Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/ab7caa-8bc5-4bce-a130-eddf320d50e2/1/Q9UY1zB3iPyjiRh4SQ5PMtmq9q8.mft
File: Q9UY1zB3iPyjiRh4SQ5PMtmq9q8.mft (raw, json)
Hash identifier: fRo8K03V+8QRKqleGk2dz1op5I/1Y85B3UJSp4nWsl8=
Subject key identifier: E9:AF:EA:B8:92:20:1C:FD:5A:81:05:3B:89:53:32:89:CC:7A:58:EE
Authority key identifier: 43:D5:18:D7:30:77:88:FC:A3:89:18:78:49:0E:4F:32:D9:AA:F6:AF
Certificate issuer: /CN=43d518d7307788fca3891878490e4f32d9aaf6af
Certificate serial: 019D37F6E3CEEF2E85BAF6284E873A37EE24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q9UY1zB3iPyjiRh4SQ5PMtmq9q8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/ab7caa-8bc5-4bce-a130-eddf320d50e2/1/Q9UY1zB3iPyjiRh4SQ5PMtmq9q8.mft
Manifest number: 12D9
Signing time: Sun 29 Mar 2026 05:00:20 +0000
Manifest this update: Sun 29 Mar 2026 05:00:20 +0000
Manifest next update: Mon 30 Mar 2026 05:00:20 +0000
Files and hashes: 1: HiATVU2zNI436oDNBvlSrS-IiIo.roa (hash: 65F3Wcciw7HngFzZ4YANeigLFAEt7ipdC99vCIfMg/k=)
2: Q9UY1zB3iPyjiRh4SQ5PMtmq9q8.crl (hash: BlDxFX12+rR/l0YVQlRfP5mTe8+31ahMb/NwYYx3FYA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/89/ab7caa-8bc5-4bce-a130-eddf320d50e2/1/Q9UY1zB3iPyjiRh4SQ5PMtmq9q8.crl
rsync://rpki.ripe.net/repository/DEFAULT/89/ab7caa-8bc5-4bce-a130-eddf320d50e2/1/Q9UY1zB3iPyjiRh4SQ5PMtmq9q8.mft
rsync://rpki.ripe.net/repository/DEFAULT/Q9UY1zB3iPyjiRh4SQ5PMtmq9q8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 05:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:f6:e3:ce:ef:2e:85:ba:f6:28:4e:87:3a:37:ee:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43d518d7307788fca3891878490e4f32d9aaf6af
Validity
Not Before: Mar 29 05:00:20 2026 GMT
Not After : Mar 30 05:00:20 2026 GMT
Subject: CN=e9afeab892201cfd5a81053b89533289cc7a58ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:d7:ce:94:e8:b7:80:00:61:35:e4:62:6c:21:
fd:ef:aa:f5:2b:e9:f9:17:6c:2a:80:e2:88:ca:b1:
1b:85:f4:d3:3f:f6:19:e9:9a:d1:16:cb:af:10:6d:
1a:84:bf:68:6c:09:d0:c1:be:0d:04:f7:c4:4b:74:
3f:0d:fc:57:db:a0:e0:47:93:d3:02:1a:27:16:d9:
d6:18:29:82:29:aa:f7:1b:ca:bc:3f:ec:78:e8:30:
bd:8f:bd:0a:80:01:cd:df:5a:b7:11:94:97:ff:52:
11:97:e7:94:f6:4e:3a:b1:ff:ef:60:52:0a:60:3f:
23:c9:6e:8c:af:f4:3c:b5:13:87:e2:64:f8:27:48:
45:d6:c6:f9:f0:24:72:f9:11:91:a1:ca:8c:b3:3a:
31:ba:7f:45:39:2a:64:91:e7:77:37:4c:ef:a5:9e:
a0:b5:15:d1:f2:01:c3:2f:33:d1:71:f7:4d:88:9d:
91:5a:82:6d:56:fb:1d:7f:a4:38:ec:24:c1:ea:7d:
59:91:e8:01:74:93:76:fa:a5:92:7c:31:8f:fc:c3:
d0:0c:aa:0f:d5:c1:77:08:a1:47:6f:b1:ae:35:f0:
41:72:a6:dd:df:f4:06:b5:4b:d1:31:a3:75:15:23:
5b:d5:ab:2d:c9:66:72:44:2b:db:83:39:e6:e2:2f:
1d:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:AF:EA:B8:92:20:1C:FD:5A:81:05:3B:89:53:32:89:CC:7A:58:EE
X509v3 Authority Key Identifier:
