Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/bf1589-6adf-44b3-9746-81c4055148e0/1/hR1ONNTkhTnBcEUdTiYTiIf26SI.mft
File: hR1ONNTkhTnBcEUdTiYTiIf26SI.mft (raw, json)
Hash identifier: /BvqGmlh5oktiaS58chRo1CNVVU0Q364cQX8NsTteXI=
Subject key identifier: 83:54:BC:9B:99:52:D6:39:A5:E2:5E:CD:8E:4F:B5:A1:F4:62:20:DC
Authority key identifier: 85:1D:4E:34:D4:E4:85:39:C1:70:45:1D:4E:26:13:88:87:F6:E9:22
Certificate issuer: /CN=851d4e34d4e48539c170451d4e26138887f6e922
Certificate serial: 019CAC473D66435CA9DC1A25055D0C6EE574
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hR1ONNTkhTnBcEUdTiYTiIf26SI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/bf1589-6adf-44b3-9746-81c4055148e0/1/hR1ONNTkhTnBcEUdTiYTiIf26SI.mft
Manifest number: 13F3
Signing time: Mon 02 Mar 2026 02:01:15 +0000
Manifest this update: Mon 02 Mar 2026 02:01:15 +0000
Manifest next update: Tue 03 Mar 2026 02:01:15 +0000
Files and hashes: 1: 7Ybe3VwVebBn_3Dp58ErIFU2DCI.roa (hash: uLq5WfI4V9hrlBMvr6SbcLDBsN0jQny54rAkYdIdE3k=)
2: XkEF2FpoYMDNdSJQTi_LayA4Ol4.roa (hash: XlXxPv3rPuv4OjwQn/aSmAl+EcMC4mB71Uh0o84lUwM=)
3: hR1ONNTkhTnBcEUdTiYTiIf26SI.crl (hash: 36kPnI1Krmr8JpW+qt7ZuIol8uXJ/6GJAai0LFn+5Fg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/bf1589-6adf-44b3-9746-81c4055148e0/1/hR1ONNTkhTnBcEUdTiYTiIf26SI.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/bf1589-6adf-44b3-9746-81c4055148e0/1/hR1ONNTkhTnBcEUdTiYTiIf26SI.mft
rsync://rpki.ripe.net/repository/DEFAULT/hR1ONNTkhTnBcEUdTiYTiIf26SI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ac:47:3d:66:43:5c:a9:dc:1a:25:05:5d:0c:6e:e5:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=851d4e34d4e48539c170451d4e26138887f6e922
Validity
Not Before: Mar 2 02:01:15 2026 GMT
Not After : Mar 3 02:01:15 2026 GMT
Subject: CN=8354bc9b9952d639a5e25ecd8e4fb5a1f46220dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:eb:60:cf:6b:69:a4:6a:c4:ee:1a:7b:8c:6b:
b7:fe:c0:ed:35:cb:64:5e:59:31:d9:67:1b:66:4c:
87:9c:b8:29:98:20:43:a8:f0:2a:3d:f3:35:a8:ef:
39:fa:53:92:80:1b:0f:bd:a4:77:22:ac:bd:ad:37:
e2:ed:21:5c:5c:6d:6c:7f:cc:80:20:89:52:42:f1:
81:68:cf:62:8c:32:cc:ca:55:0f:b5:47:d1:5e:5c:
65:4a:47:62:05:30:ad:94:2e:d4:75:94:04:a7:e4:
4b:fe:ad:a4:9a:ec:b7:6d:6b:fc:a1:1b:03:e5:52:
47:eb:8d:61:14:1f:d4:09:f9:3a:ae:7d:15:2a:3d:
ae:e0:33:42:e8:6a:b8:f8:a4:c8:f3:32:7e:35:e7:
90:d7:d2:e6:7b:a0:be:28:34:c1:f6:31:d0:d8:f2:
17:19:8f:da:0c:8b:3a:3b:a4:20:1d:6c:e5:c3:51:
90:b8:9f:db:c0:f3:53:e0:f3:9e:c4:8a:ac:38:e3:
e9:c9:57:47:de:0d:a4:1c:29:53:17:8d:c5:e2:82:
3a:fb:96:ca:2a:eb:dd:d6:43:fc:07:b2:e3:53:d6:
ad:c3:59:ac:78:10:0b:0f:d3:ab:da:af:a3:3f:31:
cb:96:c5:52:2d:37:12:57:54:61:f5:11:a3:d6:7c:
97:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:54:BC:9B:99:52:D6:39:A5:E2:5E:CD:8E:4F:B5:A1:F4:62:20:DC
X509v3 Authority Key Identifier:
