Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/2d958c-8878-4323-bedc-25e535c8a5b9/1/hiTz9mHyS-X-9kHcci5c9ayHOJ4.mft
File: hiTz9mHyS-X-9kHcci5c9ayHOJ4.mft (raw, json)
Hash identifier: GtLKUVeFV0AokXFeXB8ZW47V59e5HB7QTpBePxPS8v4=
Subject key identifier: 16:0F:71:38:0B:D3:B4:53:D5:9C:18:58:8B:88:CA:9D:72:48:86:97
Authority key identifier: 86:24:F3:F6:61:F2:4B:E5:FE:F6:41:DC:72:2E:5C:F5:AC:87:38:9E
Certificate issuer: /CN=8624f3f661f24be5fef641dc722e5cf5ac87389e
Certificate serial: 019CAC472454F9BEA992BB8A8FC32B1603ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hiTz9mHyS-X-9kHcci5c9ayHOJ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/2d958c-8878-4323-bedc-25e535c8a5b9/1/hiTz9mHyS-X-9kHcci5c9ayHOJ4.mft
Manifest number: 0E8A
Signing time: Mon 02 Mar 2026 02:01:09 +0000
Manifest this update: Mon 02 Mar 2026 02:01:09 +0000
Manifest next update: Tue 03 Mar 2026 02:01:09 +0000
Files and hashes: 1: fFmupf3ZOulomw7RbTfFJI9HA-I.roa (hash: T13v7SVdmP/WoBkNmWlki+xwBbJ6Z16koZYacLEH9hQ=)
2: fVLd8tnnZrZdk6_lGRwthnV2H_Q.roa (hash: 18IWDikGUyDUw9Z2asfSid0KurOOqdvL3jCCr8MGrKw=)
3: hiTz9mHyS-X-9kHcci5c9ayHOJ4.crl (hash: oOTQ1Qt6/kEy79rhVNHLhd9wGxhGfJ0MVJ8Jv04TzHo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c2/2d958c-8878-4323-bedc-25e535c8a5b9/1/hiTz9mHyS-X-9kHcci5c9ayHOJ4.crl
rsync://rpki.ripe.net/repository/DEFAULT/c2/2d958c-8878-4323-bedc-25e535c8a5b9/1/hiTz9mHyS-X-9kHcci5c9ayHOJ4.mft
rsync://rpki.ripe.net/repository/DEFAULT/hiTz9mHyS-X-9kHcci5c9ayHOJ4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ac:47:24:54:f9:be:a9:92:bb:8a:8f:c3:2b:16:03:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8624f3f661f24be5fef641dc722e5cf5ac87389e
Validity
Not Before: Mar 2 02:01:09 2026 GMT
Not After : Mar 3 02:01:09 2026 GMT
Subject: CN=160f71380bd3b453d59c18588b88ca9d72488697
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:62:bd:40:21:00:be:d9:e7:67:3c:e2:5a:5d:
51:89:64:4b:2e:b2:7d:47:f2:61:29:b1:d8:a3:be:
d9:4f:a9:79:c3:0e:ea:f7:70:94:5a:51:5b:ca:86:
57:4d:22:f5:03:24:86:80:a9:52:f2:25:fb:cd:1f:
c7:9e:b3:8c:aa:13:d0:f2:91:ad:cc:17:da:f5:55:
e1:55:4b:39:f6:92:ec:b4:ea:56:96:f2:02:f5:47:
d3:33:d6:79:06:e3:76:cd:8a:8c:d6:d8:6d:12:24:
14:92:6a:2c:b9:c9:a7:1d:48:25:0c:98:cb:42:6c:
cc:53:05:fb:6b:3f:6a:3b:67:d2:66:46:b5:b8:ee:
a8:73:1e:7b:84:53:c8:10:00:fc:36:33:0b:f0:e9:
8f:f6:ad:62:8b:b4:eb:c8:87:17:49:16:36:10:77:
80:bb:97:99:ff:74:ca:66:07:f1:c4:e9:3f:b0:04:
1d:74:c1:14:26:f7:0b:f7:be:51:09:b8:dd:64:62:
ec:92:29:44:87:92:37:05:fd:a4:60:64:02:63:ad:
6b:bd:a7:67:b6:25:0f:64:05:e1:54:53:e0:8a:4a:
86:e3:f6:ed:35:30:55:d3:30:b0:0e:68:06:9d:f6:
ec:08:f2:9c:80:6b:ae:f9:bf:67:d0:60:d3:c1:37:
18:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:0F:71:38:0B:D3:B4:53:D5:9C:18:58:8B:88:CA:9D:72:48:86:97
X509v3 Authority Key Identifier:
keyid:86:24:F3:F6:61:F2:4B:E5:FE:F6:41:DC:72:2E:5C:F5:AC:87:38:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hiTz9mHyS-X-9kHcci5c9ayHOJ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/2d958c-8878-4323-bedc-25e535c8a5b9/1/hiTz9mHyS-X-9kHcci5c9ayHOJ4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/2d958c-8878-4323-bedc-25e535c8a5b9/1/hiTz9mHyS-X-9kHcci5c9ayHOJ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
c2:21:ec:de:ae:f6:c3:82:23:b3:53:cb:6c:9a:3d:ae:c1:90:
cb:b2:30:ee:93:a0:a9:35:7f:56:f4:7e:74:9e:e2:67:89:6f:
ef:31:50:1b:8f:e5:8e:25:8b:67:d8:52:24:9f:cd:81:1a:b4:
85:41:ed:32:86:62:cb:ac:b5:26:c1:00:10:27:bf:40:a1:53:
d3:ca:22:d6:ab:2b:72:f7:39:fa:5d:bf:57:4a:40:2d:5c:51:
2f:1f:d8:ad:76:ec:02:63:b7:e1:60:f6:08:4e:b3:d8:91:7c:
6b:c0:37:d3:27:48:6f:71:8d:bb:b3:ae:9a:21:63:ef:a9:66:
24:3b:f4:45:80:e5:85:ad:be:7e:73:18:8d:a3:01:ac:ee:7c:
32:77:a8:53:48:bf:83:f8:2b:8b:4f:29:16:cb:34:ad:96:99:
3c:53:1e:0a:a6:8c:d7:3f:c8:b4:cb:a0:ce:8c:ba:75:6b:bc:
51:fd:4f:9a:be:1a:21:08:58:43:b9:6c:04:f0:72:ed:9f:5f:
fd:0c:7d:d2:0c:10:79:a3:d6:71:85:42:b1:1e:d2:17:01:aa:
ee:da:76:8c:8b:10:0c:8e:43:9b:bf:25:2b:3e:1b:e3:a8:24:
c4:c1:97:2a:28:45:bf:86:cc:78:62:0f:ea:06:16:b2:ca:aa:
0b:cb:89:4d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZysRyRU+b6pkruKj8MrFgPtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2MjRmM2Y2NjFmMjRiZTVmZWY2NDFkYzcyMmU1Y2Y1YWM4
NzM4OWUwHhcNMjYwMzAyMDIwMTA5WhcNMjYwMzAzMDIwMTA5WjAzMTEwLwYDVQQD
EygxNjBmNzEzODBiZDNiNDUzZDU5YzE4NTg4Yjg4Y2E5ZDcyNDg4Njk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4GK9QCEAvtnnZzziWl1RiWRLLrJ9
R/JhKbHYo77ZT6l5ww7q93CUWlFbyoZXTSL1AySGgKlS8iX7zR/HnrOMqhPQ8pGt
zBfa9VXhVUs59pLstOpWlvIC9UfTM9Z5BuN2zYqM1thtEiQUkmosucmnHUglDJjL
QmzMUwX7az9qO2fSZka1uO6ocx57hFPIEAD8NjML8OmP9q1ii7TryIcXSRY2EHeA
u5eZ/3TKZgfxxOk/sAQddMEUJvcL975RCbjdZGLskilEh5I3Bf2kYGQCY61rvadn
tiUPZAXhVFPgikqG4/btNTBV0zCwDmgGnfbsCPKcgGuu+b9n0GDTwTcYBwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBYPcTgL07RT1ZwYWIuIyp1ySIaXMB8GA1UdIwQY
MBaAFIYk8/Zh8kvl/vZB3HIuXPWshzieMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGlUejltSHlTLVgtOWtIY2NpNWM5YXlIT0o0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi8yZDk1OGMtODg3OC00MzIzLWJlZGMt
MjVlNTM1YzhhNWI5LzEvaGlUejltSHlTLVgtOWtIY2NpNWM5YXlIT0o0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi8yZDk1OGMtODg3OC00MzIzLWJlZGMtMjVlNTM1YzhhNWI5
LzEvaGlUejltSHlTLVgtOWtIY2NpNWM5YXlIT0o0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwiHs3q72
w4Ijs1PLbJo9rsGQy7Iw7pOgqTV/VvR+dJ7iZ4lv7zFQG4/ljiWLZ9hSJJ/NgRq0
hUHtMoZiy6y1JsEAECe/QKFT08oi1qsrcvc5+l2/V0pALVxRLx/YrXbsAmO34WD2
CE6z2JF8a8A30ydIb3GNu7OumiFj76lmJDv0RYDlha2+fnMYjaMBrO58MneoU0i/
g/gri08pFss0rZaZPFMeCqaM1z/ItMugzoy6dWu8Uf1Pmr4aIQhYQ7lsBPBy7Z9f
/Qx90gwQeaPWcYVCsR7SFwGq7tp2jIsQDI5Dm78lKz4b46gkxMGXKihFv4bMeGIP
6gYWssqqC8uJTQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 07:45:36 2026 by rpki-client