Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/545cce-af11-4ef7-9a5d-d35b430af26d/1/HEwmJz2igh_OJgdaoKbiMB7ISSc.mft
File: HEwmJz2igh_OJgdaoKbiMB7ISSc.mft (raw, json)
Hash identifier: zjTew3A1ceDu4RlVthxDDfzezPywiuZi5CkJg4mnWIg=
Subject key identifier: 83:EA:CC:94:37:81:7B:92:DD:06:0C:D7:73:A6:D5:C3:3A:47:F7:C2
Authority key identifier: 1C:4C:26:27:3D:A2:82:1F:CE:26:07:5A:A0:A6:E2:30:1E:C8:49:27
Certificate issuer: /CN=1c4c26273da2821fce26075aa0a6e2301ec84927
Certificate serial: 019CAFB60D3F08ED7B0B9B0E7A1DD55F1F44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HEwmJz2igh_OJgdaoKbiMB7ISSc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/545cce-af11-4ef7-9a5d-d35b430af26d/1/HEwmJz2igh_OJgdaoKbiMB7ISSc.mft
Manifest number: 17D9
Signing time: Mon 02 Mar 2026 18:01:09 +0000
Manifest this update: Mon 02 Mar 2026 18:01:09 +0000
Manifest next update: Tue 03 Mar 2026 18:01:09 +0000
Files and hashes: 1: Ao01yBlxvJ843s8rmXALqicuFL4.roa (hash: mObGzmDyz7K0J3EGcnRV4ZYxrkCBxp3ntfUTw3IpS/Y=)
2: HEwmJz2igh_OJgdaoKbiMB7ISSc.crl (hash: p8qsrbSan/BNZNUOUAgX8dzaJDXsdFUajJWdGQQ3VDo=)
3: nMd-Xw4DDeNMARsDmT0tnDJOIKY.roa (hash: IL7Kn+tf2yZBt5W5A2bV1BTlZ8XATxRpIlXULrCuaRY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/545cce-af11-4ef7-9a5d-d35b430af26d/1/HEwmJz2igh_OJgdaoKbiMB7ISSc.crl
rsync://rpki.ripe.net/repository/DEFAULT/d5/545cce-af11-4ef7-9a5d-d35b430af26d/1/HEwmJz2igh_OJgdaoKbiMB7ISSc.mft
rsync://rpki.ripe.net/repository/DEFAULT/HEwmJz2igh_OJgdaoKbiMB7ISSc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 15:05:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:af:b6:0d:3f:08:ed:7b:0b:9b:0e:7a:1d:d5:5f:1f:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c4c26273da2821fce26075aa0a6e2301ec84927
Validity
Not Before: Mar 2 18:01:09 2026 GMT
Not After : Mar 3 18:01:09 2026 GMT
Subject: CN=83eacc9437817b92dd060cd773a6d5c33a47f7c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:8d:97:48:da:53:ec:83:03:bd:c3:e8:a0:8d:
7e:d8:ae:9d:a4:94:d7:cb:e7:66:4d:9d:11:d3:ca:
f6:58:c4:fe:54:15:a2:be:b4:0c:1c:3a:9d:15:d6:
d3:ff:d2:8e:3e:67:1b:56:4a:a0:12:16:f5:41:3f:
6e:f8:f6:ba:ef:b5:c9:d3:08:ff:97:21:69:39:98:
3f:f2:fc:f5:8b:69:59:dd:fa:93:61:ce:57:78:a5:
d5:7f:58:34:de:27:f4:ca:27:e3:b1:65:f3:83:aa:
ff:c1:7a:62:3b:3a:dc:f2:40:b6:9f:96:de:3a:f6:
e5:0e:a9:5c:23:6d:c1:56:0d:c0:bc:36:f4:9b:65:
2d:f0:15:c8:e5:e2:69:c9:e5:48:30:d1:b2:6d:55:
ec:28:e5:e8:e9:be:2f:b6:42:c3:48:49:32:a3:a6:
bf:cb:51:77:5e:a2:e5:e4:71:44:b2:2f:09:01:f3:
90:76:00:f1:43:19:c1:74:ad:08:aa:d1:d4:a6:6a:
90:50:aa:31:a9:af:b4:06:28:33:93:09:a4:f1:55:
ce:84:48:40:a5:26:b0:11:71:79:3f:b7:57:0c:6d:
be:f2:20:cd:17:5a:a0:1d:e3:48:a0:c1:77:78:47:
24:16:f7:2b:90:a5:0b:d9:3a:8a:94:c4:e9:38:4a:
c3:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:EA:CC:94:37:81:7B:92:DD:06:0C:D7:73:A6:D5:C3:3A:47:F7:C2
X509v3 Authority Key Identifier:
