Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/b12a35-05c1-40b9-b651-236883b2cf97/1/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.mft
File: hfu-hUlKCvDMHoIS-4QQ5PZwsmY.mft (raw, json)
Hash identifier: Ip0Bkeyqn0cKZPfEIWq3BKwfzfKxdc7rJVyumL77jvY=
Subject key identifier: C1:50:68:7B:7C:1A:3C:FD:2A:00:84:9A:A5:53:21:9E:E2:A8:E7:94
Authority key identifier: 85:FB:BE:85:49:4A:0A:F0:CC:1E:82:12:FB:84:10:E4:F6:70:B2:66
Certificate issuer: /CN=85fbbe85494a0af0cc1e8212fb8410e4f670b266
Certificate serial: 019D98F4C8FCE8978C53B9685D063E55FAEB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/b12a35-05c1-40b9-b651-236883b2cf97/1/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.mft
Manifest number: 12BB
Signing time: Fri 17 Apr 2026 01:01:12 +0000
Manifest this update: Fri 17 Apr 2026 01:01:12 +0000
Manifest next update: Sat 18 Apr 2026 01:01:12 +0000
Files and hashes: 1: hfu-hUlKCvDMHoIS-4QQ5PZwsmY.crl (hash: 6IYlEiRKs9p6yYRZW0EeLhBSn76NrkQW3PbiSPsqJZQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cc/b12a35-05c1-40b9-b651-236883b2cf97/1/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.crl
rsync://rpki.ripe.net/repository/DEFAULT/cc/b12a35-05c1-40b9-b651-236883b2cf97/1/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.mft
rsync://rpki.ripe.net/repository/DEFAULT/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 01:01:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:98:f4:c8:fc:e8:97:8c:53:b9:68:5d:06:3e:55:fa:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85fbbe85494a0af0cc1e8212fb8410e4f670b266
Validity
Not Before: Apr 17 01:01:12 2026 GMT
Not After : Apr 18 01:01:12 2026 GMT
Subject: CN=c150687b7c1a3cfd2a00849aa553219ee2a8e794
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:e1:8f:93:fe:68:44:f8:e1:85:77:b7:a4:c2:
90:76:38:33:bb:61:9e:05:a5:17:e6:a5:d7:0c:97:
a8:42:1c:25:55:6c:83:f3:55:cc:48:55:97:95:7a:
1f:f1:91:16:9f:8f:a7:77:f7:70:6b:6a:cb:1d:db:
05:ad:b3:5d:70:60:f9:bc:47:db:1e:7d:7b:44:75:
bb:4c:82:7d:d9:8d:f6:05:62:03:cc:1f:50:73:42:
3f:cd:6e:3b:9c:72:b6:9c:da:dc:96:28:19:45:23:
25:17:dc:1c:7e:1d:7d:5f:d6:7c:ae:50:4f:21:57:
30:68:cb:4c:ff:5f:48:97:a7:9f:5e:f5:ee:2d:f3:
f7:06:67:89:12:df:a6:54:06:ca:cf:6c:db:19:e2:
a6:6b:52:30:ef:b0:c3:bb:26:44:e1:c3:49:30:0d:
85:de:69:47:f0:89:82:2b:85:de:dc:ff:b6:07:be:
92:e4:75:5f:cf:0d:02:0c:47:02:d4:5e:19:4a:ee:
9d:3b:02:b3:f9:ca:29:ad:a2:3a:95:a6:72:e5:aa:
c2:43:b6:d2:96:41:b3:f2:7e:e4:8e:7b:ad:7f:83:
e6:98:64:9a:9a:61:01:85:42:d5:1b:c6:cc:a2:fd:
a0:f2:c5:9b:81:f1:ad:4f:ef:8c:e3:22:70:28:8a:
04:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:50:68:7B:7C:1A:3C:FD:2A:00:84:9A:A5:53:21:9E:E2:A8:E7:94
X509v3 Authority Key Identifier:
