Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/e279f5-73d1-4fe8-978d-90acfdb01e90/1/hnszfOTDT-tKcf_4VZ5eTJjkKwA.mft
File: hnszfOTDT-tKcf_4VZ5eTJjkKwA.mft (raw, json)
Hash identifier: iYivqik0nXGuodH/ivOMZuxbWxoLQmsOov9WDsmTRPU=
Subject key identifier: 98:53:70:FD:0A:8D:8B:0C:C2:79:32:74:1B:65:CD:B3:0F:BA:1E:3B
Authority key identifier: 86:7B:33:7C:E4:C3:4F:EB:4A:71:FF:F8:55:9E:5E:4C:98:E4:2B:00
Certificate issuer: /CN=867b337ce4c34feb4a71fff8559e5e4c98e42b00
Certificate serial: 019D9AE33687BFBA312E048D23087B15C89A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hnszfOTDT-tKcf_4VZ5eTJjkKwA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/e279f5-73d1-4fe8-978d-90acfdb01e90/1/hnszfOTDT-tKcf_4VZ5eTJjkKwA.mft
Manifest number: CA
Signing time: Fri 17 Apr 2026 10:01:14 +0000
Manifest this update: Fri 17 Apr 2026 10:01:14 +0000
Manifest next update: Sat 18 Apr 2026 10:01:14 +0000
Files and hashes: 1: PnZoP9c_MUx8bGVjWDH4QemT8Oc.roa (hash: N/n/c2ZTM9Bt63EXnz2HQd3THkOEOxgNYjeKCIXt71Y=)
2: hnszfOTDT-tKcf_4VZ5eTJjkKwA.crl (hash: zXgV5hwAM3Z+oJTVhRTJJUs9uFHi8geI7Sa8WQuKFQ4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/e279f5-73d1-4fe8-978d-90acfdb01e90/1/hnszfOTDT-tKcf_4VZ5eTJjkKwA.crl
rsync://rpki.ripe.net/repository/DEFAULT/72/e279f5-73d1-4fe8-978d-90acfdb01e90/1/hnszfOTDT-tKcf_4VZ5eTJjkKwA.mft
rsync://rpki.ripe.net/repository/DEFAULT/hnszfOTDT-tKcf_4VZ5eTJjkKwA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 10:01:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9a:e3:36:87:bf:ba:31:2e:04:8d:23:08:7b:15:c8:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=867b337ce4c34feb4a71fff8559e5e4c98e42b00
Validity
Not Before: Apr 17 10:01:14 2026 GMT
Not After : Apr 18 10:01:14 2026 GMT
Subject: CN=985370fd0a8d8b0cc27932741b65cdb30fba1e3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:c7:2b:19:50:07:23:1e:8f:b1:e3:bb:ca:37:
71:c6:c9:4b:61:60:0b:4f:67:8a:3a:4b:ed:9e:19:
07:c7:af:cf:90:6f:e2:a8:ce:3f:d9:05:8f:b6:94:
0d:2b:15:c7:5a:20:3d:fe:c7:b0:b7:44:7f:0d:11:
b4:ed:58:8f:c1:d8:43:a3:be:bb:10:d6:b4:3c:57:
78:4d:26:d9:0e:00:51:c3:d5:8c:b2:73:e9:b7:cc:
61:db:88:8a:56:ea:3b:be:b0:ee:46:8b:10:bb:2e:
51:67:0e:7b:0c:12:01:c2:96:be:b9:a5:40:ea:f4:
18:3c:de:7b:43:41:cb:18:5f:49:9a:88:53:cb:14:
f8:c2:4a:0d:39:4d:48:61:bb:71:36:9b:e0:e8:38:
a9:b5:1a:19:de:b3:63:82:32:df:92:04:4c:1b:28:
b2:98:47:75:22:ec:5a:7a:15:bb:69:35:0d:e2:03:
87:71:24:67:f4:76:61:2f:ec:d2:3e:29:cb:bf:d4:
26:81:a1:7b:9f:9c:f0:5e:29:88:cf:66:31:06:72:
a6:1c:a7:c3:3a:2a:d5:aa:6d:8d:13:23:2e:de:99:
65:a9:b3:e5:82:e8:63:df:47:89:18:7a:f3:e3:8a:
6c:be:b3:70:1a:74:ba:9a:cb:43:48:3a:fa:3f:50:
a1:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:53:70:FD:0A:8D:8B:0C:C2:79:32:74:1B:65:CD:B3:0F:BA:1E:3B
X509v3 Authority Key Identifier:
keyid:86:7B:33:7C:E4:C3:4F:EB:4A:71:FF:F8:55:9E:5E:4C:98:E4:2B:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hnszfOTDT-tKcf_4VZ5eTJjkKwA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/e279f5-73d1-4fe8-978d-90acfdb01e90/1/hnszfOTDT-tKcf_4VZ5eTJjkKwA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/e279f5-73d1-4fe8-978d-90acfdb01e90/1/hnszfOTDT-tKcf_4VZ5eTJjkKwA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
38:44:95:32:5b:0a:34:8e:f8:7b:7a:c1:2d:88:7a:b6:c9:04:
c9:47:15:98:52:1a:30:5b:30:af:63:1b:5f:16:29:a1:ec:83:
01:9f:f4:a4:51:c5:b5:c7:8d:79:28:3b:36:fb:52:01:44:0f:
26:90:2e:a7:8f:e9:fd:95:3a:5f:a4:6b:41:c3:fd:3d:c6:c0:
73:55:7b:a9:59:31:11:8d:10:4e:0a:3b:58:1a:d7:85:5c:a7:
81:37:f5:32:de:fe:65:fb:31:77:09:19:2c:b6:28:0f:5e:13:
36:db:73:69:82:48:28:6a:54:a5:e6:cc:39:fc:89:80:46:e6:
0b:35:43:c0:87:2f:13:89:45:3d:52:b3:c9:ed:4f:0e:dd:82:
ec:17:4f:a7:53:55:0e:19:df:73:4d:16:ff:ba:38:88:86:16:
60:6b:42:be:e6:a9:61:02:13:a1:60:30:84:52:60:86:98:fd:
33:9d:f0:78:d4:53:c4:d5:6c:dc:80:c8:4f:82:38:9b:b1:2b:
84:49:a8:0b:11:d3:cc:6a:dd:43:7d:8a:c6:ef:9a:b1:b0:f6:
71:81:94:3c:2b:a8:5e:a9:3c:32:1c:0a:9f:39:b4:8f:83:cc:
51:b8:91:aa:a1:fd:84:b8:19:8f:fb:63:e1:3a:7d:3e:96:d9:
1b:d9:84:bf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2a4zaHv7oxLgSNIwh7FciaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2N2IzMzdjZTRjMzRmZWI0YTcxZmZmODU1OWU1ZTRjOThl
NDJiMDAwHhcNMjYwNDE3MTAwMTE0WhcNMjYwNDE4MTAwMTE0WjAzMTEwLwYDVQQD
Eyg5ODUzNzBmZDBhOGQ4YjBjYzI3OTMyNzQxYjY1Y2RiMzBmYmExZTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxccrGVAHIx6PseO7yjdxxslLYWAL
T2eKOkvtnhkHx6/PkG/iqM4/2QWPtpQNKxXHWiA9/sewt0R/DRG07ViPwdhDo767
ENa0PFd4TSbZDgBRw9WMsnPpt8xh24iKVuo7vrDuRosQuy5RZw57DBIBwpa+uaVA
6vQYPN57Q0HLGF9JmohTyxT4wkoNOU1IYbtxNpvg6DiptRoZ3rNjgjLfkgRMGyiy
mEd1IuxaehW7aTUN4gOHcSRn9HZhL+zSPinLv9QmgaF7n5zwXimIz2YxBnKmHKfD
OirVqm2NEyMu3pllqbPlguhj30eJGHrz44psvrNwGnS6mstDSDr6P1ChMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJhTcP0KjYsMwnkydBtlzbMPuh47MB8GA1UdIwQY
MBaAFIZ7M3zkw0/rSnH/+FWeXkyY5CsAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaG5zemZPVERULXRLY2ZfNFZaNWVUSmprS3dBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9lMjc5ZjUtNzNkMS00ZmU4LTk3OGQt
OTBhY2ZkYjAxZTkwLzEvaG5zemZPVERULXRLY2ZfNFZaNWVUSmprS3dBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9lMjc5ZjUtNzNkMS00ZmU4LTk3OGQtOTBhY2ZkYjAxZTkw
LzEvaG5zemZPVERULXRLY2ZfNFZaNWVUSmprS3dBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOESVMlsK
NI74e3rBLYh6tskEyUcVmFIaMFswr2MbXxYpoeyDAZ/0pFHFtceNeSg7NvtSAUQP
JpAup4/p/ZU6X6RrQcP9PcbAc1V7qVkxEY0QTgo7WBrXhVyngTf1Mt7+ZfsxdwkZ
LLYoD14TNttzaYJIKGpUpebMOfyJgEbmCzVDwIcvE4lFPVKzye1PDt2C7BdPp1NV
Dhnfc00W/7o4iIYWYGtCvuapYQIToWAwhFJghpj9M53weNRTxNVs3IDIT4I4m7Er
hEmoCxHTzGrdQ32Kxu+asbD2cYGUPCuoXqk8MhwKnzm0j4PMUbiRqqH9hLgZj/tj
4Tp9PpbZG9mEvw==
-----END CERTIFICATE-----
Generated at Fri Apr 17 17:49:21 2026 by rpki-client