Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/4af4be-70f1-4194-911f-59ab96bc35c6/1/hoRh4GD99IzUHTOtknHIB9Qk60I.mft
File: hoRh4GD99IzUHTOtknHIB9Qk60I.mft (raw, json)
Hash identifier: QlmhR5a81NtF76ypMSw+cpi63m6rBEA0B8GAH9W4Q0Q=
Subject key identifier: F7:21:FB:BD:63:EA:BC:A7:F3:2E:CD:F9:23:77:28:74:B6:12:AC:C7
Authority key identifier: 86:84:61:E0:60:FD:F4:8C:D4:1D:33:AD:92:71:C8:07:D4:24:EB:42
Certificate issuer: /CN=868461e060fdf48cd41d33ad9271c807d424eb42
Certificate serial: 019CAF10BB1FEE3BF0576B62233D22823E09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hoRh4GD99IzUHTOtknHIB9Qk60I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/4af4be-70f1-4194-911f-59ab96bc35c6/1/hoRh4GD99IzUHTOtknHIB9Qk60I.mft
Manifest number: 036D
Signing time: Mon 02 Mar 2026 15:00:35 +0000
Manifest this update: Mon 02 Mar 2026 15:00:35 +0000
Manifest next update: Tue 03 Mar 2026 15:00:35 +0000
Files and hashes: 1: IyUD0cTbm163_nE6Z_KQkHMo9a0.roa (hash: ckmuLvsLe1WHUbDkzeJOW8KVL9BpPwjboxRuotk+r7Y=)
2: hoRh4GD99IzUHTOtknHIB9Qk60I.crl (hash: MBS3mmbPtpQrFYin5lPJLxHtAbWnyAHXXoBysmsBmx0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/4af4be-70f1-4194-911f-59ab96bc35c6/1/hoRh4GD99IzUHTOtknHIB9Qk60I.crl
rsync://rpki.ripe.net/repository/DEFAULT/53/4af4be-70f1-4194-911f-59ab96bc35c6/1/hoRh4GD99IzUHTOtknHIB9Qk60I.mft
rsync://rpki.ripe.net/repository/DEFAULT/hoRh4GD99IzUHTOtknHIB9Qk60I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 15:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:af:10:bb:1f:ee:3b:f0:57:6b:62:23:3d:22:82:3e:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=868461e060fdf48cd41d33ad9271c807d424eb42
Validity
Not Before: Mar 2 15:00:35 2026 GMT
Not After : Mar 3 15:00:35 2026 GMT
Subject: CN=f721fbbd63eabca7f32ecdf923772874b612acc7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:d7:dd:59:29:f7:aa:b0:60:e4:3b:5b:6f:03:
9f:5a:42:d6:fc:65:43:a4:d8:e0:34:77:47:4c:21:
b7:53:51:9e:aa:a1:a6:8c:4c:6b:68:b4:99:32:fb:
83:6a:04:19:12:4c:dd:72:55:47:65:2f:a2:1a:53:
09:54:4f:23:16:1f:86:0c:68:af:e0:f7:3e:b0:68:
23:b6:f5:cf:c9:e0:f8:ff:af:24:4d:af:26:e0:4e:
31:b0:19:fb:f6:63:ce:17:4d:6e:3b:15:50:eb:e0:
eb:ad:6f:3c:4c:f0:81:a7:e2:0f:21:21:2b:00:4a:
11:28:39:f4:bb:33:1c:be:9c:d5:e2:f0:c1:b1:9c:
02:88:12:0b:f2:fc:b7:08:34:4e:88:93:81:72:08:
92:8f:89:8d:c9:5f:6d:87:47:65:d5:2a:7e:e8:4f:
31:e9:15:cd:de:b1:97:30:0c:b1:e6:2e:38:ec:e8:
bb:b7:6f:04:31:52:36:29:0e:76:cd:29:84:32:9a:
26:1e:de:fb:45:d2:6d:87:06:c8:de:e8:48:9e:0b:
a3:c5:38:90:8c:2e:d7:58:b3:ed:34:29:70:ff:26:
8e:5a:61:1d:4e:0c:f3:23:62:0a:29:ca:bd:4b:d8:
5b:57:fa:cb:fd:1b:6a:b9:b3:fd:ed:c5:60:74:f0:
3b:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:21:FB:BD:63:EA:BC:A7:F3:2E:CD:F9:23:77:28:74:B6:12:AC:C7
X509v3 Authority Key Identifier:
keyid:86:84:61:E0:60:FD:F4:8C:D4:1D:33:AD:92:71:C8:07:D4:24:EB:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hoRh4GD99IzUHTOtknHIB9Qk60I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/4af4be-70f1-4194-911f-59ab96bc35c6/1/hoRh4GD99IzUHTOtknHIB9Qk60I.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/4af4be-70f1-4194-911f-59ab96bc35c6/1/hoRh4GD99IzUHTOtknHIB9Qk60I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0e:e4:20:75:78:7a:dd:5a:dc:a6:f9:98:92:3f:50:63:66:91:
59:21:3a:b9:e8:a7:e7:23:65:4e:a5:93:e1:ba:42:9a:82:a1:
63:2a:7b:79:9b:31:d5:9e:7f:66:1e:e8:cc:54:e7:62:fa:96:
b5:64:bf:2f:e7:85:cd:a3:a1:fd:30:45:8f:8e:07:1d:67:0f:
fe:7d:61:f9:e5:13:42:85:ba:bf:c9:40:f0:d9:e1:84:6c:e7:
cc:8d:9f:0f:14:8f:83:e3:64:84:3d:10:da:11:45:ee:ea:ff:
28:f1:33:c9:e0:e3:a9:0d:e5:9e:da:0a:2f:f8:f3:12:67:56:
1e:5c:e2:9b:71:6f:02:85:37:c8:c5:e8:ea:c1:54:3b:8f:e4:
52:87:c8:9a:a6:e4:f8:f0:0b:41:60:b2:62:7e:01:19:59:c0:
f8:25:c3:bd:fc:5b:ca:d9:8e:0b:bc:81:b3:0b:97:a7:b0:0f:
94:bb:e6:62:58:77:84:d7:b9:00:b0:2a:e9:0e:10:4f:53:db:
05:84:8a:f7:69:dc:93:ee:56:1b:17:7a:80:11:0c:0f:10:65:
9c:d0:44:d7:78:65:93:9d:68:35:6b:b2:cf:ad:5a:ab:9d:d6:
0a:a1:1f:74:59:58:b5:fc:78:4d:48:a6:dd:1a:bc:ac:9f:f7:
dc:39:65:2a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyvELsf7jvwV2tiIz0igj4JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ODQ2MWUwNjBmZGY0OGNkNDFkMzNhZDkyNzFjODA3ZDQy
NGViNDIwHhcNMjYwMzAyMTUwMDM1WhcNMjYwMzAzMTUwMDM1WjAzMTEwLwYDVQQD
EyhmNzIxZmJiZDYzZWFiY2E3ZjMyZWNkZjkyMzc3Mjg3NGI2MTJhY2M3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs9fdWSn3qrBg5DtbbwOfWkLW/GVD
pNjgNHdHTCG3U1GeqqGmjExraLSZMvuDagQZEkzdclVHZS+iGlMJVE8jFh+GDGiv
4Pc+sGgjtvXPyeD4/68kTa8m4E4xsBn79mPOF01uOxVQ6+DrrW88TPCBp+IPISEr
AEoRKDn0uzMcvpzV4vDBsZwCiBIL8vy3CDROiJOBcgiSj4mNyV9th0dl1Sp+6E8x
6RXN3rGXMAyx5i447Oi7t28EMVI2KQ52zSmEMpomHt77RdJthwbI3uhIngujxTiQ
jC7XWLPtNClw/yaOWmEdTgzzI2IKKcq9S9hbV/rL/RtqubP97cVgdPA79QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPch+71j6ryn8y7N+SN3KHS2EqzHMB8GA1UdIwQY
MBaAFIaEYeBg/fSM1B0zrZJxyAfUJOtCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaG9SaDRHRDk5SXpVSFRPdGtuSElCOVFrNjBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My80YWY0YmUtNzBmMS00MTk0LTkxMWYt
NTlhYjk2YmMzNWM2LzEvaG9SaDRHRDk5SXpVSFRPdGtuSElCOVFrNjBJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My80YWY0YmUtNzBmMS00MTk0LTkxMWYtNTlhYjk2YmMzNWM2
LzEvaG9SaDRHRDk5SXpVSFRPdGtuSElCOVFrNjBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADuQgdXh6
3VrcpvmYkj9QY2aRWSE6uein5yNlTqWT4bpCmoKhYyp7eZsx1Z5/Zh7ozFTnYvqW
tWS/L+eFzaOh/TBFj44HHWcP/n1h+eUTQoW6v8lA8NnhhGznzI2fDxSPg+NkhD0Q
2hFF7ur/KPEzyeDjqQ3lntoKL/jzEmdWHlzim3FvAoU3yMXo6sFUO4/kUofImqbk
+PALQWCyYn4BGVnA+CXDvfxbytmOC7yBswuXp7APlLvmYlh3hNe5ALAq6Q4QT1Pb
BYSK92nck+5WGxd6gBEMDxBlnNBE13hlk51oNWuyz61aq53WCqEfdFlYtfx4TUim
3Rq8rJ/33DllKg==
-----END CERTIFICATE-----
Generated at Mon Mar 2 23:53:50 2026 by rpki-client