keyid:1C:4C:26:27:3D:A2:82:1F:CE:26:07:5A:A0:A6:E2:30:1E:C8:49:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HEwmJz2igh_OJgdaoKbiMB7ISSc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/545cce-af11-4ef7-9a5d-d35b430af26d/1/HEwmJz2igh_OJgdaoKbiMB7ISSc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/545cce-af11-4ef7-9a5d-d35b430af26d/1/HEwmJz2igh_OJgdaoKbiMB7ISSc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1c:b7:43:c8:d9:c0:18:ec:df:53:1b:95:28:10:68:24:78:17:
b4:84:f6:13:e9:13:95:6a:37:9d:29:73:89:cc:a8:fa:5a:e2:
93:71:b7:d2:f1:ff:e8:c5:ac:04:7c:b5:fc:f4:3a:55:bd:51:
1f:dd:ad:fe:d1:b2:47:4f:a3:99:ab:55:6b:50:7f:3d:90:88:
4e:65:8c:79:54:90:78:a8:93:12:94:65:7e:83:43:40:e0:e1:
24:d9:bf:e3:72:a1:e6:bc:61:68:65:98:5b:7c:89:68:31:e2:
0c:65:b3:2c:88:25:49:0f:8f:d4:a5:81:70:46:a7:ec:3e:30:
f8:82:7d:65:eb:cb:b8:8c:89:15:41:85:69:70:92:fd:79:80:
96:38:6e:30:0d:01:fd:ec:5d:c0:68:65:28:b8:70:c5:29:d4:
4d:81:f5:c4:bc:41:6f:80:5f:c6:6c:b2:96:59:ff:96:c8:4d:
09:5d:e0:a6:61:5c:ef:71:78:50:3b:da:db:13:ff:47:8e:a7:
31:d1:a4:10:16:28:dc:a5:bd:4c:c6:5c:a4:e6:ee:b5:29:71:
6c:f7:99:83:96:8d:40:a1:b5:69:bc:81:7f:40:1f:7c:88:62:
a3:43:b5:1a:41:ce:90:3e:dd:72:26:96:4d:97:47:44:28:80:
c1:ca:8e:08
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyvtg0/CO17C5sOeh3VXx9EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjNGMyNjI3M2RhMjgyMWZjZTI2MDc1YWEwYTZlMjMwMWVj
ODQ5MjcwHhcNMjYwMzAyMTgwMTA5WhcNMjYwMzAzMTgwMTA5WjAzMTEwLwYDVQQD
Eyg4M2VhY2M5NDM3ODE3YjkyZGQwNjBjZDc3M2E2ZDVjMzNhNDdmN2MyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoI2XSNpT7IMDvcPooI1+2K6dpJTX
y+dmTZ0R08r2WMT+VBWivrQMHDqdFdbT/9KOPmcbVkqgEhb1QT9u+Pa677XJ0wj/
lyFpOZg/8vz1i2lZ3fqTYc5XeKXVf1g03if0yifjsWXzg6r/wXpiOzrc8kC2n5be
OvblDqlcI23BVg3AvDb0m2Ut8BXI5eJpyeVIMNGybVXsKOXo6b4vtkLDSEkyo6a/
y1F3XqLl5HFEsi8JAfOQdgDxQxnBdK0IqtHUpmqQUKoxqa+0Bigzkwmk8VXOhEhA
pSawEXF5P7dXDG2+8iDNF1qgHeNIoMF3eEckFvcrkKUL2TqKlMTpOErDWwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIPqzJQ3gXuS3QYM13Om1cM6R/fCMB8GA1UdIwQY
MBaAFBxMJic9ooIfziYHWqCm4jAeyEknMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEV3bUp6MmlnaF9PSmdkYW9LYmlNQjdJU1NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS81NDVjY2UtYWYxMS00ZWY3LTlhNWQt
ZDM1YjQzMGFmMjZkLzEvSEV3bUp6MmlnaF9PSmdkYW9LYmlNQjdJU1NjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS81NDVjY2UtYWYxMS00ZWY3LTlhNWQtZDM1YjQzMGFmMjZk
LzEvSEV3bUp6MmlnaF9PSmdkYW9LYmlNQjdJU1NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHLdDyNnA
GOzfUxuVKBBoJHgXtIT2E+kTlWo3nSlzicyo+lrik3G30vH/6MWsBHy1/PQ6Vb1R
H92t/tGyR0+jmatVa1B/PZCITmWMeVSQeKiTEpRlfoNDQODhJNm/43Kh5rxhaGWY
W3yJaDHiDGWzLIglSQ+P1KWBcEan7D4w+IJ9ZevLuIyJFUGFaXCS/XmAljhuMA0B
/exdwGhlKLhwxSnUTYH1xLxBb4Bfxmyylln/lshNCV3gpmFc73F4UDva2xP/R46n
MdGkEBYo3KW9TMZcpObutSlxbPeZg5aNQKG1abyBf0AffIhio0O1GkHOkD7dciaW
TZdHRCiAwcqOCA==
-----END CERTIFICATE-----
Generated at Tue Mar 3 00:41:28 2026 by rpki-client