Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/320395-70c0-4002-a362-ed3e98c656e1/1/hWhAcEemLmSDAMUYKik1P_WOsF8.mft
File: hWhAcEemLmSDAMUYKik1P_WOsF8.mft (raw, json)
Hash identifier: 8bypbW79Ke4nLEJLraoMXA98PoBZnN+UJDy9NG4Jd4k=
Subject key identifier: 3E:B9:EF:56:5B:53:DC:9B:BE:3C:F5:90:9A:FA:11:FD:C0:5F:87:99
Authority key identifier: 85:68:40:70:47:A6:2E:64:83:00:C5:18:2A:29:35:3F:F5:8E:B0:5F
Certificate issuer: /CN=8568407047a62e648300c5182a29353ff58eb05f
Certificate serial: 019CACEB535B4B6515E2182DD33EB814C10A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hWhAcEemLmSDAMUYKik1P_WOsF8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/320395-70c0-4002-a362-ed3e98c656e1/1/hWhAcEemLmSDAMUYKik1P_WOsF8.mft
Manifest number: 0598
Signing time: Mon 02 Mar 2026 05:00:29 +0000
Manifest this update: Mon 02 Mar 2026 05:00:29 +0000
Manifest next update: Tue 03 Mar 2026 05:00:29 +0000
Files and hashes: 1: _3SsPoZz4ndBlE9FKTU4o6A47bQ.roa (hash: YLTYKbUjdWoX7zGu97DHQcaZdG5VUWTXRbFjuRFb06w=)
2: hWhAcEemLmSDAMUYKik1P_WOsF8.crl (hash: 4rp/ahmiDzOLpbbqeaLQfco9NbpMbNojsdTnIkpCEAs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/320395-70c0-4002-a362-ed3e98c656e1/1/hWhAcEemLmSDAMUYKik1P_WOsF8.crl
rsync://rpki.ripe.net/repository/DEFAULT/3a/320395-70c0-4002-a362-ed3e98c656e1/1/hWhAcEemLmSDAMUYKik1P_WOsF8.mft
rsync://rpki.ripe.net/repository/DEFAULT/hWhAcEemLmSDAMUYKik1P_WOsF8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 05:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ac:eb:53:5b:4b:65:15:e2:18:2d:d3:3e:b8:14:c1:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8568407047a62e648300c5182a29353ff58eb05f
Validity
Not Before: Mar 2 05:00:29 2026 GMT
Not After : Mar 3 05:00:29 2026 GMT
Subject: CN=3eb9ef565b53dc9bbe3cf5909afa11fdc05f8799
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:a0:82:ee:95:f0:34:5f:64:94:42:38:6b:98:
2f:c3:a0:d3:33:6c:ca:c6:5d:0f:dc:65:62:7f:e8:
7f:0b:10:a8:ff:51:be:9a:5d:59:94:a4:51:b2:07:
d3:a9:6c:1d:69:3c:9d:05:3d:22:be:30:5e:a4:88:
a8:59:57:76:04:9d:30:cf:90:ca:e7:59:50:cb:26:
dc:cb:8f:c7:9d:c7:f8:c1:93:a0:70:f9:7a:5c:82:
82:d1:6a:4d:01:41:8f:16:2b:71:23:8d:eb:fa:f6:
5d:aa:8c:3d:01:d5:3e:bb:ee:50:18:5a:1b:dc:03:
7c:d0:c5:ff:79:a1:c5:14:9b:67:42:87:54:3f:c9:
81:c4:29:f9:f4:6e:11:71:df:0c:71:6a:c4:d3:34:
87:fb:f2:e0:06:ee:94:88:cb:25:23:d5:6e:90:52:
52:fb:98:27:88:bb:6c:c2:e3:83:7e:1e:e2:8f:7c:
50:58:53:61:90:f6:3e:4a:75:b7:ee:e2:35:e3:fe:
92:85:5b:45:29:06:e9:4f:a8:7b:11:99:40:42:ba:
17:ef:c2:64:d3:45:49:56:d7:b7:2b:62:d9:29:e1:
1b:c0:99:bc:2b:e1:44:01:4b:6f:95:6b:1c:29:8c:
17:86:d5:9d:c1:6b:dd:13:7d:4b:88:b3:7b:64:89:
31:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:B9:EF:56:5B:53:DC:9B:BE:3C:F5:90:9A:FA:11:FD:C0:5F:87:99
X509v3 Authority Key Identifier:
keyid:85:68:40:70:47:A6:2E:64:83:00:C5:18:2A:29:35:3F:F5:8E:B0:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hWhAcEemLmSDAMUYKik1P_WOsF8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/320395-70c0-4002-a362-ed3e98c656e1/1/hWhAcEemLmSDAMUYKik1P_WOsF8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/320395-70c0-4002-a362-ed3e98c656e1/1/hWhAcEemLmSDAMUYKik1P_WOsF8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
28:d6:88:f3:3f:e1:64:8b:ad:53:e7:5d:fa:af:05:34:d5:16:
76:55:c8:93:bf:21:2d:21:24:a1:a2:dd:ec:2f:2e:70:b2:e3:
25:fb:ce:9c:97:c8:84:1f:14:e3:07:98:27:95:32:dd:11:ef:
28:19:03:fe:8c:37:6c:1d:56:e7:17:11:6f:6b:e9:24:45:9c:
6d:c4:69:cb:17:a5:ba:64:d5:36:db:52:e1:27:9d:61:a4:80:
eb:b5:71:9d:8a:6f:e2:c4:b4:b3:77:d8:33:6c:e1:4b:06:42:
ad:b6:f3:01:19:64:20:17:08:49:79:39:22:d1:e7:d0:13:71:
0c:dc:f1:99:18:14:75:b9:e8:ca:ff:2c:36:44:3f:dd:08:21:
10:f7:37:fe:2b:9a:f7:f1:90:7e:fb:18:dc:82:92:15:7a:6e:
11:5a:48:76:bf:7b:ac:3d:40:26:cf:76:1a:af:07:f7:e6:ca:
e2:3c:0d:08:20:7d:45:ee:1a:7c:0e:4d:7f:09:02:d4:d1:f2:
4b:2b:73:e4:7d:97:0a:f3:6f:00:5c:b3:3a:68:43:4b:32:cd:
2f:0e:3b:82:84:1b:86:39:2d:34:9d:f5:4a:28:31:f4:7e:04:
90:fc:04:fa:1c:bc:6d:41:ef:56:05:f9:7f:df:95:f4:22:62:
71:c2:30:8c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZys61NbS2UV4hgt0z64FMEKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1Njg0MDcwNDdhNjJlNjQ4MzAwYzUxODJhMjkzNTNmZjU4
ZWIwNWYwHhcNMjYwMzAyMDUwMDI5WhcNMjYwMzAzMDUwMDI5WjAzMTEwLwYDVQQD
EygzZWI5ZWY1NjViNTNkYzliYmUzY2Y1OTA5YWZhMTFmZGMwNWY4Nzk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtKCC7pXwNF9klEI4a5gvw6DTM2zK
xl0P3GVif+h/CxCo/1G+ml1ZlKRRsgfTqWwdaTydBT0ivjBepIioWVd2BJ0wz5DK
51lQyybcy4/Hncf4wZOgcPl6XIKC0WpNAUGPFitxI43r+vZdqow9AdU+u+5QGFob
3AN80MX/eaHFFJtnQodUP8mBxCn59G4Rcd8McWrE0zSH+/LgBu6UiMslI9VukFJS
+5gniLtswuODfh7ij3xQWFNhkPY+SnW37uI14/6ShVtFKQbpT6h7EZlAQroX78Jk
00VJVte3K2LZKeEbwJm8K+FEAUtvlWscKYwXhtWdwWvdE31LiLN7ZIkxzQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD6571ZbU9ybvjz1kJr6Ef3AX4eZMB8GA1UdIwQY
MBaAFIVoQHBHpi5kgwDFGCopNT/1jrBfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFdoQWNFZW1MbVNEQU1VWUtpazFQX1dPc0Y4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS8zMjAzOTUtNzBjMC00MDAyLWEzNjIt
ZWQzZTk4YzY1NmUxLzEvaFdoQWNFZW1MbVNEQU1VWUtpazFQX1dPc0Y4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS8zMjAzOTUtNzBjMC00MDAyLWEzNjItZWQzZTk4YzY1NmUx
LzEvaFdoQWNFZW1MbVNEQU1VWUtpazFQX1dPc0Y4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKNaI8z/h
ZIutU+dd+q8FNNUWdlXIk78hLSEkoaLd7C8ucLLjJfvOnJfIhB8U4weYJ5Uy3RHv
KBkD/ow3bB1W5xcRb2vpJEWcbcRpyxelumTVNttS4SedYaSA67VxnYpv4sS0s3fY
M2zhSwZCrbbzARlkIBcISXk5ItHn0BNxDNzxmRgUdbnoyv8sNkQ/3QghEPc3/iua
9/GQfvsY3IKSFXpuEVpIdr97rD1AJs92Gq8H9+bK4jwNCCB9Re4afA5NfwkC1NHy
Sytz5H2XCvNvAFyzOmhDSzLNLw47goQbhjktNJ31Sigx9H4EkPwE+hy8bUHvVgX5
f9+V9CJiccIwjA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 15:27:07 2026 by rpki-client