Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/1e76ee-31bb-4299-814f-239e5abfcc6a/1/hn3QWtctwi--owKfzukOb7BjiQQ.mft
File: hn3QWtctwi--owKfzukOb7BjiQQ.mft (raw, json)
Hash identifier: 7R/CP8oNe5XlFU96lhOGElHPKcY8GbuF2XumeWFZA5Y=
Subject key identifier: CA:6C:A9:3C:64:3D:80:05:29:B1:D0:18:F8:B7:27:CF:E2:06:FA:84
Authority key identifier: 86:7D:D0:5A:D7:2D:C2:2F:BE:A3:02:9F:CE:E9:0E:6F:B0:63:89:04
Certificate issuer: /CN=867dd05ad72dc22fbea3029fcee90e6fb0638904
Certificate serial: 019D9B19A2B6E307F0FAB8305B60EFC1267B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hn3QWtctwi--owKfzukOb7BjiQQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/1e76ee-31bb-4299-814f-239e5abfcc6a/1/hn3QWtctwi--owKfzukOb7BjiQQ.mft
Manifest number: 18C2
Signing time: Fri 17 Apr 2026 11:00:41 +0000
Manifest this update: Fri 17 Apr 2026 11:00:41 +0000
Manifest next update: Sat 18 Apr 2026 11:00:41 +0000
Files and hashes: 1: RRtvAei28-EijoPUYUDN7514nwo.roa (hash: D/rcxbsVh++CM30mNeuIG2vWOtaiLF/fHXsAMj0/18k=)
2: hn3QWtctwi--owKfzukOb7BjiQQ.crl (hash: LgAzlIwr3EK28ZUoTuJbqcNXNTJqTptp/fdIZSBirfs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e6/1e76ee-31bb-4299-814f-239e5abfcc6a/1/hn3QWtctwi--owKfzukOb7BjiQQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/e6/1e76ee-31bb-4299-814f-239e5abfcc6a/1/hn3QWtctwi--owKfzukOb7BjiQQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/hn3QWtctwi--owKfzukOb7BjiQQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9b:19:a2:b6:e3:07:f0:fa:b8:30:5b:60:ef:c1:26:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=867dd05ad72dc22fbea3029fcee90e6fb0638904
Validity
Not Before: Apr 17 11:00:41 2026 GMT
Not After : Apr 18 11:00:41 2026 GMT
Subject: CN=ca6ca93c643d800529b1d018f8b727cfe206fa84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:83:8f:99:c7:5e:fb:61:d7:05:81:29:09:d0:
61:3c:a7:e6:6a:bd:1f:72:2e:43:84:03:6f:5d:bd:
a2:80:78:1e:e1:d7:ba:30:c0:9d:0d:f1:00:5f:4d:
4d:6e:74:21:31:83:cc:f0:fa:52:e8:b2:74:7a:b7:
eb:77:cd:ad:3f:64:c2:34:2a:14:1b:36:06:a1:fa:
8b:fa:db:4d:8b:76:f9:22:77:86:67:a5:e5:1c:2d:
71:b7:f2:4c:19:98:92:41:4d:37:8a:ed:6c:c8:51:
ae:f7:be:15:a7:54:37:9a:e2:91:df:ad:99:0e:43:
c7:9e:cd:e0:27:fd:fb:57:75:66:bb:e2:e6:0a:91:
b8:77:f8:40:fe:00:cd:e6:b5:b4:e1:a2:f0:ae:a1:
95:ba:12:59:ff:aa:4a:86:a3:d7:48:3c:a6:49:a9:
da:84:ea:2b:38:a3:9f:41:e9:d3:d2:71:b2:0e:c0:
cc:71:87:e0:ef:e3:ef:a4:d4:bd:87:98:34:21:9f:
f8:c9:b2:4c:e2:6b:f3:32:ad:dc:8a:73:44:22:39:
5a:7a:2a:64:e1:d9:ca:a0:ed:5a:83:0c:c4:f8:24:
bf:69:fe:99:69:07:e7:7e:e1:27:df:44:d5:e5:4e:
15:64:00:fa:85:c3:51:38:16:e9:ae:ff:b0:16:9e:
af:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:6C:A9:3C:64:3D:80:05:29:B1:D0:18:F8:B7:27:CF:E2:06:FA:84
X509v3 Authority Key Identifier:
keyid:86:7D:D0:5A:D7:2D:C2:2F:BE:A3:02:9F:CE:E9:0E:6F:B0:63:89:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hn3QWtctwi--owKfzukOb7BjiQQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/1e76ee-31bb-4299-814f-239e5abfcc6a/1/hn3QWtctwi--owKfzukOb7BjiQQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/1e76ee-31bb-4299-814f-239e5abfcc6a/1/hn3QWtctwi--owKfzukOb7BjiQQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
14:24:75:80:c7:ad:ab:81:43:10:0b:ec:a2:1a:1b:f7:41:e7:
2b:08:50:0c:cd:79:59:59:c1:b3:e3:da:06:c6:e4:b3:e9:88:
8e:90:50:01:11:4b:8f:e1:70:04:86:0e:3e:eb:b6:7d:0c:ec:
a8:90:7a:d7:08:4e:52:11:b8:10:d2:49:02:99:c5:60:51:fc:
fa:77:ea:e8:35:fb:5c:d7:fe:c2:c7:22:b6:11:8b:ab:81:da:
b4:f2:9c:8e:b9:83:2c:f1:d4:f5:18:65:85:af:c0:f3:b5:4c:
f1:04:af:87:ce:45:6f:ad:c8:03:15:9c:9c:ea:b9:a4:89:97:
85:33:da:bb:c2:c4:7f:8e:b1:43:23:b3:bd:5b:1e:e4:e4:2f:
8e:f3:31:ee:23:f2:84:ff:b8:f1:d9:27:a2:1f:a9:66:0b:2b:
48:af:2b:df:2c:7d:d9:7e:be:23:19:f6:66:94:1d:96:4d:bb:
14:79:f4:b2:91:31:8c:80:09:39:fe:18:24:6e:31:a8:78:46:
ff:3d:d7:60:a5:b6:7f:93:39:ca:a8:1b:5d:04:63:8a:c5:3a:
24:b1:bf:84:90:dc:1a:73:57:85:e8:75:23:68:5d:85:ac:cb:
fa:8d:46:ea:f3:32:27:41:e4:46:f9:f6:40:23:68:cf:6c:80:
82:c2:5e:d3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2bGaK24wfw+rgwW2DvwSZ7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2N2RkMDVhZDcyZGMyMmZiZWEzMDI5ZmNlZTkwZTZmYjA2
Mzg5MDQwHhcNMjYwNDE3MTEwMDQxWhcNMjYwNDE4MTEwMDQxWjAzMTEwLwYDVQQD
EyhjYTZjYTkzYzY0M2Q4MDA1MjliMWQwMThmOGI3MjdjZmUyMDZmYTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA04OPmcde+2HXBYEpCdBhPKfmar0f
ci5DhANvXb2igHge4de6MMCdDfEAX01NbnQhMYPM8PpS6LJ0erfrd82tP2TCNCoU
GzYGofqL+ttNi3b5IneGZ6XlHC1xt/JMGZiSQU03iu1syFGu974Vp1Q3muKR362Z
DkPHns3gJ/37V3Vmu+LmCpG4d/hA/gDN5rW04aLwrqGVuhJZ/6pKhqPXSDymSana
hOorOKOfQenT0nGyDsDMcYfg7+PvpNS9h5g0IZ/4ybJM4mvzMq3cinNEIjlaeipk
4dnKoO1agwzE+CS/af6ZaQfnfuEn30TV5U4VZAD6hcNROBbprv+wFp6vPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMpsqTxkPYAFKbHQGPi3J8/iBvqEMB8GA1UdIwQY
MBaAFIZ90FrXLcIvvqMCn87pDm+wY4kEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaG4zUVd0Y3R3aS0tb3dLZnp1a09iN0JqaVFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi8xZTc2ZWUtMzFiYi00Mjk5LTgxNGYt
MjM5ZTVhYmZjYzZhLzEvaG4zUVd0Y3R3aS0tb3dLZnp1a09iN0JqaVFRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi8xZTc2ZWUtMzFiYi00Mjk5LTgxNGYtMjM5ZTVhYmZjYzZh
LzEvaG4zUVd0Y3R3aS0tb3dLZnp1a09iN0JqaVFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFCR1gMet
q4FDEAvsohob90HnKwhQDM15WVnBs+PaBsbks+mIjpBQARFLj+FwBIYOPuu2fQzs
qJB61whOUhG4ENJJApnFYFH8+nfq6DX7XNf+wscithGLq4HatPKcjrmDLPHU9Rhl
ha/A87VM8QSvh85Fb63IAxWcnOq5pImXhTPau8LEf46xQyOzvVse5OQvjvMx7iPy
hP+48dknoh+pZgsrSK8r3yx92X6+Ixn2ZpQdlk27FHn0spExjIAJOf4YJG4xqHhG
/z3XYKW2f5M5yqgbXQRjisU6JLG/hJDcGnNXheh1I2hdhazL+o1G6vMyJ0HkRvn2
QCNoz2yAgsJe0w==
-----END CERTIFICATE-----
Generated at Fri Apr 17 15:19:54 2026 by rpki-client