Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/ceea91-0a2a-4a4e-917b-c6161ce395af/1/hfuFrdCfSHbqaqqI1NiMgcy2sQo.mft
File: hfuFrdCfSHbqaqqI1NiMgcy2sQo.mft (raw, json)
Hash identifier: HzuQlzyicaNom+lGbRQbHdH7E6yEJyrv2cRkOHe+UaM=
Subject key identifier: 67:76:FA:83:C3:A3:DC:DC:0D:17:E4:5A:09:65:E2:1C:87:1B:62:C0
Authority key identifier: 85:FB:85:AD:D0:9F:48:76:EA:6A:AA:88:D4:D8:8C:81:CC:B6:B1:0A
Certificate issuer: /CN=85fb85add09f4876ea6aaa88d4d88c81ccb6b10a
Certificate serial: 019CAA5906895802D3D6206A10B1079684A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hfuFrdCfSHbqaqqI1NiMgcy2sQo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/ceea91-0a2a-4a4e-917b-c6161ce395af/1/hfuFrdCfSHbqaqqI1NiMgcy2sQo.mft
Manifest number: 0AD6
Signing time: Sun 01 Mar 2026 17:01:26 +0000
Manifest this update: Sun 01 Mar 2026 17:01:26 +0000
Manifest next update: Mon 02 Mar 2026 17:01:26 +0000
Files and hashes: 1: U967gx6zU2ewhEleCWFHT_7A_9o.roa (hash: rEcp4qFupVQgVYmsA8hG1Q/G6+z2CIRB0Mx5vxsYxf0=)
2: h-KmrUFQix2mPVIgPxijrxKClGw.roa (hash: fc8hHRpimWi4M001kIYlHNuSFZw5gckGt8QS97+VBbM=)
3: hfuFrdCfSHbqaqqI1NiMgcy2sQo.crl (hash: jjnRW1UMpcOdW6va9VrT3oD9yYghnwO5IApifQTQit8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/ceea91-0a2a-4a4e-917b-c6161ce395af/1/hfuFrdCfSHbqaqqI1NiMgcy2sQo.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/ceea91-0a2a-4a4e-917b-c6161ce395af/1/hfuFrdCfSHbqaqqI1NiMgcy2sQo.mft
rsync://rpki.ripe.net/repository/DEFAULT/hfuFrdCfSHbqaqqI1NiMgcy2sQo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:aa:59:06:89:58:02:d3:d6:20:6a:10:b1:07:96:84:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85fb85add09f4876ea6aaa88d4d88c81ccb6b10a
Validity
Not Before: Mar 1 17:01:26 2026 GMT
Not After : Mar 2 17:01:26 2026 GMT
Subject: CN=6776fa83c3a3dcdc0d17e45a0965e21c871b62c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:64:b6:da:fa:c3:a8:2d:16:45:f1:ec:90:32:
c2:88:6e:48:3b:34:90:d3:f7:96:48:b2:87:82:58:
94:84:65:be:5c:2e:95:5b:f8:6c:d7:8e:47:cd:8f:
02:ac:e4:ab:6a:8c:c2:7e:09:1d:94:8f:51:9c:df:
fe:a5:54:0f:b6:83:5b:41:aa:e9:cc:6f:24:eb:f8:
8e:23:e9:d9:9b:ce:42:46:37:6e:fb:95:e5:a9:d6:
fd:c0:89:db:62:d0:15:df:2c:7e:13:98:9a:c0:d5:
ef:52:ef:3e:53:e6:dd:6a:b3:93:8f:b2:9a:16:2e:
87:47:ba:d1:a8:a5:a1:bf:a7:fc:18:40:19:77:12:
ea:b9:a7:21:f0:d9:0e:77:f8:84:8e:a6:e3:58:2c:
cc:ab:67:67:01:e1:2a:c8:d9:10:4e:d1:af:1b:bb:
6d:13:1b:da:13:01:2e:f1:dc:a5:d4:65:c4:c3:f9:
61:7a:83:c9:b5:93:ec:8a:29:b7:cc:66:91:1b:97:
f8:ce:69:1f:7d:5a:f3:d0:19:49:3c:6d:fd:be:ed:
c7:e5:a5:bd:c4:b3:12:5d:57:3d:3b:7f:3b:a6:1c:
34:c6:b2:99:8f:44:22:37:90:65:3a:99:1e:11:7b:
5e:77:b5:2c:df:c0:3a:27:1e:6c:a2:30:3e:11:79:
e3:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:76:FA:83:C3:A3:DC:DC:0D:17:E4:5A:09:65:E2:1C:87:1B:62:C0
X509v3 Authority Key Identifier:
