Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/d49528-2aa4-4a7d-9845-c2443aa547e2/1/HkXMabTR7hUbUCdEL7upRMJ035c.mft
File: HkXMabTR7hUbUCdEL7upRMJ035c.mft (raw, json)
Hash identifier: lwQD98yN+9AVVrS2nmKUMUenTnKkjmqGEH+0mEpkbIc=
Subject key identifier: CD:8D:1A:94:2A:ED:8B:CF:D5:6F:C1:D5:72:8D:11:51:EC:68:EB:D7
Authority key identifier: 1E:45:CC:69:B4:D1:EE:15:1B:50:27:44:2F:BB:A9:44:C2:74:DF:97
Certificate issuer: /CN=1e45cc69b4d1ee151b5027442fbba944c274df97
Certificate serial: 019CA833A23E8F87A3273A6322C46EFBDD49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HkXMabTR7hUbUCdEL7upRMJ035c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/d49528-2aa4-4a7d-9845-c2443aa547e2/1/HkXMabTR7hUbUCdEL7upRMJ035c.mft
Manifest number: 17C0
Signing time: Sun 01 Mar 2026 07:01:21 +0000
Manifest this update: Sun 01 Mar 2026 07:01:21 +0000
Manifest next update: Mon 02 Mar 2026 07:01:21 +0000
Files and hashes: 1: HkXMabTR7hUbUCdEL7upRMJ035c.crl (hash: bhCl5+i5upwn7IdwXlwWGEt/pPMMCman9CMRSTJIff8=)
2: aZ1Tmj5Fb0n-wAOpGfFgPSrHdBE.roa (hash: Gos9McZbPOXHaQCrEQsYEbpvs5QjrqdpWFlMgXSAVtE=)
3: cmpuXpIT4rvzqBUAC8x_2HfS7ko.asa (hash: oUrQJpTPJIb/YuIVBdY/6NRHdTxNTlQPuGs1oAK8Nmk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/d49528-2aa4-4a7d-9845-c2443aa547e2/1/HkXMabTR7hUbUCdEL7upRMJ035c.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/d49528-2aa4-4a7d-9845-c2443aa547e2/1/HkXMabTR7hUbUCdEL7upRMJ035c.mft
rsync://rpki.ripe.net/repository/DEFAULT/HkXMabTR7hUbUCdEL7upRMJ035c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 06:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:a8:33:a2:3e:8f:87:a3:27:3a:63:22:c4:6e:fb:dd:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e45cc69b4d1ee151b5027442fbba944c274df97
Validity
Not Before: Mar 1 07:01:21 2026 GMT
Not After : Mar 2 07:01:21 2026 GMT
Subject: CN=cd8d1a942aed8bcfd56fc1d5728d1151ec68ebd7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:8c:54:1c:c5:b0:a1:01:3f:8a:db:27:03:55:
00:c6:cf:db:2d:13:c7:22:0c:57:b9:82:c7:ae:7f:
72:44:92:57:87:c1:7c:7c:71:24:30:c4:b6:56:69:
29:80:7a:ec:ef:0e:77:33:82:e7:32:23:e7:6b:34:
67:a9:bc:15:6f:3c:36:ab:a2:72:68:f4:9e:d1:c2:
9d:a7:35:dd:4b:8f:28:d3:1f:2c:0d:3d:22:a3:02:
9d:37:04:8a:aa:2f:94:b4:9f:a3:e5:a3:53:ca:f1:
46:5a:9a:3f:cf:39:d9:8e:fc:48:c0:2a:06:25:98:
77:a0:af:b7:a4:24:f9:53:82:04:6e:eb:11:f3:fc:
b9:f8:7c:53:6f:67:7b:91:cd:c3:98:c3:eb:64:b2:
3e:e9:fd:43:f2:3e:35:0c:d5:56:8d:c0:ec:56:56:
82:46:83:db:20:41:51:dd:3e:06:3a:18:e1:d8:66:
a7:55:d2:d5:81:a2:71:fe:dd:65:5b:6d:eb:cc:39:
ad:7a:2c:1d:db:d8:21:69:b0:57:a0:19:18:41:52:
aa:eb:d9:7f:8b:7f:23:b5:c3:ba:c5:ec:35:c0:3a:
cd:42:59:b0:f6:c9:d6:38:f3:18:6a:fb:92:ce:08:
9b:57:4a:d2:49:11:ee:47:66:e8:97:c0:c2:1d:9c:
21:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:8D:1A:94:2A:ED:8B:CF:D5:6F:C1:D5:72:8D:11:51:EC:68:EB:D7
X509v3 Authority Key Identifier:
keyid:1E:45:CC:69:B4:D1:EE:15:1B:50:27:44:2F:BB:A9:44:C2:74:DF:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HkXMabTR7hUbUCdEL7upRMJ035c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/d49528-2aa4-4a7d-9845-c2443aa547e2/1/HkXMabTR7hUbUCdEL7upRMJ035c.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/d49528-2aa4-4a7d-9845-c2443aa547e2/1/HkXMabTR7hUbUCdEL7upRMJ035c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a0:56:47:e3:bd:bf:a7:be:79:c5:24:6a:31:bb:56:1a:57:c2:
9e:03:4c:d2:96:66:0f:4c:b3:07:40:74:b4:fc:4f:66:10:b7:
f5:2b:40:aa:d4:c1:2c:60:84:66:86:4d:11:44:f2:df:ba:94:
e3:d7:4e:81:18:f6:d0:cd:91:14:ee:c3:2e:d7:60:53:c4:b3:
64:d5:86:b8:70:9e:1d:03:c6:c5:be:af:c5:ce:82:77:01:67:
e2:2f:e6:8b:8c:94:5c:f6:ce:e4:22:9a:7d:fe:75:17:a8:9e:
d2:be:0d:71:89:8d:96:b2:94:db:4c:85:03:1e:f6:b1:c2:c4:
29:db:60:46:38:a1:12:c0:f8:af:50:18:34:10:dd:04:e2:a9:
3e:95:52:0c:bb:fb:da:c7:30:60:41:14:b1:7c:36:06:8e:4e:
04:72:d2:95:89:8f:e2:6c:65:7b:0e:ec:47:86:fe:fc:9b:64:
19:84:de:e0:25:80:ad:19:18:2d:de:ce:f4:95:cb:5b:dd:91:
de:4e:17:5c:dd:a3:4c:21:50:07:62:30:a6:fb:cb:15:d4:84:
8b:7f:70:d2:86:d5:f5:54:fd:1c:9a:15:5e:4f:09:92:a2:20:
bb:84:3c:45:7c:fb:f0:9c:54:e2:00:e7:4c:e3:41:24:d8:18:
59:b4:4c:ab
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyoM6I+j4ejJzpjIsRu+91JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlNDVjYzY5YjRkMWVlMTUxYjUwMjc0NDJmYmJhOTQ0YzI3
NGRmOTcwHhcNMjYwMzAxMDcwMTIxWhcNMjYwMzAyMDcwMTIxWjAzMTEwLwYDVQQD
EyhjZDhkMWE5NDJhZWQ4YmNmZDU2ZmMxZDU3MjhkMTE1MWVjNjhlYmQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoIxUHMWwoQE/itsnA1UAxs/bLRPH
IgxXuYLHrn9yRJJXh8F8fHEkMMS2VmkpgHrs7w53M4LnMiPnazRnqbwVbzw2q6Jy
aPSe0cKdpzXdS48o0x8sDT0iowKdNwSKqi+UtJ+j5aNTyvFGWpo/zznZjvxIwCoG
JZh3oK+3pCT5U4IEbusR8/y5+HxTb2d7kc3DmMPrZLI+6f1D8j41DNVWjcDsVlaC
RoPbIEFR3T4GOhjh2GanVdLVgaJx/t1lW23rzDmteiwd29ghabBXoBkYQVKq69l/
i38jtcO6xew1wDrNQlmw9snWOPMYavuSzgibV0rSSRHuR2bol8DCHZwhYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM2NGpQq7YvP1W/B1XKNEVHsaOvXMB8GA1UdIwQY
MBaAFB5FzGm00e4VG1AnRC+7qUTCdN+XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGtYTWFiVFI3aFViVUNkRUw3dXBSTUowMzVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy9kNDk1MjgtMmFhNC00YTdkLTk4NDUt
YzI0NDNhYTU0N2UyLzEvSGtYTWFiVFI3aFViVUNkRUw3dXBSTUowMzVjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy9kNDk1MjgtMmFhNC00YTdkLTk4NDUtYzI0NDNhYTU0N2Uy
LzEvSGtYTWFiVFI3aFViVUNkRUw3dXBSTUowMzVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoFZH472/
p755xSRqMbtWGlfCngNM0pZmD0yzB0B0tPxPZhC39StAqtTBLGCEZoZNEUTy37qU
49dOgRj20M2RFO7DLtdgU8SzZNWGuHCeHQPGxb6vxc6CdwFn4i/mi4yUXPbO5CKa
ff51F6ie0r4NcYmNlrKU20yFAx72scLEKdtgRjihEsD4r1AYNBDdBOKpPpVSDLv7
2scwYEEUsXw2Bo5OBHLSlYmP4mxlew7sR4b+/JtkGYTe4CWArRkYLd7O9JXLW92R
3k4XXN2jTCFQB2IwpvvLFdSEi39w0obV9VT9HJoVXk8JkqIgu4Q8RXz78JxU4gDn
TONBJNgYWbRMqw==
-----END CERTIFICATE-----
Generated at Sun Mar 1 14:45:12 2026 by rpki-client