Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/163f4b-de59-487a-9110-463531046c7f/1/hG1FIlzw1PqcZa7oiGHSJhIDrQA.mft
File: hG1FIlzw1PqcZa7oiGHSJhIDrQA.mft (raw, json)
Hash identifier: FKhshDvC2oLWMi0uqXnYIGDn8xJyT1LP/afnKAhiKng=
Subject key identifier: 3A:D2:5B:74:BD:65:CE:F3:46:E6:10:20:23:61:5C:FE:65:12:CC:7D
Authority key identifier: 84:6D:45:22:5C:F0:D4:FA:9C:65:AE:E8:88:61:D2:26:12:03:AD:00
Certificate issuer: /CN=846d45225cf0d4fa9c65aee88861d2261203ad00
Certificate serial: 019D9A75288BB5A9886B08454015BDC4A08E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hG1FIlzw1PqcZa7oiGHSJhIDrQA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/163f4b-de59-487a-9110-463531046c7f/1/hG1FIlzw1PqcZa7oiGHSJhIDrQA.mft
Manifest number: 135D
Signing time: Fri 17 Apr 2026 08:01:02 +0000
Manifest this update: Fri 17 Apr 2026 08:01:02 +0000
Manifest next update: Sat 18 Apr 2026 08:01:02 +0000
Files and hashes: 1: MRe9Jn2vQUNBgH-RANmr0FhgGxI.roa (hash: rNl8kN+vuqRjmFOphk7qL6AzwoKLgjg4geeKr4yHMYs=)
2: hG1FIlzw1PqcZa7oiGHSJhIDrQA.crl (hash: e/15ui7Ba1kYQw+6ApsGqt1LqtWbd0w4/WWXtI5utks=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/163f4b-de59-487a-9110-463531046c7f/1/hG1FIlzw1PqcZa7oiGHSJhIDrQA.crl
rsync://rpki.ripe.net/repository/DEFAULT/f0/163f4b-de59-487a-9110-463531046c7f/1/hG1FIlzw1PqcZa7oiGHSJhIDrQA.mft
rsync://rpki.ripe.net/repository/DEFAULT/hG1FIlzw1PqcZa7oiGHSJhIDrQA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 08:01:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9a:75:28:8b:b5:a9:88:6b:08:45:40:15:bd:c4:a0:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=846d45225cf0d4fa9c65aee88861d2261203ad00
Validity
Not Before: Apr 17 08:01:02 2026 GMT
Not After : Apr 18 08:01:02 2026 GMT
Subject: CN=3ad25b74bd65cef346e6102023615cfe6512cc7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:75:45:6c:f4:c2:c1:de:3f:f4:25:1a:73:e4:
89:b3:55:f5:72:07:52:c9:d2:97:1b:57:5e:fa:1a:
5a:4d:d2:ce:a3:9d:07:00:71:57:17:af:c8:e7:a5:
fb:eb:0e:44:4c:af:a9:b0:37:ee:ac:aa:2d:95:0c:
6f:21:7d:b2:9f:2c:d1:5f:f6:3e:ea:1e:9e:5e:34:
46:37:3f:93:17:f0:c7:d9:38:bf:8a:4d:af:4b:6e:
14:9a:06:09:d3:5f:c5:14:0b:45:90:37:29:63:93:
84:b2:06:29:48:78:18:f0:a7:ac:93:76:48:36:ee:
a7:c6:d2:ac:3d:26:53:a8:b9:63:50:3d:4e:ee:c7:
f8:60:47:cf:ac:87:20:a4:27:b6:b6:0b:18:ac:90:
5a:b6:98:17:66:e6:9b:60:6b:a5:64:22:53:6f:27:
b9:4a:fc:6b:85:51:2b:bd:5d:e1:c5:4b:64:74:03:
fb:2a:fc:e0:c3:67:0c:3b:4b:df:85:9b:87:c8:57:
52:a0:f3:ad:13:4b:20:c6:40:cb:23:ef:44:08:32:
e4:8a:22:e8:6f:1b:f4:9e:92:48:6b:6c:bd:77:87:
50:86:72:15:5c:7f:17:9e:85:eb:5a:e2:63:20:a5:
e8:fc:b5:d0:a2:43:09:73:14:b4:51:c0:9a:90:67:
40:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:D2:5B:74:BD:65:CE:F3:46:E6:10:20:23:61:5C:FE:65:12:CC:7D
X509v3 Authority Key Identifier:
keyid:84:6D:45:22:5C:F0:D4:FA:9C:65:AE:E8:88:61:D2:26:12:03:AD:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hG1FIlzw1PqcZa7oiGHSJhIDrQA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/163f4b-de59-487a-9110-463531046c7f/1/hG1FIlzw1PqcZa7oiGHSJhIDrQA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/163f4b-de59-487a-9110-463531046c7f/1/hG1FIlzw1PqcZa7oiGHSJhIDrQA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a5:ed:e2:b7:ae:39:64:81:69:c6:45:49:bb:f9:26:83:e7:bf:
c2:08:9b:6e:24:ac:4e:c4:52:38:77:34:39:c5:21:8b:36:9d:
b6:c4:29:04:66:ea:f7:aa:00:1c:83:98:85:95:ec:cf:e2:23:
47:d4:d3:36:8c:36:6a:ee:ed:8a:7c:db:50:2a:24:a7:5d:31:
50:ce:ba:0f:89:89:2d:ea:6f:fd:3d:4c:d8:75:6f:be:cb:56:
6c:a3:26:e0:b0:b5:b0:83:8e:ff:9a:74:6f:b3:40:82:c0:fa:
d2:ab:51:86:a5:29:4b:12:78:d2:90:b0:e5:30:2f:50:e6:11:
18:1e:70:03:22:37:7a:f7:10:68:93:7f:21:80:43:47:9b:02:
05:cb:8a:8f:44:cb:90:ec:01:54:0b:c8:80:ff:77:18:d6:ba:
b0:81:c0:ff:c1:11:45:14:c0:29:10:66:97:88:a5:2f:87:bd:
af:38:a2:c3:8c:12:3a:b8:a9:04:e0:21:be:24:cc:cf:d4:57:
36:a2:72:12:f6:cd:5a:52:37:5a:b1:32:c4:36:ed:f2:67:77:
4c:ad:84:52:b6:ff:9f:57:59:43:93:bc:5a:25:4d:25:61:18:
cf:31:e3:4d:c7:9b:30:b3:80:55:f4:b2:c8:6d:5b:2b:af:87:
b1:d6:aa:ec
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2adSiLtamIawhFQBW9xKCOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0NmQ0NTIyNWNmMGQ0ZmE5YzY1YWVlODg4NjFkMjI2MTIw
M2FkMDAwHhcNMjYwNDE3MDgwMTAyWhcNMjYwNDE4MDgwMTAyWjAzMTEwLwYDVQQD
EygzYWQyNWI3NGJkNjVjZWYzNDZlNjEwMjAyMzYxNWNmZTY1MTJjYzdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApXVFbPTCwd4/9CUac+SJs1X1cgdS
ydKXG1de+hpaTdLOo50HAHFXF6/I56X76w5ETK+psDfurKotlQxvIX2ynyzRX/Y+
6h6eXjRGNz+TF/DH2Ti/ik2vS24UmgYJ01/FFAtFkDcpY5OEsgYpSHgY8Kesk3ZI
Nu6nxtKsPSZTqLljUD1O7sf4YEfPrIcgpCe2tgsYrJBatpgXZuabYGulZCJTbye5
SvxrhVErvV3hxUtkdAP7Kvzgw2cMO0vfhZuHyFdSoPOtE0sgxkDLI+9ECDLkiiLo
bxv0npJIa2y9d4dQhnIVXH8XnoXrWuJjIKXo/LXQokMJcxS0UcCakGdAcQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDrSW3S9Zc7zRuYQICNhXP5lEsx9MB8GA1UdIwQY
MBaAFIRtRSJc8NT6nGWu6Ihh0iYSA60AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEcxRklsencxUHFjWmE3b2lHSFNKaElEclFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC8xNjNmNGItZGU1OS00ODdhLTkxMTAt
NDYzNTMxMDQ2YzdmLzEvaEcxRklsencxUHFjWmE3b2lHSFNKaElEclFBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC8xNjNmNGItZGU1OS00ODdhLTkxMTAtNDYzNTMxMDQ2Yzdm
LzEvaEcxRklsencxUHFjWmE3b2lHSFNKaElEclFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApe3it645
ZIFpxkVJu/kmg+e/wgibbiSsTsRSOHc0OcUhizadtsQpBGbq96oAHIOYhZXsz+Ij
R9TTNow2au7tinzbUCokp10xUM66D4mJLepv/T1M2HVvvstWbKMm4LC1sIOO/5p0
b7NAgsD60qtRhqUpSxJ40pCw5TAvUOYRGB5wAyI3evcQaJN/IYBDR5sCBcuKj0TL
kOwBVAvIgP93GNa6sIHA/8ERRRTAKRBml4ilL4e9rziiw4wSOripBOAhviTMz9RX
NqJyEvbNWlI3WrEyxDbt8md3TK2EUrb/n1dZQ5O8WiVNJWEYzzHjTcebMLOAVfSy
yG1bK6+Hsdaq7A==
-----END CERTIFICATE-----
Generated at Fri Apr 17 18:29:37 2026 by rpki-client