Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/e81c1a-0c87-4825-bccc-36b7b1de045d/1/H9nOye0f1PQcCx4w77lshhVTvjY.mft
File: H9nOye0f1PQcCx4w77lshhVTvjY.mft (raw, json)
Hash identifier: zy6KaTaXQrBr1725GnIEqrxLltBsG2Qvs6vaGo+bM3U=
Subject key identifier: 5F:47:E7:73:29:00:AC:98:55:6D:6F:49:4E:58:2B:B3:60:E6:F5:25
Authority key identifier: 1F:D9:CE:C9:ED:1F:D4:F4:1C:0B:1E:30:EF:B9:6C:86:15:53:BE:36
Certificate issuer: /CN=1fd9cec9ed1fd4f41c0b1e30efb96c861553be36
Certificate serial: 019CA832FA6B66110EF796CD4CEF75A9EDD2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H9nOye0f1PQcCx4w77lshhVTvjY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/e81c1a-0c87-4825-bccc-36b7b1de045d/1/H9nOye0f1PQcCx4w77lshhVTvjY.mft
Manifest number: 0427
Signing time: Sun 01 Mar 2026 07:00:39 +0000
Manifest this update: Sun 01 Mar 2026 07:00:39 +0000
Manifest next update: Mon 02 Mar 2026 07:00:39 +0000
Files and hashes: 1: AGVrI7h1W1sZnmEHrQIXxLRxF1Q.roa (hash: K1nbjcJomqgMcH/NVsTCJWhMoSmEDtw4c8u/MMrHlso=)
2: H9nOye0f1PQcCx4w77lshhVTvjY.crl (hash: nplH9AVdOAVRYJ//8TtP2r/7qNRK0pJWaZNLb0i/vgE=)
3: fnZsGtHZZ57ibD1bgR7D-kx03A8.asa (hash: gnq6h8vpZgrDrbXWUtlG5+lFKokphaSsAqWL7zsvVig=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/e81c1a-0c87-4825-bccc-36b7b1de045d/1/H9nOye0f1PQcCx4w77lshhVTvjY.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/e81c1a-0c87-4825-bccc-36b7b1de045d/1/H9nOye0f1PQcCx4w77lshhVTvjY.mft
rsync://rpki.ripe.net/repository/DEFAULT/H9nOye0f1PQcCx4w77lshhVTvjY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 06:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:a8:32:fa:6b:66:11:0e:f7:96:cd:4c:ef:75:a9:ed:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1fd9cec9ed1fd4f41c0b1e30efb96c861553be36
Validity
Not Before: Mar 1 07:00:39 2026 GMT
Not After : Mar 2 07:00:39 2026 GMT
Subject: CN=5f47e7732900ac98556d6f494e582bb360e6f525
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:04:ed:11:4b:a4:67:25:24:93:7b:48:fe:74:
f3:67:ba:ef:36:10:08:92:49:63:c6:38:da:60:7d:
d7:68:0b:a2:98:08:92:e8:0b:98:4b:e5:3e:cd:c5:
4e:48:e7:85:7e:0d:8a:b2:e9:1d:91:b7:c4:ae:df:
eb:b4:6f:41:a1:47:8b:74:21:a8:d4:89:ff:76:31:
c7:1e:2c:32:c0:e1:5c:20:f0:64:0b:2e:64:5a:53:
5a:c9:7d:df:65:b3:7c:e9:98:f7:95:43:4f:50:55:
aa:2c:e1:d9:b8:a5:02:35:e2:39:77:32:9a:a4:95:
c5:62:07:68:a1:88:20:e1:6b:f9:b0:d3:43:2f:a0:
35:2c:71:62:70:16:c7:0c:fd:b6:8f:7c:4b:4d:af:
59:44:02:b4:f3:df:3c:42:75:9c:21:72:b2:25:da:
c7:0a:f8:f1:44:96:7e:55:61:dc:f6:24:e5:07:4d:
0e:d8:c3:c8:d4:23:2d:f9:27:2f:71:85:7d:89:73:
77:74:e4:e1:25:52:27:36:91:ec:2a:64:99:c0:2c:
7c:a7:34:e5:30:21:ec:94:f4:dc:9a:b7:66:ed:fc:
e3:e3:74:7d:65:c4:3b:27:31:8c:9a:78:54:d7:b0:
ce:30:6b:40:ad:69:6e:64:f1:a4:8b:10:de:8b:18:
74:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:47:E7:73:29:00:AC:98:55:6D:6F:49:4E:58:2B:B3:60:E6:F5:25
X509v3 Authority Key Identifier:
keyid:1F:D9:CE:C9:ED:1F:D4:F4:1C:0B:1E:30:EF:B9:6C:86:15:53:BE:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H9nOye0f1PQcCx4w77lshhVTvjY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/e81c1a-0c87-4825-bccc-36b7b1de045d/1/H9nOye0f1PQcCx4w77lshhVTvjY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/e81c1a-0c87-4825-bccc-36b7b1de045d/1/H9nOye0f1PQcCx4w77lshhVTvjY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
57:e0:4c:f7:28:e3:a4:45:68:63:19:8a:b5:8d:bf:0c:22:45:
cb:12:8d:35:10:aa:b3:8d:3b:71:20:2b:c8:70:12:7b:89:30:
9a:87:0a:49:aa:59:11:e3:9c:ab:68:fa:03:ee:40:3d:a3:09:
02:77:90:71:7d:c4:a2:22:80:dc:20:8a:d9:c3:9d:e3:14:04:
c5:0e:64:3f:ed:22:d0:8c:d0:f6:4f:a9:48:ba:13:95:a5:c5:
f8:f5:c6:65:a2:cb:42:66:d7:75:f7:02:00:02:d0:1e:1d:e6:
7e:10:bf:65:98:5a:3b:de:db:06:ea:ca:d7:bf:c3:3e:4f:76:
90:dd:30:a2:eb:a2:ec:7f:31:e9:7f:7d:16:40:9e:cb:dd:40:
ad:a0:b3:16:e3:6f:c7:22:f5:05:fd:7d:2d:d9:5d:05:3d:8d:
de:32:7d:f8:07:4c:d9:86:bd:bb:99:ff:cb:cc:a1:ee:ea:d3:
59:88:08:cd:71:c4:8d:23:58:13:57:36:f3:0d:12:42:3b:b5:
34:5a:c2:a6:31:c4:82:30:3a:91:b0:dd:09:9d:29:e5:8e:04:
f1:c3:f5:49:23:33:42:a7:ed:0f:f4:ca:16:5d:f7:e6:23:20:
6e:cb:b1:16:64:40:c5:bf:a8:6c:25:bf:e5:08:ab:f6:2b:86:
db:d9:43:02
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyoMvprZhEO95bNTO91qe3SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmZDljZWM5ZWQxZmQ0ZjQxYzBiMWUzMGVmYjk2Yzg2MTU1
M2JlMzYwHhcNMjYwMzAxMDcwMDM5WhcNMjYwMzAyMDcwMDM5WjAzMTEwLwYDVQQD
Eyg1ZjQ3ZTc3MzI5MDBhYzk4NTU2ZDZmNDk0ZTU4MmJiMzYwZTZmNTI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkQTtEUukZyUkk3tI/nTzZ7rvNhAI
kkljxjjaYH3XaAuimAiS6AuYS+U+zcVOSOeFfg2KsukdkbfErt/rtG9BoUeLdCGo
1In/djHHHiwywOFcIPBkCy5kWlNayX3fZbN86Zj3lUNPUFWqLOHZuKUCNeI5dzKa
pJXFYgdooYgg4Wv5sNNDL6A1LHFicBbHDP22j3xLTa9ZRAK08988QnWcIXKyJdrH
CvjxRJZ+VWHc9iTlB00O2MPI1CMt+ScvcYV9iXN3dOThJVInNpHsKmSZwCx8pzTl
MCHslPTcmrdm7fzj43R9ZcQ7JzGMmnhU17DOMGtArWluZPGkixDeixh0UwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF9H53MpAKyYVW1vSU5YK7Ng5vUlMB8GA1UdIwQY
MBaAFB/ZzsntH9T0HAseMO+5bIYVU742MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDluT3llMGYxUFFjQ3g0dzc3bHNoaFZUdmpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9lODFjMWEtMGM4Ny00ODI1LWJjY2Mt
MzZiN2IxZGUwNDVkLzEvSDluT3llMGYxUFFjQ3g0dzc3bHNoaFZUdmpZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9lODFjMWEtMGM4Ny00ODI1LWJjY2MtMzZiN2IxZGUwNDVk
LzEvSDluT3llMGYxUFFjQ3g0dzc3bHNoaFZUdmpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAV+BM9yjj
pEVoYxmKtY2/DCJFyxKNNRCqs407cSAryHASe4kwmocKSapZEeOcq2j6A+5APaMJ
AneQcX3EoiKA3CCK2cOd4xQExQ5kP+0i0IzQ9k+pSLoTlaXF+PXGZaLLQmbXdfcC
AALQHh3mfhC/ZZhaO97bBurK17/DPk92kN0wouui7H8x6X99FkCey91AraCzFuNv
xyL1Bf19LdldBT2N3jJ9+AdM2Ya9u5n/y8yh7urTWYgIzXHEjSNYE1c28w0SQju1
NFrCpjHEgjA6kbDdCZ0p5Y4E8cP1SSMzQqftD/TKFl335iMgbsuxFmRAxb+obCW/
5Qir9iuG29lDAg==
-----END CERTIFICATE-----
Generated at Sun Mar 1 16:37:41 2026 by rpki-client