Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/64f539-feda-49fc-a922-201d5a9bb8aa/1/HRxS8VUvbqDwZNejt521wc8Wa9A.mft
File: HRxS8VUvbqDwZNejt521wc8Wa9A.mft (raw, json)
Hash identifier: QFhy+4KLvKCYX0ICGcO/Y0voYk32r0PD583mHfqaYdU=
Subject key identifier: 8A:51:D7:18:1E:28:D8:5A:A1:C3:91:42:53:5B:BB:76:32:00:87:0B
Authority key identifier: 1D:1C:52:F1:55:2F:6E:A0:F0:64:D7:A3:B7:9D:B5:C1:CF:16:6B:D0
Certificate issuer: /CN=1d1c52f1552f6ea0f064d7a3b79db5c1cf166bd0
Certificate serial: 019CAAC6E02F7F6D571BA9671B1C4D71B733
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HRxS8VUvbqDwZNejt521wc8Wa9A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/64f539-feda-49fc-a922-201d5a9bb8aa/1/HRxS8VUvbqDwZNejt521wc8Wa9A.mft
Manifest number: 17DA
Signing time: Sun 01 Mar 2026 19:01:26 +0000
Manifest this update: Sun 01 Mar 2026 19:01:26 +0000
Manifest next update: Mon 02 Mar 2026 19:01:26 +0000
Files and hashes: 1: HGJ3ZEnNk3YpVjp51uFW7fVRLgc.roa (hash: cUV79+nq1UfEgnpECvrj1jXV8gIvKA75fQt4Y8wK7Xg=)
2: HRxS8VUvbqDwZNejt521wc8Wa9A.crl (hash: tLaTJaAV2EvkDTCNkiY7fWZtvSpf7gosaPM9vHv/44E=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b5/64f539-feda-49fc-a922-201d5a9bb8aa/1/HRxS8VUvbqDwZNejt521wc8Wa9A.crl
rsync://rpki.ripe.net/repository/DEFAULT/b5/64f539-feda-49fc-a922-201d5a9bb8aa/1/HRxS8VUvbqDwZNejt521wc8Wa9A.mft
rsync://rpki.ripe.net/repository/DEFAULT/HRxS8VUvbqDwZNejt521wc8Wa9A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 19:01:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:aa:c6:e0:2f:7f:6d:57:1b:a9:67:1b:1c:4d:71:b7:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d1c52f1552f6ea0f064d7a3b79db5c1cf166bd0
Validity
Not Before: Mar 1 19:01:26 2026 GMT
Not After : Mar 2 19:01:26 2026 GMT
Subject: CN=8a51d7181e28d85aa1c39142535bbb763200870b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:52:a7:cc:50:68:dd:ee:85:29:65:b9:b2:7b:
0c:6b:34:76:f9:f6:bc:d5:6c:3d:9c:cf:d3:4e:fd:
68:b5:db:e4:79:95:9e:8c:74:e5:75:59:6c:62:ff:
1a:64:7f:4f:7a:fa:06:88:b4:95:81:15:7f:92:a9:
ca:e4:3f:8b:ee:fc:61:60:fa:5c:71:a2:1a:7b:80:
67:0a:50:6b:50:1d:b1:78:47:4b:e4:aa:72:3f:fe:
f4:23:a0:33:97:08:1f:a9:c1:3f:51:c8:25:0f:55:
41:db:ad:34:3b:45:92:59:06:40:39:a6:2d:f0:3e:
91:38:03:5e:5e:d8:a6:98:78:09:3f:78:e9:6d:a0:
82:90:a5:7d:94:38:69:06:d0:e0:6f:a0:29:21:95:
c8:c8:ab:57:21:d0:8c:fe:2f:4e:da:5d:eb:c9:97:
4a:b6:2c:f3:c5:b0:c2:df:06:3e:a8:0f:b2:92:12:
0c:73:90:da:ba:ec:2c:2c:22:64:c1:72:5c:ed:58:
ba:ab:ae:d5:06:24:d7:86:34:62:4e:83:fd:62:55:
52:56:01:f0:31:d0:b4:a1:d1:03:c8:4d:b9:68:0e:
7e:85:29:5b:69:44:90:01:51:3c:67:7f:8c:80:c3:
bb:5c:07:47:99:d5:6a:76:44:8c:26:78:4a:00:8e:
30:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:51:D7:18:1E:28:D8:5A:A1:C3:91:42:53:5B:BB:76:32:00:87:0B
X509v3 Authority Key Identifier:
