Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/d5e103-90b5-44f1-b864-14a1eb5512d6/1/pQHIn0SCnHLyqVPSorpK4Le1DYo.mft
File: pQHIn0SCnHLyqVPSorpK4Le1DYo.mft (raw, json)
Hash identifier: cz+D7J/ab55RfZO1KABoS6AchDWN1HwOLNmpLoA2RUw=
Subject key identifier: F5:16:F4:EF:45:37:6C:C9:75:DF:C3:BD:8A:AD:83:24:28:8B:24:DE
Authority key identifier: A5:01:C8:9F:44:82:9C:72:F2:A9:53:D2:A2:BA:4A:E0:B7:B5:0D:8A
Certificate issuer: /CN=a501c89f44829c72f2a953d2a2ba4ae0b7b50d8a
Certificate serial: 019D394123D39A6EF1D97EE3812278B27F8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pQHIn0SCnHLyqVPSorpK4Le1DYo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/d5e103-90b5-44f1-b864-14a1eb5512d6/1/pQHIn0SCnHLyqVPSorpK4Le1DYo.mft
Manifest number: 1892
Signing time: Sun 29 Mar 2026 11:01:03 +0000
Manifest this update: Sun 29 Mar 2026 11:01:03 +0000
Manifest next update: Mon 30 Mar 2026 11:01:03 +0000
Files and hashes: 1: a1cD9EYlmG13NxBr90ciEvptuWA.roa (hash: v81TOP+ZC2LYKrsgbz1s/Hzy51XQ6ECnroV1P/ElVCU=)
2: pQHIn0SCnHLyqVPSorpK4Le1DYo.crl (hash: 5mk3TDHdKVL43bC4gfDxXcUUbBtD6mhUi4LS56wd0Hk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/d5e103-90b5-44f1-b864-14a1eb5512d6/1/pQHIn0SCnHLyqVPSorpK4Le1DYo.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/d5e103-90b5-44f1-b864-14a1eb5512d6/1/pQHIn0SCnHLyqVPSorpK4Le1DYo.mft
rsync://rpki.ripe.net/repository/DEFAULT/pQHIn0SCnHLyqVPSorpK4Le1DYo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:41:23:d3:9a:6e:f1:d9:7e:e3:81:22:78:b2:7f:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a501c89f44829c72f2a953d2a2ba4ae0b7b50d8a
Validity
Not Before: Mar 29 11:01:03 2026 GMT
Not After : Mar 30 11:01:03 2026 GMT
Subject: CN=f516f4ef45376cc975dfc3bd8aad8324288b24de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:b5:ae:7b:1f:d4:cc:8c:56:a8:35:e2:ad:d2:
63:60:3c:0f:67:a0:ab:38:9c:9e:c8:25:75:49:c8:
c0:e0:2b:74:9f:b9:03:49:1b:c8:ad:55:62:ae:a4:
5a:7e:39:62:91:1f:7c:c4:a5:2d:65:7f:75:04:12:
75:25:68:a7:f6:1c:07:30:09:52:8b:b1:37:af:0c:
14:3a:7e:98:08:ae:05:6d:b7:40:68:c9:a5:a7:05:
d2:3b:f6:51:77:5d:6c:ad:89:58:d8:6a:9f:96:70:
e6:3e:a6:79:ca:ee:0b:5a:bf:5e:b4:28:25:c8:21:
be:8b:0f:5b:21:88:f6:25:70:5a:a3:b7:5b:f6:0c:
f7:ba:b5:ce:a6:16:7d:63:9c:5f:66:b5:fc:65:d8:
66:14:95:d4:b8:c6:74:11:4d:fc:42:59:5b:e1:a9:
14:7e:84:86:5a:98:04:bc:e0:2e:c9:69:91:fe:84:
7c:16:ec:07:97:8d:e0:19:4c:6f:f8:8b:7b:4b:2d:
37:9d:11:5d:b0:fe:12:f4:d3:5a:60:b5:dd:80:f5:
93:23:83:37:72:7b:af:c5:5c:6c:48:3d:20:8e:43:
7b:9a:f4:92:08:96:40:e1:f4:cc:32:da:e8:1a:47:
8b:ff:a4:e2:80:b2:de:5c:c7:38:57:8c:27:d6:7c:
10:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:16:F4:EF:45:37:6C:C9:75:DF:C3:BD:8A:AD:83:24:28:8B:24:DE
X509v3 Authority Key Identifier:
keyid:A5:01:C8:9F:44:82:9C:72:F2:A9:53:D2:A2:BA:4A:E0:B7:B5:0D:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pQHIn0SCnHLyqVPSorpK4Le1DYo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/d5e103-90b5-44f1-b864-14a1eb5512d6/1/pQHIn0SCnHLyqVPSorpK4Le1DYo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/d5e103-90b5-44f1-b864-14a1eb5512d6/1/pQHIn0SCnHLyqVPSorpK4Le1DYo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0f:c8:79:44:55:10:7b:f4:01:09:ee:ba:e4:01:96:9b:07:cf:
3f:c6:ff:97:80:c5:20:64:76:3f:b0:ca:29:c4:70:8c:f7:bb:
e4:f8:ef:17:94:9d:ca:6e:ff:2a:24:22:d3:ba:96:e7:f1:0a:
b1:0c:49:a3:a3:40:d2:77:29:65:5f:3c:ef:3f:b0:8d:00:56:
98:b4:ea:32:23:cd:52:13:29:89:b6:96:02:2f:d9:ff:ad:b0:
59:39:f6:53:2f:ef:0a:a8:aa:f5:03:05:9d:bb:54:81:02:51:
25:8f:f1:bd:62:2b:07:b8:72:5f:1a:66:5b:af:b8:72:fa:b5:
f8:72:a7:0f:7b:54:25:46:eb:48:ad:09:13:cc:6d:5e:e9:26:
f5:bc:2e:bf:5f:7b:ab:fb:31:d9:42:27:a8:80:f4:a0:53:9d:
2b:f2:d4:91:45:3b:db:ad:e8:d9:52:63:f9:c4:b5:5a:88:cb:
df:bf:35:79:ba:70:b6:9c:21:2f:0d:f3:82:18:a4:de:8d:4a:
5f:c9:56:77:3d:5e:d9:b7:a0:29:88:f3:1a:4a:fe:a4:3b:41:
c9:64:e7:b1:8e:11:42:d6:2c:63:da:87:8d:5b:3e:1c:34:80:
24:ce:dc:be:7e:02:c7:f2:70:94:3a:b0:c4:46:b7:75:39:06:
d9:ce:57:63
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05QSPTmm7x2X7jgSJ4sn+NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1MDFjODlmNDQ4MjljNzJmMmE5NTNkMmEyYmE0YWUwYjdi
NTBkOGEwHhcNMjYwMzI5MTEwMTAzWhcNMjYwMzMwMTEwMTAzWjAzMTEwLwYDVQQD
EyhmNTE2ZjRlZjQ1Mzc2Y2M5NzVkZmMzYmQ4YWFkODMyNDI4OGIyNGRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzLWuex/UzIxWqDXirdJjYDwPZ6Cr
OJyeyCV1ScjA4Ct0n7kDSRvIrVVirqRafjlikR98xKUtZX91BBJ1JWin9hwHMAlS
i7E3rwwUOn6YCK4FbbdAaMmlpwXSO/ZRd11srYlY2GqflnDmPqZ5yu4LWr9etCgl
yCG+iw9bIYj2JXBao7db9gz3urXOphZ9Y5xfZrX8ZdhmFJXUuMZ0EU38Qllb4akU
foSGWpgEvOAuyWmR/oR8FuwHl43gGUxv+It7Sy03nRFdsP4S9NNaYLXdgPWTI4M3
cnuvxVxsSD0gjkN7mvSSCJZA4fTMMtroGkeL/6TigLLeXMc4V4wn1nwQjwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPUW9O9FN2zJdd/DvYqtgyQoiyTeMB8GA1UdIwQY
MBaAFKUByJ9Egpxy8qlT0qK6SuC3tQ2KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFFISW4wU0NuSEx5cVZQU29ycEs0TGUxRFlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9kNWUxMDMtOTBiNS00NGYxLWI4NjQt
MTRhMWViNTUxMmQ2LzEvcFFISW4wU0NuSEx5cVZQU29ycEs0TGUxRFlvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9kNWUxMDMtOTBiNS00NGYxLWI4NjQtMTRhMWViNTUxMmQ2
LzEvcFFISW4wU0NuSEx5cVZQU29ycEs0TGUxRFlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAD8h5RFUQ
e/QBCe665AGWmwfPP8b/l4DFIGR2P7DKKcRwjPe75PjvF5Sdym7/KiQi07qW5/EK
sQxJo6NA0ncpZV887z+wjQBWmLTqMiPNUhMpibaWAi/Z/62wWTn2Uy/vCqiq9QMF
nbtUgQJRJY/xvWIrB7hyXxpmW6+4cvq1+HKnD3tUJUbrSK0JE8xtXukm9bwuv197
q/sx2UInqID0oFOdK/LUkUU7263o2VJj+cS1WojL3781ebpwtpwhLw3zghik3o1K
X8lWdz1e2begKYjzGkr+pDtByWTnsY4RQtYsY9qHjVs+HDSAJM7cvn4Cx/JwlDqw
xEa3dTkG2c5XYw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 13:44:43 2026 by rpki-client