Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/df4945-f532-4a01-a7fa-53a998de63e3/1/heFWexaBgzyUSl8mQKngO-jvC_Q.mft
File: heFWexaBgzyUSl8mQKngO-jvC_Q.mft (raw, json)
Hash identifier: tnppZByp4i6MqiYWw5txVuEIRaQVj7q6co+gbTavFso=
Subject key identifier: B6:1E:F1:4D:00:31:86:67:76:31:53:26:EB:8C:C8:29:50:A4:6C:12
Authority key identifier: 85:E1:56:7B:16:81:83:3C:94:4A:5F:26:40:A9:E0:3B:E8:EF:0B:F4
Certificate issuer: /CN=85e1567b1681833c944a5f2640a9e03be8ef0bf4
Certificate serial: 019D9A3ECB50E25333519DDC31CDA20166C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/heFWexaBgzyUSl8mQKngO-jvC_Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/df4945-f532-4a01-a7fa-53a998de63e3/1/heFWexaBgzyUSl8mQKngO-jvC_Q.mft
Manifest number: 11D0
Signing time: Fri 17 Apr 2026 07:01:39 +0000
Manifest this update: Fri 17 Apr 2026 07:01:39 +0000
Manifest next update: Sat 18 Apr 2026 07:01:39 +0000
Files and hashes: 1: Hh7KFktywM-1-107eqrB5yEmn-8.roa (hash: QGn4U4QC+cKt83SkTXHhg4z++P/aykfUDnj2eiXvebY=)
2: heFWexaBgzyUSl8mQKngO-jvC_Q.crl (hash: lGdcVyZIRalRgcAvXJYmctZSr8g/011Qv+MTlXO9prQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2c/df4945-f532-4a01-a7fa-53a998de63e3/1/heFWexaBgzyUSl8mQKngO-jvC_Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/2c/df4945-f532-4a01-a7fa-53a998de63e3/1/heFWexaBgzyUSl8mQKngO-jvC_Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/heFWexaBgzyUSl8mQKngO-jvC_Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9a:3e:cb:50:e2:53:33:51:9d:dc:31:cd:a2:01:66:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85e1567b1681833c944a5f2640a9e03be8ef0bf4
Validity
Not Before: Apr 17 07:01:39 2026 GMT
Not After : Apr 18 07:01:39 2026 GMT
Subject: CN=b61ef14d0031866776315326eb8cc82950a46c12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:b5:3b:83:f4:fa:ff:be:58:11:fa:7d:e4:62:
4c:e8:fe:db:90:f6:4b:61:80:3e:0d:4b:fc:61:d0:
34:20:ec:fd:94:90:5d:a6:a7:70:ec:9b:ac:6a:15:
24:4f:3f:95:51:cc:01:3c:3f:5b:4c:48:19:9e:50:
27:1c:7e:a9:a9:f0:4a:36:3a:a0:c0:ef:e8:38:b9:
19:a6:6a:2c:a8:38:d1:62:b7:9a:84:27:18:4a:d7:
e0:81:97:20:aa:77:2e:fe:b2:86:84:27:b9:ed:6d:
24:fd:1f:67:49:53:56:5b:c2:ce:29:39:ea:98:9d:
21:3e:1e:38:0e:6d:a1:3a:9d:7f:79:6a:c3:07:7d:
77:85:59:04:3d:e5:5f:98:a0:d2:1c:15:e8:85:47:
ce:4c:0f:d5:aa:c4:98:f6:e2:e8:0d:b6:dd:e3:cf:
f2:c7:dd:ce:d1:11:51:62:22:82:3d:f8:a5:55:fd:
67:98:c8:55:e9:bb:c6:06:82:d6:c5:02:80:4b:a7:
d9:c6:c2:eb:e7:0e:0f:28:76:bd:f3:dd:43:32:3a:
5c:56:01:67:0c:3d:e8:a0:af:c0:3f:28:93:13:7d:
e8:cb:9d:dd:81:96:f7:69:a9:f7:bb:95:5e:f3:cc:
72:8b:f9:0f:fb:8e:4b:47:21:52:db:a4:b9:37:f2:
18:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:1E:F1:4D:00:31:86:67:76:31:53:26:EB:8C:C8:29:50:A4:6C:12
X509v3 Authority Key Identifier:
keyid:85:E1:56:7B:16:81:83:3C:94:4A:5F:26:40:A9:E0:3B:E8:EF:0B:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/heFWexaBgzyUSl8mQKngO-jvC_Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/df4945-f532-4a01-a7fa-53a998de63e3/1/heFWexaBgzyUSl8mQKngO-jvC_Q.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/df4945-f532-4a01-a7fa-53a998de63e3/1/heFWexaBgzyUSl8mQKngO-jvC_Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
37:94:08:5a:70:4b:ab:b6:0e:cd:d8:31:10:14:c8:1b:ec:05:
d2:62:8f:33:cc:94:0b:cf:f0:03:f6:7d:23:ff:b6:28:a9:21:
ae:08:fc:21:10:03:d8:4e:1f:f2:e1:df:6b:7d:13:77:dc:c9:
26:b0:d1:b7:ad:7f:5f:36:95:54:41:6b:e2:85:ce:db:bd:c1:
d9:87:bd:9d:53:d6:b7:f8:0a:82:91:3b:8c:7a:73:4c:66:14:
99:5f:45:9d:dd:7c:72:19:16:5c:3c:95:63:c6:e0:b9:3d:df:
ce:3f:4b:72:7b:37:b3:ad:3c:31:4d:d9:f0:cf:f9:c6:52:4e:
c6:6a:15:86:2e:bb:cc:d1:1f:a8:26:d4:08:71:73:86:95:18:
4e:12:4e:75:5b:4f:03:e6:61:15:31:dc:3a:cb:52:4c:75:ca:
39:80:89:0c:3f:e3:d3:36:cd:1b:6a:4e:15:23:3f:61:44:6f:
f6:e1:a6:b9:a2:04:92:c2:e9:34:10:5a:e0:ea:cb:af:45:2b:
4c:4b:51:7b:df:3c:ec:c7:ee:c2:78:e4:a8:fe:c9:b8:52:c4:
3e:88:c9:d5:0d:38:a6:5d:8b:c1:f4:ba:95:16:d6:77:1e:10:
d4:5b:b8:3e:81:e2:0c:1c:77:00:7b:15:16:4e:c3:8e:59:53:
cc:79:2e:92
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2aPstQ4lMzUZ3cMc2iAWbFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1ZTE1NjdiMTY4MTgzM2M5NDRhNWYyNjQwYTllMDNiZThl
ZjBiZjQwHhcNMjYwNDE3MDcwMTM5WhcNMjYwNDE4MDcwMTM5WjAzMTEwLwYDVQQD
EyhiNjFlZjE0ZDAwMzE4NjY3NzYzMTUzMjZlYjhjYzgyOTUwYTQ2YzEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA37U7g/T6/75YEfp95GJM6P7bkPZL
YYA+DUv8YdA0IOz9lJBdpqdw7JusahUkTz+VUcwBPD9bTEgZnlAnHH6pqfBKNjqg
wO/oOLkZpmosqDjRYreahCcYStfggZcgqncu/rKGhCe57W0k/R9nSVNWW8LOKTnq
mJ0hPh44Dm2hOp1/eWrDB313hVkEPeVfmKDSHBXohUfOTA/VqsSY9uLoDbbd48/y
x93O0RFRYiKCPfilVf1nmMhV6bvGBoLWxQKAS6fZxsLr5w4PKHa9891DMjpcVgFn
DD3ooK/APyiTE33oy53dgZb3aan3u5Ve88xyi/kP+45LRyFS26S5N/IY8wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLYe8U0AMYZndjFTJuuMyClQpGwSMB8GA1UdIwQY
MBaAFIXhVnsWgYM8lEpfJkCp4Dvo7wv0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGVGV2V4YUJnenlVU2w4bVFLbmdPLWp2Q19RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy9kZjQ5NDUtZjUzMi00YTAxLWE3ZmEt
NTNhOTk4ZGU2M2UzLzEvaGVGV2V4YUJnenlVU2w4bVFLbmdPLWp2Q19RLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy9kZjQ5NDUtZjUzMi00YTAxLWE3ZmEtNTNhOTk4ZGU2M2Uz
LzEvaGVGV2V4YUJnenlVU2w4bVFLbmdPLWp2Q19RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAN5QIWnBL
q7YOzdgxEBTIG+wF0mKPM8yUC8/wA/Z9I/+2KKkhrgj8IRAD2E4f8uHfa30Td9zJ
JrDRt61/XzaVVEFr4oXO273B2Ye9nVPWt/gKgpE7jHpzTGYUmV9Fnd18chkWXDyV
Y8bguT3fzj9Lcns3s608MU3Z8M/5xlJOxmoVhi67zNEfqCbUCHFzhpUYThJOdVtP
A+ZhFTHcOstSTHXKOYCJDD/j0zbNG2pOFSM/YURv9uGmuaIEksLpNBBa4OrLr0Ur
TEtRe9887MfuwnjkqP7JuFLEPojJ1Q04pl2LwfS6lRbWdx4Q1Fu4PoHiDBx3AHsV
Fk7DjllTzHkukg==
-----END CERTIFICATE-----
Generated at Fri Apr 17 14:42:18 2026 by rpki-client