keyid:85:FB:BE:85:49:4A:0A:F0:CC:1E:82:12:FB:84:10:E4:F6:70:B2:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/b12a35-05c1-40b9-b651-236883b2cf97/1/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/b12a35-05c1-40b9-b651-236883b2cf97/1/hfu-hUlKCvDMHoIS-4QQ5PZwsmY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
83:83:d5:93:7b:d0:26:63:29:f1:55:f3:6a:a8:b4:87:41:2a:
f1:d5:c9:20:2e:fe:06:7e:b4:27:fc:68:1d:c2:0a:cd:4a:2f:
1e:a5:5e:87:ba:35:77:e7:7b:39:d2:42:3a:da:84:10:5e:95:
21:4b:f6:b8:57:7c:7a:cb:ab:c6:65:f9:ee:bf:01:41:33:ae:
fa:32:01:f7:61:e6:87:e4:36:92:97:fe:c6:21:3d:ba:e5:78:
84:16:47:7c:6b:aa:03:0b:22:d2:6f:a3:32:47:80:c2:b1:dd:
44:01:13:3f:74:8f:68:c0:6e:da:95:3d:7f:bc:03:84:e5:98:
69:ea:8a:6b:bb:82:2e:0e:c9:80:48:42:6b:79:31:ad:c3:8d:
b9:05:cc:10:ee:b6:d4:73:19:4e:3b:4d:c6:5a:08:48:60:33:
5f:5b:15:0b:c3:96:ac:81:ae:7b:42:75:94:d3:c3:2e:8f:ef:
de:ec:10:e7:74:26:95:b7:0c:0c:f7:8c:f4:32:f7:99:79:dc:
d2:00:d4:39:e4:e8:a9:40:8c:22:28:90:62:09:de:93:44:86:
c3:79:99:75:72:f8:9f:3d:0c:ae:a5:11:26:02:cc:6d:34:00:
8d:b3:b4:93:b9:52:89:8c:41:fb:f9:57:05:dd:c0:da:34:d7:
31:50:2a:a7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Y9Mj86JeMU7loXQY+VfrrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1ZmJiZTg1NDk0YTBhZjBjYzFlODIxMmZiODQxMGU0ZjY3
MGIyNjYwHhcNMjYwNDE3MDEwMTEyWhcNMjYwNDE4MDEwMTEyWjAzMTEwLwYDVQQD
EyhjMTUwNjg3YjdjMWEzY2ZkMmEwMDg0OWFhNTUzMjE5ZWUyYThlNzk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAweGPk/5oRPjhhXe3pMKQdjgzu2Ge
BaUX5qXXDJeoQhwlVWyD81XMSFWXlXof8ZEWn4+nd/dwa2rLHdsFrbNdcGD5vEfb
Hn17RHW7TIJ92Y32BWIDzB9Qc0I/zW47nHK2nNrcligZRSMlF9wcfh19X9Z8rlBP
IVcwaMtM/19Il6efXvXuLfP3BmeJEt+mVAbKz2zbGeKma1Iw77DDuyZE4cNJMA2F
3mlH8ImCK4Xe3P+2B76S5HVfzw0CDEcC1F4ZSu6dOwKz+copraI6laZy5arCQ7bS
lkGz8n7kjnutf4PmmGSammEBhULVG8bMov2g8sWbgfGtT++M4yJwKIoEpwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMFQaHt8Gjz9KgCEmqVTIZ7iqOeUMB8GA1UdIwQY
MBaAFIX7voVJSgrwzB6CEvuEEOT2cLJmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGZ1LWhVbEtDdkRNSG9JUy00UVE1UFp3c21ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9iMTJhMzUtMDVjMS00MGI5LWI2NTEt
MjM2ODgzYjJjZjk3LzEvaGZ1LWhVbEtDdkRNSG9JUy00UVE1UFp3c21ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy9iMTJhMzUtMDVjMS00MGI5LWI2NTEtMjM2ODgzYjJjZjk3
LzEvaGZ1LWhVbEtDdkRNSG9JUy00UVE1UFp3c21ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAg4PVk3vQ
JmMp8VXzaqi0h0Eq8dXJIC7+Bn60J/xoHcIKzUovHqVeh7o1d+d7OdJCOtqEEF6V
IUv2uFd8esurxmX57r8BQTOu+jIB92Hmh+Q2kpf+xiE9uuV4hBZHfGuqAwsi0m+j
MkeAwrHdRAETP3SPaMBu2pU9f7wDhOWYaeqKa7uCLg7JgEhCa3kxrcONuQXMEO62
1HMZTjtNxloISGAzX1sVC8OWrIGue0J1lNPDLo/v3uwQ53QmlbcMDPeM9DL3mXnc
0gDUOeToqUCMIiiQYgnek0SGw3mZdXL4nz0MrqURJgLMbTQAjbO0k7lSiYxB+/lX
Bd3A2jTXMVAqpw==
-----END CERTIFICATE-----
Generated at Fri Apr 17 11:19:43 2026 by rpki-client