Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/545cce-af11-4ef7-9a5d-d35b430af26d/1/HEwmJz2igh_OJgdaoKbiMB7ISSc.mft
File: HEwmJz2igh_OJgdaoKbiMB7ISSc.mft (raw, json)
Hash identifier: 0R91JcfnY/wQvCOjO6wdbsX6NJtWpFOBxXxIMpzm7zI=
Subject key identifier: F2:31:63:12:3A:93:0C:84:C0:3A:95:AC:DA:44:1B:EE:CA:19:21:5C
Authority key identifier: 1C:4C:26:27:3D:A2:82:1F:CE:26:07:5A:A0:A6:E2:30:1E:C8:49:27
Certificate issuer: /CN=1c4c26273da2821fce26075aa0a6e2301ec84927
Certificate serial: 019CABD99147925FE1181974455E55053E40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HEwmJz2igh_OJgdaoKbiMB7ISSc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/545cce-af11-4ef7-9a5d-d35b430af26d/1/HEwmJz2igh_OJgdaoKbiMB7ISSc.mft
Manifest number: 17D7
Signing time: Mon 02 Mar 2026 00:01:28 +0000
Manifest this update: Mon 02 Mar 2026 00:01:28 +0000
Manifest next update: Tue 03 Mar 2026 00:01:28 +0000
Files and hashes: 1: Ao01yBlxvJ843s8rmXALqicuFL4.roa (hash: mObGzmDyz7K0J3EGcnRV4ZYxrkCBxp3ntfUTw3IpS/Y=)
2: HEwmJz2igh_OJgdaoKbiMB7ISSc.crl (hash: DcXZyrIS/xXqu0eEeAetSa3Ok46pvsvhGGmVSQvy71Q=)
3: nMd-Xw4DDeNMARsDmT0tnDJOIKY.roa (hash: IL7Kn+tf2yZBt5W5A2bV1BTlZ8XATxRpIlXULrCuaRY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/545cce-af11-4ef7-9a5d-d35b430af26d/1/HEwmJz2igh_OJgdaoKbiMB7ISSc.crl
rsync://rpki.ripe.net/repository/DEFAULT/d5/545cce-af11-4ef7-9a5d-d35b430af26d/1/HEwmJz2igh_OJgdaoKbiMB7ISSc.mft
rsync://rpki.ripe.net/repository/DEFAULT/HEwmJz2igh_OJgdaoKbiMB7ISSc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ab:d9:91:47:92:5f:e1:18:19:74:45:5e:55:05:3e:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c4c26273da2821fce26075aa0a6e2301ec84927
Validity
Not Before: Mar 2 00:01:28 2026 GMT
Not After : Mar 3 00:01:28 2026 GMT
Subject: CN=f23163123a930c84c03a95acda441beeca19215c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:59:ea:39:99:b6:31:cc:ba:d7:01:1e:09:23:
25:80:bb:b0:f0:50:c0:1d:de:1b:4b:a3:0f:b7:32:
a9:e6:c5:db:8b:02:68:a1:b2:99:e5:a1:eb:43:51:
ab:2b:4d:3b:1e:01:71:4b:86:4f:b3:59:30:1d:24:
94:95:01:eb:03:94:64:0f:0e:9f:1a:e5:42:4e:45:
d6:c7:e0:02:fb:00:ad:40:29:55:da:47:2f:5a:36:
a7:00:4a:87:2e:3a:7e:7f:75:48:23:87:c2:19:7e:
5c:5b:c5:a7:f8:7e:5f:a9:aa:9d:56:a7:b5:2c:c8:
df:ef:b3:30:cd:56:f1:f9:d7:90:3d:13:92:d5:a5:
f2:dd:9c:cb:dd:2e:f6:d9:51:c6:ee:ba:87:3b:7e:
27:27:66:22:f2:01:a1:2f:bd:9e:28:6e:e5:38:58:
35:4a:48:91:a3:90:4e:40:2e:e4:8b:5b:a9:d5:a3:
be:d9:31:8e:73:f3:0a:12:3d:9b:c0:3f:47:26:eb:
66:79:b3:43:9d:b9:cf:d5:1e:71:fc:0b:2f:68:ed:
ca:a1:ad:16:85:6c:a6:2c:a8:8e:6e:14:62:1b:35:
e0:91:4b:a3:b5:2a:06:bc:a7:67:e3:21:11:8a:fa:
7e:96:a1:89:cd:82:9a:8a:5a:c4:69:3a:5a:84:f8:
da:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:31:63:12:3A:93:0C:84:C0:3A:95:AC:DA:44:1B:EE:CA:19:21:5C
X509v3 Authority Key Identifier:
keyid:1C:4C:26:27:3D:A2:82:1F:CE:26:07:5A:A0:A6:E2:30:1E:C8:49:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HEwmJz2igh_OJgdaoKbiMB7ISSc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/545cce-af11-4ef7-9a5d-d35b430af26d/1/HEwmJz2igh_OJgdaoKbiMB7ISSc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/545cce-af11-4ef7-9a5d-d35b430af26d/1/HEwmJz2igh_OJgdaoKbiMB7ISSc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
19:29:7c:26:a4:5e:8d:e8:32:20:d9:9f:e5:e8:35:29:2b:98:
94:bb:db:02:db:5e:34:97:1b:63:78:19:9c:75:c7:2e:f6:3c:
61:0c:f7:7d:29:50:fe:ff:f2:f5:a7:ee:d1:ef:cb:8e:ad:6d:
9b:da:33:35:13:20:8d:18:cf:b9:2d:18:e7:07:dd:6f:18:46:
0b:0f:5a:4a:b2:23:9d:78:9e:a6:29:d3:99:f4:a4:ef:c0:a1:
df:b1:e9:08:51:a2:0a:f8:07:97:a5:29:de:c7:de:5f:8e:41:
42:38:4a:d2:be:7b:1b:c4:de:d1:5f:31:23:e5:50:a4:29:2c:
74:ec:73:a3:f1:a2:2f:b6:99:b4:7a:88:f1:c7:bf:10:37:9e:
45:3b:81:62:01:30:12:b4:23:47:eb:80:6b:91:f6:d1:b8:53:
04:18:23:7c:04:5f:76:ca:6e:af:1c:20:bb:68:04:3d:aa:e4:
44:fa:91:0d:74:e5:e9:8a:c9:d7:48:93:25:d9:58:32:4c:c3:
e2:19:b7:fa:9d:43:21:61:05:90:f0:0c:f0:c5:0e:e1:91:72:
1a:5d:83:75:e1:09:bf:a3:98:08:b9:83:ec:32:c5:11:29:44:
8c:17:dc:ed:38:18:d1:25:70:b5:4d:ee:60:bb:3f:34:cb:5d:
a0:b2:28:65
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyr2ZFHkl/hGBl0RV5VBT5AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjNGMyNjI3M2RhMjgyMWZjZTI2MDc1YWEwYTZlMjMwMWVj
ODQ5MjcwHhcNMjYwMzAyMDAwMTI4WhcNMjYwMzAzMDAwMTI4WjAzMTEwLwYDVQQD
EyhmMjMxNjMxMjNhOTMwYzg0YzAzYTk1YWNkYTQ0MWJlZWNhMTkyMTVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAllnqOZm2Mcy61wEeCSMlgLuw8FDA
Hd4bS6MPtzKp5sXbiwJoobKZ5aHrQ1GrK007HgFxS4ZPs1kwHSSUlQHrA5RkDw6f
GuVCTkXWx+AC+wCtQClV2kcvWjanAEqHLjp+f3VII4fCGX5cW8Wn+H5fqaqdVqe1
LMjf77MwzVbx+deQPROS1aXy3ZzL3S722VHG7rqHO34nJ2Yi8gGhL72eKG7lOFg1
SkiRo5BOQC7ki1up1aO+2TGOc/MKEj2bwD9HJutmebNDnbnP1R5x/AsvaO3Koa0W
hWymLKiObhRiGzXgkUujtSoGvKdn4yERivp+lqGJzYKailrEaTpahPjaJQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPIxYxI6kwyEwDqVrNpEG+7KGSFcMB8GA1UdIwQY
MBaAFBxMJic9ooIfziYHWqCm4jAeyEknMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEV3bUp6MmlnaF9PSmdkYW9LYmlNQjdJU1NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS81NDVjY2UtYWYxMS00ZWY3LTlhNWQt
ZDM1YjQzMGFmMjZkLzEvSEV3bUp6MmlnaF9PSmdkYW9LYmlNQjdJU1NjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS81NDVjY2UtYWYxMS00ZWY3LTlhNWQtZDM1YjQzMGFmMjZk
LzEvSEV3bUp6MmlnaF9PSmdkYW9LYmlNQjdJU1NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGSl8JqRe
jegyINmf5eg1KSuYlLvbAtteNJcbY3gZnHXHLvY8YQz3fSlQ/v/y9afu0e/Ljq1t
m9ozNRMgjRjPuS0Y5wfdbxhGCw9aSrIjnXiepinTmfSk78Ch37HpCFGiCvgHl6Up
3sfeX45BQjhK0r57G8Te0V8xI+VQpCksdOxzo/GiL7aZtHqI8ce/EDeeRTuBYgEw
ErQjR+uAa5H20bhTBBgjfARfdspurxwgu2gEParkRPqRDXTl6YrJ10iTJdlYMkzD
4hm3+p1DIWEFkPAM8MUO4ZFyGl2DdeEJv6OYCLmD7DLFESlEjBfc7TgY0SVwtU3u
YLs/NMtdoLIoZQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 07:43:15 2026 by rpki-client