Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/bf1589-6adf-44b3-9746-81c4055148e0/1/hR1ONNTkhTnBcEUdTiYTiIf26SI.mft
File: hR1ONNTkhTnBcEUdTiYTiIf26SI.mft (raw, json)
Hash identifier: D73LLOmKbyxy17LjhAt+0Czu9A1PwcxrjeO7v1S6854=
Subject key identifier: 45:F4:78:C8:73:CB:94:95:CB:3D:09:38:6E:02:5C:4D:4C:78:A9:30
Authority key identifier: 85:1D:4E:34:D4:E4:85:39:C1:70:45:1D:4E:26:13:88:87:F6:E9:22
Certificate issuer: /CN=851d4e34d4e48539c170451d4e26138887f6e922
Certificate serial: 019CAE358F98109FA46BA52EA7B4A68A3E6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hR1ONNTkhTnBcEUdTiYTiIf26SI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/bf1589-6adf-44b3-9746-81c4055148e0/1/hR1ONNTkhTnBcEUdTiYTiIf26SI.mft
Manifest number: 13F4
Signing time: Mon 02 Mar 2026 11:01:11 +0000
Manifest this update: Mon 02 Mar 2026 11:01:11 +0000
Manifest next update: Tue 03 Mar 2026 11:01:11 +0000
Files and hashes: 1: 7Ybe3VwVebBn_3Dp58ErIFU2DCI.roa (hash: uLq5WfI4V9hrlBMvr6SbcLDBsN0jQny54rAkYdIdE3k=)
2: XkEF2FpoYMDNdSJQTi_LayA4Ol4.roa (hash: XlXxPv3rPuv4OjwQn/aSmAl+EcMC4mB71Uh0o84lUwM=)
3: hR1ONNTkhTnBcEUdTiYTiIf26SI.crl (hash: N4kdQ5hwH3UqAH8xEs619s6nllKXXLwbParITJsEuQ8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/bf1589-6adf-44b3-9746-81c4055148e0/1/hR1ONNTkhTnBcEUdTiYTiIf26SI.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/bf1589-6adf-44b3-9746-81c4055148e0/1/hR1ONNTkhTnBcEUdTiYTiIf26SI.mft
rsync://rpki.ripe.net/repository/DEFAULT/hR1ONNTkhTnBcEUdTiYTiIf26SI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 09:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ae:35:8f:98:10:9f:a4:6b:a5:2e:a7:b4:a6:8a:3e:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=851d4e34d4e48539c170451d4e26138887f6e922
Validity
Not Before: Mar 2 11:01:11 2026 GMT
Not After : Mar 3 11:01:11 2026 GMT
Subject: CN=45f478c873cb9495cb3d09386e025c4d4c78a930
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:b7:2c:0d:4a:e0:ea:0a:9c:1c:15:cf:e3:9d:
b1:4c:4e:2b:9c:c0:f5:40:43:99:64:1b:57:80:d6:
5c:98:05:69:64:15:0c:cb:09:02:88:bb:e4:0d:a4:
a9:4b:83:aa:6c:48:27:14:b3:07:3e:62:ef:e1:68:
e0:00:cc:18:99:cd:9b:44:8a:44:d9:a5:04:06:4c:
9f:01:ee:ea:fa:66:c4:98:e3:39:64:4e:e6:fa:51:
f3:d4:25:d0:62:75:d6:bc:83:fa:28:81:46:e2:a0:
5e:27:1e:25:0a:21:bf:55:61:4b:44:b4:d4:df:93:
95:35:57:70:4d:78:20:72:f7:de:d6:c2:8b:d7:f2:
73:36:59:10:16:8b:d5:2a:eb:a2:1d:1f:6f:2c:34:
fa:59:14:a8:4d:2d:4b:e4:0a:6d:2c:e0:98:d6:5c:
72:ec:dd:63:d0:b0:91:0d:80:ce:ae:52:ba:57:67:
fc:05:26:d3:87:db:bf:97:0f:06:0c:72:21:fc:6c:
f9:e0:ba:c7:79:0d:b7:e5:c4:63:12:cc:c1:dd:86:
1d:0d:b6:07:14:f8:b7:d8:49:08:63:b8:99:38:e7:
4b:eb:d8:3d:ad:f7:de:40:20:b6:88:d3:a7:ca:ea:
e1:48:1d:bb:d2:3b:df:6c:20:b1:90:26:c0:11:a0:
b6:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:F4:78:C8:73:CB:94:95:CB:3D:09:38:6E:02:5C:4D:4C:78:A9:30
X509v3 Authority Key Identifier:
keyid:85:1D:4E:34:D4:E4:85:39:C1:70:45:1D:4E:26:13:88:87:F6:E9:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hR1ONNTkhTnBcEUdTiYTiIf26SI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/bf1589-6adf-44b3-9746-81c4055148e0/1/hR1ONNTkhTnBcEUdTiYTiIf26SI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/bf1589-6adf-44b3-9746-81c4055148e0/1/hR1ONNTkhTnBcEUdTiYTiIf26SI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3f:0d:7c:9a:b6:d8:d6:f0:74:f3:0a:5e:a0:b9:32:89:e7:4c:
7f:c1:19:f7:a0:31:84:c9:43:71:d6:88:5e:f9:18:25:9f:dd:
fb:39:ab:fe:a9:bd:d9:6e:a3:07:92:40:53:e7:78:cf:49:2e:
0e:3e:e2:82:28:56:40:4a:57:12:47:11:af:45:be:95:e5:72:
6e:37:fb:7c:1d:c6:31:e7:ae:10:9e:ab:1f:50:10:b1:4a:6c:
28:e7:02:cd:87:b7:90:66:fd:bd:18:c4:31:d0:98:5a:7f:58:
67:14:f5:63:c9:c6:8d:3e:cc:43:d1:e0:f7:b1:08:9d:c6:34:
0b:fb:cb:8c:dc:a6:19:f4:72:0f:d2:fc:10:7d:63:fb:9a:ad:
74:5d:43:54:37:a1:69:b6:7e:93:c0:eb:ad:13:c3:61:b8:34:
da:32:6a:73:bf:5c:cc:6b:df:c2:2c:13:8a:90:bf:e4:fa:5a:
96:db:3e:36:37:ec:16:3a:4a:c4:e5:c3:95:95:f4:cb:cb:39:
57:2e:de:1e:ec:1d:c6:17:ea:94:24:55:8a:16:29:12:6c:ce:
d1:d9:7a:cb:b2:03:52:6f:2a:26:60:f4:0a:84:e0:36:f2:d2:
97:b9:99:aa:43:9c:d5:07:91:33:16:30:dd:00:49:c8:92:4d:
bd:04:f9:30
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyuNY+YEJ+ka6Uup7Smij5rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MWQ0ZTM0ZDRlNDg1MzljMTcwNDUxZDRlMjYxMzg4ODdm
NmU5MjIwHhcNMjYwMzAyMTEwMTExWhcNMjYwMzAzMTEwMTExWjAzMTEwLwYDVQQD
Eyg0NWY0NzhjODczY2I5NDk1Y2IzZDA5Mzg2ZTAyNWM0ZDRjNzhhOTMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwLcsDUrg6gqcHBXP452xTE4rnMD1
QEOZZBtXgNZcmAVpZBUMywkCiLvkDaSpS4OqbEgnFLMHPmLv4WjgAMwYmc2bRIpE
2aUEBkyfAe7q+mbEmOM5ZE7m+lHz1CXQYnXWvIP6KIFG4qBeJx4lCiG/VWFLRLTU
35OVNVdwTXggcvfe1sKL1/JzNlkQFovVKuuiHR9vLDT6WRSoTS1L5AptLOCY1lxy
7N1j0LCRDYDOrlK6V2f8BSbTh9u/lw8GDHIh/Gz54LrHeQ235cRjEszB3YYdDbYH
FPi32EkIY7iZOOdL69g9rffeQCC2iNOnyurhSB270jvfbCCxkCbAEaC2BwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEX0eMhzy5SVyz0JOG4CXE1MeKkwMB8GA1UdIwQY
MBaAFIUdTjTU5IU5wXBFHU4mE4iH9ukiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFIxT05OVGtoVG5CY0VVZFRpWVRpSWYyNlNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS9iZjE1ODktNmFkZi00NGIzLTk3NDYt
ODFjNDA1NTE0OGUwLzEvaFIxT05OVGtoVG5CY0VVZFRpWVRpSWYyNlNJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS9iZjE1ODktNmFkZi00NGIzLTk3NDYtODFjNDA1NTE0OGUw
LzEvaFIxT05OVGtoVG5CY0VVZFRpWVRpSWYyNlNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPw18mrbY
1vB08wpeoLkyiedMf8EZ96AxhMlDcdaIXvkYJZ/d+zmr/qm92W6jB5JAU+d4z0ku
Dj7igihWQEpXEkcRr0W+leVybjf7fB3GMeeuEJ6rH1AQsUpsKOcCzYe3kGb9vRjE
MdCYWn9YZxT1Y8nGjT7MQ9Hg97EIncY0C/vLjNymGfRyD9L8EH1j+5qtdF1DVDeh
abZ+k8DrrRPDYbg02jJqc79czGvfwiwTipC/5Ppalts+NjfsFjpKxOXDlZX0y8s5
Vy7eHuwdxhfqlCRVihYpEmzO0dl6y7IDUm8qJmD0CoTgNvLSl7mZqkOc1QeRMxYw
3QBJyJJNvQT5MA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 15:31:21 2026 by rpki-client