Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/9472a6-d022-43ce-b362-80e5d53edb41/1/q2hOUOM_OgAVyPiZyIvLE3vPtfk.mft
File: q2hOUOM_OgAVyPiZyIvLE3vPtfk.mft (raw, json)
Hash identifier: nRzYw6jx3Av4b+w5yPSD4k7HVcT4NTR5CBivDuvOrhg=
Subject key identifier: D8:AC:77:56:A4:B4:38:57:C7:E4:E4:EB:2B:6D:11:50:D5:37:31:3D
Authority key identifier: AB:68:4E:50:E3:3F:3A:00:15:C8:F8:99:C8:8B:CB:13:7B:CF:B5:F9
Certificate issuer: /CN=ab684e50e33f3a0015c8f899c88bcb137bcfb5f9
Certificate serial: 019DCD86B82F700BC50E9C88D2B20E60E2D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q2hOUOM_OgAVyPiZyIvLE3vPtfk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/9472a6-d022-43ce-b362-80e5d53edb41/1/q2hOUOM_OgAVyPiZyIvLE3vPtfk.mft
Manifest number: 10D0
Signing time: Mon 27 Apr 2026 06:00:51 +0000
Manifest this update: Mon 27 Apr 2026 06:00:51 +0000
Manifest next update: Tue 28 Apr 2026 06:00:51 +0000
Files and hashes: 1: eutBwstQCFRzhm35XTnNphMWByQ.roa (hash: RdOW4ekiWsJoF7BZmUsggiXem+HWt5D8Hbfh8/B+px8=)
2: q2hOUOM_OgAVyPiZyIvLE3vPtfk.crl (hash: u49a/PICTNBtHRfFW6DaUqJzI7uEMCawCN7Zv68IR9g=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7d/9472a6-d022-43ce-b362-80e5d53edb41/1/q2hOUOM_OgAVyPiZyIvLE3vPtfk.crl
rsync://rpki.ripe.net/repository/DEFAULT/7d/9472a6-d022-43ce-b362-80e5d53edb41/1/q2hOUOM_OgAVyPiZyIvLE3vPtfk.mft
rsync://rpki.ripe.net/repository/DEFAULT/q2hOUOM_OgAVyPiZyIvLE3vPtfk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Apr 2026 06:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:cd:86:b8:2f:70:0b:c5:0e:9c:88:d2:b2:0e:60:e2:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab684e50e33f3a0015c8f899c88bcb137bcfb5f9
Validity
Not Before: Apr 27 06:00:51 2026 GMT
Not After : Apr 28 06:00:51 2026 GMT
Subject: CN=d8ac7756a4b43857c7e4e4eb2b6d1150d537313d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:95:94:92:e0:42:e4:e4:43:a9:98:6f:74:7d:
45:6d:3b:4b:cf:7d:5f:27:ac:a6:3b:f0:3e:8a:27:
6d:b0:dd:17:4c:ce:51:6f:56:33:ac:f2:e0:5f:2d:
a7:57:cc:17:2e:24:11:14:a9:05:ca:29:f6:a3:08:
4a:b5:48:31:8c:9c:a7:bf:4c:b6:a5:af:ce:cb:27:
36:b5:9e:73:34:33:02:bd:92:ad:b9:86:6d:d2:5c:
45:98:9e:ab:d8:53:7e:9c:2f:d6:5f:5d:b8:d0:42:
4c:0f:34:d3:ba:f5:13:df:1c:c3:f9:96:2a:29:24:
ee:63:77:da:aa:43:d9:dd:b4:d0:2c:53:da:6f:88:
94:49:a8:8d:73:76:36:d6:3d:60:e1:f0:bc:af:f5:
86:1f:b8:f2:b7:33:40:d2:e1:c1:d9:25:a2:d6:d1:
5a:f1:6d:c5:de:bb:67:10:a1:f3:4f:d4:8b:e1:63:
16:17:ea:ee:38:7e:a2:c2:4e:15:21:8c:ab:ca:0d:
cd:7c:f9:36:c0:eb:53:3c:c4:dd:f9:36:ba:c8:73:
f3:49:79:9d:2d:db:b5:15:af:e0:99:3b:76:1c:04:
85:9d:f9:20:3a:2f:56:d9:14:62:5d:14:b0:0a:0b:
58:0a:a6:24:0d:bb:ee:1c:e6:2c:67:82:00:fe:e3:
2c:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:AC:77:56:A4:B4:38:57:C7:E4:E4:EB:2B:6D:11:50:D5:37:31:3D
X509v3 Authority Key Identifier:
keyid:AB:68:4E:50:E3:3F:3A:00:15:C8:F8:99:C8:8B:CB:13:7B:CF:B5:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q2hOUOM_OgAVyPiZyIvLE3vPtfk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/9472a6-d022-43ce-b362-80e5d53edb41/1/q2hOUOM_OgAVyPiZyIvLE3vPtfk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/9472a6-d022-43ce-b362-80e5d53edb41/1/q2hOUOM_OgAVyPiZyIvLE3vPtfk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9e:c7:73:7e:76:73:b0:bf:75:03:7b:9f:51:89:44:62:d2:db:
7a:4d:af:f7:31:60:fc:7b:f9:29:d4:7e:b0:b3:d1:98:d8:6c:
c5:21:5b:4a:b9:b4:a4:96:25:04:51:0e:cf:40:a7:fd:1b:65:
53:ff:a2:98:07:e1:1a:15:88:d6:be:09:f4:55:0c:fa:e2:39:
2d:f1:dd:a9:00:26:3b:71:de:d8:3c:8d:61:b0:0d:f9:25:62:
0f:63:6c:ee:bd:d4:47:88:27:86:6b:c6:b7:84:c3:b3:9e:61:
93:a3:6d:e7:1d:46:e4:11:fd:e5:eb:17:eb:66:19:ca:1f:1e:
df:d3:ab:f9:ae:b8:39:81:23:83:2a:ff:00:0a:46:55:5a:ec:
06:bb:38:d6:92:69:04:b1:fc:6a:26:01:9d:bd:ec:17:2f:74:
47:0a:8e:40:bf:8e:68:b1:14:26:d1:c7:f7:3a:04:a0:7b:c7:
5c:d1:30:d5:eb:56:3e:1f:0f:1d:77:e6:82:89:04:5e:81:28:
4d:be:ec:b7:f2:9f:38:91:28:1d:79:d5:e2:4d:20:42:25:0b:
6e:1c:86:68:f3:c9:69:24:e4:c8:fe:0f:0e:06:56:12:a0:33:
62:cc:a3:49:aa:87:ff:cb:78:ac:ab:db:da:4f:c4:30:c9:b7:
84:24:e7:b4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ3NhrgvcAvFDpyI0rIOYOLSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiNjg0ZTUwZTMzZjNhMDAxNWM4Zjg5OWM4OGJjYjEzN2Jj
ZmI1ZjkwHhcNMjYwNDI3MDYwMDUxWhcNMjYwNDI4MDYwMDUxWjAzMTEwLwYDVQQD
EyhkOGFjNzc1NmE0YjQzODU3YzdlNGU0ZWIyYjZkMTE1MGQ1MzczMTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqpWUkuBC5ORDqZhvdH1FbTtLz31f
J6ymO/A+iidtsN0XTM5Rb1YzrPLgXy2nV8wXLiQRFKkFyin2owhKtUgxjJynv0y2
pa/Oyyc2tZ5zNDMCvZKtuYZt0lxFmJ6r2FN+nC/WX1240EJMDzTTuvUT3xzD+ZYq
KSTuY3faqkPZ3bTQLFPab4iUSaiNc3Y21j1g4fC8r/WGH7jytzNA0uHB2SWi1tFa
8W3F3rtnEKHzT9SL4WMWF+ruOH6iwk4VIYyryg3NfPk2wOtTPMTd+Ta6yHPzSXmd
Ldu1Fa/gmTt2HASFnfkgOi9W2RRiXRSwCgtYCqYkDbvuHOYsZ4IA/uMs6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNisd1aktDhXx+Tk6yttEVDVNzE9MB8GA1UdIwQY
MBaAFKtoTlDjPzoAFcj4mciLyxN7z7X5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTJoT1VPTV9PZ0FWeVBpWnlJdkxFM3ZQdGZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC85NDcyYTYtZDAyMi00M2NlLWIzNjIt
ODBlNWQ1M2VkYjQxLzEvcTJoT1VPTV9PZ0FWeVBpWnlJdkxFM3ZQdGZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC85NDcyYTYtZDAyMi00M2NlLWIzNjItODBlNWQ1M2VkYjQx
LzEvcTJoT1VPTV9PZ0FWeVBpWnlJdkxFM3ZQdGZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnsdzfnZz
sL91A3ufUYlEYtLbek2v9zFg/Hv5KdR+sLPRmNhsxSFbSrm0pJYlBFEOz0Cn/Rtl
U/+imAfhGhWI1r4J9FUM+uI5LfHdqQAmO3He2DyNYbAN+SViD2Ns7r3UR4gnhmvG
t4TDs55hk6Nt5x1G5BH95esX62YZyh8e39Or+a64OYEjgyr/AApGVVrsBrs41pJp
BLH8aiYBnb3sFy90RwqOQL+OaLEUJtHH9zoEoHvHXNEw1etWPh8PHXfmgokEXoEo
Tb7st/KfOJEoHXnV4k0gQiULbhyGaPPJaSTkyP4PDgZWEqAzYsyjSaqH/8t4rKvb
2k/EMMm3hCTntA==
-----END CERTIFICATE-----
Generated at Mon Apr 27 14:53:05 2026 by rpki-client