Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/790a78-4a2d-4f16-880a-4ce4d3b197d8/1/0heXhYa_86Z3fVWpqWNYQVFtQ7Q.mft
File: 0heXhYa_86Z3fVWpqWNYQVFtQ7Q.mft (raw, json)
Hash identifier: ra04Okqy+iwsLdDYolfupv6BnHdGcLjwgfnOZjflq0c=
Subject key identifier: 1F:2D:51:C7:C8:A5:2C:79:A0:06:EA:17:B5:70:30:B2:97:EE:88:96
Authority key identifier: D2:17:97:85:86:BF:F3:A6:77:7D:55:A9:A9:63:58:41:51:6D:43:B4
Certificate issuer: /CN=d217978586bff3a6777d55a9a9635841516d43b4
Certificate serial: 019CAE6C75434112429FC0ACEC8993F3B5A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0heXhYa_86Z3fVWpqWNYQVFtQ7Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/790a78-4a2d-4f16-880a-4ce4d3b197d8/1/0heXhYa_86Z3fVWpqWNYQVFtQ7Q.mft
Manifest number: 0DDB
Signing time: Mon 02 Mar 2026 12:01:09 +0000
Manifest this update: Mon 02 Mar 2026 12:01:09 +0000
Manifest next update: Tue 03 Mar 2026 12:01:09 +0000
Files and hashes: 1: 0heXhYa_86Z3fVWpqWNYQVFtQ7Q.crl (hash: xYSN4WZqoNbxMrX3ChptSSHazd+rW0aYnmlrvgviji8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/37/790a78-4a2d-4f16-880a-4ce4d3b197d8/1/0heXhYa_86Z3fVWpqWNYQVFtQ7Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/37/790a78-4a2d-4f16-880a-4ce4d3b197d8/1/0heXhYa_86Z3fVWpqWNYQVFtQ7Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/0heXhYa_86Z3fVWpqWNYQVFtQ7Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 09:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ae:6c:75:43:41:12:42:9f:c0:ac:ec:89:93:f3:b5:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d217978586bff3a6777d55a9a9635841516d43b4
Validity
Not Before: Mar 2 12:01:09 2026 GMT
Not After : Mar 3 12:01:09 2026 GMT
Subject: CN=1f2d51c7c8a52c79a006ea17b57030b297ee8896
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:54:99:2d:1d:1e:7b:2d:7e:8e:f3:0b:80:bf:
1e:ed:c1:59:b5:a6:b2:6c:da:6f:74:47:94:5d:57:
17:be:de:a6:6c:48:71:80:31:8d:66:0f:21:be:1a:
5e:dc:93:17:bb:68:5f:a1:56:28:de:f3:4c:cb:9e:
0d:63:4d:62:3c:2a:6e:09:90:a0:da:85:9b:83:36:
b0:e1:b3:d0:6f:9b:bd:09:7e:3f:ad:fd:b0:36:63:
00:b3:7c:00:0c:21:e3:73:dd:c8:a1:e9:b2:da:9e:
79:f5:4b:e4:a1:6f:1a:00:0b:55:79:a2:ad:f5:08:
c0:cc:61:7e:b2:e2:e4:6c:24:cc:f3:43:56:e9:5f:
22:3e:0c:81:51:77:c8:45:bc:81:06:db:38:27:73:
84:31:5d:a4:12:30:8a:d8:97:07:02:83:9b:64:1b:
c8:17:d7:cb:c0:be:f3:b5:94:99:74:b0:fb:82:e8:
1a:81:84:20:d3:b9:81:dc:04:93:8a:7c:7a:a9:54:
6b:4f:67:44:22:f5:d8:b1:47:7f:1f:cb:e6:59:2d:
5f:56:07:b9:d2:56:51:9d:ae:b7:be:0d:77:08:a5:
db:a6:48:ce:11:f1:15:16:0f:1d:38:66:db:08:ac:
f4:90:86:af:7f:c8:75:0c:9d:7c:27:40:1a:21:3e:
bc:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:2D:51:C7:C8:A5:2C:79:A0:06:EA:17:B5:70:30:B2:97:EE:88:96
X509v3 Authority Key Identifier:
keyid:D2:17:97:85:86:BF:F3:A6:77:7D:55:A9:A9:63:58:41:51:6D:43:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0heXhYa_86Z3fVWpqWNYQVFtQ7Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/790a78-4a2d-4f16-880a-4ce4d3b197d8/1/0heXhYa_86Z3fVWpqWNYQVFtQ7Q.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/790a78-4a2d-4f16-880a-4ce4d3b197d8/1/0heXhYa_86Z3fVWpqWNYQVFtQ7Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
00:5d:84:74:4c:5d:a8:d4:2a:7c:bf:c9:27:cd:ad:5f:62:e6:
87:cf:97:a1:5d:c1:d1:d2:46:b3:1b:51:bc:68:76:16:48:d8:
3c:ab:db:59:cb:91:59:1a:ec:66:a8:a4:8e:90:aa:f4:ed:88:
c1:48:52:b4:8b:30:5d:39:d6:70:76:a9:56:1a:ef:7c:f5:d5:
e4:2e:cf:c0:5e:0b:20:8e:23:69:37:f6:c4:42:10:65:8e:3a:
e9:0a:76:e2:bc:7a:e0:3b:f5:f6:1d:72:bc:73:e2:3e:be:4c:
d2:72:6e:4c:af:37:84:dd:8f:54:fb:5d:e1:fc:0f:9b:78:a8:
d1:e2:30:a7:ad:b1:99:ea:62:54:aa:b8:8c:47:de:51:3b:ad:
cc:5a:d7:8a:a2:4a:43:26:88:24:2a:88:db:08:6f:2b:b0:6c:
58:fe:ee:8f:c5:ac:b7:1d:b4:a6:44:8f:12:94:e2:d6:6c:e5:
60:a8:d7:3a:3f:c7:fd:84:03:ef:aa:69:47:45:1d:55:f7:f0:
33:33:ff:12:7a:83:e0:3c:a9:d2:b0:9a:84:f6:9c:b4:77:ba:
87:fe:2d:5b:b9:5c:fc:73:3f:a3:d2:c0:53:55:94:65:45:90:
d5:93:78:96:69:46:c2:6a:30:23:81:1d:7f:49:08:cd:86:fc:
1d:a0:0f:e1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyubHVDQRJCn8Cs7ImT87WhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMTc5Nzg1ODZiZmYzYTY3NzdkNTVhOWE5NjM1ODQxNTE2
ZDQzYjQwHhcNMjYwMzAyMTIwMTA5WhcNMjYwMzAzMTIwMTA5WjAzMTEwLwYDVQQD
EygxZjJkNTFjN2M4YTUyYzc5YTAwNmVhMTdiNTcwMzBiMjk3ZWU4ODk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5FSZLR0eey1+jvMLgL8e7cFZtaay
bNpvdEeUXVcXvt6mbEhxgDGNZg8hvhpe3JMXu2hfoVYo3vNMy54NY01iPCpuCZCg
2oWbgzaw4bPQb5u9CX4/rf2wNmMAs3wADCHjc93Ioemy2p559UvkoW8aAAtVeaKt
9QjAzGF+suLkbCTM80NW6V8iPgyBUXfIRbyBBts4J3OEMV2kEjCK2JcHAoObZBvI
F9fLwL7ztZSZdLD7gugagYQg07mB3ASTinx6qVRrT2dEIvXYsUd/H8vmWS1fVge5
0lZRna63vg13CKXbpkjOEfEVFg8dOGbbCKz0kIavf8h1DJ18J0AaIT68MQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB8tUcfIpSx5oAbqF7VwMLKX7oiWMB8GA1UdIwQY
MBaAFNIXl4WGv/Omd31VqaljWEFRbUO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGhlWGhZYV84NlozZlZXcHFXTllRVkZ0UTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy83OTBhNzgtNGEyZC00ZjE2LTg4MGEt
NGNlNGQzYjE5N2Q4LzEvMGhlWGhZYV84NlozZlZXcHFXTllRVkZ0UTdRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy83OTBhNzgtNGEyZC00ZjE2LTg4MGEtNGNlNGQzYjE5N2Q4
LzEvMGhlWGhZYV84NlozZlZXcHFXTllRVkZ0UTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAF2EdExd
qNQqfL/JJ82tX2Lmh8+XoV3B0dJGsxtRvGh2FkjYPKvbWcuRWRrsZqikjpCq9O2I
wUhStIswXTnWcHapVhrvfPXV5C7PwF4LII4jaTf2xEIQZY466Qp24rx64Dv19h1y
vHPiPr5M0nJuTK83hN2PVPtd4fwPm3io0eIwp62xmepiVKq4jEfeUTutzFrXiqJK
QyaIJCqI2whvK7BsWP7uj8Wstx20pkSPEpTi1mzlYKjXOj/H/YQD76ppR0UdVffw
MzP/EnqD4Dyp0rCahPactHe6h/4tW7lc/HM/o9LAU1WUZUWQ1ZN4lmlGwmowI4Ed
f0kIzYb8HaAP4Q==
-----END CERTIFICATE-----
Generated at Mon Mar 2 14:43:41 2026 by rpki-client