Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/749d77-e995-489a-87e0-d00a13aae540/1/qF7VXxRNceZz5j9LdnDEE0TAlYA.mft
File: qF7VXxRNceZz5j9LdnDEE0TAlYA.mft (raw, json)
Hash identifier: 8zwCC9Ghofac5pujGKfvYDRMwjZwjkqYDK6ReAV4krk=
Subject key identifier: CE:D3:C1:B1:AB:74:10:C1:3E:D5:32:E8:CB:48:24:DD:20:6D:61:CF
Authority key identifier: A8:5E:D5:5F:14:4D:71:E6:73:E6:3F:4B:76:70:C4:13:44:C0:95:80
Certificate issuer: /CN=a85ed55f144d71e673e63f4b7670c41344c09580
Certificate serial: 019D389BB1995B5C396A89951B1485109AC3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qF7VXxRNceZz5j9LdnDEE0TAlYA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/749d77-e995-489a-87e0-d00a13aae540/1/qF7VXxRNceZz5j9LdnDEE0TAlYA.mft
Manifest number: 041D
Signing time: Sun 29 Mar 2026 08:00:20 +0000
Manifest this update: Sun 29 Mar 2026 08:00:20 +0000
Manifest next update: Mon 30 Mar 2026 08:00:20 +0000
Files and hashes: 1: lc54bO2qpbEp6ZuINe9U374Bnw0.roa (hash: KvWJl722IjNTPYxbQCA4iUQ0TYdemSL5ZuAeqRqaebU=)
2: qF7VXxRNceZz5j9LdnDEE0TAlYA.crl (hash: PMVWVumArba6bdNZcVNCblGqi+QW7ZwZeYQYHI68Z6U=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/04/749d77-e995-489a-87e0-d00a13aae540/1/qF7VXxRNceZz5j9LdnDEE0TAlYA.crl
rsync://rpki.ripe.net/repository/DEFAULT/04/749d77-e995-489a-87e0-d00a13aae540/1/qF7VXxRNceZz5j9LdnDEE0TAlYA.mft
rsync://rpki.ripe.net/repository/DEFAULT/qF7VXxRNceZz5j9LdnDEE0TAlYA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:9b:b1:99:5b:5c:39:6a:89:95:1b:14:85:10:9a:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a85ed55f144d71e673e63f4b7670c41344c09580
Validity
Not Before: Mar 29 08:00:20 2026 GMT
Not After : Mar 30 08:00:20 2026 GMT
Subject: CN=ced3c1b1ab7410c13ed532e8cb4824dd206d61cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:1f:a4:c2:08:e0:5f:50:f0:b0:9d:4f:1f:db:
85:7e:f9:0d:b4:5e:a8:47:dc:bd:33:b3:24:99:a0:
66:08:bc:47:ea:af:71:1f:17:ea:f0:43:6c:1b:70:
44:d2:bb:8d:c1:83:a7:14:97:3b:f1:b1:f9:70:d0:
da:a1:17:d9:86:b5:85:43:1c:d6:72:85:07:df:d0:
11:11:75:8c:bf:77:ad:af:87:50:f1:f3:c8:cc:a9:
bb:d3:b1:f9:5f:89:16:d2:2c:c9:93:27:30:75:a5:
0b:2e:11:5a:fc:08:74:04:a1:5f:7a:01:9d:da:c0:
51:18:ec:ae:51:20:0d:58:fe:38:30:28:fe:9c:e6:
6d:55:15:5c:65:f9:6e:45:81:bc:08:d9:a1:f6:d9:
79:78:b0:c9:63:59:eb:49:31:1c:93:f9:01:02:c3:
3f:2f:0a:95:3c:bd:22:e6:5d:9b:2f:51:52:8a:51:
d1:36:1a:ec:5d:b9:e5:a3:f1:92:8b:8e:a7:82:cc:
03:95:29:8d:fc:87:f7:90:38:e9:d8:c4:dd:a3:28:
97:0b:b3:a6:04:e3:24:00:69:7d:83:92:13:9f:cd:
76:38:b1:af:c7:37:03:a8:3f:1b:11:e8:ae:87:b4:
70:ad:63:b4:11:68:e1:6a:ee:53:2a:e0:de:54:d9:
be:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:D3:C1:B1:AB:74:10:C1:3E:D5:32:E8:CB:48:24:DD:20:6D:61:CF
X509v3 Authority Key Identifier:
keyid:A8:5E:D5:5F:14:4D:71:E6:73:E6:3F:4B:76:70:C4:13:44:C0:95:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qF7VXxRNceZz5j9LdnDEE0TAlYA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/749d77-e995-489a-87e0-d00a13aae540/1/qF7VXxRNceZz5j9LdnDEE0TAlYA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/749d77-e995-489a-87e0-d00a13aae540/1/qF7VXxRNceZz5j9LdnDEE0TAlYA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6c:86:32:a3:3d:32:61:e3:c5:f1:c6:3d:f0:8d:d7:be:cb:3a:
4e:28:b1:4b:2c:b5:17:84:d6:91:d8:e1:4b:c8:16:19:d5:c2:
4c:68:e0:bf:55:bc:06:09:28:33:02:00:5d:7a:d3:51:5a:6e:
b6:24:06:b3:09:6d:f0:e9:3e:34:4c:b5:0d:96:a7:16:d5:85:
c6:ee:5d:02:10:fd:29:88:2d:b3:f4:4f:da:e0:1b:7f:e8:3f:
25:37:a7:82:fa:49:e3:8e:b1:f6:2b:e2:70:98:fa:1d:3d:f8:
70:28:26:e4:a9:36:51:47:43:bf:da:67:b7:a6:62:56:4e:67:
de:a5:99:26:f6:ed:76:9b:30:18:c0:7b:67:91:f2:d1:f7:2b:
a0:15:65:aa:1b:fd:93:01:0d:4b:c8:a6:23:c0:d4:35:e0:10:
f9:0a:22:9a:37:66:e4:3c:85:25:ac:a5:f8:e2:28:3b:0f:1c:
95:8c:8f:42:99:e0:6e:bb:87:71:00:7d:0a:e9:4f:90:3c:02:
95:67:c6:f9:c3:b3:e7:e3:49:9b:ed:b6:01:ad:d7:e3:fc:bc:
60:bf:2b:22:b4:a7:42:3a:08:45:a1:38:c4:1c:8b:fb:e6:a9:
bd:84:e9:58:4a:e7:12:68:c6:c2:02:75:67:f0:96:6e:84:04:
f2:7c:d9:7a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04m7GZW1w5aomVGxSFEJrDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NWVkNTVmMTQ0ZDcxZTY3M2U2M2Y0Yjc2NzBjNDEzNDRj
MDk1ODAwHhcNMjYwMzI5MDgwMDIwWhcNMjYwMzMwMDgwMDIwWjAzMTEwLwYDVQQD
EyhjZWQzYzFiMWFiNzQxMGMxM2VkNTMyZThjYjQ4MjRkZDIwNmQ2MWNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuh+kwgjgX1DwsJ1PH9uFfvkNtF6o
R9y9M7MkmaBmCLxH6q9xHxfq8ENsG3BE0ruNwYOnFJc78bH5cNDaoRfZhrWFQxzW
coUH39AREXWMv3etr4dQ8fPIzKm707H5X4kW0izJkycwdaULLhFa/Ah0BKFfegGd
2sBRGOyuUSANWP44MCj+nOZtVRVcZfluRYG8CNmh9tl5eLDJY1nrSTEck/kBAsM/
LwqVPL0i5l2bL1FSilHRNhrsXbnlo/GSi46ngswDlSmN/If3kDjp2MTdoyiXC7Om
BOMkAGl9g5ITn812OLGvxzcDqD8bEeiuh7RwrWO0EWjhau5TKuDeVNm+LwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM7TwbGrdBDBPtUy6MtIJN0gbWHPMB8GA1UdIwQY
MBaAFKhe1V8UTXHmc+Y/S3ZwxBNEwJWAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUY3Vlh4Uk5jZVp6NWo5TGRuREVFMFRBbFlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC83NDlkNzctZTk5NS00ODlhLTg3ZTAt
ZDAwYTEzYWFlNTQwLzEvcUY3Vlh4Uk5jZVp6NWo5TGRuREVFMFRBbFlBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC83NDlkNzctZTk5NS00ODlhLTg3ZTAtZDAwYTEzYWFlNTQw
LzEvcUY3Vlh4Uk5jZVp6NWo5TGRuREVFMFRBbFlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbIYyoz0y
YePF8cY98I3Xvss6TiixSyy1F4TWkdjhS8gWGdXCTGjgv1W8BgkoMwIAXXrTUVpu
tiQGswlt8Ok+NEy1DZanFtWFxu5dAhD9KYgts/RP2uAbf+g/JTengvpJ446x9ivi
cJj6HT34cCgm5Kk2UUdDv9pnt6ZiVk5n3qWZJvbtdpswGMB7Z5Hy0fcroBVlqhv9
kwENS8imI8DUNeAQ+Qoimjdm5DyFJayl+OIoOw8clYyPQpngbruHcQB9CulPkDwC
lWfG+cOz5+NJm+22Aa3X4/y8YL8rIrSnQjoIRaE4xByL++apvYTpWErnEmjGwgJ1
Z/CWboQE8nzZeg==
-----END CERTIFICATE-----
Generated at Sun Mar 29 14:58:20 2026 by rpki-client