keyid:85:FB:85:AD:D0:9F:48:76:EA:6A:AA:88:D4:D8:8C:81:CC:B6:B1:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hfuFrdCfSHbqaqqI1NiMgcy2sQo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/ceea91-0a2a-4a4e-917b-c6161ce395af/1/hfuFrdCfSHbqaqqI1NiMgcy2sQo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/ceea91-0a2a-4a4e-917b-c6161ce395af/1/hfuFrdCfSHbqaqqI1NiMgcy2sQo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
af:a4:a3:4a:4b:94:ea:c6:cc:f6:a4:48:32:23:94:9a:e1:64:
e8:35:70:d4:90:f6:7a:11:a1:96:54:19:ce:a9:d1:99:99:d9:
f2:c9:31:8a:b4:d7:c5:75:a8:d1:21:4b:b9:d2:43:12:50:e3:
23:c4:1d:41:87:ec:9e:c0:34:3a:61:14:9d:75:cb:6e:47:b0:
f0:5b:be:a3:4a:83:f3:81:1e:22:39:25:c8:05:f0:83:7b:f7:
88:bc:2e:d9:98:b7:50:22:fc:26:fc:ec:b1:4e:b1:85:ab:c1:
c8:f9:f3:0a:0a:e9:6b:ae:4c:81:68:e9:2d:2b:fd:17:11:f7:
19:a3:54:c7:5e:32:cd:d8:71:c9:ff:d8:ac:31:53:60:02:86:
13:5c:d2:ba:a2:af:27:4f:13:8c:80:6c:8d:50:e7:0d:a7:84:
67:9c:52:66:6c:fe:63:c1:f6:99:ab:a4:4d:4e:23:f3:6b:39:
f4:ec:4f:89:a4:3a:a3:fb:c8:22:55:a9:80:66:51:a6:d4:18:
6e:28:74:cc:7c:72:bd:24:50:46:2b:b4:5d:f0:85:8e:9b:7b:
a9:d2:02:58:a4:f6:1d:04:4e:9c:10:ae:c3:b9:46:b6:71:9c:
4c:4b:ab:f9:a9:b7:8a:7b:d5:8f:c3:df:80:71:7d:6e:d9:2c:
31:75:fa:7e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqWQaJWALT1iBqELEHloSpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1ZmI4NWFkZDA5ZjQ4NzZlYTZhYWE4OGQ0ZDg4YzgxY2Ni
NmIxMGEwHhcNMjYwMzAxMTcwMTI2WhcNMjYwMzAyMTcwMTI2WjAzMTEwLwYDVQQD
Eyg2Nzc2ZmE4M2MzYTNkY2RjMGQxN2U0NWEwOTY1ZTIxYzg3MWI2MmMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1WS22vrDqC0WRfHskDLCiG5IOzSQ
0/eWSLKHgliUhGW+XC6VW/hs145HzY8CrOSraozCfgkdlI9RnN/+pVQPtoNbQarp
zG8k6/iOI+nZm85CRjdu+5Xlqdb9wInbYtAV3yx+E5iawNXvUu8+U+bdarOTj7Ka
Fi6HR7rRqKWhv6f8GEAZdxLquach8NkOd/iEjqbjWCzMq2dnAeEqyNkQTtGvG7tt
ExvaEwEu8dyl1GXEw/lheoPJtZPsiim3zGaRG5f4zmkffVrz0BlJPG39vu3H5aW9
xLMSXVc9O387phw0xrKZj0QiN5BlOpkeEXted7Us38A6Jx5sojA+EXnjxQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGd2+oPDo9zcDRfkWgll4hyHG2LAMB8GA1UdIwQY
MBaAFIX7ha3Qn0h26mqqiNTYjIHMtrEKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGZ1RnJkQ2ZTSGJxYXFxSTFOaU1nY3kyc1FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC9jZWVhOTEtMGEyYS00YTRlLTkxN2It
YzYxNjFjZTM5NWFmLzEvaGZ1RnJkQ2ZTSGJxYXFxSTFOaU1nY3kyc1FvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC9jZWVhOTEtMGEyYS00YTRlLTkxN2ItYzYxNjFjZTM5NWFm
LzEvaGZ1RnJkQ2ZTSGJxYXFxSTFOaU1nY3kyc1FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAr6SjSkuU
6sbM9qRIMiOUmuFk6DVw1JD2ehGhllQZzqnRmZnZ8skxirTXxXWo0SFLudJDElDj
I8QdQYfsnsA0OmEUnXXLbkew8Fu+o0qD84EeIjklyAXwg3v3iLwu2Zi3UCL8Jvzs
sU6xhavByPnzCgrpa65MgWjpLSv9FxH3GaNUx14yzdhxyf/YrDFTYAKGE1zSuqKv
J08TjIBsjVDnDaeEZ5xSZmz+Y8H2maukTU4j82s59OxPiaQ6o/vIIlWpgGZRptQY
bih0zHxyvSRQRiu0XfCFjpt7qdICWKT2HQROnBCuw7lGtnGcTEur+am3invVj8Pf
gHF9btksMXX6fg==
-----END CERTIFICATE-----
Generated at Mon Mar 2 00:34:01 2026 by rpki-client