keyid:85:1D:4E:34:D4:E4:85:39:C1:70:45:1D:4E:26:13:88:87:F6:E9:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hR1ONNTkhTnBcEUdTiYTiIf26SI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/bf1589-6adf-44b3-9746-81c4055148e0/1/hR1ONNTkhTnBcEUdTiYTiIf26SI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/bf1589-6adf-44b3-9746-81c4055148e0/1/hR1ONNTkhTnBcEUdTiYTiIf26SI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
bd:6d:99:fe:83:74:f9:e9:bd:fd:5d:3d:1e:0c:02:f6:dd:ee:
94:a0:c8:a3:cf:55:a9:12:ef:39:90:94:d0:d0:2e:4e:ef:10:
f2:69:f6:f2:70:b5:af:6d:ad:0d:2d:28:cb:3a:25:f9:73:50:
4b:d3:df:5b:09:42:9f:3d:21:bc:7e:ca:ca:82:fc:a4:b4:2b:
cd:23:c8:4f:55:cb:68:bc:73:8d:06:a5:99:b7:34:cd:98:fb:
e6:e5:1a:06:90:67:24:2d:26:16:a4:9b:38:16:52:16:d7:c8:
3c:8d:94:1b:24:55:e8:4b:32:08:85:05:5a:1b:4b:16:71:9f:
28:ff:e8:52:1d:02:8a:56:cf:ae:c4:b7:0b:54:ab:f7:c6:f2:
27:40:9b:5e:5b:d7:34:bb:b7:16:b5:11:94:4e:2a:36:ba:db:
42:2b:2f:aa:dc:0c:9f:04:74:cc:42:57:c0:02:34:05:69:92:
49:83:61:0a:b6:81:b1:db:41:65:10:79:ad:7b:74:9c:2f:97:
02:3a:40:68:09:cc:2c:dc:4e:c1:1b:5a:7b:b1:9f:a0:47:72:
f9:22:aa:1f:a9:15:30:7d:67:30:5c:9d:df:ab:cc:99:8a:40:
31:18:8f:08:ea:f5:ed:1c:4b:46:64:15:a0:c6:17:77:68:a4:
34:b5:8b:15
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZysRz1mQ1yp3BolBV0MbuV0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MWQ0ZTM0ZDRlNDg1MzljMTcwNDUxZDRlMjYxMzg4ODdm
NmU5MjIwHhcNMjYwMzAyMDIwMTE1WhcNMjYwMzAzMDIwMTE1WjAzMTEwLwYDVQQD
Eyg4MzU0YmM5Yjk5NTJkNjM5YTVlMjVlY2Q4ZTRmYjVhMWY0NjIyMGRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Otgz2tppGrE7hp7jGu3/sDtNctk
Xlkx2WcbZkyHnLgpmCBDqPAqPfM1qO85+lOSgBsPvaR3Iqy9rTfi7SFcXG1sf8yA
IIlSQvGBaM9ijDLMylUPtUfRXlxlSkdiBTCtlC7UdZQEp+RL/q2kmuy3bWv8oRsD
5VJH641hFB/UCfk6rn0VKj2u4DNC6Gq4+KTI8zJ+NeeQ19Lme6C+KDTB9jHQ2PIX
GY/aDIs6O6QgHWzlw1GQuJ/bwPNT4POexIqsOOPpyVdH3g2kHClTF43F4oI6+5bK
Kuvd1kP8B7LjU9atw1mseBALD9Or2q+jPzHLlsVSLTcSV1Rh9RGj1nyXDwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFINUvJuZUtY5peJezY5PtaH0YiDcMB8GA1UdIwQY
MBaAFIUdTjTU5IU5wXBFHU4mE4iH9ukiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFIxT05OVGtoVG5CY0VVZFRpWVRpSWYyNlNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS9iZjE1ODktNmFkZi00NGIzLTk3NDYt
ODFjNDA1NTE0OGUwLzEvaFIxT05OVGtoVG5CY0VVZFRpWVRpSWYyNlNJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS9iZjE1ODktNmFkZi00NGIzLTk3NDYtODFjNDA1NTE0OGUw
LzEvaFIxT05OVGtoVG5CY0VVZFRpWVRpSWYyNlNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvW2Z/oN0
+em9/V09HgwC9t3ulKDIo89VqRLvOZCU0NAuTu8Q8mn28nC1r22tDS0oyzol+XNQ
S9PfWwlCnz0hvH7KyoL8pLQrzSPIT1XLaLxzjQalmbc0zZj75uUaBpBnJC0mFqSb
OBZSFtfIPI2UGyRV6EsyCIUFWhtLFnGfKP/oUh0CilbPrsS3C1Sr98byJ0CbXlvX
NLu3FrURlE4qNrrbQisvqtwMnwR0zEJXwAI0BWmSSYNhCraBsdtBZRB5rXt0nC+X
AjpAaAnMLNxOwRtae7GfoEdy+SKqH6kVMH1nMFyd36vMmYpAMRiPCOr17RxLRmQV
oMYXd2ikNLWLFQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 10:57:17 2026 by rpki-client