Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/dc66f3-8ac9-41b9-8eb8-77295c9ce866/1/hTodtQq3cdy1KTZ92VGmfKzEhSc.mft
File: hTodtQq3cdy1KTZ92VGmfKzEhSc.mft (raw, json)
Hash identifier: HSeol2GykLkDlUnFw93sPoQm0wW6mcv8aCH/dMEIKsU=
Subject key identifier: 38:D1:86:D7:30:A5:E5:03:A7:3E:49:13:D7:15:5D:5F:D1:BA:85:3A
Authority key identifier: 85:3A:1D:B5:0A:B7:71:DC:B5:29:36:7D:D9:51:A6:7C:AC:C4:85:27
Certificate issuer: /CN=853a1db50ab771dcb529367dd951a67cacc48527
Certificate serial: 019D992B93A94DFE305A6C764172058C18B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hTodtQq3cdy1KTZ92VGmfKzEhSc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/dc66f3-8ac9-41b9-8eb8-77295c9ce866/1/hTodtQq3cdy1KTZ92VGmfKzEhSc.mft
Manifest number: 18C0
Signing time: Fri 17 Apr 2026 02:01:02 +0000
Manifest this update: Fri 17 Apr 2026 02:01:02 +0000
Manifest next update: Sat 18 Apr 2026 02:01:02 +0000
Files and hashes: 1: ClZipqAtGVJ2H4srpt_UxqUYg7k.roa (hash: gRSN7asX/fb1bF2/3SBjZi8n62BnbOxEncNI/Hx/1K0=)
2: hTodtQq3cdy1KTZ92VGmfKzEhSc.crl (hash: JK+xdZJV61UFL0ectoC+ba4huZx+PmZnKAp3vuam16w=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c1/dc66f3-8ac9-41b9-8eb8-77295c9ce866/1/hTodtQq3cdy1KTZ92VGmfKzEhSc.crl
rsync://rpki.ripe.net/repository/DEFAULT/c1/dc66f3-8ac9-41b9-8eb8-77295c9ce866/1/hTodtQq3cdy1KTZ92VGmfKzEhSc.mft
rsync://rpki.ripe.net/repository/DEFAULT/hTodtQq3cdy1KTZ92VGmfKzEhSc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 02:01:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:99:2b:93:a9:4d:fe:30:5a:6c:76:41:72:05:8c:18:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=853a1db50ab771dcb529367dd951a67cacc48527
Validity
Not Before: Apr 17 02:01:02 2026 GMT
Not After : Apr 18 02:01:02 2026 GMT
Subject: CN=38d186d730a5e503a73e4913d7155d5fd1ba853a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:4b:e9:05:50:5a:82:8a:61:bd:8b:f0:83:8c:
aa:2d:cd:35:4a:f8:fa:df:49:ba:f3:b1:05:ee:a1:
ce:2a:16:59:01:9c:33:b4:d3:f2:3c:8e:67:08:07:
18:ee:40:bf:9b:09:26:6a:2b:0c:de:59:04:8c:15:
1e:bc:50:0c:5f:69:d2:f6:fc:cc:de:26:89:28:76:
1d:4b:ed:e1:4d:ab:bb:bc:78:1f:58:50:80:af:5a:
41:df:5f:5a:ef:c1:b5:df:2d:d0:4f:cb:5d:86:7d:
85:b0:9f:8d:23:d2:da:00:cd:0a:1d:7a:1d:58:58:
c9:88:63:95:06:95:f5:99:a1:04:70:51:3e:7c:f8:
a9:17:02:1f:c2:26:3a:1f:d7:8e:bc:e4:e0:3b:9e:
ec:18:63:70:b4:94:9e:c4:87:69:fb:01:e3:c6:18:
35:a0:33:56:7b:fc:30:44:28:e8:7d:bc:c7:ae:0f:
22:57:30:bf:2d:31:09:0a:06:e3:27:56:1c:0a:4e:
0b:63:84:84:ed:e9:40:a0:c4:09:3f:62:fe:d6:69:
20:91:96:c0:1f:e2:43:6d:29:af:95:6a:db:c2:d6:
e9:6d:3a:6e:0e:50:10:80:61:d1:5d:3d:3a:e9:90:
89:37:f3:a8:e5:ce:4e:02:04:89:0c:25:46:a2:16:
a4:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:D1:86:D7:30:A5:E5:03:A7:3E:49:13:D7:15:5D:5F:D1:BA:85:3A
X509v3 Authority Key Identifier:
