Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/abb6ca-1a11-4ba5-9ee3-a798bdc7311f/1/HKrZOQiq2NJG62n35mqnDeW9Whc.mft
File: HKrZOQiq2NJG62n35mqnDeW9Whc.mft (raw, json)
Hash identifier: A4lnOADdfpEuC7WVg9xQ8580cb0Cm2AfXs1A6pRgR3Q=
Subject key identifier: 25:20:1A:B6:34:D0:92:ED:E2:EE:5E:8F:ED:D1:65:6E:D0:10:4B:EB
Authority key identifier: 1C:AA:D9:39:08:AA:D8:D2:46:EB:69:F7:E6:6A:A7:0D:E5:BD:5A:17
Certificate issuer: /CN=1caad93908aad8d246eb69f7e66aa70de5bd5a17
Certificate serial: 019CACB49D2B69A16C29907001EDDF95E95A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HKrZOQiq2NJG62n35mqnDeW9Whc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/abb6ca-1a11-4ba5-9ee3-a798bdc7311f/1/HKrZOQiq2NJG62n35mqnDeW9Whc.mft
Manifest number: 0F2C
Signing time: Mon 02 Mar 2026 04:00:43 +0000
Manifest this update: Mon 02 Mar 2026 04:00:43 +0000
Manifest next update: Tue 03 Mar 2026 04:00:43 +0000
Files and hashes: 1: HKrZOQiq2NJG62n35mqnDeW9Whc.crl (hash: /N8pTiJqzdmvXj9smKQGI3rHgy3EsAxFPkbqaG2vKig=)
2: aXCzk9LRBuI3wsL45rGUGJ3bjp0.roa (hash: ij7uLV/NpVqVA9kRJtMaYvHqkZsLcjLoJ4SciqjfuAg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a5/abb6ca-1a11-4ba5-9ee3-a798bdc7311f/1/HKrZOQiq2NJG62n35mqnDeW9Whc.crl
rsync://rpki.ripe.net/repository/DEFAULT/a5/abb6ca-1a11-4ba5-9ee3-a798bdc7311f/1/HKrZOQiq2NJG62n35mqnDeW9Whc.mft
rsync://rpki.ripe.net/repository/DEFAULT/HKrZOQiq2NJG62n35mqnDeW9Whc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 04:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ac:b4:9d:2b:69:a1:6c:29:90:70:01:ed:df:95:e9:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1caad93908aad8d246eb69f7e66aa70de5bd5a17
Validity
Not Before: Mar 2 04:00:43 2026 GMT
Not After : Mar 3 04:00:43 2026 GMT
Subject: CN=25201ab634d092ede2ee5e8fedd1656ed0104beb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:c5:2b:d1:bf:9a:cd:08:24:a3:c9:f1:0b:4c:
89:6d:6c:9e:4c:f4:b7:a7:87:91:a8:83:d1:34:bb:
d2:06:60:d4:17:ef:a9:91:0c:87:75:8a:fa:be:f9:
31:f0:c3:f2:0e:21:fa:26:aa:54:ae:f7:5e:d9:e6:
e5:dd:1e:9e:30:61:2d:41:f3:a0:63:4a:5c:d7:a7:
13:eb:33:15:0e:cf:12:37:66:fc:52:e9:6a:66:ee:
44:de:62:f9:d3:16:26:43:c0:81:a1:e5:9a:84:91:
6e:dd:53:14:86:24:04:cd:c0:aa:21:b6:b1:6e:72:
16:48:25:8c:26:66:1f:45:68:04:8b:00:96:7b:d4:
f7:cd:58:c9:16:66:ac:4a:d7:cf:a9:e1:e2:2f:ac:
e8:71:39:65:08:81:00:35:62:bd:c7:b0:c2:ca:6e:
96:ea:80:46:c5:3c:f9:e3:e6:64:a2:aa:fe:1c:fb:
0d:4f:ba:48:ab:97:3b:b5:7e:02:c2:97:8d:9b:8b:
cb:3f:3b:13:d5:eb:46:c9:4e:ec:a3:9e:22:8f:00:
c8:80:3e:dc:77:cf:e8:82:00:2c:8a:48:ee:fe:fe:
eb:73:fd:f8:84:8f:63:cc:05:08:25:83:72:f8:ca:
3f:65:b8:a7:f0:ae:f6:2b:ea:8c:2f:ea:d3:7c:f5:
fd:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:20:1A:B6:34:D0:92:ED:E2:EE:5E:8F:ED:D1:65:6E:D0:10:4B:EB
X509v3 Authority Key Identifier:
keyid:1C:AA:D9:39:08:AA:D8:D2:46:EB:69:F7:E6:6A:A7:0D:E5:BD:5A:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HKrZOQiq2NJG62n35mqnDeW9Whc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/abb6ca-1a11-4ba5-9ee3-a798bdc7311f/1/HKrZOQiq2NJG62n35mqnDeW9Whc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/abb6ca-1a11-4ba5-9ee3-a798bdc7311f/1/HKrZOQiq2NJG62n35mqnDeW9Whc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8f:49:2d:f5:91:39:df:d6:98:ce:2d:5d:0c:ec:a5:43:bd:d7:
3b:b1:30:34:e7:c3:9c:33:69:3c:f7:d3:da:8b:fe:0f:84:46:
b0:dd:2a:a1:d7:c6:2c:2d:37:f1:c7:d7:db:85:58:91:e1:f0:
96:5a:04:bf:97:0a:f6:ab:46:e5:8f:d5:55:98:99:50:4b:cf:
29:32:d3:7f:cd:fd:47:ec:8c:c7:af:10:6f:dd:21:30:44:6f:
eb:0e:cf:8d:9b:9b:08:5d:de:95:c4:34:50:6e:88:f2:b2:0f:
31:e9:41:c7:27:8d:3e:e8:88:e6:80:e3:34:bd:f8:88:cf:1a:
65:e2:99:d5:ba:77:db:3c:2f:0c:4a:6d:19:04:7b:04:21:06:
e3:fa:8f:5d:81:89:59:35:b4:93:10:72:a7:92:bb:ab:d9:c6:
64:5e:1a:d7:cc:2a:c2:c6:10:92:f2:54:65:26:a9:a8:50:d1:
e8:42:cb:9a:4d:01:95:18:3f:dd:1e:38:bd:e6:06:bf:f0:da:
a6:93:bc:d0:1a:b5:33:ca:1b:85:f9:d9:c8:d8:1b:bb:f7:28:
ad:91:0f:ed:39:5b:91:0f:47:67:8d:b5:ae:3d:0e:ec:1a:b4:
45:42:d7:d6:8d:c4:44:c7:1d:ec:94:55:49:de:2f:8e:38:88:
a8:69:08:05
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZystJ0raaFsKZBwAe3flelaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjYWFkOTM5MDhhYWQ4ZDI0NmViNjlmN2U2NmFhNzBkZTVi
ZDVhMTcwHhcNMjYwMzAyMDQwMDQzWhcNMjYwMzAzMDQwMDQzWjAzMTEwLwYDVQQD
EygyNTIwMWFiNjM0ZDA5MmVkZTJlZTVlOGZlZGQxNjU2ZWQwMTA0YmViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnsUr0b+azQgko8nxC0yJbWyeTPS3
p4eRqIPRNLvSBmDUF++pkQyHdYr6vvkx8MPyDiH6JqpUrvde2ebl3R6eMGEtQfOg
Y0pc16cT6zMVDs8SN2b8UulqZu5E3mL50xYmQ8CBoeWahJFu3VMUhiQEzcCqIbax
bnIWSCWMJmYfRWgEiwCWe9T3zVjJFmasStfPqeHiL6zocTllCIEANWK9x7DCym6W
6oBGxTz54+Zkoqr+HPsNT7pIq5c7tX4CwpeNm4vLPzsT1etGyU7so54ijwDIgD7c
d8/oggAsikju/v7rc/34hI9jzAUIJYNy+Mo/Zbin8K72K+qML+rTfPX94wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCUgGrY00JLt4u5ej+3RZW7QEEvrMB8GA1UdIwQY
MBaAFByq2TkIqtjSRutp9+Zqpw3lvVoXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEtyWk9RaXEyTkpHNjJuMzVtcW5EZVc5V2hjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS9hYmI2Y2EtMWExMS00YmE1LTllZTMt
YTc5OGJkYzczMTFmLzEvSEtyWk9RaXEyTkpHNjJuMzVtcW5EZVc5V2hjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS9hYmI2Y2EtMWExMS00YmE1LTllZTMtYTc5OGJkYzczMTFm
LzEvSEtyWk9RaXEyTkpHNjJuMzVtcW5EZVc5V2hjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAj0kt9ZE5
39aYzi1dDOylQ73XO7EwNOfDnDNpPPfT2ov+D4RGsN0qodfGLC038cfX24VYkeHw
lloEv5cK9qtG5Y/VVZiZUEvPKTLTf839R+yMx68Qb90hMERv6w7PjZubCF3elcQ0
UG6I8rIPMelBxyeNPuiI5oDjNL34iM8aZeKZ1bp32zwvDEptGQR7BCEG4/qPXYGJ
WTW0kxByp5K7q9nGZF4a18wqwsYQkvJUZSapqFDR6ELLmk0BlRg/3R44veYGv/Da
ppO80Bq1M8obhfnZyNgbu/corZEP7TlbkQ9HZ421rj0O7Bq0RULX1o3ERMcd7JRV
Sd4vjjiIqGkIBQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 14:16:10 2026 by rpki-client