Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/3f9619-4bd0-4aba-90e2-7c3f8c40c510/1/q9lqrojvmbTVDknsrpyuSPN4gfc.mft
File: q9lqrojvmbTVDknsrpyuSPN4gfc.mft (raw, json)
Hash identifier: OcTksXNG42Rv1oLfwhxKkshyzfTLm5nlGdgd03dFlMs=
Subject key identifier: 8B:6A:AD:4C:82:4F:C8:B8:DD:53:0C:AC:58:C5:90:E5:D7:00:51:1A
Authority key identifier: AB:D9:6A:AE:88:EF:99:B4:D5:0E:49:EC:AE:9C:AE:48:F3:78:81:F7
Certificate issuer: /CN=abd96aae88ef99b4d50e49ecae9cae48f37881f7
Certificate serial: 019D37F768B03B5924D8CA8DC9C5AC184177
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q9lqrojvmbTVDknsrpyuSPN4gfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/3f9619-4bd0-4aba-90e2-7c3f8c40c510/1/q9lqrojvmbTVDknsrpyuSPN4gfc.mft
Manifest number: 04DE
Signing time: Sun 29 Mar 2026 05:00:54 +0000
Manifest this update: Sun 29 Mar 2026 05:00:54 +0000
Manifest next update: Mon 30 Mar 2026 05:00:54 +0000
Files and hashes: 1: 1-DN9R_xhKOI4mV80WkUcPVaagQc.roa (hash: ASJpdR212uLae0GK1ckKJRJ0hpliZAorVI6HruZ1pYo=)
2: q9lqrojvmbTVDknsrpyuSPN4gfc.crl (hash: gXSHaQF9YXVYKr6344C3TGhMEsEIthbTL75fDiqgjrk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3d/3f9619-4bd0-4aba-90e2-7c3f8c40c510/1/q9lqrojvmbTVDknsrpyuSPN4gfc.crl
rsync://rpki.ripe.net/repository/DEFAULT/3d/3f9619-4bd0-4aba-90e2-7c3f8c40c510/1/q9lqrojvmbTVDknsrpyuSPN4gfc.mft
rsync://rpki.ripe.net/repository/DEFAULT/q9lqrojvmbTVDknsrpyuSPN4gfc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 05:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:f7:68:b0:3b:59:24:d8:ca:8d:c9:c5:ac:18:41:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=abd96aae88ef99b4d50e49ecae9cae48f37881f7
Validity
Not Before: Mar 29 05:00:54 2026 GMT
Not After : Mar 30 05:00:54 2026 GMT
Subject: CN=8b6aad4c824fc8b8dd530cac58c590e5d700511a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:cf:a2:eb:c4:9d:f8:11:0d:20:e6:bf:00:c0:
63:7a:63:ed:95:a6:d0:18:63:5b:1a:22:15:e9:d9:
47:02:97:48:6b:78:0f:4c:83:a4:e6:99:da:e2:ea:
64:40:06:15:52:44:5e:07:8b:61:62:ef:9c:ed:43:
64:b2:7a:dd:20:18:7e:1a:34:f9:7d:76:f8:b5:81:
a5:1e:15:b3:b4:55:ed:f5:ed:3f:89:2a:36:3e:db:
de:7c:52:f4:13:31:af:be:d2:58:9b:68:7c:ed:83:
d4:5e:0d:bd:6a:7c:22:9d:0c:6e:2b:30:15:f2:59:
a3:35:98:4d:2a:79:ef:d2:5e:4b:31:33:af:29:d3:
d8:b5:57:f6:14:24:6a:ae:62:65:00:e5:93:2e:f5:
2d:e3:f7:f0:86:b7:fd:3e:7e:7e:88:29:b3:d6:f0:
df:46:0b:10:19:5f:ef:1a:a5:23:74:48:f3:08:80:
9e:38:c9:39:63:a7:49:f1:9f:1a:9a:9d:3c:8e:2a:
1a:a4:6e:6c:75:66:e2:69:53:e7:14:fe:9c:8f:b5:
d8:83:b7:08:4d:92:07:5a:ff:57:c1:2e:d0:ea:99:
cd:cb:b8:ca:2f:51:c0:c5:97:83:28:d5:97:d7:a5:
ac:bb:43:d6:8c:c7:f7:fb:92:cf:39:b9:0e:38:c4:
ca:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:6A:AD:4C:82:4F:C8:B8:DD:53:0C:AC:58:C5:90:E5:D7:00:51:1A
X509v3 Authority Key Identifier:
keyid:AB:D9:6A:AE:88:EF:99:B4:D5:0E:49:EC:AE:9C:AE:48:F3:78:81:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q9lqrojvmbTVDknsrpyuSPN4gfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/3f9619-4bd0-4aba-90e2-7c3f8c40c510/1/q9lqrojvmbTVDknsrpyuSPN4gfc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/3f9619-4bd0-4aba-90e2-7c3f8c40c510/1/q9lqrojvmbTVDknsrpyuSPN4gfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
40:9a:fe:75:fe:30:b2:bc:31:28:2f:d3:db:c6:14:c9:02:2d:
73:fe:f1:91:08:23:fc:7c:49:dc:a1:bc:9b:df:13:97:aa:f1:
38:c8:9f:ca:b7:a1:fb:f8:6c:4e:e4:51:32:07:34:ca:fa:c6:
30:80:b9:4b:dd:c6:6a:74:dd:76:d8:54:42:4a:46:df:f6:6e:
78:13:b8:8d:9d:b4:d3:00:56:be:94:ff:e1:d5:e1:d8:09:c7:
bd:8d:b0:3b:a1:48:a5:51:22:e0:13:2d:22:36:54:e3:8e:33:
17:54:64:dc:d6:fc:59:12:f0:5c:9f:60:f3:0b:8f:87:64:8d:
f9:df:d9:f6:af:cd:7e:f3:ff:6c:04:ae:99:97:d3:4c:77:c1:
c5:8f:6e:78:0e:c0:30:71:4d:eb:2c:7a:b5:fe:32:89:f9:03:
0b:2b:ba:4d:2e:23:f1:8e:69:e3:60:f0:4c:4b:9d:c9:78:cf:
ed:ba:08:05:94:0c:25:ef:b0:7c:eb:8c:42:d5:25:64:ce:4b:
35:01:b2:e6:b1:c6:24:6e:b7:d4:e1:e9:32:7b:5f:12:6f:49:
4b:8a:3d:fe:dd:aa:01:2b:86:b3:bd:1e:61:3e:72:a4:c0:15:
37:7c:89:43:df:3f:f3:fe:cb:0a:ba:45:dd:b8:b7:90:c9:c9:
7f:d5:b4:b3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0392iwO1kk2MqNycWsGEF3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiZDk2YWFlODhlZjk5YjRkNTBlNDllY2FlOWNhZTQ4ZjM3
ODgxZjcwHhcNMjYwMzI5MDUwMDU0WhcNMjYwMzMwMDUwMDU0WjAzMTEwLwYDVQQD
Eyg4YjZhYWQ0YzgyNGZjOGI4ZGQ1MzBjYWM1OGM1OTBlNWQ3MDA1MTFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwc+i68Sd+BENIOa/AMBjemPtlabQ
GGNbGiIV6dlHApdIa3gPTIOk5pna4upkQAYVUkReB4thYu+c7UNksnrdIBh+GjT5
fXb4tYGlHhWztFXt9e0/iSo2PtvefFL0EzGvvtJYm2h87YPUXg29anwinQxuKzAV
8lmjNZhNKnnv0l5LMTOvKdPYtVf2FCRqrmJlAOWTLvUt4/fwhrf9Pn5+iCmz1vDf
RgsQGV/vGqUjdEjzCICeOMk5Y6dJ8Z8amp08jioapG5sdWbiaVPnFP6cj7XYg7cI
TZIHWv9XwS7Q6pnNy7jKL1HAxZeDKNWX16Wsu0PWjMf3+5LPObkOOMTKCQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFItqrUyCT8i43VMMrFjFkOXXAFEaMB8GA1UdIwQY
MBaAFKvZaq6I75m01Q5J7K6crkjzeIH3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTlscXJvanZtYlRWRGtuc3JweXVTUE40Z2ZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8zZjk2MTktNGJkMC00YWJhLTkwZTIt
N2MzZjhjNDBjNTEwLzEvcTlscXJvanZtYlRWRGtuc3JweXVTUE40Z2ZjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8zZjk2MTktNGJkMC00YWJhLTkwZTItN2MzZjhjNDBjNTEw
LzEvcTlscXJvanZtYlRWRGtuc3JweXVTUE40Z2ZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQJr+df4w
srwxKC/T28YUyQItc/7xkQgj/HxJ3KG8m98Tl6rxOMifyreh+/hsTuRRMgc0yvrG
MIC5S93GanTddthUQkpG3/ZueBO4jZ200wBWvpT/4dXh2AnHvY2wO6FIpVEi4BMt
IjZU444zF1Rk3Nb8WRLwXJ9g8wuPh2SN+d/Z9q/NfvP/bASumZfTTHfBxY9ueA7A
MHFN6yx6tf4yifkDCyu6TS4j8Y5p42DwTEudyXjP7boIBZQMJe+wfOuMQtUlZM5L
NQGy5rHGJG631OHpMntfEm9JS4o9/t2qASuGs70eYT5ypMAVN3yJQ98/8/7LCrpF
3bi3kMnJf9W0sw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:25:46 2026 by rpki-client