Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/0de7e1-bf7f-434f-9591-8d46e09df9f3/1/HCrBJGouDql6DCKVtz3b4AbQ7Sw.mft
File: HCrBJGouDql6DCKVtz3b4AbQ7Sw.mft (raw, json)
Hash identifier: TK7ElEAEgoBR6Wa65kQ0/SeqrC7/7nsdRIaBvcCRAm4=
Subject key identifier: 27:A2:3A:C0:FF:40:49:AF:5C:98:6C:4C:39:2F:81:FB:90:25:E0:C1
Authority key identifier: 1C:2A:C1:24:6A:2E:0E:A9:7A:0C:22:95:B7:3D:DB:E0:06:D0:ED:2C
Certificate issuer: /CN=1c2ac1246a2e0ea97a0c2295b73ddbe006d0ed2c
Certificate serial: 019CABA1BB4E6112E08623BB1C5DC8C40633
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HCrBJGouDql6DCKVtz3b4AbQ7Sw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/0de7e1-bf7f-434f-9591-8d46e09df9f3/1/HCrBJGouDql6DCKVtz3b4AbQ7Sw.mft
Manifest number: 17A1
Signing time: Sun 01 Mar 2026 23:00:28 +0000
Manifest this update: Sun 01 Mar 2026 23:00:28 +0000
Manifest next update: Mon 02 Mar 2026 23:00:28 +0000
Files and hashes: 1: 0UjAR0lwkfGnKW_I34st30o5zcY.roa (hash: SaYOr18FPTLyjkppn6MTCghoM1FqQpX991KVnAvsKI4=)
2: HCrBJGouDql6DCKVtz3b4AbQ7Sw.crl (hash: 33gsqP7x70jIb0SNX5EBSicaAUxUaQNjbgBRQiOfmn8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/0de7e1-bf7f-434f-9591-8d46e09df9f3/1/HCrBJGouDql6DCKVtz3b4AbQ7Sw.crl
rsync://rpki.ripe.net/repository/DEFAULT/42/0de7e1-bf7f-434f-9591-8d46e09df9f3/1/HCrBJGouDql6DCKVtz3b4AbQ7Sw.mft
rsync://rpki.ripe.net/repository/DEFAULT/HCrBJGouDql6DCKVtz3b4AbQ7Sw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ab:a1:bb:4e:61:12:e0:86:23:bb:1c:5d:c8:c4:06:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c2ac1246a2e0ea97a0c2295b73ddbe006d0ed2c
Validity
Not Before: Mar 1 23:00:28 2026 GMT
Not After : Mar 2 23:00:28 2026 GMT
Subject: CN=27a23ac0ff4049af5c986c4c392f81fb9025e0c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:9d:40:98:cb:4d:e3:c2:f5:72:7f:19:81:c0:
0a:b3:40:e7:1a:d1:ae:ae:ed:48:bf:65:b5:1f:5f:
eb:30:c4:bc:b6:1e:da:87:4f:ae:ae:77:20:d2:6b:
af:2f:5f:33:2c:1e:24:21:9b:f9:4a:c3:98:09:0f:
51:8e:39:25:20:23:bc:e1:19:f0:57:e3:e1:df:d9:
74:5f:87:31:95:06:f7:2c:29:54:86:a4:27:d4:2d:
ed:5d:d8:32:44:4f:79:68:b0:82:1e:e8:0d:6e:ee:
d0:ca:91:71:a7:2d:01:ff:14:df:a2:07:ee:88:60:
0e:86:61:d3:d7:25:42:db:f2:dd:03:83:66:67:06:
28:03:38:f8:07:0f:33:8a:f8:a3:92:95:04:38:26:
78:57:8a:62:27:a0:25:9c:32:4b:32:e0:60:09:23:
34:07:70:dc:45:42:71:cf:e8:c4:3b:6b:26:f8:ae:
23:59:1f:75:0c:42:71:ac:75:55:f5:83:f7:e6:da:
a5:7d:59:b5:b4:bc:04:ed:ba:80:5d:22:4b:c4:e8:
68:d5:80:c4:ab:fd:e4:b5:49:59:70:9d:da:6a:43:
1b:ef:73:13:f9:98:27:ee:c7:5c:9d:8c:b4:52:3e:
a9:0c:8e:05:1d:d6:a2:32:95:81:a5:d1:10:9b:b0:
fe:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:A2:3A:C0:FF:40:49:AF:5C:98:6C:4C:39:2F:81:FB:90:25:E0:C1
X509v3 Authority Key Identifier:
keyid:1C:2A:C1:24:6A:2E:0E:A9:7A:0C:22:95:B7:3D:DB:E0:06:D0:ED:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HCrBJGouDql6DCKVtz3b4AbQ7Sw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/0de7e1-bf7f-434f-9591-8d46e09df9f3/1/HCrBJGouDql6DCKVtz3b4AbQ7Sw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/0de7e1-bf7f-434f-9591-8d46e09df9f3/1/HCrBJGouDql6DCKVtz3b4AbQ7Sw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a1:0e:ab:c4:3a:c1:db:a7:db:2a:a6:19:4c:46:d4:87:86:77:
5f:67:d1:5c:1e:24:5d:49:70:40:b7:ef:f4:48:d5:d6:c5:59:
e4:6b:eb:ca:43:33:d5:47:4f:11:cd:6a:28:6f:66:b3:b8:2d:
85:59:21:82:49:0d:8b:b9:24:36:94:31:89:05:78:d0:ee:7c:
9a:ba:c2:a7:45:1f:eb:73:92:a2:0b:a7:4c:d0:04:4a:1b:84:
9a:8d:25:2a:9c:40:d0:5d:3e:60:99:c3:b9:64:6b:43:eb:a7:
a8:00:9b:a9:15:9a:84:60:4b:eb:8f:ce:59:2e:cd:24:37:cb:
a1:06:54:f0:60:d1:bd:37:72:83:28:65:b7:ea:bc:ea:5a:8f:
f4:c1:bf:3d:09:7e:12:1d:8f:48:33:5c:3c:50:7b:94:29:b0:
c7:c3:41:6d:68:4d:a9:35:ab:00:8d:74:be:c9:65:00:50:e1:
50:1d:4a:d6:6b:89:d9:4c:92:02:f7:6f:26:78:de:16:b0:80:
51:ef:45:96:cc:99:96:bd:85:13:fd:da:2b:13:33:23:28:72:
69:b9:73:2e:5c:69:1c:a2:68:8c:dc:6f:1a:b9:c7:f4:ff:28:
92:2e:9b:50:79:31:11:8e:e6:4c:c3:d9:91:05:fc:cc:54:8b:
09:09:5d:ac
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyrobtOYRLghiO7HF3IxAYzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMmFjMTI0NmEyZTBlYTk3YTBjMjI5NWI3M2RkYmUwMDZk
MGVkMmMwHhcNMjYwMzAxMjMwMDI4WhcNMjYwMzAyMjMwMDI4WjAzMTEwLwYDVQQD
EygyN2EyM2FjMGZmNDA0OWFmNWM5ODZjNGMzOTJmODFmYjkwMjVlMGMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo51AmMtN48L1cn8ZgcAKs0DnGtGu
ru1Iv2W1H1/rMMS8th7ah0+urncg0muvL18zLB4kIZv5SsOYCQ9RjjklICO84Rnw
V+Ph39l0X4cxlQb3LClUhqQn1C3tXdgyRE95aLCCHugNbu7QypFxpy0B/xTfogfu
iGAOhmHT1yVC2/LdA4NmZwYoAzj4Bw8zivijkpUEOCZ4V4piJ6AlnDJLMuBgCSM0
B3DcRUJxz+jEO2sm+K4jWR91DEJxrHVV9YP35tqlfVm1tLwE7bqAXSJLxOho1YDE
q/3ktUlZcJ3aakMb73MT+Zgn7sdcnYy0Uj6pDI4FHdaiMpWBpdEQm7D+GQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCeiOsD/QEmvXJhsTDkvgfuQJeDBMB8GA1UdIwQY
MBaAFBwqwSRqLg6pegwilbc92+AG0O0sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSENyQkpHb3VEcWw2RENLVnR6M2I0QWJRN1N3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi8wZGU3ZTEtYmY3Zi00MzRmLTk1OTEt
OGQ0NmUwOWRmOWYzLzEvSENyQkpHb3VEcWw2RENLVnR6M2I0QWJRN1N3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi8wZGU3ZTEtYmY3Zi00MzRmLTk1OTEtOGQ0NmUwOWRmOWYz
LzEvSENyQkpHb3VEcWw2RENLVnR6M2I0QWJRN1N3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoQ6rxDrB
26fbKqYZTEbUh4Z3X2fRXB4kXUlwQLfv9EjV1sVZ5GvrykMz1UdPEc1qKG9ms7gt
hVkhgkkNi7kkNpQxiQV40O58mrrCp0Uf63OSogunTNAEShuEmo0lKpxA0F0+YJnD
uWRrQ+unqACbqRWahGBL64/OWS7NJDfLoQZU8GDRvTdygyhlt+q86lqP9MG/PQl+
Eh2PSDNcPFB7lCmwx8NBbWhNqTWrAI10vsllAFDhUB1K1muJ2UySAvdvJnjeFrCA
Ue9FlsyZlr2FE/3aKxMzIyhyablzLlxpHKJojNxvGrnH9P8oki6bUHkxEY7mTMPZ
kQX8zFSLCQldrA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 02:50:10 2026 by rpki-client