Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/421e9e-5243-4d20-b447-95045586802e/1/HDP7O3JSC4FpopKNU4LknWda0GA.mft
File: HDP7O3JSC4FpopKNU4LknWda0GA.mft (raw, json)
Hash identifier: Ez/42JCoJ8NSqCmZYDenAkJ1CFHT/a07YRLkhTdN+cI=
Subject key identifier: F2:45:9A:AE:3E:9A:B0:A8:AA:9F:4B:2C:54:38:FC:94:6C:82:D3:69
Authority key identifier: 1C:33:FB:3B:72:52:0B:81:69:A2:92:8D:53:82:E4:9D:67:5A:D0:60
Certificate issuer: /CN=1c33fb3b72520b8169a2928d5382e49d675ad060
Certificate serial: 019D996300D7EA97C52395BCE9CA3393EA6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HDP7O3JSC4FpopKNU4LknWda0GA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/421e9e-5243-4d20-b447-95045586802e/1/HDP7O3JSC4FpopKNU4LknWda0GA.mft
Manifest number: 166F
Signing time: Fri 17 Apr 2026 03:01:35 +0000
Manifest this update: Fri 17 Apr 2026 03:01:35 +0000
Manifest next update: Sat 18 Apr 2026 03:01:35 +0000
Files and hashes: 1: Gy7ZxbulJ_7Y0tx78zpcZAOHO2I.roa (hash: 8PQOWmSZ9/1/Et2ot0KAAdAS2aYMSpPnN0AQzm11bWE=)
2: HDP7O3JSC4FpopKNU4LknWda0GA.crl (hash: X7Wl0UqPqNDyqg2WI+5L9TeBISfU4eMO91PXIGacvtA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f9/421e9e-5243-4d20-b447-95045586802e/1/HDP7O3JSC4FpopKNU4LknWda0GA.crl
rsync://rpki.ripe.net/repository/DEFAULT/f9/421e9e-5243-4d20-b447-95045586802e/1/HDP7O3JSC4FpopKNU4LknWda0GA.mft
rsync://rpki.ripe.net/repository/DEFAULT/HDP7O3JSC4FpopKNU4LknWda0GA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:99:63:00:d7:ea:97:c5:23:95:bc:e9:ca:33:93:ea:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c33fb3b72520b8169a2928d5382e49d675ad060
Validity
Not Before: Apr 17 03:01:35 2026 GMT
Not After : Apr 18 03:01:35 2026 GMT
Subject: CN=f2459aae3e9ab0a8aa9f4b2c5438fc946c82d369
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:ca:02:a9:2b:d2:ff:2c:a7:00:8b:6a:5a:85:
d9:84:73:07:e5:32:94:6c:04:11:24:bb:a0:f7:2b:
43:74:08:d9:ab:fe:f4:ee:54:64:38:ee:82:20:91:
91:6f:91:34:ab:35:c0:9b:f6:60:6c:8f:01:43:8f:
22:6e:ad:3a:44:2d:bc:57:8a:67:63:b7:55:68:0c:
82:1d:a3:10:8f:09:5e:39:d2:4f:c2:66:49:e7:05:
e2:8c:72:08:0b:f1:e1:51:6a:1a:19:83:27:2a:64:
00:df:06:9b:fd:5b:4f:b6:dc:0b:fa:4a:d7:b6:7c:
b4:3c:11:a9:41:ea:37:71:59:af:b9:7e:dc:e0:d3:
df:65:df:15:6e:91:b9:42:73:30:66:cb:9a:f1:b8:
5b:44:07:28:09:48:76:54:11:c4:a9:d8:e8:ce:49:
00:68:6c:b7:79:93:03:73:15:ad:8b:72:71:d6:6c:
ea:98:9a:fc:52:d4:65:99:ac:36:6d:2c:aa:83:ff:
ff:1c:a7:43:a6:3a:23:da:cf:e5:f5:cd:2e:de:28:
23:46:a0:32:a6:8a:3e:f3:6b:8c:a0:6c:b8:d9:36:
29:81:20:cd:af:1f:f5:3b:e4:47:85:24:79:31:6b:
07:74:e9:09:1e:dd:14:8f:db:f8:18:3d:7f:2a:8b:
b1:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:45:9A:AE:3E:9A:B0:A8:AA:9F:4B:2C:54:38:FC:94:6C:82:D3:69
X509v3 Authority Key Identifier:
keyid:1C:33:FB:3B:72:52:0B:81:69:A2:92:8D:53:82:E4:9D:67:5A:D0:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HDP7O3JSC4FpopKNU4LknWda0GA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/421e9e-5243-4d20-b447-95045586802e/1/HDP7O3JSC4FpopKNU4LknWda0GA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/421e9e-5243-4d20-b447-95045586802e/1/HDP7O3JSC4FpopKNU4LknWda0GA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4c:8f:52:d7:a7:ef:b9:c9:a4:0d:64:20:6f:8b:47:61:15:d1:
f4:69:e0:2a:2a:e9:b4:c8:15:df:ed:f7:e8:26:63:67:91:92:
e8:ee:80:aa:16:cf:89:f4:27:96:73:20:a9:7d:eb:a6:c1:37:
e9:6b:b6:0d:41:d8:0f:c6:ab:68:58:dc:e0:91:4e:96:f6:02:
10:7d:44:ef:b0:f8:b0:4b:96:bd:21:de:ff:7e:b0:93:6c:9b:
34:e2:bf:63:9d:73:d2:8a:7f:9c:c7:8e:12:aa:8c:07:5d:a3:
7e:6b:30:42:13:00:c3:d7:43:90:fe:79:f9:73:36:22:9f:2d:
95:77:59:52:b7:18:9f:2b:ad:c3:02:48:ab:84:d1:8b:98:d1:
ff:a1:1a:b1:b5:3d:71:e5:ee:99:ca:89:f0:64:90:7d:a3:ac:
c3:84:28:72:9a:56:6d:54:3f:4d:dc:f6:7c:e7:4b:eb:92:50:
73:a5:da:87:34:88:26:e1:4a:b4:ae:48:d2:ba:f1:31:79:3e:
dd:eb:9e:12:58:94:4e:68:5c:7c:a3:0b:dd:7c:1f:7a:90:bd:
65:55:2d:89:67:dd:db:9e:40:f5:f0:8c:59:80:a6:a2:2d:67:
17:bf:80:0a:be:4c:91:68:55:77:30:b0:ab:41:b2:dd:cd:fe:
2b:f0:2a:b3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2ZYwDX6pfFI5W86cozk+pvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMzNmYjNiNzI1MjBiODE2OWEyOTI4ZDUzODJlNDlkNjc1
YWQwNjAwHhcNMjYwNDE3MDMwMTM1WhcNMjYwNDE4MDMwMTM1WjAzMTEwLwYDVQQD
EyhmMjQ1OWFhZTNlOWFiMGE4YWE5ZjRiMmM1NDM4ZmM5NDZjODJkMzY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmMoCqSvS/yynAItqWoXZhHMH5TKU
bAQRJLug9ytDdAjZq/707lRkOO6CIJGRb5E0qzXAm/ZgbI8BQ48ibq06RC28V4pn
Y7dVaAyCHaMQjwleOdJPwmZJ5wXijHIIC/HhUWoaGYMnKmQA3wab/VtPttwL+krX
tny0PBGpQeo3cVmvuX7c4NPfZd8VbpG5QnMwZsua8bhbRAcoCUh2VBHEqdjozkkA
aGy3eZMDcxWti3Jx1mzqmJr8UtRlmaw2bSyqg///HKdDpjoj2s/l9c0u3igjRqAy
poo+82uMoGy42TYpgSDNrx/1O+RHhSR5MWsHdOkJHt0Uj9v4GD1/KouxWwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPJFmq4+mrCoqp9LLFQ4/JRsgtNpMB8GA1UdIwQY
MBaAFBwz+ztyUguBaaKSjVOC5J1nWtBgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSERQN08zSlNDNEZwb3BLTlU0TGtuV2RhMEdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS80MjFlOWUtNTI0My00ZDIwLWI0NDct
OTUwNDU1ODY4MDJlLzEvSERQN08zSlNDNEZwb3BLTlU0TGtuV2RhMEdBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS80MjFlOWUtNTI0My00ZDIwLWI0NDctOTUwNDU1ODY4MDJl
LzEvSERQN08zSlNDNEZwb3BLTlU0TGtuV2RhMEdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATI9S16fv
ucmkDWQgb4tHYRXR9GngKirptMgV3+336CZjZ5GS6O6AqhbPifQnlnMgqX3rpsE3
6Wu2DUHYD8araFjc4JFOlvYCEH1E77D4sEuWvSHe/36wk2ybNOK/Y51z0op/nMeO
EqqMB12jfmswQhMAw9dDkP55+XM2Ip8tlXdZUrcYnyutwwJIq4TRi5jR/6EasbU9
ceXumcqJ8GSQfaOsw4QocppWbVQ/Tdz2fOdL65JQc6XahzSIJuFKtK5I0rrxMXk+
3eueEliUTmhcfKML3XwfepC9ZVUtiWfd255A9fCMWYCmoi1nF7+ACr5MkWhVdzCw
q0Gy3c3+K/Aqsw==
-----END CERTIFICATE-----
Generated at Fri Apr 17 05:09:49 2026 by rpki-client