Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/990590-4a63-4b2f-a933-d1959f3e2f76/1/hGzXvBkUIFasr5VzyqGvjehxgVY.mft
File: hGzXvBkUIFasr5VzyqGvjehxgVY.mft (raw, json)
Hash identifier: cStgu3sB2xd9NeluCYbUepwZS/ZYezoDz86s2s3DETE=
Subject key identifier: 9F:10:EE:62:CE:31:2C:B7:47:C1:47:B6:A0:46:8A:3D:5E:1D:A1:26
Authority key identifier: 84:6C:D7:BC:19:14:20:56:AC:AF:95:73:CA:A1:AF:8D:E8:71:81:56
Certificate issuer: /CN=846cd7bc19142056acaf9573caa1af8de8718156
Certificate serial: 019D9B87AD00F6005457D4617AC0DBA42A06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hGzXvBkUIFasr5VzyqGvjehxgVY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/990590-4a63-4b2f-a933-d1959f3e2f76/1/hGzXvBkUIFasr5VzyqGvjehxgVY.mft
Manifest number: 040F
Signing time: Fri 17 Apr 2026 13:00:53 +0000
Manifest this update: Fri 17 Apr 2026 13:00:53 +0000
Manifest next update: Sat 18 Apr 2026 13:00:53 +0000
Files and hashes: 1: hGzXvBkUIFasr5VzyqGvjehxgVY.crl (hash: 1JcpsFKKu5f9g/R1s6ulLvQLHGiH8yDjr14ld3A61rY=)
2: uoOfCKkTnW2JzFJRrSJDBT5bTzc.roa (hash: jS+d7zXHIn78Fh4bwNdoOL3BSqCzsjrWEmoa3PN6ng4=)
3: wOpotjYca3hIDPpRRC4dKRWIXpY.roa (hash: ILk18RM+vK4poNQ402hCagvt+4XgooFqtYGnOzDde5w=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/990590-4a63-4b2f-a933-d1959f3e2f76/1/hGzXvBkUIFasr5VzyqGvjehxgVY.crl
rsync://rpki.ripe.net/repository/DEFAULT/33/990590-4a63-4b2f-a933-d1959f3e2f76/1/hGzXvBkUIFasr5VzyqGvjehxgVY.mft
rsync://rpki.ripe.net/repository/DEFAULT/hGzXvBkUIFasr5VzyqGvjehxgVY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 13:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9b:87:ad:00:f6:00:54:57:d4:61:7a:c0:db:a4:2a:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=846cd7bc19142056acaf9573caa1af8de8718156
Validity
Not Before: Apr 17 13:00:53 2026 GMT
Not After : Apr 18 13:00:53 2026 GMT
Subject: CN=9f10ee62ce312cb747c147b6a0468a3d5e1da126
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:db:ae:bd:d1:f9:57:0c:56:fd:93:19:bb:2e:
14:20:b1:a1:02:f9:43:87:b6:2b:05:eb:fc:03:6d:
a7:12:2f:b6:af:5c:1b:a0:fe:0c:de:f8:9f:73:7c:
16:dc:39:4c:9a:b2:11:75:b5:e2:d8:a3:81:15:e0:
96:00:b8:3d:59:86:6f:bf:5a:18:27:4e:03:a4:56:
ff:a0:90:69:eb:8a:7b:ca:79:7d:df:b1:de:b3:d4:
aa:47:fd:ab:04:f1:30:7d:97:f1:7f:19:51:81:18:
7d:d4:44:cd:0d:f8:c5:43:7c:05:f9:6a:e3:a5:72:
4d:69:e7:5d:f4:04:ee:fc:ab:b3:c8:50:b4:b2:3d:
77:3b:89:b1:c5:f6:c2:e4:96:5e:7e:bc:47:92:05:
f9:22:67:f5:f8:96:c1:e6:c6:27:0b:fc:91:de:b4:
65:3e:e9:e7:0b:c9:8d:5f:e7:b0:3e:c7:0c:a0:1d:
0a:df:04:be:db:1b:71:2b:14:d7:af:c2:93:e5:67:
82:a3:b0:c9:8c:77:73:d8:e7:47:97:91:e9:40:0a:
c4:e8:3d:c7:30:ba:f3:7c:6d:8f:a9:dd:c1:50:72:
de:b7:54:94:29:8e:aa:e0:15:a7:a7:1c:2b:01:e4:
40:58:f7:d2:5d:33:0f:8d:37:8e:d5:57:3b:54:d3:
03:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:10:EE:62:CE:31:2C:B7:47:C1:47:B6:A0:46:8A:3D:5E:1D:A1:26
X509v3 Authority Key Identifier:
keyid:84:6C:D7:BC:19:14:20:56:AC:AF:95:73:CA:A1:AF:8D:E8:71:81:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hGzXvBkUIFasr5VzyqGvjehxgVY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/990590-4a63-4b2f-a933-d1959f3e2f76/1/hGzXvBkUIFasr5VzyqGvjehxgVY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/990590-4a63-4b2f-a933-d1959f3e2f76/1/hGzXvBkUIFasr5VzyqGvjehxgVY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
73:34:7e:2e:b3:5b:96:4f:ff:a8:c2:44:ef:02:73:90:11:5c:
9a:e9:af:35:36:36:41:fb:e6:56:83:e1:ea:ef:d8:8c:2f:f9:
ee:eb:4d:e1:31:cc:f2:c1:0c:d9:7d:65:52:bb:31:f9:ae:55:
32:a2:16:be:5d:31:53:17:4b:a2:bc:5a:04:0f:c9:84:3f:f5:
41:8d:e6:c6:2f:06:9b:c9:87:e4:42:f3:76:79:73:6a:cc:a6:
a4:e1:c9:a7:14:2c:c6:c0:4d:e5:4b:69:23:ab:34:3f:77:5e:
67:c9:b2:45:02:29:cf:3e:82:70:86:cf:d1:b6:18:59:90:07:
a0:69:43:84:1a:29:3e:19:b3:71:e4:06:59:ab:24:b0:1f:82:
a3:6c:21:58:09:33:d8:00:dc:9d:10:bf:33:95:05:74:62:d4:
56:a3:2d:86:a5:da:7c:e7:c1:90:6e:12:1a:d6:9a:e5:42:85:
1a:2f:bd:d3:2f:14:8f:c0:cb:70:c5:6c:71:b3:01:46:91:eb:
c3:47:9f:8f:e2:fa:c2:ac:30:f1:3b:4e:fb:12:aa:5e:15:ba:
35:ac:1d:b5:49:0c:ee:af:da:a9:cb:79:96:e6:03:0e:56:08:
41:59:15:5d:bb:37:49:c3:34:3d:87:a3:ef:97:19:86:5f:52:
9b:ab:e5:a0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2bh60A9gBUV9RhesDbpCoGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0NmNkN2JjMTkxNDIwNTZhY2FmOTU3M2NhYTFhZjhkZTg3
MTgxNTYwHhcNMjYwNDE3MTMwMDUzWhcNMjYwNDE4MTMwMDUzWjAzMTEwLwYDVQQD
Eyg5ZjEwZWU2MmNlMzEyY2I3NDdjMTQ3YjZhMDQ2OGEzZDVlMWRhMTI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA59uuvdH5VwxW/ZMZuy4UILGhAvlD
h7YrBev8A22nEi+2r1wboP4M3vifc3wW3DlMmrIRdbXi2KOBFeCWALg9WYZvv1oY
J04DpFb/oJBp64p7ynl937Hes9SqR/2rBPEwfZfxfxlRgRh91ETNDfjFQ3wF+Wrj
pXJNaedd9ATu/KuzyFC0sj13O4mxxfbC5JZefrxHkgX5Imf1+JbB5sYnC/yR3rRl
PunnC8mNX+ewPscMoB0K3wS+2xtxKxTXr8KT5WeCo7DJjHdz2OdHl5HpQArE6D3H
MLrzfG2Pqd3BUHLet1SUKY6q4BWnpxwrAeRAWPfSXTMPjTeO1Vc7VNMDiQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ8Q7mLOMSy3R8FHtqBGij1eHaEmMB8GA1UdIwQY
MBaAFIRs17wZFCBWrK+Vc8qhr43ocYFWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEd6WHZCa1VJRmFzcjVWenlxR3ZqZWh4Z1ZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy85OTA1OTAtNGE2My00YjJmLWE5MzMt
ZDE5NTlmM2UyZjc2LzEvaEd6WHZCa1VJRmFzcjVWenlxR3ZqZWh4Z1ZZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy85OTA1OTAtNGE2My00YjJmLWE5MzMtZDE5NTlmM2UyZjc2
LzEvaEd6WHZCa1VJRmFzcjVWenlxR3ZqZWh4Z1ZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAczR+LrNb
lk//qMJE7wJzkBFcmumvNTY2QfvmVoPh6u/YjC/57utN4THM8sEM2X1lUrsx+a5V
MqIWvl0xUxdLorxaBA/JhD/1QY3mxi8Gm8mH5ELzdnlzasympOHJpxQsxsBN5Utp
I6s0P3deZ8myRQIpzz6CcIbP0bYYWZAHoGlDhBopPhmzceQGWasksB+Co2whWAkz
2ADcnRC/M5UFdGLUVqMthqXafOfBkG4SGtaa5UKFGi+90y8Uj8DLcMVscbMBRpHr
w0efj+L6wqww8TtO+xKqXhW6NawdtUkM7q/aqct5luYDDlYIQVkVXbs3ScM0PYej
75cZhl9Sm6vloA==
-----END CERTIFICATE-----
Generated at Sat Apr 18 00:05:55 2026 by rpki-client