Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/9a1d2d-c626-4f80-a9d4-4211518d98a4/1/HjaTxfrT8hak_3rIbO6yOwBDg10.mft
File: HjaTxfrT8hak_3rIbO6yOwBDg10.mft (raw, json)
Hash identifier: k55ECDqErI1l5y2W9LY1ZVWC2Ik6vKNB0sm/tl/nsBw=
Subject key identifier: 4F:CC:58:B7:20:BA:B8:39:79:3C:5B:49:6D:C0:27:43:9C:5F:91:EA
Authority key identifier: 1E:36:93:C5:FA:D3:F2:16:A4:FF:7A:C8:6C:EE:B2:3B:00:43:83:5D
Certificate issuer: /CN=1e3693c5fad3f216a4ff7ac86ceeb23b0043835d
Certificate serial: 019D9A3E61AAEE4F81B0DBDA3B3BE372F9B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HjaTxfrT8hak_3rIbO6yOwBDg10.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/9a1d2d-c626-4f80-a9d4-4211518d98a4/1/HjaTxfrT8hak_3rIbO6yOwBDg10.mft
Manifest number: 0D8D
Signing time: Fri 17 Apr 2026 07:01:12 +0000
Manifest this update: Fri 17 Apr 2026 07:01:12 +0000
Manifest next update: Sat 18 Apr 2026 07:01:12 +0000
Files and hashes: 1: HjaTxfrT8hak_3rIbO6yOwBDg10.crl (hash: PnmLq7Xj4drAxUwvW4hIsYg2anhCVs2dqRqgcUKRHjY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/9a1d2d-c626-4f80-a9d4-4211518d98a4/1/HjaTxfrT8hak_3rIbO6yOwBDg10.crl
rsync://rpki.ripe.net/repository/DEFAULT/42/9a1d2d-c626-4f80-a9d4-4211518d98a4/1/HjaTxfrT8hak_3rIbO6yOwBDg10.mft
rsync://rpki.ripe.net/repository/DEFAULT/HjaTxfrT8hak_3rIbO6yOwBDg10.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9a:3e:61:aa:ee:4f:81:b0:db:da:3b:3b:e3:72:f9:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e3693c5fad3f216a4ff7ac86ceeb23b0043835d
Validity
Not Before: Apr 17 07:01:12 2026 GMT
Not After : Apr 18 07:01:12 2026 GMT
Subject: CN=4fcc58b720bab839793c5b496dc027439c5f91ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:a4:37:6c:6f:b4:c2:6a:ea:21:64:13:48:a0:
7e:ba:0d:bc:3b:6b:54:bb:bb:af:39:da:03:51:f3:
9a:35:ad:02:b7:76:24:89:b0:75:aa:3c:0b:9b:bb:
4c:b1:49:60:b3:8d:ce:ca:d0:5d:01:0b:09:39:11:
b1:07:7b:92:18:24:d6:6e:46:f6:4b:3b:8d:10:39:
d4:2c:b8:ef:e4:c7:6c:b0:fe:97:92:91:81:2d:ee:
85:3b:85:d3:75:ad:8d:7c:e1:c4:32:72:f0:1c:5f:
78:60:a8:9e:fa:e1:21:1d:52:8f:be:e6:8f:fd:7b:
94:e4:cb:15:44:95:64:b0:4b:9d:b7:59:91:78:ff:
be:64:72:c6:0f:31:ad:ac:55:e2:2e:62:1e:47:8e:
93:cf:d0:b5:c9:40:ab:cf:d6:11:9d:d7:ee:56:59:
ef:4d:3a:76:f9:e0:07:d6:40:b3:df:1b:fe:9d:d6:
90:a6:66:65:6c:8a:81:27:b7:e3:5e:a3:08:91:8c:
ea:a3:f8:1a:f7:22:6a:80:75:0c:16:d2:f5:19:31:
9b:4e:4a:7f:8d:9b:f2:fd:01:36:73:27:68:2f:89:
5d:5f:a0:07:b8:af:1a:51:8f:3e:87:15:05:94:74:
5b:e3:34:f8:86:81:0f:b4:d9:4b:81:2e:d0:24:25:
eb:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:CC:58:B7:20:BA:B8:39:79:3C:5B:49:6D:C0:27:43:9C:5F:91:EA
X509v3 Authority Key Identifier:
