Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/ffef96-bac5-4126-b2b7-0135d9128e86/1/pQOx3UEAcK1i5KL8ZqE7TrYTaPQ.mft
File: pQOx3UEAcK1i5KL8ZqE7TrYTaPQ.mft (raw, json)
Hash identifier: Kyl27UZ8fi2PKmNcOclNAks/dYyrDnF+Mly+8r0ood0=
Subject key identifier: 2A:86:A0:E1:D9:0F:0C:BF:23:48:49:D0:AC:D6:87:93:5E:43:6F:66
Authority key identifier: A5:03:B1:DD:41:00:70:AD:62:E4:A2:FC:66:A1:3B:4E:B6:13:68:F4
Certificate issuer: /CN=a503b1dd410070ad62e4a2fc66a13b4eb61368f4
Certificate serial: 019D3A546960ACC8098F9603F44A746FD460
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pQOx3UEAcK1i5KL8ZqE7TrYTaPQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/ffef96-bac5-4126-b2b7-0135d9128e86/1/pQOx3UEAcK1i5KL8ZqE7TrYTaPQ.mft
Manifest number: 0D43
Signing time: Sun 29 Mar 2026 16:01:43 +0000
Manifest this update: Sun 29 Mar 2026 16:01:43 +0000
Manifest next update: Mon 30 Mar 2026 16:01:43 +0000
Files and hashes: 1: ZRxGcXvKI-87TaBioLr7loAqnqU.roa (hash: fDFlR6aMmLPDNdY7x4FSn6o3uvA+KJ98lgCNqqUl5I8=)
2: pQOx3UEAcK1i5KL8ZqE7TrYTaPQ.crl (hash: ChZWE4/0lYP7E7PwBYlRMEVpb531/SENOrhvS/V1KI4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4b/ffef96-bac5-4126-b2b7-0135d9128e86/1/pQOx3UEAcK1i5KL8ZqE7TrYTaPQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/4b/ffef96-bac5-4126-b2b7-0135d9128e86/1/pQOx3UEAcK1i5KL8ZqE7TrYTaPQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/pQOx3UEAcK1i5KL8ZqE7TrYTaPQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 08:48:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:3a:54:69:60:ac:c8:09:8f:96:03:f4:4a:74:6f:d4:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a503b1dd410070ad62e4a2fc66a13b4eb61368f4
Validity
Not Before: Mar 29 16:01:43 2026 GMT
Not After : Mar 30 16:01:43 2026 GMT
Subject: CN=2a86a0e1d90f0cbf234849d0acd687935e436f66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:18:1a:1a:30:5d:95:60:f0:67:45:54:e5:ba:
38:2a:0a:55:81:86:96:51:4a:04:d9:4f:db:0f:40:
99:04:36:74:f8:72:4d:1a:60:1c:ca:b4:c7:cd:da:
a1:7a:65:bf:26:ff:b2:cb:3d:99:7b:22:eb:21:7b:
a0:64:13:d2:01:33:90:e9:98:b4:4c:ee:15:3d:a2:
1f:b5:e5:b6:b5:61:8e:83:6b:66:43:7f:f8:70:4c:
1e:d8:c2:2b:ce:bf:27:6a:c0:9e:17:21:0e:68:61:
83:8e:25:35:e1:3f:e2:8a:a9:6a:38:e6:c1:32:7c:
5f:37:1c:b8:7c:17:13:bc:db:b3:47:83:43:50:57:
4f:62:3d:8c:93:2c:40:92:c0:6d:b7:37:8b:8e:80:
94:e6:8e:9e:36:04:e1:0e:23:63:3d:dd:9d:cf:09:
cc:3e:9a:04:94:ae:66:32:95:c8:43:7f:6b:4b:3a:
d4:38:88:dc:44:ca:74:39:20:22:51:48:b1:db:82:
5f:c8:a6:48:2c:2f:ba:2b:d4:84:ec:89:1f:5c:5d:
7e:49:89:85:08:12:97:17:ae:c1:55:80:73:52:75:
9c:e6:52:b9:f2:83:c2:fd:01:8c:2e:6f:f2:b5:46:
d8:85:18:94:d9:13:d2:84:d1:57:49:42:c4:cd:fa:
c7:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:86:A0:E1:D9:0F:0C:BF:23:48:49:D0:AC:D6:87:93:5E:43:6F:66
X509v3 Authority Key Identifier:
