Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/86bb04-09df-422a-b5f9-f34b31d3b43c/1/HCF8gIa-KdUPg8j9j8kXsAnePIE.mft
File: HCF8gIa-KdUPg8j9j8kXsAnePIE.mft (raw, json)
Hash identifier: fNAoIknW4Ea1JJjIlFrYtgz9okrT66fwqCN+dfq71kY=
Subject key identifier: CC:95:31:22:9B:A1:A1:EF:49:62:20:9E:D5:A3:99:71:65:00:D2:CF
Authority key identifier: 1C:21:7C:80:86:BE:29:D5:0F:83:C8:FD:8F:C9:17:B0:09:DE:3C:81
Certificate issuer: /CN=1c217c8086be29d50f83c8fd8fc917b009de3c81
Certificate serial: 019CAE35DF67196033B6BBB8CEF9C3DAFCEE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HCF8gIa-KdUPg8j9j8kXsAnePIE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/86bb04-09df-422a-b5f9-f34b31d3b43c/1/HCF8gIa-KdUPg8j9j8kXsAnePIE.mft
Manifest number: 036E
Signing time: Mon 02 Mar 2026 11:01:32 +0000
Manifest this update: Mon 02 Mar 2026 11:01:32 +0000
Manifest next update: Tue 03 Mar 2026 11:01:32 +0000
Files and hashes: 1: HCF8gIa-KdUPg8j9j8kXsAnePIE.crl (hash: X81ObAq5zq23dqC5f22gS/d79ZuiGKYocAHgU0GOlEQ=)
2: Z5oga0vgbQ3IfY7AuGU9kvMREF8.roa (hash: S/HDTLw/C2HlzUoz5QYaSY1KLwcsf1KpKUZ68xZPy3s=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/86bb04-09df-422a-b5f9-f34b31d3b43c/1/HCF8gIa-KdUPg8j9j8kXsAnePIE.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/86bb04-09df-422a-b5f9-f34b31d3b43c/1/HCF8gIa-KdUPg8j9j8kXsAnePIE.mft
rsync://rpki.ripe.net/repository/DEFAULT/HCF8gIa-KdUPg8j9j8kXsAnePIE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 09:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ae:35:df:67:19:60:33:b6:bb:b8:ce:f9:c3:da:fc:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c217c8086be29d50f83c8fd8fc917b009de3c81
Validity
Not Before: Mar 2 11:01:32 2026 GMT
Not After : Mar 3 11:01:32 2026 GMT
Subject: CN=cc9531229ba1a1ef4962209ed5a399716500d2cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:4a:35:e6:86:48:06:b5:79:6f:90:09:bc:9f:
22:99:73:80:b9:b9:54:e0:03:14:d0:17:1f:79:45:
c4:8c:af:5e:9e:3a:16:dd:07:08:b2:6e:9d:b0:6c:
0f:c7:7d:95:bd:57:61:c1:77:3a:94:19:9d:ab:10:
b4:95:94:6a:cd:99:ff:ae:88:0f:24:19:45:20:fd:
fc:aa:11:76:cf:af:84:77:53:c2:81:05:7b:45:83:
24:95:13:6e:c0:53:28:d2:50:03:72:d6:49:18:4e:
46:e4:f1:7e:dd:82:7d:66:28:4e:ec:cc:a3:3a:27:
a3:4c:11:2c:19:d8:bb:51:95:d0:da:fb:52:2a:60:
ad:f7:c8:0a:4f:d9:97:d1:d3:69:ef:ab:15:ea:52:
b7:b6:ce:10:f7:9f:a4:9b:17:43:4d:0d:f8:d3:2f:
44:f7:e1:b9:14:21:9f:a3:23:cf:b5:1f:9d:67:15:
63:f0:e6:bd:a4:f2:a7:a5:06:1a:96:f0:23:9b:2c:
1c:99:9e:9b:6e:75:37:8b:ea:2f:20:eb:46:e6:cc:
99:51:18:e0:8b:50:8c:56:02:d5:7f:4a:b8:06:ce:
b6:71:aa:8c:d0:82:c3:d4:88:5e:c9:42:68:98:b1:
20:45:66:5b:31:03:4a:66:77:9f:a1:b8:a9:7a:d0:
50:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:95:31:22:9B:A1:A1:EF:49:62:20:9E:D5:A3:99:71:65:00:D2:CF
X509v3 Authority Key Identifier:
keyid:1C:21:7C:80:86:BE:29:D5:0F:83:C8:FD:8F:C9:17:B0:09:DE:3C:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HCF8gIa-KdUPg8j9j8kXsAnePIE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/86bb04-09df-422a-b5f9-f34b31d3b43c/1/HCF8gIa-KdUPg8j9j8kXsAnePIE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/86bb04-09df-422a-b5f9-f34b31d3b43c/1/HCF8gIa-KdUPg8j9j8kXsAnePIE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
22:1e:b4:70:f4:41:bd:d5:31:08:b7:c4:fa:a5:15:cc:f4:47:
2f:b8:4a:39:29:06:84:f7:f3:54:37:ba:64:72:51:b4:51:bb:
71:6b:37:b4:4a:ed:62:62:7b:a4:70:82:19:47:4a:28:84:09:
d2:e8:2c:60:79:2d:3a:23:d5:20:0f:6f:cd:ee:3d:f4:25:c7:
ce:22:3e:00:86:23:84:4c:8b:94:b7:6e:52:e6:50:7c:26:cc:
9c:4c:c0:38:8b:13:d5:41:30:48:9a:7f:c3:71:bd:f7:0d:e7:
e6:4c:2b:d8:78:e4:a3:1d:22:7c:0e:ad:83:ee:9d:33:2c:9d:
73:97:5e:51:9a:53:7a:e5:07:3a:1d:d2:7e:31:6b:bd:cf:8d:
14:80:b0:94:70:12:a0:51:35:99:fb:39:81:ff:11:58:40:6d:
1f:fe:f9:90:b5:ad:69:96:fc:fa:7d:7c:29:6c:10:87:7d:36:
64:46:59:00:09:11:b8:93:bf:76:1a:a9:df:74:09:6d:8c:59:
a3:5e:6e:4a:57:58:b3:92:5a:c9:ff:f8:9e:a3:42:34:a6:5c:
4b:04:1b:b8:ae:f7:41:0a:26:29:97:d1:fd:60:d6:37:83:6a:
58:0c:38:40:ed:5c:56:26:13:e2:49:34:a7:17:53:bb:ad:f6:
e3:ef:c8:b2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyuNd9nGWAztru4zvnD2vzuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMjE3YzgwODZiZTI5ZDUwZjgzYzhmZDhmYzkxN2IwMDlk
ZTNjODEwHhcNMjYwMzAyMTEwMTMyWhcNMjYwMzAzMTEwMTMyWjAzMTEwLwYDVQQD
EyhjYzk1MzEyMjliYTFhMWVmNDk2MjIwOWVkNWEzOTk3MTY1MDBkMmNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA10o15oZIBrV5b5AJvJ8imXOAublU
4AMU0BcfeUXEjK9enjoW3QcIsm6dsGwPx32VvVdhwXc6lBmdqxC0lZRqzZn/rogP
JBlFIP38qhF2z6+Ed1PCgQV7RYMklRNuwFMo0lADctZJGE5G5PF+3YJ9ZihO7Myj
OiejTBEsGdi7UZXQ2vtSKmCt98gKT9mX0dNp76sV6lK3ts4Q95+kmxdDTQ340y9E
9+G5FCGfoyPPtR+dZxVj8Oa9pPKnpQYalvAjmywcmZ6bbnU3i+ovIOtG5syZURjg
i1CMVgLVf0q4Bs62caqM0ILD1IheyUJomLEgRWZbMQNKZnefobipetBQjwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMyVMSKboaHvSWIgntWjmXFlANLPMB8GA1UdIwQY
MBaAFBwhfICGvinVD4PI/Y/JF7AJ3jyBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSENGOGdJYS1LZFVQZzhqOWo4a1hzQW5lUElFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC84NmJiMDQtMDlkZi00MjJhLWI1Zjkt
ZjM0YjMxZDNiNDNjLzEvSENGOGdJYS1LZFVQZzhqOWo4a1hzQW5lUElFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC84NmJiMDQtMDlkZi00MjJhLWI1ZjktZjM0YjMxZDNiNDNj
LzEvSENGOGdJYS1LZFVQZzhqOWo4a1hzQW5lUElFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIh60cPRB
vdUxCLfE+qUVzPRHL7hKOSkGhPfzVDe6ZHJRtFG7cWs3tErtYmJ7pHCCGUdKKIQJ
0ugsYHktOiPVIA9vze499CXHziI+AIYjhEyLlLduUuZQfCbMnEzAOIsT1UEwSJp/
w3G99w3n5kwr2Hjkox0ifA6tg+6dMyydc5deUZpTeuUHOh3SfjFrvc+NFICwlHAS
oFE1mfs5gf8RWEBtH/75kLWtaZb8+n18KWwQh302ZEZZAAkRuJO/dhqp33QJbYxZ
o15uSldYs5Jayf/4nqNCNKZcSwQbuK73QQomKZfR/WDWN4NqWAw4QO1cViYT4kk0
pxdTu6324+/Isg==
-----END CERTIFICATE-----
Generated at Mon Mar 2 14:37:09 2026 by rpki-client