Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/b66569-33db-4d89-9a67-f069345e428c/1/HeL84IWat-AbhRy2Buvb1cAzgSU.mft
File: HeL84IWat-AbhRy2Buvb1cAzgSU.mft (raw, json)
Hash identifier: P175LZvocw5b2aHC+sH12bhfDFyZtxPl5Fcssm36uDg=
Subject key identifier: 8D:44:16:04:7B:60:1A:D5:F9:28:AF:BC:99:29:6D:C9:00:C7:EC:79
Authority key identifier: 1D:E2:FC:E0:85:9A:B7:E0:1B:85:1C:B6:06:EB:DB:D5:C0:33:81:25
Certificate issuer: /CN=1de2fce0859ab7e01b851cb606ebdbd5c0338125
Certificate serial: 019CAFB66B3215091CD03F5083F42A07B335
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HeL84IWat-AbhRy2Buvb1cAzgSU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/b66569-33db-4d89-9a67-f069345e428c/1/HeL84IWat-AbhRy2Buvb1cAzgSU.mft
Manifest number: D1
Signing time: Mon 02 Mar 2026 18:01:33 +0000
Manifest this update: Mon 02 Mar 2026 18:01:33 +0000
Manifest next update: Tue 03 Mar 2026 18:01:33 +0000
Files and hashes: 1: Dqcp4RvQl7P2OEX63xUaN0DRBVg.roa (hash: IQ4Oj0h0gSI/GePJB5bn18PdQHZHOsSLQnCDVouxx7g=)
2: HeL84IWat-AbhRy2Buvb1cAzgSU.crl (hash: Vu/w3NAomk5P6R5paEfZ/zzk3fAKd8Wqc2B2Kc/8Bu0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/b66569-33db-4d89-9a67-f069345e428c/1/HeL84IWat-AbhRy2Buvb1cAzgSU.crl
rsync://rpki.ripe.net/repository/DEFAULT/34/b66569-33db-4d89-9a67-f069345e428c/1/HeL84IWat-AbhRy2Buvb1cAzgSU.mft
rsync://rpki.ripe.net/repository/DEFAULT/HeL84IWat-AbhRy2Buvb1cAzgSU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 18:01:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:af:b6:6b:32:15:09:1c:d0:3f:50:83:f4:2a:07:b3:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1de2fce0859ab7e01b851cb606ebdbd5c0338125
Validity
Not Before: Mar 2 18:01:33 2026 GMT
Not After : Mar 3 18:01:33 2026 GMT
Subject: CN=8d4416047b601ad5f928afbc99296dc900c7ec79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:15:4b:f4:8d:fd:02:a6:8f:51:9c:0e:74:a5:
08:0e:9c:86:a8:3f:07:22:5d:6e:06:29:e1:3a:eb:
9d:e4:e8:e7:54:33:f4:44:af:8f:e0:e0:24:8d:b5:
ba:4e:4a:4c:dd:69:37:e8:f7:ea:66:8e:c4:12:b2:
bc:02:bf:f1:67:94:d6:fd:74:af:4c:2b:02:7b:14:
d2:65:91:b9:65:5c:20:33:ae:0b:d4:a7:29:9b:e4:
bd:0c:9e:15:76:8c:6c:bb:ba:3d:92:1c:5d:58:d7:
9f:66:e9:ed:33:0e:f7:4a:7b:9c:11:b7:42:77:4a:
e7:b4:c8:42:35:dc:4c:43:28:7f:01:35:12:e1:f2:
2e:9e:a3:f3:a8:c7:00:07:20:0c:2a:7e:bd:57:51:
2e:71:0a:12:ab:4a:52:16:df:f9:e4:90:39:13:94:
f2:ea:07:ef:c3:50:1b:08:68:a1:30:08:49:83:93:
0f:2b:3c:32:08:ab:1a:da:57:65:a7:33:7c:ed:60:
7e:21:41:df:fb:8a:b9:d2:75:df:53:2b:89:b7:b2:
09:7b:d7:7c:f3:64:d8:f7:ba:1e:52:60:15:f2:e4:
f7:44:bd:5d:5a:3a:28:db:2e:85:82:a0:d5:a1:16:
0e:d0:55:02:1f:25:dc:69:43:91:9e:e0:0d:d7:60:
08:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:44:16:04:7B:60:1A:D5:F9:28:AF:BC:99:29:6D:C9:00:C7:EC:79
X509v3 Authority Key Identifier:
keyid:1D:E2:FC:E0:85:9A:B7:E0:1B:85:1C:B6:06:EB:DB:D5:C0:33:81:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HeL84IWat-AbhRy2Buvb1cAzgSU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/b66569-33db-4d89-9a67-f069345e428c/1/HeL84IWat-AbhRy2Buvb1cAzgSU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/b66569-33db-4d89-9a67-f069345e428c/1/HeL84IWat-AbhRy2Buvb1cAzgSU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0e:5d:cf:23:42:39:c2:cf:dc:7b:ac:29:58:3a:01:82:15:e8:
b9:c8:fe:0e:07:28:6f:55:88:47:ce:dd:47:be:15:01:3d:4d:
56:7d:f5:30:99:3e:f8:f3:0e:fb:0c:92:42:05:5c:93:cc:10:
bf:96:35:fa:19:b9:8b:5c:71:0a:08:60:2c:60:a2:9c:3c:9b:
6c:44:22:a5:10:d6:fd:9e:68:d5:bb:0b:a6:66:5a:2e:08:63:
59:6a:a8:63:77:58:25:66:5a:33:9a:4d:aa:c3:ff:5e:10:83:
e0:c3:4a:f6:45:a5:c2:1a:00:ed:29:12:29:c4:47:67:b4:bf:
b1:54:e8:4f:f7:03:85:97:22:93:7d:83:b8:12:5d:ab:e1:fd:
f2:a7:e9:a0:3f:80:c9:a2:59:b2:b2:c1:9b:02:cc:d1:a5:29:
7a:28:50:fd:72:07:95:d4:6b:48:6b:fc:f8:4e:98:e1:d5:3b:
21:b0:08:46:ad:52:d7:1b:40:b4:5a:3c:76:ec:dd:92:27:1a:
2b:1c:72:ad:d0:e8:8c:4a:ac:2b:be:c9:66:32:7b:70:b2:4c:
07:0e:24:7a:1c:a4:11:a1:85:e3:1f:a8:74:ce:ca:cc:b3:83:
f7:ef:43:cb:74:dd:84:78:0c:55:ef:b2:2d:44:20:72:c9:8f:
e1:4a:d6:ba
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyvtmsyFQkc0D9Qg/QqB7M1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkZTJmY2UwODU5YWI3ZTAxYjg1MWNiNjA2ZWJkYmQ1YzAz
MzgxMjUwHhcNMjYwMzAyMTgwMTMzWhcNMjYwMzAzMTgwMTMzWjAzMTEwLwYDVQQD
Eyg4ZDQ0MTYwNDdiNjAxYWQ1ZjkyOGFmYmM5OTI5NmRjOTAwYzdlYzc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtxVL9I39AqaPUZwOdKUIDpyGqD8H
Il1uBinhOuud5OjnVDP0RK+P4OAkjbW6TkpM3Wk36PfqZo7EErK8Ar/xZ5TW/XSv
TCsCexTSZZG5ZVwgM64L1Kcpm+S9DJ4Vdoxsu7o9khxdWNefZuntMw73SnucEbdC
d0rntMhCNdxMQyh/ATUS4fIunqPzqMcAByAMKn69V1EucQoSq0pSFt/55JA5E5Ty
6gfvw1AbCGihMAhJg5MPKzwyCKsa2ldlpzN87WB+IUHf+4q50nXfUyuJt7IJe9d8
82TY97oeUmAV8uT3RL1dWjoo2y6FgqDVoRYO0FUCHyXcaUORnuAN12AIGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI1EFgR7YBrV+SivvJkpbckAx+x5MB8GA1UdIwQY
MBaAFB3i/OCFmrfgG4Uctgbr29XAM4ElMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGVMODRJV2F0LUFiaFJ5MkJ1dmIxY0F6Z1NVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9iNjY1NjktMzNkYi00ZDg5LTlhNjct
ZjA2OTM0NWU0MjhjLzEvSGVMODRJV2F0LUFiaFJ5MkJ1dmIxY0F6Z1NVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9iNjY1NjktMzNkYi00ZDg5LTlhNjctZjA2OTM0NWU0Mjhj
LzEvSGVMODRJV2F0LUFiaFJ5MkJ1dmIxY0F6Z1NVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADl3PI0I5
ws/ce6wpWDoBghXoucj+Dgcob1WIR87dR74VAT1NVn31MJk++PMO+wySQgVck8wQ
v5Y1+hm5i1xxCghgLGCinDybbEQipRDW/Z5o1bsLpmZaLghjWWqoY3dYJWZaM5pN
qsP/XhCD4MNK9kWlwhoA7SkSKcRHZ7S/sVToT/cDhZcik32DuBJdq+H98qfpoD+A
yaJZsrLBmwLM0aUpeihQ/XIHldRrSGv8+E6Y4dU7IbAIRq1S1xtAtFo8duzdkica
KxxyrdDojEqsK77JZjJ7cLJMBw4kehykEaGF4x+odM7KzLOD9+9Dy3TdhHgMVe+y
LUQgcsmP4UrWug==
-----END CERTIFICATE-----
Generated at Tue Mar 3 02:54:58 2026 by rpki-client