Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/990590-4a63-4b2f-a933-d1959f3e2f76/1/hGzXvBkUIFasr5VzyqGvjehxgVY.mft
File: hGzXvBkUIFasr5VzyqGvjehxgVY.mft (raw, json)
Hash identifier: SlZzd3KGykPmvkUhJdt0RfZEeUTzvJkPsOXnxVs5Okc=
Subject key identifier: 1D:C2:5D:BC:AA:DB:2C:D2:7D:09:28:F4:DE:CC:51:9F:8A:F5:1B:1F
Authority key identifier: 84:6C:D7:BC:19:14:20:56:AC:AF:95:73:CA:A1:AF:8D:E8:71:81:56
Certificate issuer: /CN=846cd7bc19142056acaf9573caa1af8de8718156
Certificate serial: 019CADFE14165BF9CB11DC8540B03EFF9955
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hGzXvBkUIFasr5VzyqGvjehxgVY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/990590-4a63-4b2f-a933-d1959f3e2f76/1/hGzXvBkUIFasr5VzyqGvjehxgVY.mft
Manifest number: 0394
Signing time: Mon 02 Mar 2026 10:00:35 +0000
Manifest this update: Mon 02 Mar 2026 10:00:35 +0000
Manifest next update: Tue 03 Mar 2026 10:00:35 +0000
Files and hashes: 1: hGzXvBkUIFasr5VzyqGvjehxgVY.crl (hash: SN26j1ROVF1gfOO2Aqa/YvkNE6RmQ+UgmAEXeOYf1Ik=)
2: uoOfCKkTnW2JzFJRrSJDBT5bTzc.roa (hash: jS+d7zXHIn78Fh4bwNdoOL3BSqCzsjrWEmoa3PN6ng4=)
3: wOpotjYca3hIDPpRRC4dKRWIXpY.roa (hash: ILk18RM+vK4poNQ402hCagvt+4XgooFqtYGnOzDde5w=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/990590-4a63-4b2f-a933-d1959f3e2f76/1/hGzXvBkUIFasr5VzyqGvjehxgVY.crl
rsync://rpki.ripe.net/repository/DEFAULT/33/990590-4a63-4b2f-a933-d1959f3e2f76/1/hGzXvBkUIFasr5VzyqGvjehxgVY.mft
rsync://rpki.ripe.net/repository/DEFAULT/hGzXvBkUIFasr5VzyqGvjehxgVY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 10:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ad:fe:14:16:5b:f9:cb:11:dc:85:40:b0:3e:ff:99:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=846cd7bc19142056acaf9573caa1af8de8718156
Validity
Not Before: Mar 2 10:00:35 2026 GMT
Not After : Mar 3 10:00:35 2026 GMT
Subject: CN=1dc25dbcaadb2cd27d0928f4decc519f8af51b1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:07:f7:eb:17:d7:5e:a7:34:bb:5e:ef:e9:de:
c3:0d:e9:03:8a:38:a3:2e:4b:9d:3e:ba:dd:be:5b:
ab:13:53:2f:69:2e:18:ab:78:db:22:45:25:ca:df:
ae:02:13:02:bc:94:6b:c0:ff:6c:c5:df:54:26:e2:
53:b5:c1:8f:c2:3f:1e:0a:f4:1f:59:07:f4:0d:10:
2e:86:96:0a:dc:0e:6f:81:cd:7c:28:fc:ce:34:54:
52:95:f2:42:45:48:11:1b:ee:9d:33:48:34:4d:b1:
fc:a0:e6:17:4c:83:30:0d:4a:d8:cf:b0:44:99:92:
38:91:07:bf:6a:0a:a8:32:ea:e4:45:86:26:cc:c8:
4e:a8:e4:47:72:bf:b9:09:03:ca:1a:40:21:d8:94:
0a:d5:ef:c7:60:d5:20:4c:75:de:ac:eb:73:ae:45:
47:5d:4f:6e:5d:c4:b1:d8:67:c1:f7:4b:76:51:5d:
79:41:e9:95:8a:c3:9e:25:33:9f:12:3e:50:cd:71:
1f:da:09:9f:5a:58:89:4c:f5:84:ab:ed:f5:d0:a1:
6d:b3:1b:a0:17:c5:20:ca:3a:73:f2:9a:00:49:73:
6f:0b:ec:5e:f1:90:c9:e1:62:90:b5:9e:c7:43:4a:
db:25:6f:5b:1a:12:2c:65:ab:da:60:88:1c:52:84:
cd:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:C2:5D:BC:AA:DB:2C:D2:7D:09:28:F4:DE:CC:51:9F:8A:F5:1B:1F
X509v3 Authority Key Identifier:
