7:7c:5d:ed:8e:
be:ff:82:c4:77:5a:4b:b1:ee:7c:6d:f5:43:9e:f8:
92:bf:f8:22:c5:2e:cb:56:a7:d1:38:a7:ce:cc:64:
77:f4:ec:3e:78:c4:8c:eb:ce:eb:29:3f:bd:fb:88:
a8:4d:35:56:35:9f:9b:e5:35:c9:ed:dd:37:02:66:
9c:57:fa:31:22:6b:e9:44:34:62:33:9a:86:b3:41:
de:a5:af:f7:96:bd:d1:64:47:96:4a:79:21:90:94:
a3:c6:ca:26:c1:b3:c8:69:ef:d3:97:eb:23:45:e3:
ec:77:89:4f:82:73:20:f9:c4:9b:86:69:ee:5d:4c:
25:f8:fd:fa:22:df:67:c6:9f:a9:76:cf:1d:25:c0:
d3:ae:3c:47:5b:54:83:96:30:4b:32:3b:87:e7:ef:
55:54:71:08:e8:e7:54:b0:f0:86:ff:8b:da:c2:04:
63:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:9F:26:83:0A:EE:FC:A9:81:0E:E3:4C:3E:49:7A:C7:5D:58:7C:08
X509v3 Authority Key Identifier:
keyid:1F:D9:CE:C9:ED:1F:D4:F4:1C:0B:1E:30:EF:B9:6C:86:15:53:BE:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H9nOye0f1PQcCx4w77lshhVTvjY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/e81c1a-0c87-4825-bccc-36b7b1de045d/1/H9nOye0f1PQcCx4w77lshhVTvjY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/e81c1a-0c87-4825-bccc-36b7b1de045d/1/H9nOye0f1PQcCx4w77lshhVTvjY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
aa:63:6d:f8:c6:8c:17:9a:be:be:92:42:ec:57:6c:ad:67:e2:
4c:c4:80:01:43:5e:61:38:00:e5:a8:35:3c:6b:16:95:a1:8f:
49:0b:e4:3a:91:41:97:63:a4:d5:cc:91:07:e4:77:80:e6:44:
ce:ac:9d:22:94:51:08:1b:0f:88:11:8a:07:d6:d4:c3:07:6d:
97:6d:df:51:3f:4b:77:36:fe:78:a3:7d:a4:f1:2d:f9:a1:5f:
c1:4c:f0:3e:17:df:a4:9f:35:35:d4:b7:6b:11:6e:f9:74:61:
6e:9a:6a:33:24:b9:2b:a5:6e:5a:95:fe:44:31:73:7f:6f:88:
00:c2:c0:7c:f8:32:3e:94:59:02:55:25:79:17:7e:2d:d3:b5:
06:3a:44:05:f7:79:46:07:0f:ee:18:bd:2a:fd:78:47:a4:15:
65:57:a1:7c:3d:8c:f2:fc:d1:11:af:ec:80:f9:be:73:9e:fa:
25:bf:e3:dc:52:88:29:bb:11:51:46:cc:89:d8:53:f1:ef:88:
82:49:3b:49:ef:23:f2:9d:36:60:89:49:3e:ce:96:51:1e:a8:
b1:17:68:66:92:4d:d7:2a:e7:1b:02:20:06:5f:cb:66:d7:9e:
ae:ff:a4:e1:c8:37:30:6a:1e:d4:38:4f:c7:8a:98:ea:53:cb:
62:38:a0:f2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqIcU+g5wVNr4CxafONZG7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmZDljZWM5ZWQxZmQ0ZjQxYzBiMWUzMGVmYjk2Yzg2MTU1
M2JlMzYwHhcNMjYwMzAxMTYwMTA1WhcNMjYwMzAyMTYwMTA1WjAzMTEwLwYDVQQD
EyhhNzlmMjY4MzBhZWVmY2E5ODEwZWUzNGMzZTQ5N2FjNzVkNTg3YzA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtjrp5gthSLUIRvs9DHlGlOnAmlts
jxdrSwuCysb8mehnyIPMG6HiiCMYEXRBLgXkSri5peFAKRQROefg48+2idkQh3yp
HHuNOhnnA58TXDhkKzYq53xd7Y6+/4LEd1pLse58bfVDnviSv/gixS7LVqfROKfO
zGR39Ow+eMSM687rKT+9+4ioTTVWNZ+b5TXJ7d03AmacV/oxImvpRDRiM5qGs0He
pa/3lr3RZEeWSnkhkJSjxsomwbPIae/Tl+sjRePsd4lPgnMg+cSbhmnuXUwl+P36
It9nxp+pds8dJcDTrjxHW1SDljBLMjuH5+9VVHEI6OdUsPCG/4vawgRjxQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKefJoMK7vypgQ7jTD5JesddWHwIMB8GA1UdIwQY
MBaAFB/ZzsntH9T0HAseMO+5bIYVU742MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDluT3llMGYxUFFjQ3g0dzc3bHNoaFZUdmpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9lODFjMWEtMGM4Ny00ODI1LWJjY2Mt
MzZiN2IxZGUwNDVkLzEvSDluT3llMGYxUFFjQ3g0dzc3bHNoaFZUdmpZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9lODFjMWEtMGM4Ny00ODI1LWJjY2MtMzZiN2IxZGUwNDVk
LzEvSDluT3llMGYxUFFjQ3g0dzc3bHNoaFZUdmpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqmNt+MaM
F5q+vpJC7FdsrWfiTMSAAUNeYTgA5ag1PGsWlaGPSQvkOpFBl2Ok1cyRB+R3gOZE
zqydIpRRCBsPiBGKB9bUwwdtl23fUT9Ldzb+eKN9pPEt+aFfwUzwPhffpJ81NdS3
axFu+XRhbppqMyS5K6VuWpX+RDFzf2+IAMLAfPgyPpRZAlUleRd+LdO1BjpEBfd5
RgcP7hi9Kv14R6QVZVehfD2M8vzREa/sgPm+c576Jb/j3FKIKbsRUUbMidhT8e+I
gkk7Se8j8p02YIlJPs6WUR6osRdoZpJN1yrnGwIgBl/LZteerv+k4cg3MGoe1DhP
x4qY6lPLYjig8g==
-----END CERTIFICATE-----
Generated at Sun Mar 1 18:24:40 2026 by rpki-client