Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/545cce-af11-4ef7-9a5d-d35b430af26d/1/HEwmJz2igh_OJgdaoKbiMB7ISSc.mft
File: HEwmJz2igh_OJgdaoKbiMB7ISSc.mft (raw, json)
Hash identifier: 81W2O+mifRuBJcSTaHguEYtHOXROja9DfILZdgJAS3k=
Subject key identifier: 3D:89:40:14:37:69:C6:8D:C4:30:39:32:A5:3A:88:74:41:57:D4:6B
Authority key identifier: 1C:4C:26:27:3D:A2:82:1F:CE:26:07:5A:A0:A6:E2:30:1E:C8:49:27
Certificate issuer: /CN=1c4c26273da2821fce26075aa0a6e2301ec84927
Certificate serial: 019D9B5173EEF8339FCF8CAFFBDEFCA81327
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HEwmJz2igh_OJgdaoKbiMB7ISSc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/545cce-af11-4ef7-9a5d-d35b430af26d/1/HEwmJz2igh_OJgdaoKbiMB7ISSc.mft
Manifest number: 1853
Signing time: Fri 17 Apr 2026 12:01:39 +0000
Manifest this update: Fri 17 Apr 2026 12:01:39 +0000
Manifest next update: Sat 18 Apr 2026 12:01:39 +0000
Files and hashes: 1: Ao01yBlxvJ843s8rmXALqicuFL4.roa (hash: mObGzmDyz7K0J3EGcnRV4ZYxrkCBxp3ntfUTw3IpS/Y=)
2: HEwmJz2igh_OJgdaoKbiMB7ISSc.crl (hash: GrWbJWTMljYE+sFJA62HUZmG6vcS6tJ0HiUUeMywFO8=)
3: nMd-Xw4DDeNMARsDmT0tnDJOIKY.roa (hash: IL7Kn+tf2yZBt5W5A2bV1BTlZ8XATxRpIlXULrCuaRY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/545cce-af11-4ef7-9a5d-d35b430af26d/1/HEwmJz2igh_OJgdaoKbiMB7ISSc.crl
rsync://rpki.ripe.net/repository/DEFAULT/d5/545cce-af11-4ef7-9a5d-d35b430af26d/1/HEwmJz2igh_OJgdaoKbiMB7ISSc.mft
rsync://rpki.ripe.net/repository/DEFAULT/HEwmJz2igh_OJgdaoKbiMB7ISSc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9b:51:73:ee:f8:33:9f:cf:8c:af:fb:de:fc:a8:13:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c4c26273da2821fce26075aa0a6e2301ec84927
Validity
Not Before: Apr 17 12:01:39 2026 GMT
Not After : Apr 18 12:01:39 2026 GMT
Subject: CN=3d8940143769c68dc4303932a53a88744157d46b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:d2:df:7f:15:00:ea:d7:34:f7:42:ad:b0:1c:
ca:e1:05:70:7c:83:42:4c:eb:02:b2:60:f0:89:89:
d9:5d:6d:a7:ea:45:fa:91:71:d4:6e:66:4d:78:c9:
60:55:7b:69:65:89:90:0b:ed:28:42:46:f9:c2:e2:
6d:ba:27:d0:e8:ad:59:49:4a:2a:09:54:3e:91:10:
77:fe:19:db:e6:4a:b9:53:16:ff:1d:de:67:de:66:
73:36:cc:3d:7b:de:16:c7:fb:e8:0c:40:a8:ec:b2:
4d:21:e7:37:19:f6:bd:55:a8:fa:6f:e3:11:4b:2a:
dd:67:6b:d8:e5:ea:46:32:63:95:bd:d1:c6:2e:83:
a4:62:bc:ce:9f:01:da:e7:97:94:46:e0:da:f2:34:
25:2f:e1:03:d9:cc:ea:83:35:30:0b:b1:78:a7:0e:
72:6b:bc:79:92:d4:31:db:4f:4c:7b:f9:23:9b:62:
0a:18:3c:6b:8e:d7:e8:45:34:c4:5f:c6:71:e7:b7:
0e:f2:6b:2c:88:0d:5a:ce:d8:74:2d:f1:d4:38:a9:
c5:07:af:e3:07:22:11:4c:65:92:b2:bd:0b:42:25:
26:f1:e5:f7:76:14:0d:1a:10:06:25:0d:3b:9b:57:
01:4d:9d:24:59:22:76:96:cf:73:64:ff:35:e1:5c:
51:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:89:40:14:37:69:C6:8D:C4:30:39:32:A5:3A:88:74:41:57:D4:6B
X509v3 Authority Key Identifier:
keyid:1C:4C:26:27:3D:A2:82:1F:CE:26:07:5A:A0:A6:E2:30:1E:C8:49:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HEwmJz2igh_OJgdaoKbiMB7ISSc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/545cce-af11-4ef7-9a5d-d35b430af26d/1/HEwmJz2igh_OJgdaoKbiMB7ISSc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/545cce-af11-4ef7-9a5d-d35b430af26d/1/HEwmJz2igh_OJgdaoKbiMB7ISSc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
ae:ac:f2:81:6d:77:2e:de:ca:44:9d:d1:38:08:9b:51:1e:aa:
21:be:62:39:01:0b:6b:7f:67:f5:4e:24:8e:ab:d9:58:99:19:
d8:72:b0:44:dc:0a:ca:2b:7a:72:9a:b4:71:5c:ed:9d:21:f5:
da:ae:a8:2b:93:13:32:4e:98:80:f5:48:71:84:64:92:53:5f:
8e:17:23:f4:f7:a3:aa:81:aa:85:1c:6d:f4:5e:3f:53:1d:3d:
46:79:9f:a3:10:f4:05:fa:ea:28:84:54:4f:75:e5:2e:b5:3e:
ef:6b:54:34:1b:70:78:37:b5:da:e9:5b:0a:0c:09:9f:ee:bb:
08:cd:d9:80:0f:86:2e:63:48:0a:f2:85:f7:b1:e2:73:59:fe:
0c:73:fa:2c:8b:ca:8c:0a:95:51:f4:22:a9:4a:ad:66:83:cd:
91:b5:d7:ac:cc:b5:14:87:0d:1a:3f:65:fd:82:3e:58:24:7d:
8f:06:85:5b:d3:71:53:af:e3:92:98:53:fb:2c:f4:ad:7c:d3:
11:c7:5d:b0:7c:1f:7c:ac:a1:42:fc:7d:88:0b:4d:4d:4c:d4:
40:02:d7:73:23:38:b6:19:ad:3d:69:ea:41:de:59:57:cf:08:
2f:0c:65:dc:b1:46:6a:42:9b:23:8b:95:af:bb:90:4d:a2:f7:
bc:6e:e2:02
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2bUXPu+DOfz4yv+978qBMnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjNGMyNjI3M2RhMjgyMWZjZTI2MDc1YWEwYTZlMjMwMWVj
ODQ5MjcwHhcNMjYwNDE3MTIwMTM5WhcNMjYwNDE4MTIwMTM5WjAzMTEwLwYDVQQD
EygzZDg5NDAxNDM3NjljNjhkYzQzMDM5MzJhNTNhODg3NDQxNTdkNDZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAldLffxUA6tc090KtsBzK4QVwfINC
TOsCsmDwiYnZXW2n6kX6kXHUbmZNeMlgVXtpZYmQC+0oQkb5wuJtuifQ6K1ZSUoq
CVQ+kRB3/hnb5kq5Uxb/Hd5n3mZzNsw9e94Wx/voDECo7LJNIec3Gfa9Vaj6b+MR
SyrdZ2vY5epGMmOVvdHGLoOkYrzOnwHa55eURuDa8jQlL+ED2czqgzUwC7F4pw5y
a7x5ktQx209Me/kjm2IKGDxrjtfoRTTEX8Zx57cO8mssiA1azth0LfHUOKnFB6/j
ByIRTGWSsr0LQiUm8eX3dhQNGhAGJQ07m1cBTZ0kWSJ2ls9zZP814VxRhwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD2JQBQ3acaNxDA5MqU6iHRBV9RrMB8GA1UdIwQY
MBaAFBxMJic9ooIfziYHWqCm4jAeyEknMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEV3bUp6MmlnaF9PSmdkYW9LYmlNQjdJU1NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS81NDVjY2UtYWYxMS00ZWY3LTlhNWQt
ZDM1YjQzMGFmMjZkLzEvSEV3bUp6MmlnaF9PSmdkYW9LYmlNQjdJU1NjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS81NDVjY2UtYWYxMS00ZWY3LTlhNWQtZDM1YjQzMGFmMjZk
LzEvSEV3bUp6MmlnaF9PSmdkYW9LYmlNQjdJU1NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArqzygW13
Lt7KRJ3ROAibUR6qIb5iOQELa39n9U4kjqvZWJkZ2HKwRNwKyit6cpq0cVztnSH1
2q6oK5MTMk6YgPVIcYRkklNfjhcj9PejqoGqhRxt9F4/Ux09RnmfoxD0BfrqKIRU
T3XlLrU+72tUNBtweDe12ulbCgwJn+67CM3ZgA+GLmNICvKF97Hic1n+DHP6LIvK
jAqVUfQiqUqtZoPNkbXXrMy1FIcNGj9l/YI+WCR9jwaFW9NxU6/jkphT+yz0rXzT
EcddsHwffKyhQvx9iAtNTUzUQALXcyM4thmtPWnqQd5ZV88ILwxl3LFGakKbI4uV
r7uQTaL3vG7iAg==
-----END CERTIFICATE-----
Generated at Fri Apr 17 16:57:17 2026 by rpki-client