Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/bf1589-6adf-44b3-9746-81c4055148e0/1/hR1ONNTkhTnBcEUdTiYTiIf26SI.mft
File: hR1ONNTkhTnBcEUdTiYTiIf26SI.mft (raw, json)
Hash identifier: 7d+opXO6u4HNe8jIhxcSMnjMzmxVfHb+X8GuBWgP1/A=
Subject key identifier: CF:37:7A:39:79:29:46:BC:17:D0:66:AD:E5:15:E3:B9:78:0F:F5:EB
Authority key identifier: 85:1D:4E:34:D4:E4:85:39:C1:70:45:1D:4E:26:13:88:87:F6:E9:22
Certificate issuer: /CN=851d4e34d4e48539c170451d4e26138887f6e922
Certificate serial: 019D9BBEDAA42E84D93574B7110FD8DB70FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hR1ONNTkhTnBcEUdTiYTiIf26SI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/bf1589-6adf-44b3-9746-81c4055148e0/1/hR1ONNTkhTnBcEUdTiYTiIf26SI.mft
Manifest number: 146F
Signing time: Fri 17 Apr 2026 14:01:09 +0000
Manifest this update: Fri 17 Apr 2026 14:01:09 +0000
Manifest next update: Sat 18 Apr 2026 14:01:09 +0000
Files and hashes: 1: 7Ybe3VwVebBn_3Dp58ErIFU2DCI.roa (hash: uLq5WfI4V9hrlBMvr6SbcLDBsN0jQny54rAkYdIdE3k=)
2: XkEF2FpoYMDNdSJQTi_LayA4Ol4.roa (hash: XlXxPv3rPuv4OjwQn/aSmAl+EcMC4mB71Uh0o84lUwM=)
3: hR1ONNTkhTnBcEUdTiYTiIf26SI.crl (hash: j3S3F67Sa3D2q+NUGyADDA6upYLPQ22iSpJ0uRy/6WY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/bf1589-6adf-44b3-9746-81c4055148e0/1/hR1ONNTkhTnBcEUdTiYTiIf26SI.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/bf1589-6adf-44b3-9746-81c4055148e0/1/hR1ONNTkhTnBcEUdTiYTiIf26SI.mft
rsync://rpki.ripe.net/repository/DEFAULT/hR1ONNTkhTnBcEUdTiYTiIf26SI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 14:01:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9b:be:da:a4:2e:84:d9:35:74:b7:11:0f:d8:db:70:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=851d4e34d4e48539c170451d4e26138887f6e922
Validity
Not Before: Apr 17 14:01:09 2026 GMT
Not After : Apr 18 14:01:09 2026 GMT
Subject: CN=cf377a39792946bc17d066ade515e3b9780ff5eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:99:51:68:aa:fd:18:3f:9b:57:e9:86:a4:39:
cb:61:5d:86:d5:6a:0f:8e:03:92:99:e1:f4:43:76:
47:a6:ec:f6:1c:e0:5a:ef:c0:3b:54:26:2f:27:58:
cc:1d:b5:fc:b7:b9:aa:1b:d7:5d:e2:40:a8:96:ce:
c8:9e:bf:81:16:54:f9:ca:83:25:1d:11:53:0f:79:
66:c3:62:20:e6:a6:a3:fe:93:24:7f:1b:01:77:0a:
4d:a4:66:bd:16:18:8a:6d:a6:fd:85:fd:a8:1c:bf:
ea:f4:d2:db:5b:15:eb:fa:4b:33:a1:ee:ce:60:3c:
d4:12:97:c5:28:c5:1f:83:df:09:42:d4:a9:fa:df:
0d:65:32:c6:11:bb:18:2f:ee:13:79:30:85:05:5c:
5a:74:5a:af:42:32:af:6e:89:cb:0e:55:d3:42:39:
69:91:e3:60:3d:19:cd:0b:82:41:8c:f7:45:f3:5f:
69:6b:36:f4:07:4c:48:40:bd:4b:b1:82:be:e4:56:
07:a0:2a:1e:c2:5f:8c:6b:34:28:1b:fd:05:28:0f:
36:55:6f:d6:ac:3a:74:53:fc:23:87:59:17:e5:78:
23:1c:46:6b:90:9f:c4:ff:19:ab:60:d9:fb:05:b2:
45:d0:c2:3a:a7:b1:6c:9d:4e:8a:84:14:25:fd:e4:
53:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:37:7A:39:79:29:46:BC:17:D0:66:AD:E5:15:E3:B9:78:0F:F5:EB
X509v3 Authority Key Identifier:
keyid:85:1D:4E:34:D4:E4:85:39:C1:70:45:1D:4E:26:13:88:87:F6:E9:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hR1ONNTkhTnBcEUdTiYTiIf26SI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/bf1589-6adf-44b3-9746-81c4055148e0/1/hR1ONNTkhTnBcEUdTiYTiIf26SI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/bf1589-6adf-44b3-9746-81c4055148e0/1/hR1ONNTkhTnBcEUdTiYTiIf26SI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
14:f8:5d:14:f6:70:85:a6:53:74:95:91:5f:f9:72:d4:b8:9c:
18:b2:28:e5:dd:42:9c:fb:67:a2:77:0e:cc:f9:89:c8:ac:47:
0b:df:b5:55:bb:10:fd:a8:19:ef:c4:5d:3a:7e:f8:8b:df:c9:
fd:b5:11:df:e2:be:96:49:f5:85:59:75:e4:26:f0:00:c9:e6:
28:47:98:34:42:b2:0e:91:e7:12:bf:dc:11:a3:16:3d:00:ec:
13:ad:8d:ab:a1:f1:40:0a:57:b1:e0:31:82:a2:01:0c:1a:35:
95:94:a1:37:35:36:9d:2a:ed:eb:1f:d1:a8:b4:b8:97:5e:85:
5b:e9:52:3f:58:ec:49:b2:84:69:c3:62:21:23:ab:5a:79:73:
7b:e6:ee:f5:21:04:26:c6:48:96:3d:b2:53:25:e6:dc:64:05:
d3:27:6f:3a:3c:55:96:eb:53:a7:41:c1:4d:3f:f9:86:95:25:
1f:e7:6a:44:5b:fd:0f:da:68:2c:9d:9f:69:61:8f:28:cb:a3:
59:aa:db:a7:6f:e9:87:88:80:53:bb:c6:0e:f6:2d:aa:42:43:
8e:02:ef:95:cf:94:97:fc:87:97:4e:a4:cf:97:39:aa:3a:05:
d0:35:12:a5:ff:f1:20:4b:fa:b8:bc:60:50:d6:4c:c0:1f:4e:
02:af:a2:66
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2bvtqkLoTZNXS3EQ/Y23D9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MWQ0ZTM0ZDRlNDg1MzljMTcwNDUxZDRlMjYxMzg4ODdm
NmU5MjIwHhcNMjYwNDE3MTQwMTA5WhcNMjYwNDE4MTQwMTA5WjAzMTEwLwYDVQQD
EyhjZjM3N2EzOTc5Mjk0NmJjMTdkMDY2YWRlNTE1ZTNiOTc4MGZmNWViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqJlRaKr9GD+bV+mGpDnLYV2G1WoP
jgOSmeH0Q3ZHpuz2HOBa78A7VCYvJ1jMHbX8t7mqG9dd4kCols7Inr+BFlT5yoMl
HRFTD3lmw2Ig5qaj/pMkfxsBdwpNpGa9FhiKbab9hf2oHL/q9NLbWxXr+kszoe7O
YDzUEpfFKMUfg98JQtSp+t8NZTLGEbsYL+4TeTCFBVxadFqvQjKvbonLDlXTQjlp
keNgPRnNC4JBjPdF819pazb0B0xIQL1LsYK+5FYHoCoewl+MazQoG/0FKA82VW/W
rDp0U/wjh1kX5XgjHEZrkJ/E/xmrYNn7BbJF0MI6p7FsnU6KhBQl/eRTmQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM83ejl5KUa8F9BmreUV47l4D/XrMB8GA1UdIwQY
MBaAFIUdTjTU5IU5wXBFHU4mE4iH9ukiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFIxT05OVGtoVG5CY0VVZFRpWVRpSWYyNlNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS9iZjE1ODktNmFkZi00NGIzLTk3NDYt
ODFjNDA1NTE0OGUwLzEvaFIxT05OVGtoVG5CY0VVZFRpWVRpSWYyNlNJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS9iZjE1ODktNmFkZi00NGIzLTk3NDYtODFjNDA1NTE0OGUw
LzEvaFIxT05OVGtoVG5CY0VVZFRpWVRpSWYyNlNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFPhdFPZw
haZTdJWRX/ly1LicGLIo5d1CnPtnoncOzPmJyKxHC9+1VbsQ/agZ78RdOn74i9/J
/bUR3+K+lkn1hVl15CbwAMnmKEeYNEKyDpHnEr/cEaMWPQDsE62Nq6HxQApXseAx
gqIBDBo1lZShNzU2nSrt6x/RqLS4l16FW+lSP1jsSbKEacNiISOrWnlze+bu9SEE
JsZIlj2yUyXm3GQF0ydvOjxVlutTp0HBTT/5hpUlH+dqRFv9D9poLJ2faWGPKMuj
Warbp2/ph4iAU7vGDvYtqkJDjgLvlc+Ul/yHl06kz5c5qjoF0DUSpf/xIEv6uLxg
UNZMwB9OAq+iZg==
-----END CERTIFICATE-----
Generated at Fri Apr 17 19:24:03 2026 by rpki-client