keyid:A5:03:B1:DD:41:00:70:AD:62:E4:A2:FC:66:A1:3B:4E:B6:13:68:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pQOx3UEAcK1i5KL8ZqE7TrYTaPQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/ffef96-bac5-4126-b2b7-0135d9128e86/1/pQOx3UEAcK1i5KL8ZqE7TrYTaPQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/ffef96-bac5-4126-b2b7-0135d9128e86/1/pQOx3UEAcK1i5KL8ZqE7TrYTaPQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a1:6a:31:a2:0b:4a:5f:23:3e:70:98:d1:35:7e:25:a2:c0:ca:
30:99:ec:d2:13:29:9e:17:1c:84:3a:d7:25:b4:b3:51:b4:4c:
b2:d2:f6:98:ea:c9:f1:a6:b2:c3:b8:1c:17:d5:cc:66:a3:bc:
13:49:f7:d7:33:3d:9a:69:5b:04:97:ac:fc:4c:57:57:38:af:
bb:2b:5c:a0:f0:dd:0d:6e:4b:90:a8:79:a7:9c:96:19:74:c3:
29:86:3c:2e:ff:f1:2b:b3:a6:1b:c6:45:40:77:da:1c:c7:7a:
9d:fb:4a:bb:09:d0:9e:3e:3f:37:0e:ef:e0:c9:58:43:5e:07:
0e:d7:b3:87:1d:8e:ad:f9:af:44:f7:40:51:7d:97:d7:86:2f:
80:9a:79:95:66:cd:6d:98:c0:02:d6:c0:75:9e:34:41:86:2a:
bc:8e:b6:c9:3c:64:6f:39:a7:cb:44:fd:d1:e2:2f:31:05:15:
77:d7:cd:d1:4a:d4:29:2a:6e:12:a7:7f:55:3c:ba:86:73:af:
81:6e:8d:b9:94:94:20:46:a7:7d:b7:c3:2a:a5:60:2f:c6:3a:
c3:c5:61:0e:99:5c:d1:29:30:35:e7:4b:0d:64:5b:41:00:b3:
e2:06:ea:27:21:59:b3:56:37:5c:fc:08:a1:3c:50:61:60:8d:
03:35:97:63
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ06VGlgrMgJj5YD9Ep0b9RgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1MDNiMWRkNDEwMDcwYWQ2MmU0YTJmYzY2YTEzYjRlYjYx
MzY4ZjQwHhcNMjYwMzI5MTYwMTQzWhcNMjYwMzMwMTYwMTQzWjAzMTEwLwYDVQQD
EygyYTg2YTBlMWQ5MGYwY2JmMjM0ODQ5ZDBhY2Q2ODc5MzVlNDM2ZjY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtRgaGjBdlWDwZ0VU5bo4KgpVgYaW
UUoE2U/bD0CZBDZ0+HJNGmAcyrTHzdqhemW/Jv+yyz2ZeyLrIXugZBPSATOQ6Zi0
TO4VPaIfteW2tWGOg2tmQ3/4cEwe2MIrzr8nasCeFyEOaGGDjiU14T/iiqlqOObB
MnxfNxy4fBcTvNuzR4NDUFdPYj2MkyxAksBttzeLjoCU5o6eNgThDiNjPd2dzwnM
PpoElK5mMpXIQ39rSzrUOIjcRMp0OSAiUUix24JfyKZILC+6K9SE7IkfXF1+SYmF
CBKXF67BVYBzUnWc5lK58oPC/QGMLm/ytUbYhRiU2RPShNFXSULEzfrH0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCqGoOHZDwy/I0hJ0KzWh5NeQ29mMB8GA1UdIwQY
MBaAFKUDsd1BAHCtYuSi/GahO062E2j0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFFPeDNVRUFjSzFpNUtMOFpxRTdUcllUYVBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9mZmVmOTYtYmFjNS00MTI2LWIyYjct
MDEzNWQ5MTI4ZTg2LzEvcFFPeDNVRUFjSzFpNUtMOFpxRTdUcllUYVBRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9mZmVmOTYtYmFjNS00MTI2LWIyYjctMDEzNWQ5MTI4ZTg2
LzEvcFFPeDNVRUFjSzFpNUtMOFpxRTdUcllUYVBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoWoxogtK
XyM+cJjRNX4losDKMJns0hMpnhcchDrXJbSzUbRMstL2mOrJ8aayw7gcF9XMZqO8
E0n31zM9mmlbBJes/ExXVzivuytcoPDdDW5LkKh5p5yWGXTDKYY8Lv/xK7OmG8ZF
QHfaHMd6nftKuwnQnj4/Nw7v4MlYQ14HDtezhx2OrfmvRPdAUX2X14YvgJp5lWbN
bZjAAtbAdZ40QYYqvI62yTxkbzmny0T90eIvMQUVd9fN0UrUKSpuEqd/VTy6hnOv
gW6NuZSUIEanfbfDKqVgL8Y6w8VhDplc0SkwNedLDWRbQQCz4gbqJyFZs1Y3XPwI
oTxQYWCNAzWXYw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 18:35:36 2026 by rpki-client