Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/0e1f91-c3ed-435d-a45f-23ac758048ec/1/q3ukNXZmdmStbymmZicOM1eDbxo.mft
File: q3ukNXZmdmStbymmZicOM1eDbxo.mft (raw, json)
Hash identifier: ycwiunTfCdKkLpa66o2S76W//db/tLgmZRPa5n9+VRo=
Subject key identifier: 46:D3:53:F0:50:C9:82:96:17:8C:3B:D6:60:6F:4D:03:F0:E4:B5:AE
Authority key identifier: AB:7B:A4:35:76:66:76:64:AD:6F:29:A6:66:27:0E:33:57:83:6F:1A
Certificate issuer: /CN=ab7ba43576667664ad6f29a666270e3357836f1a
Certificate serial: 019D389BF44EEE245333132976BB68A146A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q3ukNXZmdmStbymmZicOM1eDbxo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/0e1f91-c3ed-435d-a45f-23ac758048ec/1/q3ukNXZmdmStbymmZicOM1eDbxo.mft
Manifest number: 1892
Signing time: Sun 29 Mar 2026 08:00:37 +0000
Manifest this update: Sun 29 Mar 2026 08:00:37 +0000
Manifest next update: Mon 30 Mar 2026 08:00:37 +0000
Files and hashes: 1: eYVzKhVxRl0S4NV-8z3jnKXYp7g.roa (hash: FCmQv16BfxP+owog0Mj/PEYM7uRcKJlUX18aeU4hB40=)
2: q3ukNXZmdmStbymmZicOM1eDbxo.crl (hash: feyrCu7ls/qW36ijbQSc7hdGOmh3dPa1Bo8ksPHp4VE=)
3: xV6FBBeDoPLgKQuqzg8O7q-72L4.roa (hash: bdyv+UoIDEOcCmHbnZjDztZ9hQAFyZKMucdHwquQvzY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/0e1f91-c3ed-435d-a45f-23ac758048ec/1/q3ukNXZmdmStbymmZicOM1eDbxo.crl
rsync://rpki.ripe.net/repository/DEFAULT/53/0e1f91-c3ed-435d-a45f-23ac758048ec/1/q3ukNXZmdmStbymmZicOM1eDbxo.mft
rsync://rpki.ripe.net/repository/DEFAULT/q3ukNXZmdmStbymmZicOM1eDbxo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:9b:f4:4e:ee:24:53:33:13:29:76:bb:68:a1:46:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab7ba43576667664ad6f29a666270e3357836f1a
Validity
Not Before: Mar 29 08:00:37 2026 GMT
Not After : Mar 30 08:00:37 2026 GMT
Subject: CN=46d353f050c98296178c3bd6606f4d03f0e4b5ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:c4:a4:26:5e:62:66:5c:e6:08:22:fd:37:6b:
45:a7:74:dd:42:13:cf:29:b7:98:4b:e6:6c:be:1b:
0c:e7:ca:d0:8f:fe:c7:c7:57:cc:9b:32:21:bb:40:
ed:9b:c8:02:fd:f2:bb:40:1d:8c:57:5d:98:bf:91:
7c:82:3b:83:5f:1c:28:46:de:7e:6e:eb:dc:6a:24:
fa:9e:b5:4f:22:70:de:39:e5:a9:99:01:92:ef:32:
80:8c:c9:b4:4b:0d:77:a5:79:0b:d7:a2:b8:a3:be:
01:79:f1:1b:cb:5a:48:43:a7:aa:c8:42:f5:e6:9f:
a1:62:bc:ff:ba:8f:36:c7:76:6c:27:7e:22:d5:23:
80:f0:02:5d:3a:e4:6a:90:34:20:a1:47:71:1a:17:
29:35:a7:46:9c:65:6a:c0:df:e0:7f:6f:58:da:66:
e7:fd:18:6f:7b:26:6c:8e:01:b2:6f:bf:ca:ba:c8:
f8:bc:2e:15:2c:42:84:0a:1c:89:ec:df:0a:49:b0:
e2:cc:c5:84:73:1b:07:e1:f8:eb:80:df:68:8f:fd:
0c:7d:aa:d1:d3:3d:37:d7:f6:9e:6f:1d:7a:d5:77:
57:35:58:47:8e:70:c5:8a:00:20:a8:bf:a7:69:34:
63:06:84:cd:8b:4a:e9:e6:38:79:8a:70:4e:e9:cb:
11:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:D3:53:F0:50:C9:82:96:17:8C:3B:D6:60:6F:4D:03:F0:E4:B5:AE
X509v3 Authority Key Identifier:
keyid:AB:7B:A4:35:76:66:76:64:AD:6F:29:A6:66:27:0E:33:57:83:6F:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q3ukNXZmdmStbymmZicOM1eDbxo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/0e1f91-c3ed-435d-a45f-23ac758048ec/1/q3ukNXZmdmStbymmZicOM1eDbxo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/0e1f91-c3ed-435d-a45f-23ac758048ec/1/q3ukNXZmdmStbymmZicOM1eDbxo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
83:8b:f1:da:34:42:78:f2:a2:63:ba:a9:6f:16:b7:7c:57:fb:
2c:fa:99:29:cc:b2:84:e3:db:fc:00:0d:cd:4b:7a:f9:d5:af:
dd:2b:be:27:24:84:30:15:c3:a2:88:3c:5d:bb:2e:4c:e3:2c:
c4:bb:1a:82:d8:8c:4b:cf:6c:2a:cd:f2:a1:b7:a2:18:cf:80:
fa:61:82:07:0f:e0:ed:45:2a:bd:7a:ee:03:9e:52:32:1b:0f:
95:32:2f:d5:ae:6c:1d:22:72:9d:71:e8:21:cf:d3:db:40:e2:
c1:0b:bd:3d:d1:7c:e3:86:67:7e:39:06:ba:fb:b2:54:33:41:
0b:d3:28:64:05:82:6c:ca:72:6f:54:cd:fb:9f:dd:f6:70:c9:
18:17:1f:e1:73:e5:a6:75:e7:e2:0a:63:8b:db:e2:08:1c:ec:
80:5b:9d:ca:e6:48:a2:cc:ac:a8:07:e5:d9:e2:fb:bd:c0:22:
0f:15:f9:c3:44:62:25:26:f2:fb:30:e6:f6:e1:b8:54:ab:30:
21:98:63:6d:2d:8c:f5:b7:a3:41:21:db:a5:bc:c3:44:46:92:
c7:d9:65:95:8e:0e:2a:23:45:70:91:9b:57:b1:f6:e8:0c:eb:
33:9c:1b:16:9f:50:29:fd:c0:8d:f4:96:10:f8:7d:a6:77:49:
94:85:4d:80
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04m/RO7iRTMxMpdrtooUahMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiN2JhNDM1NzY2Njc2NjRhZDZmMjlhNjY2MjcwZTMzNTc4
MzZmMWEwHhcNMjYwMzI5MDgwMDM3WhcNMjYwMzMwMDgwMDM3WjAzMTEwLwYDVQQD
Eyg0NmQzNTNmMDUwYzk4Mjk2MTc4YzNiZDY2MDZmNGQwM2YwZTRiNWFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAssSkJl5iZlzmCCL9N2tFp3TdQhPP
KbeYS+ZsvhsM58rQj/7Hx1fMmzIhu0Dtm8gC/fK7QB2MV12Yv5F8gjuDXxwoRt5+
buvcaiT6nrVPInDeOeWpmQGS7zKAjMm0Sw13pXkL16K4o74BefEby1pIQ6eqyEL1
5p+hYrz/uo82x3ZsJ34i1SOA8AJdOuRqkDQgoUdxGhcpNadGnGVqwN/gf29Y2mbn
/RhveyZsjgGyb7/Kusj4vC4VLEKEChyJ7N8KSbDizMWEcxsH4fjrgN9oj/0MfarR
0z031/aebx161XdXNVhHjnDFigAgqL+naTRjBoTNi0rp5jh5inBO6csRCwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEbTU/BQyYKWF4w71mBvTQPw5LWuMB8GA1UdIwQY
MBaAFKt7pDV2ZnZkrW8ppmYnDjNXg28aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTN1a05YWm1kbVN0YnltbVppY09NMWVEYnhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My8wZTFmOTEtYzNlZC00MzVkLWE0NWYt
MjNhYzc1ODA0OGVjLzEvcTN1a05YWm1kbVN0YnltbVppY09NMWVEYnhvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My8wZTFmOTEtYzNlZC00MzVkLWE0NWYtMjNhYzc1ODA0OGVj
LzEvcTN1a05YWm1kbVN0YnltbVppY09NMWVEYnhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAg4vx2jRC
ePKiY7qpbxa3fFf7LPqZKcyyhOPb/AANzUt6+dWv3Su+JySEMBXDoog8XbsuTOMs
xLsagtiMS89sKs3yobeiGM+A+mGCBw/g7UUqvXruA55SMhsPlTIv1a5sHSJynXHo
Ic/T20DiwQu9PdF844ZnfjkGuvuyVDNBC9MoZAWCbMpyb1TN+5/d9nDJGBcf4XPl
pnXn4gpji9viCBzsgFudyuZIosysqAfl2eL7vcAiDxX5w0RiJSby+zDm9uG4VKsw
IZhjbS2M9bejQSHbpbzDREaSx9lllY4OKiNFcJGbV7H26AzrM5wbFp9QKf3AjfSW
EPh9pndJlIVNgA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 17:02:30 2026 by rpki-client