Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/89286f-0e59-4626-a617-602151522a09/1/Q7kuwrDjLLey2xPjdlKY1tLlhc0.mft
File: Q7kuwrDjLLey2xPjdlKY1tLlhc0.mft (raw, json)
Hash identifier: CfZivM/EDd4n581hMuY3aPfMnmVGDjdhGz8O/l9l9wc=
Subject key identifier: 48:D3:AC:6F:85:52:29:2E:FE:04:16:84:AB:0B:FC:AF:39:46:BA:24
Authority key identifier: 43:B9:2E:C2:B0:E3:2C:B7:B2:DB:13:E3:76:52:98:D6:D2:E5:85:CD
Certificate issuer: /CN=43b92ec2b0e32cb7b2db13e3765298d6d2e585cd
Certificate serial: 019D3752AD81A36CC2A6AD77256343BEAB2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q7kuwrDjLLey2xPjdlKY1tLlhc0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/89286f-0e59-4626-a617-602151522a09/1/Q7kuwrDjLLey2xPjdlKY1tLlhc0.mft
Manifest number: 08A3
Signing time: Sun 29 Mar 2026 02:00:58 +0000
Manifest this update: Sun 29 Mar 2026 02:00:58 +0000
Manifest next update: Mon 30 Mar 2026 02:00:58 +0000
Files and hashes: 1: Q7kuwrDjLLey2xPjdlKY1tLlhc0.crl (hash: 76dRmJFYCQk93cyVhjQYb+hYOqrQ3htN6VJW6WvHYIQ=)
2: q92f6dR-iX4C-CVcHHlSJfjRbjA.roa (hash: 5e9T1SkG/kIEUC1gZXSHnISGiuKNuBXnH3Nj4yFHRek=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/89286f-0e59-4626-a617-602151522a09/1/Q7kuwrDjLLey2xPjdlKY1tLlhc0.crl
rsync://rpki.ripe.net/repository/DEFAULT/1c/89286f-0e59-4626-a617-602151522a09/1/Q7kuwrDjLLey2xPjdlKY1tLlhc0.mft
rsync://rpki.ripe.net/repository/DEFAULT/Q7kuwrDjLLey2xPjdlKY1tLlhc0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 02:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:52:ad:81:a3:6c:c2:a6:ad:77:25:63:43:be:ab:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43b92ec2b0e32cb7b2db13e3765298d6d2e585cd
Validity
Not Before: Mar 29 02:00:58 2026 GMT
Not After : Mar 30 02:00:58 2026 GMT
Subject: CN=48d3ac6f8552292efe041684ab0bfcaf3946ba24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:3a:37:1a:7c:c9:a0:0f:fb:c3:a5:9d:27:f1:
dc:63:56:76:01:80:1a:06:fa:ea:a5:f0:2f:d6:5c:
2a:ac:a4:45:80:f5:70:d7:2d:a5:f1:f8:ea:e9:a6:
38:4e:f5:8a:84:ef:d3:46:25:35:7f:65:ff:ad:10:
79:c7:5f:1f:b1:f1:44:50:4a:c4:df:a6:7d:bc:d1:
0d:7b:cf:d5:e1:3f:57:5c:1f:1b:b8:34:f1:ab:b5:
4a:42:95:6b:01:fe:60:3e:01:df:d1:3f:60:06:6d:
26:ba:8e:53:d8:bc:5c:61:35:b6:d0:c6:6a:ee:4f:
91:46:3d:57:06:72:66:52:01:e0:59:83:98:99:b9:
4a:39:c4:5e:14:37:34:8b:7e:ff:25:16:b4:73:10:
a0:4b:d7:48:b9:69:b3:82:f1:43:81:35:37:f3:25:
6a:12:3d:62:72:15:88:c3:d4:c2:b9:5e:b4:bc:21:
69:2a:95:a4:74:d2:61:7e:67:db:a9:17:18:c8:7b:
c6:06:01:4c:a7:fb:12:64:b6:e7:ea:1b:48:f3:1b:
3e:f3:5f:80:cc:c1:cd:9a:e9:1d:54:01:0c:01:fe:
b1:7f:73:07:e4:89:5b:e6:a3:e2:1b:a4:a4:52:5c:
15:e5:a9:aa:d6:b7:b7:1d:6a:2c:62:f0:15:15:b0:
a7:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:D3:AC:6F:85:52:29:2E:FE:04:16:84:AB:0B:FC:AF:39:46:BA:24
X509v3 Authority Key Identifier:
keyid:43:B9:2E:C2:B0:E3:2C:B7:B2:DB:13:E3:76:52:98:D6:D2:E5:85:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q7kuwrDjLLey2xPjdlKY1tLlhc0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/89286f-0e59-4626-a617-602151522a09/1/Q7kuwrDjLLey2xPjdlKY1tLlhc0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/89286f-0e59-4626-a617-602151522a09/1/Q7kuwrDjLLey2xPjdlKY1tLlhc0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0b:9d:77:cf:e8:63:c9:f9:11:d0:c9:8a:7d:4c:05:b2:f5:b0:
14:bd:47:ee:51:01:68:66:0e:5d:25:7d:60:58:ee:f6:d8:a8:
6f:52:c9:11:da:2c:4d:66:2d:15:b1:a5:2d:5b:be:25:6c:9f:
70:4c:c7:62:be:3e:03:ee:1b:c4:79:5f:0d:c5:0c:3f:72:ef:
4c:42:e9:48:30:9c:68:b5:9d:13:9d:d0:7b:57:79:bb:75:4a:
e0:08:92:df:2e:1f:67:b6:94:5b:12:7b:4a:6c:a5:88:cd:84:
53:dc:0c:e6:cc:07:fe:b5:51:2e:33:b4:4e:ad:2f:cb:09:27:
35:ea:5a:15:d5:5b:26:18:74:83:46:e2:72:d9:77:fc:27:39:
83:bf:bf:27:8f:75:b0:46:ce:d3:14:21:a4:e9:6d:2d:27:f7:
cd:14:25:91:c0:70:9a:38:04:7e:18:b9:6c:45:b8:00:16:fb:
d5:ac:c4:4b:a9:9c:02:19:1c:60:41:9b:41:71:84:e7:bb:92:
f0:f6:78:d1:94:0a:b3:b3:2f:ee:ab:7f:32:b3:5f:52:1d:d8:
16:55:8e:3f:3c:25:e2:20:5a:c5:7d:39:79:e2:cd:92:af:8b:
c5:99:87:48:65:48:22:7e:c7:b3:ea:b5:34:d0:aa:dc:b4:e7:
e3:99:83:69
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03Uq2Bo2zCpq13JWNDvqsqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzYjkyZWMyYjBlMzJjYjdiMmRiMTNlMzc2NTI5OGQ2ZDJl
NTg1Y2QwHhcNMjYwMzI5MDIwMDU4WhcNMjYwMzMwMDIwMDU4WjAzMTEwLwYDVQQD
Eyg0OGQzYWM2Zjg1NTIyOTJlZmUwNDE2ODRhYjBiZmNhZjM5NDZiYTI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArDo3GnzJoA/7w6WdJ/HcY1Z2AYAa
BvrqpfAv1lwqrKRFgPVw1y2l8fjq6aY4TvWKhO/TRiU1f2X/rRB5x18fsfFEUErE
36Z9vNENe8/V4T9XXB8buDTxq7VKQpVrAf5gPgHf0T9gBm0muo5T2LxcYTW20MZq
7k+RRj1XBnJmUgHgWYOYmblKOcReFDc0i37/JRa0cxCgS9dIuWmzgvFDgTU38yVq
Ej1ichWIw9TCuV60vCFpKpWkdNJhfmfbqRcYyHvGBgFMp/sSZLbn6htI8xs+81+A
zMHNmukdVAEMAf6xf3MH5Ilb5qPiG6SkUlwV5amq1re3HWosYvAVFbCnhQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEjTrG+FUiku/gQWhKsL/K85RrokMB8GA1UdIwQY
MBaAFEO5LsKw4yy3stsT43ZSmNbS5YXNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTdrdXdyRGpMTGV5MnhQamRsS1kxdExsaGMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy84OTI4NmYtMGU1OS00NjI2LWE2MTct
NjAyMTUxNTIyYTA5LzEvUTdrdXdyRGpMTGV5MnhQamRsS1kxdExsaGMwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy84OTI4NmYtMGU1OS00NjI2LWE2MTctNjAyMTUxNTIyYTA5
LzEvUTdrdXdyRGpMTGV5MnhQamRsS1kxdExsaGMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAC513z+hj
yfkR0MmKfUwFsvWwFL1H7lEBaGYOXSV9YFju9tiob1LJEdosTWYtFbGlLVu+JWyf
cEzHYr4+A+4bxHlfDcUMP3LvTELpSDCcaLWdE53Qe1d5u3VK4AiS3y4fZ7aUWxJ7
SmyliM2EU9wM5swH/rVRLjO0Tq0vywknNepaFdVbJhh0g0bictl3/Cc5g7+/J491
sEbO0xQhpOltLSf3zRQlkcBwmjgEfhi5bEW4ABb71azES6mcAhkcYEGbQXGE57uS
8PZ40ZQKs7Mv7qt/MrNfUh3YFlWOPzwl4iBaxX05eeLNkq+LxZmHSGVIIn7Hs+q1
NNCq3LTn45mDaQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:17:12 2026 by rpki-client