keyid:85:3A:1D:B5:0A:B7:71:DC:B5:29:36:7D:D9:51:A6:7C:AC:C4:85:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hTodtQq3cdy1KTZ92VGmfKzEhSc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/dc66f3-8ac9-41b9-8eb8-77295c9ce866/1/hTodtQq3cdy1KTZ92VGmfKzEhSc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/dc66f3-8ac9-41b9-8eb8-77295c9ce866/1/hTodtQq3cdy1KTZ92VGmfKzEhSc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5f:42:7a:e2:31:b5:fa:1d:f4:b2:b0:60:5a:98:6c:ff:aa:7c:
ef:6c:81:fe:96:a4:59:14:bd:c9:f0:35:e4:c6:d5:45:5b:c0:
20:b0:08:25:32:01:8a:12:80:c7:b3:0b:8a:bf:a0:a4:aa:9a:
b9:02:8c:ad:dc:d8:95:56:b1:8d:a7:b1:aa:e2:7e:a1:38:c1:
42:4d:e8:7b:f9:15:69:a4:61:e5:ad:85:64:12:56:7c:57:71:
7b:7d:b9:a5:73:ce:d2:77:c6:db:79:d1:06:16:88:e6:85:ea:
a9:5e:e9:5a:10:cd:1b:a9:4b:e1:00:f2:be:e3:10:0f:05:0c:
01:3f:21:74:dc:c2:02:bb:ef:a0:e2:a9:cd:0a:65:7b:c8:e8:
09:ff:d2:a1:02:0b:40:ba:62:8e:86:fc:f1:af:0f:49:11:3b:
ea:ce:2c:ca:e1:ff:1f:6b:d0:08:32:c1:51:3c:bb:93:80:06:
ac:fc:51:01:5b:92:5a:0c:8c:8b:64:33:7b:94:9e:e4:f2:91:
7f:60:db:51:64:08:c4:c4:77:00:39:39:20:b7:1f:94:fe:74:
48:12:2c:06:cc:c9:20:01:1b:bd:76:c1:10:98:f2:07:68:e8:
06:0e:14:7f:1e:c2:a3:6c:ad:b0:bc:24:23:dd:f3:d1:14:a9:
bb:2c:3e:47
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2ZK5OpTf4wWmx2QXIFjBiwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1M2ExZGI1MGFiNzcxZGNiNTI5MzY3ZGQ5NTFhNjdjYWNj
NDg1MjcwHhcNMjYwNDE3MDIwMTAyWhcNMjYwNDE4MDIwMTAyWjAzMTEwLwYDVQQD
EygzOGQxODZkNzMwYTVlNTAzYTczZTQ5MTNkNzE1NWQ1ZmQxYmE4NTNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArUvpBVBagophvYvwg4yqLc01Svj6
30m687EF7qHOKhZZAZwztNPyPI5nCAcY7kC/mwkmaisM3lkEjBUevFAMX2nS9vzM
3iaJKHYdS+3hTau7vHgfWFCAr1pB319a78G13y3QT8tdhn2FsJ+NI9LaAM0KHXod
WFjJiGOVBpX1maEEcFE+fPipFwIfwiY6H9eOvOTgO57sGGNwtJSexIdp+wHjxhg1
oDNWe/wwRCjofbzHrg8iVzC/LTEJCgbjJ1YcCk4LY4SE7elAoMQJP2L+1mkgkZbA
H+JDbSmvlWrbwtbpbTpuDlAQgGHRXT066ZCJN/Oo5c5OAgSJDCVGohakvQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDjRhtcwpeUDpz5JE9cVXV/RuoU6MB8GA1UdIwQY
MBaAFIU6HbUKt3HctSk2fdlRpnysxIUnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFRvZHRRcTNjZHkxS1RaOTJWR21mS3pFaFNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS9kYzY2ZjMtOGFjOS00MWI5LThlYjgt
NzcyOTVjOWNlODY2LzEvaFRvZHRRcTNjZHkxS1RaOTJWR21mS3pFaFNjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS9kYzY2ZjMtOGFjOS00MWI5LThlYjgtNzcyOTVjOWNlODY2
LzEvaFRvZHRRcTNjZHkxS1RaOTJWR21mS3pFaFNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAX0J64jG1
+h30srBgWphs/6p872yB/pakWRS9yfA15MbVRVvAILAIJTIBihKAx7MLir+gpKqa
uQKMrdzYlVaxjaexquJ+oTjBQk3oe/kVaaRh5a2FZBJWfFdxe325pXPO0nfG23nR
BhaI5oXqqV7pWhDNG6lL4QDyvuMQDwUMAT8hdNzCArvvoOKpzQple8joCf/SoQIL
QLpijob88a8PSRE76s4syuH/H2vQCDLBUTy7k4AGrPxRAVuSWgyMi2Qze5Se5PKR
f2DbUWQIxMR3ADk5ILcflP50SBIsBszJIAEbvXbBEJjyB2joBg4Ufx7Co2ytsLwk
I93z0RSpuyw+Rw==
-----END CERTIFICATE-----
Generated at Fri Apr 17 11:34:53 2026 by rpki-client