Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/bf1589-6adf-44b3-9746-81c4055148e0/1/hR1ONNTkhTnBcEUdTiYTiIf26SI.mft
File: hR1ONNTkhTnBcEUdTiYTiIf26SI.mft (raw, json)
Hash identifier: JCDcdQrhB5gpHJNR+uNS9Rd5cXsZVCNgWuR5CkY2xSA=
Subject key identifier: 8C:C9:0C:56:BD:00:D2:91:0E:A7:F3:A3:8F:CE:A0:60:A5:59:97:E4
Authority key identifier: 85:1D:4E:34:D4:E4:85:39:C1:70:45:1D:4E:26:13:88:87:F6:E9:22
Certificate issuer: /CN=851d4e34d4e48539c170451d4e26138887f6e922
Certificate serial: 019D99D07DF94365027AA13D53183CBB23F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hR1ONNTkhTnBcEUdTiYTiIf26SI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/bf1589-6adf-44b3-9746-81c4055148e0/1/hR1ONNTkhTnBcEUdTiYTiIf26SI.mft
Manifest number: 146E
Signing time: Fri 17 Apr 2026 05:01:10 +0000
Manifest this update: Fri 17 Apr 2026 05:01:10 +0000
Manifest next update: Sat 18 Apr 2026 05:01:10 +0000
Files and hashes: 1: 7Ybe3VwVebBn_3Dp58ErIFU2DCI.roa (hash: uLq5WfI4V9hrlBMvr6SbcLDBsN0jQny54rAkYdIdE3k=)
2: XkEF2FpoYMDNdSJQTi_LayA4Ol4.roa (hash: XlXxPv3rPuv4OjwQn/aSmAl+EcMC4mB71Uh0o84lUwM=)
3: hR1ONNTkhTnBcEUdTiYTiIf26SI.crl (hash: R+rxWFoolEAj+n/HNSNuIsdbcn1Qtssn8tS/8jqjFRE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/bf1589-6adf-44b3-9746-81c4055148e0/1/hR1ONNTkhTnBcEUdTiYTiIf26SI.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/bf1589-6adf-44b3-9746-81c4055148e0/1/hR1ONNTkhTnBcEUdTiYTiIf26SI.mft
rsync://rpki.ripe.net/repository/DEFAULT/hR1ONNTkhTnBcEUdTiYTiIf26SI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 05:01:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:99:d0:7d:f9:43:65:02:7a:a1:3d:53:18:3c:bb:23:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=851d4e34d4e48539c170451d4e26138887f6e922
Validity
Not Before: Apr 17 05:01:10 2026 GMT
Not After : Apr 18 05:01:10 2026 GMT
Subject: CN=8cc90c56bd00d2910ea7f3a38fcea060a55997e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:01:aa:07:d4:01:84:04:eb:5f:63:06:82:96:
49:3c:a3:d8:bd:dd:a1:ac:64:5d:5d:76:08:2e:e4:
38:ff:79:9d:ee:f5:45:c2:3c:6a:b9:cd:ad:f1:02:
b4:35:8e:36:31:23:40:26:bd:15:4c:f6:ca:46:52:
23:9d:8c:eb:10:d3:af:ef:d3:9b:be:8a:77:21:51:
ba:54:3c:e5:40:61:93:16:d8:ee:98:52:b6:2e:d4:
8f:3f:25:ff:84:bd:90:a0:e8:ca:17:29:8f:79:49:
c6:5e:a3:3a:98:2b:a3:78:2c:88:88:63:bc:fb:93:
73:dd:b5:d6:fa:96:d2:8a:a7:b5:63:8a:4a:e9:d6:
52:24:91:f6:68:33:8f:d0:19:06:9b:61:2b:a7:52:
3f:35:fc:6e:03:5a:18:7c:ce:41:5b:ad:4d:25:88:
c3:20:00:6b:2f:1f:28:5b:df:67:cc:3c:04:59:9e:
1f:d9:ea:b6:48:ee:2d:f6:47:ac:58:e2:37:9d:0f:
c6:e7:84:5d:7d:fe:8c:1e:96:04:a2:fe:0c:dc:01:
98:fe:a1:32:ad:f0:66:7b:b6:90:2c:20:e2:f0:81:
87:62:ae:e2:62:f6:58:b4:0c:43:88:d7:8e:b2:b4:
76:38:66:cc:74:ca:04:00:8f:8f:ad:88:71:47:6a:
1e:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:C9:0C:56:BD:00:D2:91:0E:A7:F3:A3:8F:CE:A0:60:A5:59:97:E4
X509v3 Authority Key Identifier:
keyid:85:1D:4E:34:D4:E4:85:39:C1:70:45:1D:4E:26:13:88:87:F6:E9:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hR1ONNTkhTnBcEUdTiYTiIf26SI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/bf1589-6adf-44b3-9746-81c4055148e0/1/hR1ONNTkhTnBcEUdTiYTiIf26SI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/bf1589-6adf-44b3-9746-81c4055148e0/1/hR1ONNTkhTnBcEUdTiYTiIf26SI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
75:0d:97:98:b8:63:9d:c9:bb:85:e9:00:bf:80:36:45:f0:3c:
52:3e:57:e8:73:cf:b9:11:04:b1:09:47:e6:05:c5:9e:0c:8c:
8e:b2:21:27:de:ea:36:c0:9f:b9:e7:01:ad:20:d2:0b:ab:79:
73:e9:d5:75:de:99:f0:7f:3d:31:51:ed:b6:eb:73:d5:a2:46:
8c:3c:fc:8a:5d:04:b5:65:37:8f:6c:de:c4:40:7c:c9:51:b3:
20:29:1b:51:14:0f:ce:ab:3f:4c:8b:58:c9:da:9a:27:1e:d3:
97:e1:c7:86:40:ce:88:98:4c:82:ee:bf:32:f8:1d:d3:94:41:
d2:77:1b:1b:48:0f:6e:55:d9:49:d7:aa:62:42:65:0d:b4:56:
99:49:15:a7:d3:8b:4b:95:90:58:40:a1:62:08:d1:4a:eb:f4:
16:f9:ba:bf:08:bd:82:c5:ba:34:75:17:b3:e6:a0:c6:7e:bd:
4b:e1:39:33:e4:2d:73:a8:51:7e:a8:f2:f8:d5:e2:48:e7:09:
01:03:db:d5:f6:37:6a:0f:94:20:82:9b:ce:e7:a4:60:0c:f3:
8c:03:6c:ed:17:0d:32:c0:ab:65:1c:65:41:70:2e:b2:6f:74:
46:b6:a9:6c:53:3c:87:a8:ea:46:df:cf:1f:c2:b6:b0:5e:16:
a2:51:5b:b4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Z0H35Q2UCeqE9Uxg8uyPxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MWQ0ZTM0ZDRlNDg1MzljMTcwNDUxZDRlMjYxMzg4ODdm
NmU5MjIwHhcNMjYwNDE3MDUwMTEwWhcNMjYwNDE4MDUwMTEwWjAzMTEwLwYDVQQD
Eyg4Y2M5MGM1NmJkMDBkMjkxMGVhN2YzYTM4ZmNlYTA2MGE1NTk5N2U0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkwGqB9QBhATrX2MGgpZJPKPYvd2h
rGRdXXYILuQ4/3md7vVFwjxquc2t8QK0NY42MSNAJr0VTPbKRlIjnYzrENOv79Ob
vop3IVG6VDzlQGGTFtjumFK2LtSPPyX/hL2QoOjKFymPeUnGXqM6mCujeCyIiGO8
+5Nz3bXW+pbSiqe1Y4pK6dZSJJH2aDOP0BkGm2Erp1I/NfxuA1oYfM5BW61NJYjD
IABrLx8oW99nzDwEWZ4f2eq2SO4t9kesWOI3nQ/G54Rdff6MHpYEov4M3AGY/qEy
rfBme7aQLCDi8IGHYq7iYvZYtAxDiNeOsrR2OGbMdMoEAI+PrYhxR2oeRwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIzJDFa9ANKRDqfzo4/OoGClWZfkMB8GA1UdIwQY
MBaAFIUdTjTU5IU5wXBFHU4mE4iH9ukiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFIxT05OVGtoVG5CY0VVZFRpWVRpSWYyNlNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS9iZjE1ODktNmFkZi00NGIzLTk3NDYt
ODFjNDA1NTE0OGUwLzEvaFIxT05OVGtoVG5CY0VVZFRpWVRpSWYyNlNJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS9iZjE1ODktNmFkZi00NGIzLTk3NDYtODFjNDA1NTE0OGUw
LzEvaFIxT05OVGtoVG5CY0VVZFRpWVRpSWYyNlNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdQ2XmLhj
ncm7hekAv4A2RfA8Uj5X6HPPuREEsQlH5gXFngyMjrIhJ97qNsCfuecBrSDSC6t5
c+nVdd6Z8H89MVHttutz1aJGjDz8il0EtWU3j2zexEB8yVGzICkbURQPzqs/TItY
ydqaJx7Tl+HHhkDOiJhMgu6/Mvgd05RB0ncbG0gPblXZSdeqYkJlDbRWmUkVp9OL
S5WQWEChYgjRSuv0Fvm6vwi9gsW6NHUXs+agxn69S+E5M+Qtc6hRfqjy+NXiSOcJ
AQPb1fY3ag+UIIKbzuekYAzzjANs7RcNMsCrZRxlQXAusm90RrapbFM8h6jqRt/P
H8K2sF4WolFbtA==
-----END CERTIFICATE-----
Generated at Fri Apr 17 15:56:32 2026 by rpki-client