Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/98b5dd-7dee-4f4e-9cd1-16320d014c04/1/hQEj5M4rgOvxLkP-5LHBjFxz07Q.mft
File: hQEj5M4rgOvxLkP-5LHBjFxz07Q.mft (raw, json)
Hash identifier: 3El+h4H8SPfBfI64IhC76nCRdxr5oCqllk8XMrFwofQ=
Subject key identifier: 3C:B4:03:3A:20:C4:07:AC:10:0B:35:D5:CF:55:26:B5:7C:41:49:2A
Authority key identifier: 85:01:23:E4:CE:2B:80:EB:F1:2E:43:FE:E4:B1:C1:8C:5C:73:D3:B4
Certificate issuer: /CN=850123e4ce2b80ebf12e43fee4b1c18c5c73d3b4
Certificate serial: 019D98F40FBD111FF1119608F3A94874C37E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hQEj5M4rgOvxLkP-5LHBjFxz07Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/98b5dd-7dee-4f4e-9cd1-16320d014c04/1/hQEj5M4rgOvxLkP-5LHBjFxz07Q.mft
Manifest number: 18BD
Signing time: Fri 17 Apr 2026 01:00:24 +0000
Manifest this update: Fri 17 Apr 2026 01:00:24 +0000
Manifest next update: Sat 18 Apr 2026 01:00:24 +0000
Files and hashes: 1: hQEj5M4rgOvxLkP-5LHBjFxz07Q.crl (hash: 6lfZJbisB0d0mNU/sNfUpfQEyGeKSrXMK+Yk6Vfus9Q=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/43/98b5dd-7dee-4f4e-9cd1-16320d014c04/1/hQEj5M4rgOvxLkP-5LHBjFxz07Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/43/98b5dd-7dee-4f4e-9cd1-16320d014c04/1/hQEj5M4rgOvxLkP-5LHBjFxz07Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/hQEj5M4rgOvxLkP-5LHBjFxz07Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 01:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:98:f4:0f:bd:11:1f:f1:11:96:08:f3:a9:48:74:c3:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=850123e4ce2b80ebf12e43fee4b1c18c5c73d3b4
Validity
Not Before: Apr 17 01:00:24 2026 GMT
Not After : Apr 18 01:00:24 2026 GMT
Subject: CN=3cb4033a20c407ac100b35d5cf5526b57c41492a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:af:74:ab:f1:cd:2a:67:75:84:f0:4b:03:ac:
24:66:8e:02:82:12:31:02:ee:c2:6c:d0:d3:ae:05:
35:1a:02:27:e8:bd:bc:d1:c3:1b:5b:8f:b1:8c:4a:
48:c9:13:7a:e7:fa:bf:39:9a:13:4c:50:c5:b8:88:
f8:67:1a:00:f5:4f:05:26:82:6b:3f:53:fb:59:40:
d8:03:5a:b0:6c:bb:80:43:6c:aa:b7:1f:97:8b:32:
02:27:fa:af:bc:3b:39:35:88:59:68:27:4c:52:0a:
44:4a:cd:f1:4f:94:e7:1a:dd:c2:b4:b2:9e:9b:03:
04:d0:a4:d9:64:69:f3:36:c9:98:7b:01:72:01:7a:
62:95:b5:78:cc:ca:a5:35:e3:ea:2d:3a:b8:bd:fa:
d8:35:fe:b6:67:43:5a:54:04:ba:51:c3:c7:55:50:
65:c5:cb:ff:a6:12:a6:77:d2:7f:4a:16:0f:a8:bb:
eb:86:03:8f:f8:8a:48:a3:97:06:67:a0:6e:1f:b3:
10:50:11:45:d1:91:07:0d:dc:8c:4f:20:a0:63:fe:
e0:f7:da:b8:af:82:65:d0:d3:f2:5c:8c:04:80:33:
04:e4:1c:f4:71:d6:06:b7:3f:57:1d:30:75:b5:db:
58:d1:f7:78:76:5a:69:3b:ad:c6:6e:59:46:bf:86:
2f:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:B4:03:3A:20:C4:07:AC:10:0B:35:D5:CF:55:26:B5:7C:41:49:2A
X509v3 Authority Key Identifier:
keyid:85:01:23:E4:CE:2B:80:EB:F1:2E:43:FE:E4:B1:C1:8C:5C:73:D3:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hQEj5M4rgOvxLkP-5LHBjFxz07Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/98b5dd-7dee-4f4e-9cd1-16320d014c04/1/hQEj5M4rgOvxLkP-5LHBjFxz07Q.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/98b5dd-7dee-4f4e-9cd1-16320d014c04/1/hQEj5M4rgOvxLkP-5LHBjFxz07Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b3:85:45:4b:d3:8c:a5:37:23:14:46:7b:de:ad:a5:e0:e6:98:
be:32:54:22:c3:2b:8b:a8:ca:44:43:cb:50:64:a9:24:77:9e:
73:9a:25:04:0c:e3:a8:80:bc:71:ba:c5:68:a9:93:66:d7:11:
93:6d:34:ff:76:56:20:87:ef:a5:14:4c:e1:78:8b:2d:fd:41:
5a:24:9c:ab:ca:89:ca:28:fa:31:f7:58:58:38:49:4a:4f:43:
e1:a1:9c:8e:d6:85:be:45:97:47:c2:b0:ec:90:43:93:18:d2:
89:8f:d3:09:db:50:c1:ac:86:c9:7e:b1:a1:f9:70:bf:a8:6b:
2a:75:41:37:84:bc:b7:9d:4e:3b:f0:2e:ac:6a:f4:b9:c8:29:
f0:1b:a9:f4:78:7c:8f:d8:59:f5:08:09:cb:51:88:8d:44:9f:
e8:6d:3c:3c:10:0a:32:9b:bf:0a:b9:25:be:77:6f:ba:05:9d:
84:f5:53:be:ae:fb:04:cb:54:82:64:0d:cb:d1:22:0a:e0:ad:
32:ee:ab:19:21:4d:25:ee:79:bb:66:9c:e4:28:22:c5:67:26:
28:16:ed:e4:cf:7b:dd:21:75:84:e2:b8:fc:5c:c3:a0:b9:aa:
18:53:ed:57:b2:18:ba:90:86:b0:d1:2f:91:46:46:68:5f:88:
6c:f1:56:4a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Y9A+9ER/xEZYI86lIdMN+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MDEyM2U0Y2UyYjgwZWJmMTJlNDNmZWU0YjFjMThjNWM3
M2QzYjQwHhcNMjYwNDE3MDEwMDI0WhcNMjYwNDE4MDEwMDI0WjAzMTEwLwYDVQQD
EygzY2I0MDMzYTIwYzQwN2FjMTAwYjM1ZDVjZjU1MjZiNTdjNDE0OTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt690q/HNKmd1hPBLA6wkZo4CghIx
Au7CbNDTrgU1GgIn6L280cMbW4+xjEpIyRN65/q/OZoTTFDFuIj4ZxoA9U8FJoJr
P1P7WUDYA1qwbLuAQ2yqtx+XizICJ/qvvDs5NYhZaCdMUgpESs3xT5TnGt3CtLKe
mwME0KTZZGnzNsmYewFyAXpilbV4zMqlNePqLTq4vfrYNf62Z0NaVAS6UcPHVVBl
xcv/phKmd9J/ShYPqLvrhgOP+IpIo5cGZ6BuH7MQUBFF0ZEHDdyMTyCgY/7g99q4
r4Jl0NPyXIwEgDME5Bz0cdYGtz9XHTB1tdtY0fd4dlppO63GbllGv4YvDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDy0AzogxAesEAs11c9VJrV8QUkqMB8GA1UdIwQY
MBaAFIUBI+TOK4Dr8S5D/uSxwYxcc9O0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFFFajVNNHJnT3Z4TGtQLTVMSEJqRnh6MDdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My85OGI1ZGQtN2RlZS00ZjRlLTljZDEt
MTYzMjBkMDE0YzA0LzEvaFFFajVNNHJnT3Z4TGtQLTVMSEJqRnh6MDdRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My85OGI1ZGQtN2RlZS00ZjRlLTljZDEtMTYzMjBkMDE0YzA0
LzEvaFFFajVNNHJnT3Z4TGtQLTVMSEJqRnh6MDdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAs4VFS9OM
pTcjFEZ73q2l4OaYvjJUIsMri6jKREPLUGSpJHeec5olBAzjqIC8cbrFaKmTZtcR
k200/3ZWIIfvpRRM4XiLLf1BWiScq8qJyij6MfdYWDhJSk9D4aGcjtaFvkWXR8Kw
7JBDkxjSiY/TCdtQwayGyX6xoflwv6hrKnVBN4S8t51OO/AurGr0ucgp8Bup9Hh8
j9hZ9QgJy1GIjUSf6G08PBAKMpu/CrklvndvugWdhPVTvq77BMtUgmQNy9EiCuCt
Mu6rGSFNJe55u2ac5CgixWcmKBbt5M973SF1hOK4/FzDoLmqGFPtV7IYupCGsNEv
kUZGaF+IbPFWSg==
-----END CERTIFICATE-----
Generated at Fri Apr 17 10:58:17 2026 by rpki-client