Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/9c83a5-3a9a-4715-9b16-4046324970af/1/q53IX5TKZH3g22TXTTE5lHzESbo.mft
File: q53IX5TKZH3g22TXTTE5lHzESbo.mft (raw, json)
Hash identifier: uD20GIT6sBixPnSVhF8Ld+Pxm6S2vYPNPJIBcav5+hw=
Subject key identifier: D7:E4:69:AB:35:1B:62:A7:2F:08:0A:DD:E8:74:1C:6B:9E:9A:78:B4
Authority key identifier: AB:9D:C8:5F:94:CA:64:7D:E0:DB:64:D7:4D:31:39:94:7C:C4:49:BA
Certificate issuer: /CN=ab9dc85f94ca647de0db64d74d3139947cc449ba
Certificate serial: 019D38D358BD6E1453343571FB90E08F9942
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q53IX5TKZH3g22TXTTE5lHzESbo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/9c83a5-3a9a-4715-9b16-4046324970af/1/q53IX5TKZH3g22TXTTE5lHzESbo.mft
Manifest number: 157D
Signing time: Sun 29 Mar 2026 09:01:08 +0000
Manifest this update: Sun 29 Mar 2026 09:01:08 +0000
Manifest next update: Mon 30 Mar 2026 09:01:08 +0000
Files and hashes: 1: 479ZV3Yo2azoMThPuEqrM6qYhP8.roa (hash: iH7bjfyw/FV+kXgRaALQRgdoNp0fV7bf6CUsJ1nPg+k=)
2: q53IX5TKZH3g22TXTTE5lHzESbo.crl (hash: csjrG3cZOdL/7tb3IeYUyLw1Cqz0O2ZhDk+y6lZ5WpU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/37/9c83a5-3a9a-4715-9b16-4046324970af/1/q53IX5TKZH3g22TXTTE5lHzESbo.crl
rsync://rpki.ripe.net/repository/DEFAULT/37/9c83a5-3a9a-4715-9b16-4046324970af/1/q53IX5TKZH3g22TXTTE5lHzESbo.mft
rsync://rpki.ripe.net/repository/DEFAULT/q53IX5TKZH3g22TXTTE5lHzESbo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:d3:58:bd:6e:14:53:34:35:71:fb:90:e0:8f:99:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab9dc85f94ca647de0db64d74d3139947cc449ba
Validity
Not Before: Mar 29 09:01:08 2026 GMT
Not After : Mar 30 09:01:08 2026 GMT
Subject: CN=d7e469ab351b62a72f080adde8741c6b9e9a78b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:fa:fb:e5:bd:5d:81:04:cc:57:32:ae:9c:11:
ec:1f:a3:78:e1:38:d2:fb:b6:59:d0:66:e0:48:54:
06:f0:1e:72:84:39:9e:cd:39:8b:6b:d3:20:7c:3c:
ce:74:46:c4:1a:e1:d9:3d:74:33:ce:ea:09:21:c9:
2b:94:f2:f3:0f:14:17:54:a4:2d:a3:a2:d9:13:d8:
30:5e:ca:db:41:07:f7:7e:fb:31:52:5d:45:e1:29:
e9:a5:98:c3:56:1f:0f:9b:ef:7b:26:1c:4f:6d:03:
58:00:3f:32:c6:38:a5:fd:61:6c:d4:b1:aa:2e:96:
2b:b8:02:ec:05:67:ec:fd:88:b1:76:1c:d5:5e:31:
43:85:7e:9c:57:d9:5e:d5:49:4e:c3:28:50:54:c2:
cc:87:34:d0:35:e0:79:18:92:f8:46:9f:a0:c6:4b:
a1:c1:07:2a:17:4b:bc:4c:b7:62:b5:95:0e:f6:6a:
4b:14:71:c3:1c:7f:d4:f8:a8:33:4d:cf:36:12:19:
39:aa:66:9a:51:bf:67:e9:b0:ef:99:39:32:54:6e:
34:1e:44:0b:0f:45:f0:48:76:91:01:b3:14:bb:f4:
86:9c:e7:89:7f:e6:39:48:f9:53:32:70:e2:e2:c4:
09:c7:2c:43:80:83:40:eb:49:ed:fc:2f:03:92:89:
82:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:E4:69:AB:35:1B:62:A7:2F:08:0A:DD:E8:74:1C:6B:9E:9A:78:B4
X509v3 Authority Key Identifier:
keyid:AB:9D:C8:5F:94:CA:64:7D:E0:DB:64:D7:4D:31:39:94:7C:C4:49:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q53IX5TKZH3g22TXTTE5lHzESbo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/9c83a5-3a9a-4715-9b16-4046324970af/1/q53IX5TKZH3g22TXTTE5lHzESbo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/9c83a5-3a9a-4715-9b16-4046324970af/1/q53IX5TKZH3g22TXTTE5lHzESbo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a5:e5:e0:5a:cf:4f:91:08:b8:df:fd:ee:22:a7:f8:22:99:36:
d1:29:5e:86:72:f1:8d:9e:55:68:f7:1b:bb:6a:ee:e4:c9:f6:
88:b2:2a:e2:4b:bd:90:88:b1:96:d8:bc:34:22:70:e3:5e:6d:
24:57:7b:6a:13:f5:68:c1:bc:14:1d:39:8b:39:b8:80:53:e7:
d7:c2:71:d4:e1:56:c2:f6:09:be:9d:ec:12:01:9d:94:31:26:
54:a1:30:ae:93:0c:8f:05:e5:98:09:cb:9b:63:3a:6b:0b:ed:
81:bb:d6:99:87:38:83:e0:03:ca:84:ca:92:86:98:99:d6:4d:
fa:ba:b9:1d:c8:e2:d7:b3:f6:37:ba:40:3b:f0:0b:60:10:9d:
29:fa:a3:c6:e0:0d:6e:bd:55:b3:24:0e:7a:5c:a0:4e:75:46:
4f:e9:b1:1a:48:df:07:dc:4b:3b:cd:10:08:85:fc:c6:f2:06:
65:d3:d2:4e:a1:7e:20:a7:f6:de:d7:c1:6b:c7:de:05:12:f3:
4d:53:dd:29:7a:7e:e0:67:9c:9c:f0:d8:95:2f:e2:2f:69:c1:
20:9c:9c:bd:52:59:a5:eb:82:11:59:14:c5:83:b0:cb:5d:a6:
2e:4d:4f:0f:a0:e4:a2:71:8f:07:f3:9e:90:73:db:97:21:13:
d4:f5:2f:e7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0401i9bhRTNDVx+5Dgj5lCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiOWRjODVmOTRjYTY0N2RlMGRiNjRkNzRkMzEzOTk0N2Nj
NDQ5YmEwHhcNMjYwMzI5MDkwMTA4WhcNMjYwMzMwMDkwMTA4WjAzMTEwLwYDVQQD
EyhkN2U0NjlhYjM1MWI2MmE3MmYwODBhZGRlODc0MWM2YjllOWE3OGI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxfr75b1dgQTMVzKunBHsH6N44TjS
+7ZZ0GbgSFQG8B5yhDmezTmLa9MgfDzOdEbEGuHZPXQzzuoJIckrlPLzDxQXVKQt
o6LZE9gwXsrbQQf3fvsxUl1F4SnppZjDVh8Pm+97JhxPbQNYAD8yxjil/WFs1LGq
LpYruALsBWfs/YixdhzVXjFDhX6cV9le1UlOwyhQVMLMhzTQNeB5GJL4Rp+gxkuh
wQcqF0u8TLditZUO9mpLFHHDHH/U+KgzTc82Ehk5qmaaUb9n6bDvmTkyVG40HkQL
D0XwSHaRAbMUu/SGnOeJf+Y5SPlTMnDi4sQJxyxDgINA60nt/C8DkomC4QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNfkaas1G2KnLwgK3eh0HGuemni0MB8GA1UdIwQY
MBaAFKudyF+UymR94Ntk100xOZR8xEm6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTUzSVg1VEtaSDNnMjJUWFRURTVsSHpFU2JvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy85YzgzYTUtM2E5YS00NzE1LTliMTYt
NDA0NjMyNDk3MGFmLzEvcTUzSVg1VEtaSDNnMjJUWFRURTVsSHpFU2JvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy85YzgzYTUtM2E5YS00NzE1LTliMTYtNDA0NjMyNDk3MGFm
LzEvcTUzSVg1VEtaSDNnMjJUWFRURTVsSHpFU2JvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApeXgWs9P
kQi43/3uIqf4Ipk20SlehnLxjZ5VaPcbu2ru5Mn2iLIq4ku9kIixlti8NCJw415t
JFd7ahP1aMG8FB05izm4gFPn18Jx1OFWwvYJvp3sEgGdlDEmVKEwrpMMjwXlmAnL
m2M6awvtgbvWmYc4g+ADyoTKkoaYmdZN+rq5Hcji17P2N7pAO/ALYBCdKfqjxuAN
br1VsyQOelygTnVGT+mxGkjfB9xLO80QCIX8xvIGZdPSTqF+IKf23tfBa8feBRLz
TVPdKXp+4GecnPDYlS/iL2nBIJycvVJZpeuCEVkUxYOwy12mLk1PD6DkonGPB/Oe
kHPblyET1PUv5w==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:17:15 2026 by rpki-client