Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/e81c1a-0c87-4825-bccc-36b7b1de045d/1/H9nOye0f1PQcCx4w77lshhVTvjY.mft
File: H9nOye0f1PQcCx4w77lshhVTvjY.mft (raw, json)
Hash identifier: AWIl6Q3OKX9yCLe7TdXkl3ijg7eefYUhYC+pobUKWuA=
Subject key identifier: D9:7F:FA:11:26:0E:85:27:67:64:B3:0F:CD:EE:C8:22:23:05:18:A4
Authority key identifier: 1F:D9:CE:C9:ED:1F:D4:F4:1C:0B:1E:30:EF:B9:6C:86:15:53:BE:36
Certificate issuer: /CN=1fd9cec9ed1fd4f41c0b1e30efb96c861553be36
Certificate serial: 019DA52F83F02CDEA5B87B534AB289152A32
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H9nOye0f1PQcCx4w77lshhVTvjY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/e81c1a-0c87-4825-bccc-36b7b1de045d/1/H9nOye0f1PQcCx4w77lshhVTvjY.mft
Manifest number: 04AA
Signing time: Sun 19 Apr 2026 10:00:47 +0000
Manifest this update: Sun 19 Apr 2026 10:00:47 +0000
Manifest next update: Mon 20 Apr 2026 10:00:47 +0000
Files and hashes: 1: AGVrI7h1W1sZnmEHrQIXxLRxF1Q.roa (hash: K1nbjcJomqgMcH/NVsTCJWhMoSmEDtw4c8u/MMrHlso=)
2: H9nOye0f1PQcCx4w77lshhVTvjY.crl (hash: oCOgDw4m1NM4u5dFqGnM2UjzbIUasgFkhd9pf9EMdUM=)
3: fnZsGtHZZ57ibD1bgR7D-kx03A8.asa (hash: gnq6h8vpZgrDrbXWUtlG5+lFKokphaSsAqWL7zsvVig=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/e81c1a-0c87-4825-bccc-36b7b1de045d/1/H9nOye0f1PQcCx4w77lshhVTvjY.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/e81c1a-0c87-4825-bccc-36b7b1de045d/1/H9nOye0f1PQcCx4w77lshhVTvjY.mft
rsync://rpki.ripe.net/repository/DEFAULT/H9nOye0f1PQcCx4w77lshhVTvjY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 04:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:a5:2f:83:f0:2c:de:a5:b8:7b:53:4a:b2:89:15:2a:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1fd9cec9ed1fd4f41c0b1e30efb96c861553be36
Validity
Not Before: Apr 19 10:00:47 2026 GMT
Not After : Apr 20 10:00:47 2026 GMT
Subject: CN=d97ffa11260e85276764b30fcdeec822230518a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:4c:6e:b7:55:73:2e:c4:00:6a:ee:1a:b5:73:
ae:0f:45:26:1f:72:56:2a:2a:db:45:ca:b6:02:db:
c8:08:d4:86:ce:a9:6f:3b:48:ad:8e:17:33:2e:a3:
40:60:5a:df:80:a8:4f:20:dc:1b:81:20:80:b3:c5:
96:b1:d6:5d:ce:31:40:5f:fe:82:ee:b9:eb:52:8b:
4f:15:1f:b0:4b:0e:ae:28:7c:fd:7b:f2:b3:bb:4d:
01:cb:ec:bf:79:20:b8:64:e2:9b:94:63:1a:01:9d:
fa:8d:8d:fa:0b:60:94:60:34:5b:b0:96:09:ce:fb:
98:8d:d7:93:10:f3:49:d6:99:dc:60:1b:5f:6b:28:
8c:16:44:66:7f:dd:4b:ad:a2:e4:00:0c:fa:b2:90:
ce:e2:58:ac:c8:16:4a:bf:bb:d6:de:a9:f4:62:42:
55:01:9f:85:38:a2:ee:4f:2b:ee:27:95:43:76:f8:
9d:70:8f:6f:64:2c:62:04:6e:aa:84:29:6f:06:9f:
88:c4:8b:16:09:1c:6b:96:1e:52:37:06:7c:f0:22:
ed:ab:54:13:60:ca:75:14:9a:c7:69:f8:fb:36:08:
41:7d:25:a3:41:1a:da:0c:2d:ee:f1:b7:09:77:79:
5d:1c:85:7d:14:3d:b3:42:41:22:fa:eb:4f:2f:4f:
d2:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:7F:FA:11:26:0E:85:27:67:64:B3:0F:CD:EE:C8:22:23:05:18:A4
X509v3 Authority Key Identifier:
