Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/3cb4d6-f32c-4130-ae0e-badbe840977e/1/H2fPHKLeoy_NlwLdJRDra_K2hhA.mft
File: H2fPHKLeoy_NlwLdJRDra_K2hhA.mft (raw, json)
Hash identifier: vUnT2xNJLTa0kTTXW7xeg+V/fFjj5CuhyATW9X21wvw=
Subject key identifier: DE:58:4F:48:60:59:C9:6B:A9:DB:99:E6:75:2C:07:FC:70:D6:67:BE
Authority key identifier: 1F:67:CF:1C:A2:DE:A3:2F:CD:97:02:DD:25:10:EB:6B:F2:B6:86:10
Certificate issuer: /CN=1f67cf1ca2dea32fcd9702dd2510eb6bf2b68610
Certificate serial: 019CAD5994EB19B31CB387D6B4E5075BCFB0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H2fPHKLeoy_NlwLdJRDra_K2hhA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/3cb4d6-f32c-4130-ae0e-badbe840977e/1/H2fPHKLeoy_NlwLdJRDra_K2hhA.mft
Manifest number: 07E9
Signing time: Mon 02 Mar 2026 07:00:55 +0000
Manifest this update: Mon 02 Mar 2026 07:00:55 +0000
Manifest next update: Tue 03 Mar 2026 07:00:55 +0000
Files and hashes: 1: G6Qimd7tAYQUvnYU3UCWKXw35BE.roa (hash: Y7JkYNH4E9BqcN5WcuNtct/o2Kwq3jTuydqYb5r4gpo=)
2: H2fPHKLeoy_NlwLdJRDra_K2hhA.crl (hash: iQBNlIhI5mfLfQlbqs571qfeNWfQULTOHIQhJD33FAc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f7/3cb4d6-f32c-4130-ae0e-badbe840977e/1/H2fPHKLeoy_NlwLdJRDra_K2hhA.crl
rsync://rpki.ripe.net/repository/DEFAULT/f7/3cb4d6-f32c-4130-ae0e-badbe840977e/1/H2fPHKLeoy_NlwLdJRDra_K2hhA.mft
rsync://rpki.ripe.net/repository/DEFAULT/H2fPHKLeoy_NlwLdJRDra_K2hhA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ad:59:94:eb:19:b3:1c:b3:87:d6:b4:e5:07:5b:cf:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f67cf1ca2dea32fcd9702dd2510eb6bf2b68610
Validity
Not Before: Mar 2 07:00:55 2026 GMT
Not After : Mar 3 07:00:55 2026 GMT
Subject: CN=de584f486059c96ba9db99e6752c07fc70d667be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:57:79:e8:97:84:47:22:c4:71:7a:0b:f6:a9:
ec:f1:6d:45:83:e7:8a:4d:38:05:b6:3c:65:03:2a:
92:be:07:b4:66:8e:38:f5:16:a5:db:d3:49:22:38:
9c:32:b4:89:71:f0:9f:1b:7d:63:a3:77:21:65:7c:
6d:5c:fa:71:4b:e7:20:92:f9:02:3a:fa:77:f9:78:
63:b6:51:e6:a7:cc:02:e7:aa:e4:d0:e7:ab:c5:14:
b7:18:85:9d:54:1f:3f:40:50:b2:bd:fa:da:99:d4:
be:09:3b:53:8f:a8:81:7c:48:ea:04:44:35:59:c3:
d7:ff:32:b1:c1:af:90:68:2f:11:a4:32:5d:41:14:
73:9e:73:e0:3c:52:25:c6:20:45:af:07:f6:4d:ea:
66:ec:46:aa:ee:60:37:7e:34:b4:75:72:f6:14:4a:
db:22:57:fc:ff:2d:5d:81:73:a8:f8:2f:75:dd:b3:
e9:e4:c3:9e:1c:f5:b2:d1:09:16:2e:ac:a0:56:fe:
b9:7b:d2:0b:60:d2:eb:a9:58:37:98:c3:3f:13:2b:
f5:8c:9d:c8:a5:bf:4a:ca:ec:35:16:e4:f1:f9:c1:
9b:40:9d:42:68:43:57:07:24:f2:c0:ac:86:00:b3:
54:41:b5:47:d6:f3:81:2c:fb:d1:3e:9e:9f:55:17:
64:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:58:4F:48:60:59:C9:6B:A9:DB:99:E6:75:2C:07:FC:70:D6:67:BE
X509v3 Authority Key Identifier:
keyid:1F:67:CF:1C:A2:DE:A3:2F:CD:97:02:DD:25:10:EB:6B:F2:B6:86:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H2fPHKLeoy_NlwLdJRDra_K2hhA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/3cb4d6-f32c-4130-ae0e-badbe840977e/1/H2fPHKLeoy_NlwLdJRDra_K2hhA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/3cb4d6-f32c-4130-ae0e-badbe840977e/1/H2fPHKLeoy_NlwLdJRDra_K2hhA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
85:40:89:82:59:b1:a7:c2:e5:73:6f:7e:89:ac:0a:fc:c6:b9:
63:74:bb:2a:a6:7d:95:ea:56:1c:a5:22:76:d1:32:15:97:c9:
0c:85:24:3d:fc:28:e6:7f:96:c1:04:15:d5:ca:2f:b1:34:fa:
7b:9a:f0:ac:2b:53:46:9a:df:da:0e:72:7c:87:c6:8a:0d:7a:
04:b1:ab:4d:42:43:b4:76:c6:c5:74:20:00:46:f2:27:0f:89:
4c:3f:6e:06:0a:2d:72:be:74:46:5f:1e:99:e6:1a:6b:18:86:
f9:86:b0:56:c3:9d:3f:17:0f:fb:db:00:89:14:21:11:28:b2:
1b:77:eb:6a:0c:3f:5a:de:1f:5b:42:0b:0c:76:27:b5:cf:91:
bf:2b:00:a7:ed:ab:16:83:1b:7b:46:42:fe:cd:3b:df:68:25:
72:58:15:6c:fb:b2:44:de:12:f6:d9:ec:b0:4b:a9:d9:15:c6:
6a:d8:9c:51:23:a5:87:ed:48:bc:61:1a:c5:bc:59:f8:ff:47:
ee:62:a9:ba:90:d2:57:d9:30:68:bb:57:ba:d7:b0:11:f3:54:
91:20:dc:e9:06:27:de:f9:a6:02:88:4d:2d:09:23:24:8e:a6:
2c:74:16:72:d5:04:24:54:3c:a3:a4:d0:da:50:df:ca:af:ab:
9d:ec:d7:27
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytWZTrGbMcs4fWtOUHW8+wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNjdjZjFjYTJkZWEzMmZjZDk3MDJkZDI1MTBlYjZiZjJi
Njg2MTAwHhcNMjYwMzAyMDcwMDU1WhcNMjYwMzAzMDcwMDU1WjAzMTEwLwYDVQQD
EyhkZTU4NGY0ODYwNTljOTZiYTlkYjk5ZTY3NTJjMDdmYzcwZDY2N2JlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArld56JeERyLEcXoL9qns8W1Fg+eK
TTgFtjxlAyqSvge0Zo449Ral29NJIjicMrSJcfCfG31jo3chZXxtXPpxS+cgkvkC
Ovp3+XhjtlHmp8wC56rk0OerxRS3GIWdVB8/QFCyvframdS+CTtTj6iBfEjqBEQ1
WcPX/zKxwa+QaC8RpDJdQRRznnPgPFIlxiBFrwf2Tepm7Eaq7mA3fjS0dXL2FErb
Ilf8/y1dgXOo+C913bPp5MOeHPWy0QkWLqygVv65e9ILYNLrqVg3mMM/Eyv1jJ3I
pb9Kyuw1FuTx+cGbQJ1CaENXByTywKyGALNUQbVH1vOBLPvRPp6fVRdkLwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN5YT0hgWclrqduZ5nUsB/xw1me+MB8GA1UdIwQY
MBaAFB9nzxyi3qMvzZcC3SUQ62vytoYQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDJmUEhLTGVveV9ObHdMZEpSRHJhX0syaGhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy8zY2I0ZDYtZjMyYy00MTMwLWFlMGUt
YmFkYmU4NDA5NzdlLzEvSDJmUEhLTGVveV9ObHdMZEpSRHJhX0syaGhBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy8zY2I0ZDYtZjMyYy00MTMwLWFlMGUtYmFkYmU4NDA5Nzdl
LzEvSDJmUEhLTGVveV9ObHdMZEpSRHJhX0syaGhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhUCJglmx
p8Llc29+iawK/Ma5Y3S7KqZ9lepWHKUidtEyFZfJDIUkPfwo5n+WwQQV1covsTT6
e5rwrCtTRprf2g5yfIfGig16BLGrTUJDtHbGxXQgAEbyJw+JTD9uBgotcr50Rl8e
meYaaxiG+YawVsOdPxcP+9sAiRQhESiyG3fragw/Wt4fW0ILDHYntc+RvysAp+2r
FoMbe0ZC/s0732glclgVbPuyRN4S9tnssEup2RXGaticUSOlh+1IvGEaxbxZ+P9H
7mKpupDSV9kwaLtXutewEfNUkSDc6QYn3vmmAohNLQkjJI6mLHQWctUEJFQ8o6TQ
2lDfyq+rnezXJw==
-----END CERTIFICATE-----
Generated at Mon Mar 2 09:17:11 2026 by rpki-client