Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/b66569-33db-4d89-9a67-f069345e428c/1/HeL84IWat-AbhRy2Buvb1cAzgSU.mft
File: HeL84IWat-AbhRy2Buvb1cAzgSU.mft (raw, json)
Hash identifier: EfRp57PKN0ilBITh5irBQo4mE+HZLg/QEHZwqe+oJp8=
Subject key identifier: 14:A6:CD:35:EB:FE:61:4A:4E:16:0A:7E:F6:17:E4:80:0A:36:1E:6F
Authority key identifier: 1D:E2:FC:E0:85:9A:B7:E0:1B:85:1C:B6:06:EB:DB:D5:C0:33:81:25
Certificate issuer: /CN=1de2fce0859ab7e01b851cb606ebdbd5c0338125
Certificate serial: 019D9D3FC21A76458B2F306DFC7B7DD213D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HeL84IWat-AbhRy2Buvb1cAzgSU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/b66569-33db-4d89-9a67-f069345e428c/1/HeL84IWat-AbhRy2Buvb1cAzgSU.mft
Manifest number: 014C
Signing time: Fri 17 Apr 2026 21:01:34 +0000
Manifest this update: Fri 17 Apr 2026 21:01:34 +0000
Manifest next update: Sat 18 Apr 2026 21:01:34 +0000
Files and hashes: 1: Dqcp4RvQl7P2OEX63xUaN0DRBVg.roa (hash: IQ4Oj0h0gSI/GePJB5bn18PdQHZHOsSLQnCDVouxx7g=)
2: HeL84IWat-AbhRy2Buvb1cAzgSU.crl (hash: VYvG3wk+SmWMR69gjOJ6ltIDla7rzHARGG4ydDqNG8Y=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/b66569-33db-4d89-9a67-f069345e428c/1/HeL84IWat-AbhRy2Buvb1cAzgSU.crl
rsync://rpki.ripe.net/repository/DEFAULT/34/b66569-33db-4d89-9a67-f069345e428c/1/HeL84IWat-AbhRy2Buvb1cAzgSU.mft
rsync://rpki.ripe.net/repository/DEFAULT/HeL84IWat-AbhRy2Buvb1cAzgSU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 21:01:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9d:3f:c2:1a:76:45:8b:2f:30:6d:fc:7b:7d:d2:13:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1de2fce0859ab7e01b851cb606ebdbd5c0338125
Validity
Not Before: Apr 17 21:01:34 2026 GMT
Not After : Apr 18 21:01:34 2026 GMT
Subject: CN=14a6cd35ebfe614a4e160a7ef617e4800a361e6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:98:46:e4:3c:a2:28:76:ea:14:c0:a6:48:9f:
3d:07:24:c7:36:6c:03:d1:c1:04:44:7e:e9:73:d2:
d9:9c:40:5f:62:85:5d:88:d3:43:5a:c9:d8:45:a2:
7b:b3:24:1d:d5:bc:f2:25:94:5a:35:e1:7d:dd:9d:
8c:c4:34:9d:78:3d:69:91:e2:30:fa:97:18:f8:d3:
71:30:99:ea:98:0a:38:91:53:ad:14:04:78:a4:6b:
6c:a9:5a:d6:2d:cf:83:89:d4:22:d4:12:af:7c:80:
46:e8:18:87:df:37:50:5a:a2:57:17:9a:a7:0d:ac:
5e:14:86:96:49:06:bb:c1:83:02:36:0f:c4:f5:ce:
9c:f2:c8:34:22:99:8e:e8:77:f4:92:e2:b7:4c:6e:
87:d3:ad:82:ab:10:68:56:00:cb:19:71:d2:ad:21:
3e:21:1e:35:8b:52:12:31:dc:8c:7d:3f:d0:85:84:
71:c7:b2:00:72:2c:32:7d:9f:2a:90:dc:05:23:e8:
dd:04:a3:92:74:b7:a2:7b:36:f7:2c:87:64:7e:91:
39:0a:0a:93:9d:94:d4:4f:b9:d9:5e:6e:f1:f5:ba:
17:a6:53:3e:4d:ba:d0:7e:4d:c4:2b:1b:46:44:20:
7a:93:41:72:93:05:e3:24:db:08:85:08:2f:97:e3:
4b:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:A6:CD:35:EB:FE:61:4A:4E:16:0A:7E:F6:17:E4:80:0A:36:1E:6F
X509v3 Authority Key Identifier:
keyid:1D:E2:FC:E0:85:9A:B7:E0:1B:85:1C:B6:06:EB:DB:D5:C0:33:81:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HeL84IWat-AbhRy2Buvb1cAzgSU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/b66569-33db-4d89-9a67-f069345e428c/1/HeL84IWat-AbhRy2Buvb1cAzgSU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/b66569-33db-4d89-9a67-f069345e428c/1/HeL84IWat-AbhRy2Buvb1cAzgSU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
64:17:c6:d4:9d:bf:f6:82:ac:dc:b3:28:f1:76:6c:3b:70:9a:
25:18:a6:65:2f:18:e4:2b:f2:9f:11:87:ed:1f:49:2b:cf:81:
67:93:28:3c:c8:b1:38:7a:0d:e2:1a:f3:34:de:f8:1c:8a:cb:
53:de:e0:f3:ff:18:b4:64:ad:4e:c1:b9:ff:00:2f:d6:56:0a:
49:d5:e7:32:00:49:18:6a:be:87:62:e5:44:78:44:be:c4:20:
af:1b:cb:8e:d2:bc:f0:8a:26:2e:e3:04:8f:80:f9:7f:68:f0:
d9:c7:1c:15:c4:c3:06:3a:6b:a5:8c:5f:07:59:5c:ef:56:85:
a0:0b:94:cb:f0:c1:51:39:ca:e3:c1:50:9b:e7:96:35:a6:b4:
84:aa:c7:80:03:06:0b:56:a2:2b:f5:47:7b:82:0d:0e:c8:95:
2f:95:ec:48:6b:fc:c8:01:0f:3c:70:4a:7a:95:73:e1:ca:31:
46:76:5b:62:fd:34:0f:f2:62:50:0a:7b:87:50:c3:62:45:1b:
ff:52:30:ef:f6:20:e0:5f:95:16:0c:a1:06:87:06:6a:e6:e0:
26:11:f4:d6:96:ee:6d:8b:66:ad:60:97:17:9d:c8:fb:bb:0a:
bf:1d:f2:47:fc:bd:3f:5b:d8:6c:c8:c3:98:86:25:50:48:cd:
be:d0:ec:39
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2dP8IadkWLLzBt/Ht90hPUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkZTJmY2UwODU5YWI3ZTAxYjg1MWNiNjA2ZWJkYmQ1YzAz
MzgxMjUwHhcNMjYwNDE3MjEwMTM0WhcNMjYwNDE4MjEwMTM0WjAzMTEwLwYDVQQD
EygxNGE2Y2QzNWViZmU2MTRhNGUxNjBhN2VmNjE3ZTQ4MDBhMzYxZTZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt5hG5DyiKHbqFMCmSJ89ByTHNmwD
0cEERH7pc9LZnEBfYoVdiNNDWsnYRaJ7syQd1bzyJZRaNeF93Z2MxDSdeD1pkeIw
+pcY+NNxMJnqmAo4kVOtFAR4pGtsqVrWLc+DidQi1BKvfIBG6BiH3zdQWqJXF5qn
DaxeFIaWSQa7wYMCNg/E9c6c8sg0IpmO6Hf0kuK3TG6H062CqxBoVgDLGXHSrSE+
IR41i1ISMdyMfT/QhYRxx7IAciwyfZ8qkNwFI+jdBKOSdLeiezb3LIdkfpE5CgqT
nZTUT7nZXm7x9boXplM+TbrQfk3EKxtGRCB6k0FykwXjJNsIhQgvl+NLkQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBSmzTXr/mFKThYKfvYX5IAKNh5vMB8GA1UdIwQY
MBaAFB3i/OCFmrfgG4Uctgbr29XAM4ElMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGVMODRJV2F0LUFiaFJ5MkJ1dmIxY0F6Z1NVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9iNjY1NjktMzNkYi00ZDg5LTlhNjct
ZjA2OTM0NWU0MjhjLzEvSGVMODRJV2F0LUFiaFJ5MkJ1dmIxY0F6Z1NVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9iNjY1NjktMzNkYi00ZDg5LTlhNjctZjA2OTM0NWU0Mjhj
LzEvSGVMODRJV2F0LUFiaFJ5MkJ1dmIxY0F6Z1NVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZBfG1J2/
9oKs3LMo8XZsO3CaJRimZS8Y5CvynxGH7R9JK8+BZ5MoPMixOHoN4hrzNN74HIrL
U97g8/8YtGStTsG5/wAv1lYKSdXnMgBJGGq+h2LlRHhEvsQgrxvLjtK88IomLuME
j4D5f2jw2cccFcTDBjprpYxfB1lc71aFoAuUy/DBUTnK48FQm+eWNaa0hKrHgAMG
C1aiK/VHe4INDsiVL5XsSGv8yAEPPHBKepVz4coxRnZbYv00D/JiUAp7h1DDYkUb
/1Iw7/Yg4F+VFgyhBocGaubgJhH01pbubYtmrWCXF53I+7sKvx3yR/y9P1vYbMjD
mIYlUEjNvtDsOQ==
-----END CERTIFICATE-----
Generated at Sat Apr 18 05:36:39 2026 by rpki-client