Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/094db3-e389-4461-b50e-58169fbecdfa/1/hCIIK4U0vXrmP6gAimhbZfTNJZM.mft
File: hCIIK4U0vXrmP6gAimhbZfTNJZM.mft (raw, json)
Hash identifier: e/a90KEmImWKWxaacorGBtofez7c76nfnYSyNt8yaPg=
Subject key identifier: 9D:FB:E6:A2:A0:98:9E:5D:3C:07:51:14:64:79:1B:7C:B9:00:7D:B6
Authority key identifier: 84:22:08:2B:85:34:BD:7A:E6:3F:A8:00:8A:68:5B:65:F4:CD:25:93
Certificate issuer: /CN=8422082b8534bd7ae63fa8008a685b65f4cd2593
Certificate serial: 019CA945976142EA4EB263347A7E8E989C0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hCIIK4U0vXrmP6gAimhbZfTNJZM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/094db3-e389-4461-b50e-58169fbecdfa/1/hCIIK4U0vXrmP6gAimhbZfTNJZM.mft
Manifest number: 0651
Signing time: Sun 01 Mar 2026 12:00:36 +0000
Manifest this update: Sun 01 Mar 2026 12:00:36 +0000
Manifest next update: Mon 02 Mar 2026 12:00:36 +0000
Files and hashes: 1: 7ObucnjBknjOc9VGyDvq-rah57Q.asa (hash: AfmsB5ElxTW0o9bXlvelsvJ0CpTckZTI7iwTHE4nG1E=)
2: hCIIK4U0vXrmP6gAimhbZfTNJZM.crl (hash: aJd03Bw8vtJ0aLmjNwTZxOyhNw0+Oh8BvhPwPuPNP20=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f5/094db3-e389-4461-b50e-58169fbecdfa/1/hCIIK4U0vXrmP6gAimhbZfTNJZM.crl
rsync://rpki.ripe.net/repository/DEFAULT/f5/094db3-e389-4461-b50e-58169fbecdfa/1/hCIIK4U0vXrmP6gAimhbZfTNJZM.mft
rsync://rpki.ripe.net/repository/DEFAULT/hCIIK4U0vXrmP6gAimhbZfTNJZM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 09:38:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:a9:45:97:61:42:ea:4e:b2:63:34:7a:7e:8e:98:9c:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8422082b8534bd7ae63fa8008a685b65f4cd2593
Validity
Not Before: Mar 1 12:00:36 2026 GMT
Not After : Mar 2 12:00:36 2026 GMT
Subject: CN=9dfbe6a2a0989e5d3c07511464791b7cb9007db6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:91:68:a6:7f:ed:aa:2c:80:28:81:92:d7:91:
99:22:0e:a0:51:6c:3d:1d:cf:39:ec:6e:9f:5e:43:
0d:8a:4b:7d:d1:5c:5d:ac:31:de:e4:12:b7:7b:58:
4e:30:be:aa:02:4f:9e:4d:b8:97:c4:dd:b8:9d:ea:
77:af:e3:16:53:75:9b:a6:15:a8:33:87:60:f7:d9:
df:7d:b1:8e:e7:ea:46:e8:90:76:5e:e7:ca:88:31:
97:26:09:cf:39:67:f5:b9:4a:d9:55:18:96:d0:2e:
45:8d:cf:6d:2d:e1:71:ba:e0:ed:29:1a:14:5c:44:
76:cc:bf:35:13:d1:94:80:5f:4d:81:28:ee:81:c9:
d6:81:e1:01:2b:33:08:e0:85:79:fd:04:e3:be:94:
4e:43:7d:ce:51:ea:51:1c:d8:4c:6a:98:4f:5c:c3:
db:0b:ba:8b:67:74:63:31:9f:54:72:92:2c:e2:c9:
bf:65:c9:18:ed:ba:b1:91:a5:61:5e:77:97:84:7f:
1d:d0:a9:54:c9:f6:ac:8e:45:97:3d:33:16:62:af:
1d:e8:50:03:96:b9:17:9f:43:df:b2:3e:15:f7:a7:
e0:71:55:e6:41:02:f4:04:73:ee:5f:d4:41:54:a4:
51:7d:6f:13:1c:eb:80:cc:67:7b:28:0b:fa:f1:9d:
34:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:FB:E6:A2:A0:98:9E:5D:3C:07:51:14:64:79:1B:7C:B9:00:7D:B6
X509v3 Authority Key Identifier:
keyid:84:22:08:2B:85:34:BD:7A:E6:3F:A8:00:8A:68:5B:65:F4:CD:25:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hCIIK4U0vXrmP6gAimhbZfTNJZM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/094db3-e389-4461-b50e-58169fbecdfa/1/hCIIK4U0vXrmP6gAimhbZfTNJZM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/094db3-e389-4461-b50e-58169fbecdfa/1/hCIIK4U0vXrmP6gAimhbZfTNJZM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4e:1d:56:14:84:47:be:76:55:e3:03:b7:e5:0c:42:9e:62:70:
9a:15:d3:7f:7b:cf:23:06:bf:48:1a:c4:c8:3b:7e:6e:64:77:
0c:70:28:ce:72:06:0c:e7:85:ab:6a:14:f2:69:66:8e:57:90:
96:27:2c:61:e2:ef:2b:9e:c2:23:6b:a2:9e:8a:69:a9:5b:91:
d9:ec:40:2e:db:77:29:86:b1:5c:1c:bd:93:63:0a:56:1e:22:
1b:e7:53:e4:3b:81:e3:5b:07:7e:a9:cf:86:e8:97:0e:dd:ea:
b8:dc:91:4d:14:0b:34:f6:fb:9b:29:08:6e:70:fa:02:6f:43:
fc:7a:17:cc:ad:04:4a:6b:37:d5:e7:65:41:dd:65:e8:fd:d1:
4e:34:c1:2a:45:74:6a:17:96:04:b7:93:d4:1a:4f:61:cd:7b:
f9:6d:b1:c6:bb:9a:9f:b3:a3:d5:44:92:20:e9:28:d6:8d:11:
b3:dc:d7:2c:b4:d1:c8:e8:7d:4a:7d:be:9b:48:1b:8a:b0:5b:
02:12:52:f9:b0:1c:25:85:13:7b:fd:f2:76:7d:b1:fb:23:8c:
5f:b4:75:6f:df:07:8a:92:08:4e:43:06:ab:e4:69:ba:f1:bb:
97:ed:18:3d:00:99:5b:80:a6:c0:59:8c:4c:1e:e5:9f:18:2a:
53:19:6f:fa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZypRZdhQupOsmM0en6OmJwMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0MjIwODJiODUzNGJkN2FlNjNmYTgwMDhhNjg1YjY1ZjRj
ZDI1OTMwHhcNMjYwMzAxMTIwMDM2WhcNMjYwMzAyMTIwMDM2WjAzMTEwLwYDVQQD
Eyg5ZGZiZTZhMmEwOTg5ZTVkM2MwNzUxMTQ2NDc5MWI3Y2I5MDA3ZGI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmJFopn/tqiyAKIGS15GZIg6gUWw9
Hc857G6fXkMNikt90VxdrDHe5BK3e1hOML6qAk+eTbiXxN24nep3r+MWU3WbphWo
M4dg99nffbGO5+pG6JB2XufKiDGXJgnPOWf1uUrZVRiW0C5Fjc9tLeFxuuDtKRoU
XER2zL81E9GUgF9NgSjugcnWgeEBKzMI4IV5/QTjvpROQ33OUepRHNhMaphPXMPb
C7qLZ3RjMZ9UcpIs4sm/ZckY7bqxkaVhXneXhH8d0KlUyfasjkWXPTMWYq8d6FAD
lrkXn0Pfsj4V96fgcVXmQQL0BHPuX9RBVKRRfW8THOuAzGd7KAv68Z00BwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ375qKgmJ5dPAdRFGR5G3y5AH22MB8GA1UdIwQY
MBaAFIQiCCuFNL165j+oAIpoW2X0zSWTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaENJSUs0VTB2WHJtUDZnQWltaGJaZlROSlpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS8wOTRkYjMtZTM4OS00NDYxLWI1MGUt
NTgxNjlmYmVjZGZhLzEvaENJSUs0VTB2WHJtUDZnQWltaGJaZlROSlpNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS8wOTRkYjMtZTM4OS00NDYxLWI1MGUtNTgxNjlmYmVjZGZh
LzEvaENJSUs0VTB2WHJtUDZnQWltaGJaZlROSlpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATh1WFIRH
vnZV4wO35QxCnmJwmhXTf3vPIwa/SBrEyDt+bmR3DHAoznIGDOeFq2oU8mlmjleQ
licsYeLvK57CI2uinoppqVuR2exALtt3KYaxXBy9k2MKVh4iG+dT5DuB41sHfqnP
huiXDt3quNyRTRQLNPb7mykIbnD6Am9D/HoXzK0ESms31edlQd1l6P3RTjTBKkV0
aheWBLeT1BpPYc17+W2xxruan7Oj1USSIOko1o0Rs9zXLLTRyOh9Sn2+m0gbirBb
AhJS+bAcJYUTe/3ydn2x+yOMX7R1b98HipIITkMGq+RpuvG7l+0YPQCZW4CmwFmM
TB7lnxgqUxlv+g==
-----END CERTIFICATE-----
Generated at Sun Mar 1 18:23:33 2026 by rpki-client