Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/421e9e-5243-4d20-b447-95045586802e/1/HDP7O3JSC4FpopKNU4LknWda0GA.mft
File: HDP7O3JSC4FpopKNU4LknWda0GA.mft (raw, json)
Hash identifier: GXSraWHfZmKONrJg0gSCTS6g08Z3jyVYYKTxatghl88=
Subject key identifier: AF:B3:2F:1F:78:A3:EE:87:63:41:10:15:CE:4B:46:D2:D2:FD:F0:51
Authority key identifier: 1C:33:FB:3B:72:52:0B:81:69:A2:92:8D:53:82:E4:9D:67:5A:D0:60
Certificate issuer: /CN=1c33fb3b72520b8169a2928d5382e49d675ad060
Certificate serial: 019CA9EB97EBB4B20EFA128CAA9F2F89501E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HDP7O3JSC4FpopKNU4LknWda0GA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/421e9e-5243-4d20-b447-95045586802e/1/HDP7O3JSC4FpopKNU4LknWda0GA.mft
Manifest number: 15F3
Signing time: Sun 01 Mar 2026 15:01:55 +0000
Manifest this update: Sun 01 Mar 2026 15:01:55 +0000
Manifest next update: Mon 02 Mar 2026 15:01:55 +0000
Files and hashes: 1: Gy7ZxbulJ_7Y0tx78zpcZAOHO2I.roa (hash: 8PQOWmSZ9/1/Et2ot0KAAdAS2aYMSpPnN0AQzm11bWE=)
2: HDP7O3JSC4FpopKNU4LknWda0GA.crl (hash: as055qxeu+IXzNMIXcoGgfC1pcyJVlJOuyXvgrgxREs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f9/421e9e-5243-4d20-b447-95045586802e/1/HDP7O3JSC4FpopKNU4LknWda0GA.crl
rsync://rpki.ripe.net/repository/DEFAULT/f9/421e9e-5243-4d20-b447-95045586802e/1/HDP7O3JSC4FpopKNU4LknWda0GA.mft
rsync://rpki.ripe.net/repository/DEFAULT/HDP7O3JSC4FpopKNU4LknWda0GA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:a9:eb:97:eb:b4:b2:0e:fa:12:8c:aa:9f:2f:89:50:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c33fb3b72520b8169a2928d5382e49d675ad060
Validity
Not Before: Mar 1 15:01:55 2026 GMT
Not After : Mar 2 15:01:55 2026 GMT
Subject: CN=afb32f1f78a3ee8763411015ce4b46d2d2fdf051
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:ed:3a:53:8d:29:e4:75:d8:08:e4:26:9a:1a:
a3:e3:48:4e:68:cc:39:aa:0a:e3:f3:9a:fe:47:09:
cd:ab:46:55:e7:95:02:d8:7c:6e:78:f6:d2:33:14:
03:25:da:53:1b:db:ff:ac:02:1e:84:1f:6e:dd:24:
42:86:95:ed:0a:76:ee:40:c3:31:72:2a:e0:0e:38:
d3:cb:51:61:4c:8c:0c:86:0a:f4:d9:50:67:ae:07:
73:13:cf:35:c3:dd:d0:92:21:2d:6d:5d:31:44:d4:
c9:3e:48:ed:5f:a5:ba:dd:51:a5:97:34:9b:b8:88:
78:e9:b0:a7:54:e5:a1:f3:d1:29:13:66:3b:c6:6e:
13:57:7f:8b:b7:f9:6b:56:e5:3b:d0:a8:03:bf:91:
c7:90:fb:cf:ef:54:c6:f8:e7:ef:9d:82:f6:29:88:
02:66:8f:5b:6f:62:87:53:cc:04:a8:24:2f:9d:5c:
2b:52:40:8c:53:79:f3:c5:b5:c7:d4:bb:33:ed:ba:
c4:63:d5:8d:35:9b:3f:a4:18:a5:27:b0:ba:81:b6:
4f:26:3b:12:7a:18:37:7d:38:07:09:52:22:8b:69:
c8:ed:fb:a3:16:23:bd:f2:0c:2c:22:8d:aa:56:5e:
63:52:78:57:33:c5:61:25:0e:34:d5:69:0e:00:48:
5f:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:B3:2F:1F:78:A3:EE:87:63:41:10:15:CE:4B:46:D2:D2:FD:F0:51
X509v3 Authority Key Identifier:
keyid:1C:33:FB:3B:72:52:0B:81:69:A2:92:8D:53:82:E4:9D:67:5A:D0:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HDP7O3JSC4FpopKNU4LknWda0GA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/421e9e-5243-4d20-b447-95045586802e/1/HDP7O3JSC4FpopKNU4LknWda0GA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/421e9e-5243-4d20-b447-95045586802e/1/HDP7O3JSC4FpopKNU4LknWda0GA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4d:e9:c0:21:a6:5a:da:71:86:67:fc:ad:19:6b:19:14:dc:e2:
95:1f:ac:97:b5:98:ba:fd:36:35:eb:b9:25:b2:84:a4:71:d5:
a2:a1:c3:47:31:1a:65:d7:1e:bc:b8:da:44:4d:b2:68:44:04:
63:12:ef:96:60:af:84:14:4f:dc:e3:28:db:40:f6:92:6d:95:
2f:b9:9e:13:84:68:1d:8c:0c:2f:0a:b0:6e:16:95:7a:57:0c:
8d:c9:bc:4b:69:0e:84:3c:71:b7:bd:41:20:a7:23:0f:10:fb:
48:45:b4:7c:a5:1c:f8:ff:c4:8f:28:7c:ee:07:1d:d0:65:78:
e9:e1:f1:39:d7:03:43:e2:ff:bf:96:17:ba:e5:c3:81:d3:bd:
c5:c1:91:8a:f0:b1:ee:50:b8:c5:84:30:6f:e9:97:2d:ab:08:
43:ba:e3:63:6b:b9:fa:8d:87:28:60:22:85:5e:b0:8a:57:0b:
bb:e4:21:ea:40:85:99:a7:2f:06:7f:b1:b2:c5:ec:a0:d2:5e:
f2:33:b4:7e:cb:6c:db:13:af:71:d5:d8:85:16:3f:c5:7d:e4:
f8:ad:8e:43:23:dd:e8:97:9f:10:aa:e0:4a:0c:eb:53:51:43:
4c:5c:f7:07:0f:dc:97:0c:c9:30:a4:29:38:4e:97:c8:1e:2c:
74:cb:7e:1b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyp65frtLIO+hKMqp8viVAeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMzNmYjNiNzI1MjBiODE2OWEyOTI4ZDUzODJlNDlkNjc1
YWQwNjAwHhcNMjYwMzAxMTUwMTU1WhcNMjYwMzAyMTUwMTU1WjAzMTEwLwYDVQQD
EyhhZmIzMmYxZjc4YTNlZTg3NjM0MTEwMTVjZTRiNDZkMmQyZmRmMDUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApO06U40p5HXYCOQmmhqj40hOaMw5
qgrj85r+RwnNq0ZV55UC2HxuePbSMxQDJdpTG9v/rAIehB9u3SRChpXtCnbuQMMx
cirgDjjTy1FhTIwMhgr02VBnrgdzE881w93QkiEtbV0xRNTJPkjtX6W63VGllzSb
uIh46bCnVOWh89EpE2Y7xm4TV3+Lt/lrVuU70KgDv5HHkPvP71TG+OfvnYL2KYgC
Zo9bb2KHU8wEqCQvnVwrUkCMU3nzxbXH1Lsz7brEY9WNNZs/pBilJ7C6gbZPJjsS
ehg3fTgHCVIii2nI7fujFiO98gwsIo2qVl5jUnhXM8VhJQ401WkOAEhfnwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK+zLx94o+6HY0EQFc5LRtLS/fBRMB8GA1UdIwQY
MBaAFBwz+ztyUguBaaKSjVOC5J1nWtBgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSERQN08zSlNDNEZwb3BLTlU0TGtuV2RhMEdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS80MjFlOWUtNTI0My00ZDIwLWI0NDct
OTUwNDU1ODY4MDJlLzEvSERQN08zSlNDNEZwb3BLTlU0TGtuV2RhMEdBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS80MjFlOWUtNTI0My00ZDIwLWI0NDctOTUwNDU1ODY4MDJl
LzEvSERQN08zSlNDNEZwb3BLTlU0TGtuV2RhMEdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATenAIaZa
2nGGZ/ytGWsZFNzilR+sl7WYuv02Neu5JbKEpHHVoqHDRzEaZdcevLjaRE2yaEQE
YxLvlmCvhBRP3OMo20D2km2VL7meE4RoHYwMLwqwbhaVelcMjcm8S2kOhDxxt71B
IKcjDxD7SEW0fKUc+P/Ejyh87gcd0GV46eHxOdcDQ+L/v5YXuuXDgdO9xcGRivCx
7lC4xYQwb+mXLasIQ7rjY2u5+o2HKGAihV6wilcLu+Qh6kCFmacvBn+xssXsoNJe
8jO0fsts2xOvcdXYhRY/xX3k+K2OQyPd6JefEKrgSgzrU1FDTFz3Bw/clwzJMKQp
OE6XyB4sdMt+Gw==
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:47:16 2026 by rpki-client