Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/5130e5-9312-48de-ae2a-342d1b381d87/1/HYkzwZPwTjJEHjcWLcTe-pdEuE8.mft
File: HYkzwZPwTjJEHjcWLcTe-pdEuE8.mft (raw, json)
Hash identifier: h757TRwj2D0GBnjHsd+w76RkhHaMXqpMYRJgJVbdIZQ=
Subject key identifier: DC:EE:F2:2F:BF:54:F7:7A:1B:1B:64:AA:23:E1:6D:D6:5D:DE:13:57
Authority key identifier: 1D:89:33:C1:93:F0:4E:32:44:1E:37:16:2D:C4:DE:FA:97:44:B8:4F
Certificate issuer: /CN=1d8933c193f04e32441e37162dc4defa9744b84f
Certificate serial: 019D9A3EA162CC456D800CA10DD1CC805855
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HYkzwZPwTjJEHjcWLcTe-pdEuE8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/5130e5-9312-48de-ae2a-342d1b381d87/1/HYkzwZPwTjJEHjcWLcTe-pdEuE8.mft
Manifest number: 1686
Signing time: Fri 17 Apr 2026 07:01:28 +0000
Manifest this update: Fri 17 Apr 2026 07:01:28 +0000
Manifest next update: Sat 18 Apr 2026 07:01:28 +0000
Files and hashes: 1: HYkzwZPwTjJEHjcWLcTe-pdEuE8.crl (hash: Ojta8qr+AwbWlBF8veVItWcp88XftUE9pQWrJ1GNxKU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/5130e5-9312-48de-ae2a-342d1b381d87/1/HYkzwZPwTjJEHjcWLcTe-pdEuE8.crl
rsync://rpki.ripe.net/repository/DEFAULT/40/5130e5-9312-48de-ae2a-342d1b381d87/1/HYkzwZPwTjJEHjcWLcTe-pdEuE8.mft
rsync://rpki.ripe.net/repository/DEFAULT/HYkzwZPwTjJEHjcWLcTe-pdEuE8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9a:3e:a1:62:cc:45:6d:80:0c:a1:0d:d1:cc:80:58:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d8933c193f04e32441e37162dc4defa9744b84f
Validity
Not Before: Apr 17 07:01:28 2026 GMT
Not After : Apr 18 07:01:28 2026 GMT
Subject: CN=dceef22fbf54f77a1b1b64aa23e16dd65dde1357
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:04:90:36:db:3e:8d:ef:84:c3:ca:6f:09:5c:
91:fc:d4:d7:28:a5:e2:86:9c:ce:cd:80:3e:43:b8:
50:3a:da:ab:7c:d4:ea:9e:af:82:28:45:d9:bc:19:
81:18:b7:72:a6:01:e6:2d:a9:11:55:fe:a4:70:5c:
ac:20:35:85:17:dc:a9:40:99:4a:25:ff:4f:bd:ca:
8e:71:d0:2b:df:8e:62:d2:c1:4b:8a:80:dc:ac:38:
a9:c3:6f:d8:2b:ee:b1:4e:b7:63:13:87:20:e0:36:
44:01:5d:32:7c:2a:b2:a0:95:a9:e9:83:f0:c5:1d:
9f:25:e9:e7:6c:94:6b:59:49:62:cb:dd:7d:7c:f0:
c4:b3:74:e2:43:9a:97:2b:43:73:48:5d:f9:bf:71:
1a:a2:b3:f1:da:70:43:9d:fe:89:04:5a:6b:e9:38:
21:b6:80:a5:54:80:d5:fa:30:35:53:d5:ae:b4:ab:
28:62:66:89:cd:04:01:3a:5f:9d:b8:31:b6:7e:73:
4a:45:e0:b7:96:6e:a5:00:e0:75:bf:e8:0b:2d:b4:
32:5b:9a:17:6f:f8:50:f8:b1:a0:be:51:06:b5:1d:
e0:ec:79:bf:af:12:f0:0b:b1:58:2d:4e:90:82:27:
0c:fc:e4:42:de:68:0f:e7:3f:9e:20:da:0b:29:3f:
f2:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:EE:F2:2F:BF:54:F7:7A:1B:1B:64:AA:23:E1:6D:D6:5D:DE:13:57
X509v3 Authority Key Identifier:
keyid:1D:89:33:C1:93:F0:4E:32:44:1E:37:16:2D:C4:DE:FA:97:44:B8:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HYkzwZPwTjJEHjcWLcTe-pdEuE8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/5130e5-9312-48de-ae2a-342d1b381d87/1/HYkzwZPwTjJEHjcWLcTe-pdEuE8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/5130e5-9312-48de-ae2a-342d1b381d87/1/HYkzwZPwTjJEHjcWLcTe-pdEuE8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
99:77:aa:41:c6:c2:82:4f:d3:5a:c1:bc:87:1f:e3:28:1e:d7:
54:c5:0c:c6:fd:ca:6a:2d:e4:36:91:de:03:31:51:08:8d:56:
76:ff:72:e5:a3:ca:f0:8c:a1:59:44:48:e4:cd:56:db:56:3d:
17:a6:4d:a9:00:27:85:d0:f8:f0:b2:96:87:b1:c2:3b:bb:fc:
20:de:45:f0:aa:ee:8a:2d:04:74:e6:be:7d:1d:08:58:e1:9b:
c0:cd:0a:e0:71:70:a7:43:b4:54:0d:3c:5c:f6:32:6d:5a:b5:
5e:5c:b8:3c:bf:ff:e2:31:9f:b7:64:cd:32:78:7c:f5:bb:3c:
2a:d6:97:59:5b:18:3a:96:d1:6d:fa:69:65:e2:85:2f:eb:8a:
87:16:d2:db:9f:3d:39:5a:eb:d1:7c:ec:51:22:eb:81:d9:f5:
38:22:57:18:ba:97:0a:d5:c0:48:18:4d:2a:cc:5c:87:11:4a:
80:93:bc:dc:bf:59:b5:56:46:72:f0:b5:72:60:1c:7c:1a:64:
f3:b9:6c:e5:cb:6a:51:6e:f3:31:90:6a:cc:db:cc:8f:90:19:
12:76:10:bb:de:f2:09:9f:22:e9:ea:24:4a:7e:33:a4:45:e6:
b1:a0:29:77:d7:40:4d:3d:28:9b:6c:6d:c0:83:41:10:fd:0a:
92:7f:ca:05
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2aPqFizEVtgAyhDdHMgFhVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkODkzM2MxOTNmMDRlMzI0NDFlMzcxNjJkYzRkZWZhOTc0
NGI4NGYwHhcNMjYwNDE3MDcwMTI4WhcNMjYwNDE4MDcwMTI4WjAzMTEwLwYDVQQD
EyhkY2VlZjIyZmJmNTRmNzdhMWIxYjY0YWEyM2UxNmRkNjVkZGUxMzU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxASQNts+je+Ew8pvCVyR/NTXKKXi
hpzOzYA+Q7hQOtqrfNTqnq+CKEXZvBmBGLdypgHmLakRVf6kcFysIDWFF9ypQJlK
Jf9PvcqOcdAr345i0sFLioDcrDipw2/YK+6xTrdjE4cg4DZEAV0yfCqyoJWp6YPw
xR2fJennbJRrWUliy919fPDEs3TiQ5qXK0NzSF35v3EaorPx2nBDnf6JBFpr6Tgh
toClVIDV+jA1U9WutKsoYmaJzQQBOl+duDG2fnNKReC3lm6lAOB1v+gLLbQyW5oX
b/hQ+LGgvlEGtR3g7Hm/rxLwC7FYLU6QgicM/ORC3mgP5z+eINoLKT/yRQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNzu8i+/VPd6GxtkqiPhbdZd3hNXMB8GA1UdIwQY
MBaAFB2JM8GT8E4yRB43Fi3E3vqXRLhPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFlrendaUHdUakpFSGpjV0xjVGUtcGRFdUU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC81MTMwZTUtOTMxMi00OGRlLWFlMmEt
MzQyZDFiMzgxZDg3LzEvSFlrendaUHdUakpFSGpjV0xjVGUtcGRFdUU4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC81MTMwZTUtOTMxMi00OGRlLWFlMmEtMzQyZDFiMzgxZDg3
LzEvSFlrendaUHdUakpFSGpjV0xjVGUtcGRFdUU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmXeqQcbC
gk/TWsG8hx/jKB7XVMUMxv3Kai3kNpHeAzFRCI1Wdv9y5aPK8IyhWURI5M1W21Y9
F6ZNqQAnhdD48LKWh7HCO7v8IN5F8Kruii0EdOa+fR0IWOGbwM0K4HFwp0O0VA08
XPYybVq1Xly4PL//4jGft2TNMnh89bs8KtaXWVsYOpbRbfppZeKFL+uKhxbS2589
OVrr0XzsUSLrgdn1OCJXGLqXCtXASBhNKsxchxFKgJO83L9ZtVZGcvC1cmAcfBpk
87ls5ctqUW7zMZBqzNvMj5AZEnYQu97yCZ8i6eokSn4zpEXmsaApd9dATT0om2xt
wINBEP0Kkn/KBQ==
-----END CERTIFICATE-----
Generated at Fri Apr 17 11:29:30 2026 by rpki-client