Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/c8406d-a564-4795-98b0-868160668382/1/HK37nPzahCYhLdfYhztf5ItBLyo.mft
File: HK37nPzahCYhLdfYhztf5ItBLyo.mft (raw, json)
Hash identifier: hF2oJJ1X10A+AFMw3J0OElWUtxN0s4tdQTFF5G9UbJg=
Subject key identifier: 92:91:B8:A5:99:58:1D:2D:6B:BF:DE:9E:A1:12:A8:A4:CC:1A:6B:90
Authority key identifier: 1C:AD:FB:9C:FC:DA:84:26:21:2D:D7:D8:87:3B:5F:E4:8B:41:2F:2A
Certificate issuer: /CN=1cadfb9cfcda8426212dd7d8873b5fe48b412f2a
Certificate serial: 019D9AE2AB80F834CCC9802F5A876332EB74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HK37nPzahCYhLdfYhztf5ItBLyo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/c8406d-a564-4795-98b0-868160668382/1/HK37nPzahCYhLdfYhztf5ItBLyo.mft
Manifest number: 13C2
Signing time: Fri 17 Apr 2026 10:00:39 +0000
Manifest this update: Fri 17 Apr 2026 10:00:39 +0000
Manifest next update: Sat 18 Apr 2026 10:00:39 +0000
Files and hashes: 1: HK37nPzahCYhLdfYhztf5ItBLyo.crl (hash: c0MPq7lAwb/yaIy/XypLDuGY4mgNj9x1yu/u6oFFGXc=)
2: XKQN9GdCDnkkYw875rkSfXAvJBg.roa (hash: fV6EdFaVajqg4dj/k6xrLoqomy/vlK7OlhjNnf6pmQA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/43/c8406d-a564-4795-98b0-868160668382/1/HK37nPzahCYhLdfYhztf5ItBLyo.crl
rsync://rpki.ripe.net/repository/DEFAULT/43/c8406d-a564-4795-98b0-868160668382/1/HK37nPzahCYhLdfYhztf5ItBLyo.mft
rsync://rpki.ripe.net/repository/DEFAULT/HK37nPzahCYhLdfYhztf5ItBLyo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 10:00:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9a:e2:ab:80:f8:34:cc:c9:80:2f:5a:87:63:32:eb:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1cadfb9cfcda8426212dd7d8873b5fe48b412f2a
Validity
Not Before: Apr 17 10:00:39 2026 GMT
Not After : Apr 18 10:00:39 2026 GMT
Subject: CN=9291b8a599581d2d6bbfde9ea112a8a4cc1a6b90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:6e:93:9a:18:3b:25:85:48:65:33:13:ae:55:
b6:8f:48:4a:4d:e7:c8:58:3a:7c:6d:d8:28:1e:69:
f7:54:7c:be:f6:8f:4f:ce:0e:0d:5e:fe:af:f2:ee:
6a:d3:6f:6c:1a:14:db:5b:4f:7b:90:36:10:b7:fe:
7c:16:0a:ba:2b:45:e4:c7:0d:8d:28:05:f9:d9:56:
05:5a:16:3b:fd:bf:c3:fd:ae:c2:d8:cb:2e:31:c3:
28:f9:bb:79:94:0f:94:5c:69:74:d4:c2:16:8c:5f:
87:a9:56:c3:4b:31:26:a3:0c:13:84:74:c1:3d:aa:
54:0b:56:5c:51:bf:8a:fc:d5:04:07:1b:4a:78:e9:
82:22:19:2f:24:fe:5a:d8:3f:a2:66:46:49:c4:25:
ed:6e:e6:8a:47:7f:5e:55:14:9b:f7:ad:7a:6d:77:
6f:e5:21:da:cd:1e:8e:74:4f:cb:a6:45:4f:59:45:
b0:0b:60:ba:bf:af:a6:ef:6b:df:81:ef:15:1a:b3:
6b:24:fe:0e:b9:16:7b:ee:22:72:92:3e:67:62:61:
95:28:1c:76:74:85:f8:c7:52:80:54:e1:56:6c:d0:
c9:1c:b0:dd:17:00:22:80:e6:ab:78:68:a0:9a:e4:
60:14:05:9f:e7:7f:b4:32:65:8c:26:c7:6d:b6:ff:
8b:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:91:B8:A5:99:58:1D:2D:6B:BF:DE:9E:A1:12:A8:A4:CC:1A:6B:90
X509v3 Authority Key Identifier:
keyid:1C:AD:FB:9C:FC:DA:84:26:21:2D:D7:D8:87:3B:5F:E4:8B:41:2F:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HK37nPzahCYhLdfYhztf5ItBLyo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/c8406d-a564-4795-98b0-868160668382/1/HK37nPzahCYhLdfYhztf5ItBLyo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/c8406d-a564-4795-98b0-868160668382/1/HK37nPzahCYhLdfYhztf5ItBLyo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
c2:0a:05:dc:f8:ae:1e:0b:8f:8d:0c:cf:35:83:2a:ec:93:e2:
1f:78:f7:e2:03:51:41:70:e2:72:0f:2d:53:d1:b4:5c:c2:bc:
ca:40:35:e3:8f:8e:78:8d:72:89:45:fc:c5:2d:4c:8d:ea:51:
2d:e9:ca:8e:0b:94:9e:e4:9e:4f:d1:ef:59:aa:de:10:b6:40:
75:db:64:ec:55:db:09:19:b2:1c:66:97:f6:d0:08:ab:30:50:
e4:f9:04:13:2d:f4:d5:12:da:12:0d:06:93:07:ff:43:32:9c:
00:85:00:8a:41:67:f9:28:69:27:49:1b:46:f1:72:ab:19:c9:
03:ba:b5:a6:7b:21:b7:92:5b:d6:91:53:d8:c1:d9:37:85:73:
ae:e3:44:24:37:ef:8d:1b:48:16:4a:99:48:ce:d3:75:5f:2f:
e2:64:eb:77:2e:e0:be:a6:e7:76:cd:dd:87:d2:8e:7a:ae:22:
6e:ac:1c:3a:77:37:27:c8:56:31:a8:b7:27:cb:ef:a5:7a:14:
5b:6e:46:af:89:2b:fb:17:4f:b2:62:ec:de:3b:ce:c7:59:f6:
b4:c3:ee:32:d5:98:4d:c8:1d:5f:76:ec:eb:4a:23:2a:25:9d:
47:b8:1f:fb:d9:ba:c9:de:15:28:a5:f1:70:72:eb:d1:1b:bc:
66:18:8d:b6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2a4quA+DTMyYAvWodjMut0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjYWRmYjljZmNkYTg0MjYyMTJkZDdkODg3M2I1ZmU0OGI0
MTJmMmEwHhcNMjYwNDE3MTAwMDM5WhcNMjYwNDE4MTAwMDM5WjAzMTEwLwYDVQQD
Eyg5MjkxYjhhNTk5NTgxZDJkNmJiZmRlOWVhMTEyYThhNGNjMWE2YjkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApW6Tmhg7JYVIZTMTrlW2j0hKTefI
WDp8bdgoHmn3VHy+9o9Pzg4NXv6v8u5q029sGhTbW097kDYQt/58Fgq6K0Xkxw2N
KAX52VYFWhY7/b/D/a7C2MsuMcMo+bt5lA+UXGl01MIWjF+HqVbDSzEmowwThHTB
PapUC1ZcUb+K/NUEBxtKeOmCIhkvJP5a2D+iZkZJxCXtbuaKR39eVRSb9616bXdv
5SHazR6OdE/LpkVPWUWwC2C6v6+m72vfge8VGrNrJP4OuRZ77iJykj5nYmGVKBx2
dIX4x1KAVOFWbNDJHLDdFwAigOareGigmuRgFAWf53+0MmWMJsdttv+LSwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJKRuKWZWB0ta7/enqESqKTMGmuQMB8GA1UdIwQY
MBaAFByt+5z82oQmIS3X2Ic7X+SLQS8qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEszN25QemFoQ1loTGRmWWh6dGY1SXRCTHlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My9jODQwNmQtYTU2NC00Nzk1LTk4YjAt
ODY4MTYwNjY4MzgyLzEvSEszN25QemFoQ1loTGRmWWh6dGY1SXRCTHlvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My9jODQwNmQtYTU2NC00Nzk1LTk4YjAtODY4MTYwNjY4Mzgy
LzEvSEszN25QemFoQ1loTGRmWWh6dGY1SXRCTHlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwgoF3Piu
HguPjQzPNYMq7JPiH3j34gNRQXDicg8tU9G0XMK8ykA144+OeI1yiUX8xS1MjepR
LenKjguUnuSeT9HvWareELZAddtk7FXbCRmyHGaX9tAIqzBQ5PkEEy301RLaEg0G
kwf/QzKcAIUAikFn+ShpJ0kbRvFyqxnJA7q1pnsht5Jb1pFT2MHZN4VzruNEJDfv
jRtIFkqZSM7TdV8v4mTrdy7gvqbnds3dh9KOeq4ibqwcOnc3J8hWMai3J8vvpXoU
W25Gr4kr+xdPsmLs3jvOx1n2tMPuMtWYTcgdX3bs60ojKiWdR7gf+9m6yd4VKKXx
cHLr0Ru8ZhiNtg==
-----END CERTIFICATE-----
Generated at Fri Apr 17 18:33:17 2026 by rpki-client