Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/afd70f-c300-49cb-b729-72ab5987f609/1/hrIjA95LCocPz-e2VWwCT3XHajQ.mft
File: hrIjA95LCocPz-e2VWwCT3XHajQ.mft (raw, json)
Hash identifier: S4+g+hqihpBbDP9LzjTjeCSIF1jdDIlnnZ3d8sCvU2s=
Subject key identifier: AA:58:FF:AE:B4:0B:18:88:7C:5C:AA:B0:54:0D:16:09:27:8C:5D:29
Authority key identifier: 86:B2:23:03:DE:4B:0A:87:0F:CF:E7:B6:55:6C:02:4F:75:C7:6A:34
Certificate issuer: /CN=86b22303de4b0a870fcfe7b6556c024f75c76a34
Certificate serial: 019CAAFCFB65963EBF7FBF64A12B2D843EC7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hrIjA95LCocPz-e2VWwCT3XHajQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/afd70f-c300-49cb-b729-72ab5987f609/1/hrIjA95LCocPz-e2VWwCT3XHajQ.mft
Manifest number: 1347
Signing time: Sun 01 Mar 2026 20:00:32 +0000
Manifest this update: Sun 01 Mar 2026 20:00:32 +0000
Manifest next update: Mon 02 Mar 2026 20:00:32 +0000
Files and hashes: 1: PreLEhXrBI_UKFJOTXBGTgHoYF0.roa (hash: YyPA9bxM1XffwGYRaKy9yqFp9gB0LZF+tWz17YqGofw=)
2: fW-vmq3lP_3MyQWkZHy-CbMNL3I.roa (hash: tS5uriJcYFbYG/ALXKZnCG1DLjQm/ccSm8DkPwEWxXI=)
3: hrIjA95LCocPz-e2VWwCT3XHajQ.crl (hash: sRL/9WdWioSlwSBF3pzswVO0R23XBEZ/ag6IoT52ISM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/afd70f-c300-49cb-b729-72ab5987f609/1/hrIjA95LCocPz-e2VWwCT3XHajQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/5d/afd70f-c300-49cb-b729-72ab5987f609/1/hrIjA95LCocPz-e2VWwCT3XHajQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/hrIjA95LCocPz-e2VWwCT3XHajQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:aa:fc:fb:65:96:3e:bf:7f:bf:64:a1:2b:2d:84:3e:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86b22303de4b0a870fcfe7b6556c024f75c76a34
Validity
Not Before: Mar 1 20:00:32 2026 GMT
Not After : Mar 2 20:00:32 2026 GMT
Subject: CN=aa58ffaeb40b18887c5caab0540d1609278c5d29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:58:10:52:74:11:8e:ea:04:98:83:4f:8a:3b:
65:d2:8a:06:c3:c1:ee:dc:9c:4d:4f:f7:9f:a7:47:
2d:46:a5:21:9f:59:dc:fa:00:f6:01:d5:bc:ba:90:
5b:09:ca:cd:31:d8:91:bf:0e:0d:cc:4f:c3:53:71:
b1:30:0a:5a:8e:e6:14:36:d5:61:bb:11:9d:5b:c5:
a8:5c:6c:ae:97:72:10:72:1d:80:1c:0f:69:77:b9:
d7:d1:8b:fc:db:9f:bf:52:3b:e2:37:b2:1e:d2:3c:
c4:ca:e6:ac:fd:cc:97:d1:4f:f0:2a:2b:7b:3d:68:
1d:c9:d9:32:75:4e:f9:7f:b4:33:5e:c9:44:41:3e:
1b:3e:52:e9:b8:3e:89:03:33:11:df:9c:b2:c7:d6:
56:36:bc:1e:9e:93:fc:0f:1f:2b:5d:6a:8b:8f:7c:
05:7d:46:40:36:2b:d1:0d:03:97:df:60:c2:7b:71:
22:d3:ff:46:33:2a:81:25:cd:a3:6a:1d:9e:40:50:
1c:49:da:8a:81:3f:bf:33:ae:bd:75:11:18:a0:ec:
d2:46:bf:b0:f5:5a:a2:21:4e:8a:7b:c8:32:21:da:
46:e3:df:43:60:96:8a:a6:14:f7:7d:cd:29:ff:86:
3d:a8:ef:1e:34:27:0f:1e:44:b1:5c:5f:87:88:ca:
f1:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:58:FF:AE:B4:0B:18:88:7C:5C:AA:B0:54:0D:16:09:27:8C:5D:29
X509v3 Authority Key Identifier:
keyid:86:B2:23:03:DE:4B:0A:87:0F:CF:E7:B6:55:6C:02:4F:75:C7:6A:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hrIjA95LCocPz-e2VWwCT3XHajQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/afd70f-c300-49cb-b729-72ab5987f609/1/hrIjA95LCocPz-e2VWwCT3XHajQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/afd70f-c300-49cb-b729-72ab5987f609/1/hrIjA95LCocPz-e2VWwCT3XHajQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6c:af:ce:1c:2b:e9:c8:2a:d2:fd:46:01:80:a3:2b:39:b0:5e:
3a:5b:1c:94:82:f1:fd:8d:e8:c4:1e:ae:6e:53:50:65:71:db:
28:3d:7f:d3:c0:ac:7e:24:79:4f:66:ca:ad:3c:2b:fb:4a:48:
52:43:f0:23:de:69:fb:2e:6f:de:52:61:e5:c6:df:d6:08:65:
be:81:2a:f7:7f:cc:4f:80:a5:f4:ee:c5:c7:d9:77:b8:4c:41:
e7:35:dc:cb:d3:a1:bf:67:5d:ac:ff:72:91:9b:05:7c:c7:b6:
78:cc:82:4a:4e:2d:0d:55:55:9c:c5:c9:34:1c:fb:57:63:c7:
10:a3:45:f6:93:18:39:43:db:30:d7:74:97:cd:70:c1:76:4e:
43:f3:38:bc:4a:59:50:0a:6c:f0:11:17:9f:a6:0e:a9:aa:69:
da:4d:8e:58:60:56:7b:6e:a3:22:a4:03:93:dc:35:75:b0:25:
7c:41:32:a7:bf:54:2b:82:c9:02:f0:47:53:5b:df:87:2b:32:
71:88:33:58:2c:fd:aa:9e:4a:25:c0:28:4e:94:00:35:16:bf:
6d:c8:a5:96:01:a8:ad:79:a4:c2:01:5f:e1:9a:c6:52:27:68:
e8:4a:3b:67:3f:9e:ea:09:0e:2d:ab:7b:12:8f:be:de:18:cd:
a5:56:b3:9c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyq/Ptllj6/f79koSsthD7HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2YjIyMzAzZGU0YjBhODcwZmNmZTdiNjU1NmMwMjRmNzVj
NzZhMzQwHhcNMjYwMzAxMjAwMDMyWhcNMjYwMzAyMjAwMDMyWjAzMTEwLwYDVQQD
EyhhYTU4ZmZhZWI0MGIxODg4N2M1Y2FhYjA1NDBkMTYwOTI3OGM1ZDI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv1gQUnQRjuoEmINPijtl0ooGw8Hu
3JxNT/efp0ctRqUhn1nc+gD2AdW8upBbCcrNMdiRvw4NzE/DU3GxMApajuYUNtVh
uxGdW8WoXGyul3IQch2AHA9pd7nX0Yv825+/UjviN7Ie0jzEyuas/cyX0U/wKit7
PWgdydkydU75f7QzXslEQT4bPlLpuD6JAzMR35yyx9ZWNrwenpP8Dx8rXWqLj3wF
fUZANivRDQOX32DCe3Ei0/9GMyqBJc2jah2eQFAcSdqKgT+/M669dREYoOzSRr+w
9VqiIU6Ke8gyIdpG499DYJaKphT3fc0p/4Y9qO8eNCcPHkSxXF+HiMrxUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKpY/660CxiIfFyqsFQNFgknjF0pMB8GA1UdIwQY
MBaAFIayIwPeSwqHD8/ntlVsAk91x2o0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHJJakE5NUxDb2NQei1lMlZXd0NUM1hIYWpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC9hZmQ3MGYtYzMwMC00OWNiLWI3Mjkt
NzJhYjU5ODdmNjA5LzEvaHJJakE5NUxDb2NQei1lMlZXd0NUM1hIYWpRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC9hZmQ3MGYtYzMwMC00OWNiLWI3MjktNzJhYjU5ODdmNjA5
LzEvaHJJakE5NUxDb2NQei1lMlZXd0NUM1hIYWpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbK/OHCvp
yCrS/UYBgKMrObBeOlsclILx/Y3oxB6ublNQZXHbKD1/08CsfiR5T2bKrTwr+0pI
UkPwI95p+y5v3lJh5cbf1ghlvoEq93/MT4Cl9O7Fx9l3uExB5zXcy9Ohv2ddrP9y
kZsFfMe2eMyCSk4tDVVVnMXJNBz7V2PHEKNF9pMYOUPbMNd0l81wwXZOQ/M4vEpZ
UAps8BEXn6YOqapp2k2OWGBWe26jIqQDk9w1dbAlfEEyp79UK4LJAvBHU1vfhysy
cYgzWCz9qp5KJcAoTpQANRa/bcillgGorXmkwgFf4ZrGUido6Eo7Zz+e6gkOLat7
Eo++3hjNpVaznA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 02:14:53 2026 by rpki-client