keyid:1E:36:93:C5:FA:D3:F2:16:A4:FF:7A:C8:6C:EE:B2:3B:00:43:83:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HjaTxfrT8hak_3rIbO6yOwBDg10.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/9a1d2d-c626-4f80-a9d4-4211518d98a4/1/HjaTxfrT8hak_3rIbO6yOwBDg10.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/9a1d2d-c626-4f80-a9d4-4211518d98a4/1/HjaTxfrT8hak_3rIbO6yOwBDg10.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
77:9d:96:bc:4d:74:d4:1d:b8:67:4b:8b:13:2d:9d:57:74:c1:
42:65:b9:31:ac:ca:f4:21:da:3d:5d:d0:50:ab:53:b4:bf:91:
ea:a5:89:84:b7:61:4b:6e:13:1c:d0:e9:f2:1f:5b:44:28:f2:
d1:66:6a:12:e5:41:62:af:fc:b1:7c:72:fc:a3:63:34:06:28:
07:04:cc:53:d3:e9:4d:19:64:3f:e7:1a:80:f0:ac:ea:35:e5:
a9:c5:b6:fd:3a:b2:ac:e2:03:d7:4a:c4:0e:33:fd:c9:37:f7:
1b:02:fb:63:c2:82:23:14:c9:6a:09:2a:fa:d3:c7:78:a7:f8:
38:9a:72:69:70:6b:11:87:94:f5:72:ef:83:36:a5:d5:84:01:
92:8b:a9:ef:92:10:7d:ae:1b:a0:74:07:67:9d:ec:55:cc:92:
7c:68:f0:0e:2b:a3:7a:34:a0:50:b2:fb:71:4b:93:9c:5c:21:
4a:80:bf:4a:6f:ee:4c:f2:47:04:ba:9a:0b:e1:12:ac:9e:1b:
95:20:9b:ad:1e:24:de:c7:7d:5d:49:0a:f6:31:3e:4f:19:55:
62:32:8e:2a:ce:e2:78:fd:ac:ee:61:2a:f6:49:7d:e2:39:72:
09:50:99:aa:47:71:7a:bb:2d:9a:ee:dc:3d:4b:ec:db:77:4a:
8b:d6:fb:2d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2aPmGq7k+BsNvaOzvjcvmyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlMzY5M2M1ZmFkM2YyMTZhNGZmN2FjODZjZWViMjNiMDA0
MzgzNWQwHhcNMjYwNDE3MDcwMTEyWhcNMjYwNDE4MDcwMTEyWjAzMTEwLwYDVQQD
Eyg0ZmNjNThiNzIwYmFiODM5NzkzYzViNDk2ZGMwMjc0MzljNWY5MWVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7aQ3bG+0wmrqIWQTSKB+ug28O2tU
u7uvOdoDUfOaNa0Ct3YkibB1qjwLm7tMsUlgs43OytBdAQsJORGxB3uSGCTWbkb2
SzuNEDnULLjv5MdssP6XkpGBLe6FO4XTda2NfOHEMnLwHF94YKie+uEhHVKPvuaP
/XuU5MsVRJVksEudt1mReP++ZHLGDzGtrFXiLmIeR46Tz9C1yUCrz9YRndfuVlnv
TTp2+eAH1kCz3xv+ndaQpmZlbIqBJ7fjXqMIkYzqo/ga9yJqgHUMFtL1GTGbTkp/
jZvy/QE2cydoL4ldX6AHuK8aUY8+hxUFlHRb4zT4hoEPtNlLgS7QJCXrNQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE/MWLcgurg5eTxbSW3AJ0OcX5HqMB8GA1UdIwQY
MBaAFB42k8X60/IWpP96yGzusjsAQ4NdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGphVHhmclQ4aGFrXzNySWJPNnlPd0JEZzEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi85YTFkMmQtYzYyNi00ZjgwLWE5ZDQt
NDIxMTUxOGQ5OGE0LzEvSGphVHhmclQ4aGFrXzNySWJPNnlPd0JEZzEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi85YTFkMmQtYzYyNi00ZjgwLWE5ZDQtNDIxMTUxOGQ5OGE0
LzEvSGphVHhmclQ4aGFrXzNySWJPNnlPd0JEZzEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAd52WvE10
1B24Z0uLEy2dV3TBQmW5MazK9CHaPV3QUKtTtL+R6qWJhLdhS24THNDp8h9bRCjy
0WZqEuVBYq/8sXxy/KNjNAYoBwTMU9PpTRlkP+cagPCs6jXlqcW2/TqyrOID10rE
DjP9yTf3GwL7Y8KCIxTJagkq+tPHeKf4OJpyaXBrEYeU9XLvgzal1YQBkoup75IQ
fa4boHQHZ53sVcySfGjwDiujejSgULL7cUuTnFwhSoC/Sm/uTPJHBLqaC+ESrJ4b
lSCbrR4k3sd9XUkK9jE+TxlVYjKOKs7ieP2s7mEq9kl94jlyCVCZqkdxerstmu7c
PUvs23dKi9b7LQ==
-----END CERTIFICATE-----
Generated at Fri Apr 17 15:41:18 2026 by rpki-client