keyid:1D:1C:52:F1:55:2F:6E:A0:F0:64:D7:A3:B7:9D:B5:C1:CF:16:6B:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HRxS8VUvbqDwZNejt521wc8Wa9A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/64f539-feda-49fc-a922-201d5a9bb8aa/1/HRxS8VUvbqDwZNejt521wc8Wa9A.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/64f539-feda-49fc-a922-201d5a9bb8aa/1/HRxS8VUvbqDwZNejt521wc8Wa9A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
65:66:fc:4d:15:39:52:ab:3c:ed:3c:aa:70:09:21:3f:9e:93:
09:e9:9a:88:83:a4:f6:bb:07:0f:ff:17:49:4f:0d:e6:5d:64:
3d:9f:56:7e:7e:0f:c4:d0:79:18:56:5d:d4:ce:97:98:73:d4:
65:0d:3b:a7:6c:f8:9d:7d:a8:45:8a:ca:0a:a9:fd:35:22:7c:
c4:84:ab:8f:56:ea:83:8c:f0:b5:15:09:b1:19:b7:11:89:4d:
f9:ce:a9:38:28:66:d3:4c:e6:3a:a4:47:61:c1:72:42:ea:5c:
52:c1:97:6c:4f:37:ea:c0:2e:da:3d:ef:df:07:30:b9:fe:e7:
dc:bc:d4:db:59:b7:0b:3e:4f:9f:54:6c:95:a9:a0:41:81:13:
69:67:00:f9:a8:50:a6:5d:8d:b3:a9:0f:9a:e8:95:bd:b0:06:
87:19:6e:70:52:21:15:10:a4:d0:c8:30:a9:b1:1a:ed:ce:38:
d7:00:7f:32:ee:d4:4c:3a:54:9a:5a:24:9a:b5:23:ff:19:5f:
8e:a5:19:f0:4e:f2:87:c9:a1:c4:35:ed:52:55:5c:34:e9:fe:
87:ee:12:e1:96:33:30:60:e4:a8:06:34:60:d8:7a:f7:80:45:
dc:ed:8b:6f:2a:0a:be:0a:4c:bc:04:12:47:4e:18:6a:db:ab:
d2:b0:c6:41
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqxuAvf21XG6lnGxxNcbczMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkMWM1MmYxNTUyZjZlYTBmMDY0ZDdhM2I3OWRiNWMxY2Yx
NjZiZDAwHhcNMjYwMzAxMTkwMTI2WhcNMjYwMzAyMTkwMTI2WjAzMTEwLwYDVQQD
Eyg4YTUxZDcxODFlMjhkODVhYTFjMzkxNDI1MzViYmI3NjMyMDA4NzBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApFKnzFBo3e6FKWW5snsMazR2+fa8
1Ww9nM/TTv1otdvkeZWejHTldVlsYv8aZH9PevoGiLSVgRV/kqnK5D+L7vxhYPpc
caIae4BnClBrUB2xeEdL5KpyP/70I6AzlwgfqcE/UcglD1VB2600O0WSWQZAOaYt
8D6ROANeXtimmHgJP3jpbaCCkKV9lDhpBtDgb6ApIZXIyKtXIdCM/i9O2l3ryZdK
tizzxbDC3wY+qA+ykhIMc5DauuwsLCJkwXJc7Vi6q67VBiTXhjRiToP9YlVSVgHw
MdC0odEDyE25aA5+hSlbaUSQAVE8Z3+MgMO7XAdHmdVqdkSMJnhKAI4w6wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIpR1xgeKNhaocORQlNbu3YyAIcLMB8GA1UdIwQY
MBaAFB0cUvFVL26g8GTXo7edtcHPFmvQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFJ4UzhWVXZicUR3Wk5lanQ1MjF3YzhXYTlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS82NGY1MzktZmVkYS00OWZjLWE5MjIt
MjAxZDVhOWJiOGFhLzEvSFJ4UzhWVXZicUR3Wk5lanQ1MjF3YzhXYTlBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS82NGY1MzktZmVkYS00OWZjLWE5MjItMjAxZDVhOWJiOGFh
LzEvSFJ4UzhWVXZicUR3Wk5lanQ1MjF3YzhXYTlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZWb8TRU5
Uqs87TyqcAkhP56TCemaiIOk9rsHD/8XSU8N5l1kPZ9Wfn4PxNB5GFZd1M6XmHPU
ZQ07p2z4nX2oRYrKCqn9NSJ8xISrj1bqg4zwtRUJsRm3EYlN+c6pOChm00zmOqRH
YcFyQupcUsGXbE836sAu2j3v3wcwuf7n3LzU21m3Cz5Pn1RslamgQYETaWcA+ahQ
pl2Ns6kPmuiVvbAGhxlucFIhFRCk0MgwqbEa7c441wB/Mu7UTDpUmlokmrUj/xlf
jqUZ8E7yh8mhxDXtUlVcNOn+h+4S4ZYzMGDkqAY0YNh694BF3O2LbyoKvgpMvAQS
R04Yatur0rDGQQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 06:00:40 2026 by rpki-client