keyid:1F:D9:CE:C9:ED:1F:D4:F4:1C:0B:1E:30:EF:B9:6C:86:15:53:BE:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H9nOye0f1PQcCx4w77lshhVTvjY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/e81c1a-0c87-4825-bccc-36b7b1de045d/1/H9nOye0f1PQcCx4w77lshhVTvjY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/e81c1a-0c87-4825-bccc-36b7b1de045d/1/H9nOye0f1PQcCx4w77lshhVTvjY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
71:f0:0e:fc:08:32:6c:1e:0e:63:16:33:fe:4d:e1:6f:67:cb:
80:1f:b8:d6:5f:43:b1:3f:75:e4:77:8b:7b:6e:b8:74:fc:bb:
62:24:67:81:51:f6:55:c3:23:9b:8b:eb:ea:b5:84:82:10:bd:
03:17:0b:78:d6:6f:49:ba:25:b8:f2:e6:c2:c8:90:1a:15:83:
9b:89:91:60:9a:d3:0f:e6:2d:73:b4:61:61:35:1d:80:ee:e0:
e2:20:03:b9:9d:b4:12:d2:9b:00:33:59:0b:42:66:2b:89:eb:
ea:3e:44:ef:cc:60:c0:75:92:fb:bf:77:9e:c1:49:59:9d:ee:
f2:bd:e8:da:ca:8e:78:ea:9f:14:e8:11:37:97:2d:50:a6:e3:
1f:a4:a9:2f:3f:fb:08:13:50:13:3a:60:bd:16:41:4d:35:bc:
2d:3e:9e:2d:25:73:8f:e5:9f:7c:20:52:1d:39:12:46:42:12:
d1:4d:ef:db:54:db:42:16:5d:4d:72:01:38:fc:3d:eb:5a:0b:
03:5e:93:21:5d:5f:9a:24:48:0a:27:c0:12:98:0c:0b:70:2a:
b0:43:1d:ff:ea:89:92:6c:2e:8d:50:db:f5:c3:50:fa:a7:b2:
85:f9:73:4e:a9:29:cf:7e:42:87:f8:6c:32:ad:c7:f5:ee:97:
b5:88:ea:c6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2lL4PwLN6luHtTSrKJFSoyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmZDljZWM5ZWQxZmQ0ZjQxYzBiMWUzMGVmYjk2Yzg2MTU1
M2JlMzYwHhcNMjYwNDE5MTAwMDQ3WhcNMjYwNDIwMTAwMDQ3WjAzMTEwLwYDVQQD
EyhkOTdmZmExMTI2MGU4NTI3Njc2NGIzMGZjZGVlYzgyMjIzMDUxOGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArUxut1VzLsQAau4atXOuD0UmH3JW
KirbRcq2AtvICNSGzqlvO0itjhczLqNAYFrfgKhPINwbgSCAs8WWsdZdzjFAX/6C
7rnrUotPFR+wSw6uKHz9e/Kzu00By+y/eSC4ZOKblGMaAZ36jY36C2CUYDRbsJYJ
zvuYjdeTEPNJ1pncYBtfayiMFkRmf91LraLkAAz6spDO4lisyBZKv7vW3qn0YkJV
AZ+FOKLuTyvuJ5VDdvidcI9vZCxiBG6qhClvBp+IxIsWCRxrlh5SNwZ88CLtq1QT
YMp1FJrHafj7NghBfSWjQRraDC3u8bcJd3ldHIV9FD2zQkEi+utPL0/SLwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNl/+hEmDoUnZ2SzD83uyCIjBRikMB8GA1UdIwQY
MBaAFB/ZzsntH9T0HAseMO+5bIYVU742MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDluT3llMGYxUFFjQ3g0dzc3bHNoaFZUdmpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9lODFjMWEtMGM4Ny00ODI1LWJjY2Mt
MzZiN2IxZGUwNDVkLzEvSDluT3llMGYxUFFjQ3g0dzc3bHNoaFZUdmpZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9lODFjMWEtMGM4Ny00ODI1LWJjY2MtMzZiN2IxZGUwNDVk
LzEvSDluT3llMGYxUFFjQ3g0dzc3bHNoaFZUdmpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcfAO/Agy
bB4OYxYz/k3hb2fLgB+41l9DsT915HeLe264dPy7YiRngVH2VcMjm4vr6rWEghC9
AxcLeNZvSboluPLmwsiQGhWDm4mRYJrTD+Ytc7RhYTUdgO7g4iADuZ20EtKbADNZ
C0JmK4nr6j5E78xgwHWS+793nsFJWZ3u8r3o2sqOeOqfFOgRN5ctUKbjH6SpLz/7
CBNQEzpgvRZBTTW8LT6eLSVzj+WffCBSHTkSRkIS0U3v21TbQhZdTXIBOPw961oL
A16TIV1fmiRICifAEpgMC3AqsEMd/+qJkmwujVDb9cNQ+qeyhflzTqkpz35Ch/hs
Mq3H9e6XtYjqxg==
-----END CERTIFICATE-----
Generated at Sun Apr 19 14:20:50 2026 by rpki-client