keyid:84:6C:D7:BC:19:14:20:56:AC:AF:95:73:CA:A1:AF:8D:E8:71:81:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hGzXvBkUIFasr5VzyqGvjehxgVY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/990590-4a63-4b2f-a933-d1959f3e2f76/1/hGzXvBkUIFasr5VzyqGvjehxgVY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/990590-4a63-4b2f-a933-d1959f3e2f76/1/hGzXvBkUIFasr5VzyqGvjehxgVY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2b:2c:39:a3:cc:5a:92:15:6b:7c:34:11:29:a0:8a:c9:b3:91:
0f:8c:07:a9:c3:e8:d5:1f:ed:36:54:c2:9f:16:05:30:f6:d3:
49:07:1c:b2:50:e4:93:2b:87:dd:39:05:cb:40:18:74:04:ae:
67:b1:d9:32:d1:f8:4c:c0:0f:25:d7:f1:4b:d2:9d:93:0c:23:
6c:44:51:ab:21:97:1b:38:ec:3e:75:89:bb:3c:8e:de:a6:bd:
98:d1:f4:e7:22:60:77:6c:eb:06:0e:23:f4:0b:68:4f:49:f3:
44:70:79:7c:36:e4:d1:04:13:d1:51:46:8a:d2:8e:10:9e:8b:
0e:34:5a:8a:c1:e2:c3:b4:b9:8b:08:73:e9:93:43:31:58:d2:
f6:01:bd:5d:e6:2c:a9:7e:ed:dd:4f:3b:56:99:20:47:48:3d:
ce:5e:11:f4:e1:c5:a7:23:db:19:9e:c2:cb:1e:16:fc:a7:b6:
d4:b9:0a:51:8e:75:ae:25:60:74:9a:a5:2f:9d:91:b0:83:9c:
b0:d1:c6:62:96:de:8a:a0:ff:5d:fe:f8:5d:a3:63:84:2d:5b:
d3:24:b6:0a:f1:46:14:bf:76:c3:2d:e2:3a:3a:57:a8:aa:4b:
ba:0d:e8:79:81:43:c8:1d:04:c7:84:79:6a:68:d5:5d:e1:47:
97:5c:64:6e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyt/hQWW/nLEdyFQLA+/5lVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0NmNkN2JjMTkxNDIwNTZhY2FmOTU3M2NhYTFhZjhkZTg3
MTgxNTYwHhcNMjYwMzAyMTAwMDM1WhcNMjYwMzAzMTAwMDM1WjAzMTEwLwYDVQQD
EygxZGMyNWRiY2FhZGIyY2QyN2QwOTI4ZjRkZWNjNTE5ZjhhZjUxYjFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiQf36xfXXqc0u17v6d7DDekDijij
LkudPrrdvlurE1MvaS4Yq3jbIkUlyt+uAhMCvJRrwP9sxd9UJuJTtcGPwj8eCvQf
WQf0DRAuhpYK3A5vgc18KPzONFRSlfJCRUgRG+6dM0g0TbH8oOYXTIMwDUrYz7BE
mZI4kQe/agqoMurkRYYmzMhOqORHcr+5CQPKGkAh2JQK1e/HYNUgTHXerOtzrkVH
XU9uXcSx2GfB90t2UV15QemVisOeJTOfEj5QzXEf2gmfWliJTPWEq+310KFtsxug
F8Ugyjpz8poASXNvC+xe8ZDJ4WKQtZ7HQ0rbJW9bGhIsZavaYIgcUoTNfwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB3CXbyq2yzSfQko9N7MUZ+K9RsfMB8GA1UdIwQY
MBaAFIRs17wZFCBWrK+Vc8qhr43ocYFWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEd6WHZCa1VJRmFzcjVWenlxR3ZqZWh4Z1ZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy85OTA1OTAtNGE2My00YjJmLWE5MzMt
ZDE5NTlmM2UyZjc2LzEvaEd6WHZCa1VJRmFzcjVWenlxR3ZqZWh4Z1ZZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy85OTA1OTAtNGE2My00YjJmLWE5MzMtZDE5NTlmM2UyZjc2
LzEvaEd6WHZCa1VJRmFzcjVWenlxR3ZqZWh4Z1ZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKyw5o8xa
khVrfDQRKaCKybORD4wHqcPo1R/tNlTCnxYFMPbTSQccslDkkyuH3TkFy0AYdASu
Z7HZMtH4TMAPJdfxS9KdkwwjbERRqyGXGzjsPnWJuzyO3qa9mNH05yJgd2zrBg4j
9AtoT0nzRHB5fDbk0QQT0VFGitKOEJ6LDjRaisHiw7S5iwhz6ZNDMVjS9gG9XeYs
qX7t3U87VpkgR0g9zl4R9OHFpyPbGZ7Cyx4W/Ke21LkKUY51riVgdJqlL52RsIOc
sNHGYpbeiqD/Xf74XaNjhC1b0yS2CvFGFL92wy3iOjpXqKpLug3oeYFDyB0Ex4R5
amjVXeFHl1xkbg==
-----END CERTIFICATE-----
Generated at Mon Mar 2 17:29:32 2026 by rpki-client