keyid:43:D5:18:D7:30:77:88:FC:A3:89:18:78:49:0E:4F:32:D9:AA:F6:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q9UY1zB3iPyjiRh4SQ5PMtmq9q8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/ab7caa-8bc5-4bce-a130-eddf320d50e2/1/Q9UY1zB3iPyjiRh4SQ5PMtmq9q8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/ab7caa-8bc5-4bce-a130-eddf320d50e2/1/Q9UY1zB3iPyjiRh4SQ5PMtmq9q8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
27:3a:c8:bc:89:2a:3a:ac:ee:10:68:86:29:d2:e7:5b:4e:e3:
db:cd:b7:a7:5e:89:34:b9:b3:85:28:5f:4c:6c:c8:e1:b9:f3:
ea:75:4e:d2:c9:b5:29:a1:01:07:1a:97:3f:ab:2e:44:5f:f1:
7a:d5:cc:3a:01:27:2a:0f:ae:de:54:6f:9e:6a:76:5e:f6:b1:
15:4f:1d:ba:51:81:a3:30:9f:37:a9:0f:85:20:d8:a9:21:7f:
4b:1e:d3:ea:b8:a6:88:8e:de:48:54:91:27:52:fb:98:b6:43:
e1:bd:d8:e5:0e:d4:bb:f1:74:f7:9b:50:13:b7:f8:53:4b:0b:
c5:26:22:5c:c0:2c:13:d7:78:de:21:92:e2:38:66:3f:18:56:
35:94:04:d8:e3:92:7b:17:74:d3:ac:5e:a3:52:08:f8:6c:15:
29:95:3e:a0:11:e4:d6:3b:03:35:e0:55:85:a1:ea:ae:7e:c7:
35:97:36:b7:e7:5b:ed:68:d0:ed:3a:fe:7e:6f:11:9e:ad:66:
9c:45:36:49:cd:74:3a:c2:cf:bb:7a:55:0e:b4:74:c0:72:9c:
4c:2f:12:b4:89:d2:b6:cb:8a:a9:87:e3:ac:4b:72:6b:58:46:
70:76:05:8a:54:84:06:ce:16:a8:74:8c:47:ba:1b:3c:b6:90:
d1:ee:5b:74
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ039uPO7y6FuvYoToc6N+4kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzZDUxOGQ3MzA3Nzg4ZmNhMzg5MTg3ODQ5MGU0ZjMyZDlh
YWY2YWYwHhcNMjYwMzI5MDUwMDIwWhcNMjYwMzMwMDUwMDIwWjAzMTEwLwYDVQQD
EyhlOWFmZWFiODkyMjAxY2ZkNWE4MTA1M2I4OTUzMzI4OWNjN2E1OGVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoNfOlOi3gABhNeRibCH976r1K+n5
F2wqgOKIyrEbhfTTP/YZ6ZrRFsuvEG0ahL9obAnQwb4NBPfES3Q/DfxX26DgR5PT
AhonFtnWGCmCKar3G8q8P+x46DC9j70KgAHN31q3EZSX/1IRl+eU9k46sf/vYFIK
YD8jyW6Mr/Q8tROH4mT4J0hF1sb58CRy+RGRocqMszoxun9FOSpkked3N0zvpZ6g
tRXR8gHDLzPRcfdNiJ2RWoJtVvsdf6Q47CTB6n1ZkegBdJN2+qWSfDGP/MPQDKoP
1cF3CKFHb7GuNfBBcqbd3/QGtUvRMaN1FSNb1astyWZyRCvbgznm4i8dXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOmv6riSIBz9WoEFO4lTMonMeljuMB8GA1UdIwQY
MBaAFEPVGNcwd4j8o4kYeEkOTzLZqvavMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTlVWTF6QjNpUHlqaVJoNFNRNVBNdG1xOXE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS9hYjdjYWEtOGJjNS00YmNlLWExMzAt
ZWRkZjMyMGQ1MGUyLzEvUTlVWTF6QjNpUHlqaVJoNFNRNVBNdG1xOXE4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS9hYjdjYWEtOGJjNS00YmNlLWExMzAtZWRkZjMyMGQ1MGUy
LzEvUTlVWTF6QjNpUHlqaVJoNFNRNVBNdG1xOXE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJzrIvIkq
OqzuEGiGKdLnW07j2823p16JNLmzhShfTGzI4bnz6nVO0sm1KaEBBxqXP6suRF/x
etXMOgEnKg+u3lRvnmp2XvaxFU8dulGBozCfN6kPhSDYqSF/Sx7T6rimiI7eSFSR
J1L7mLZD4b3Y5Q7Uu/F095tQE7f4U0sLxSYiXMAsE9d43iGS4jhmPxhWNZQE2OOS
exd006xeo1II+GwVKZU+oBHk1jsDNeBVhaHqrn7HNZc2t+db7WjQ7Tr+fm8Rnq1m
nEU2Sc10OsLPu3pVDrR0wHKcTC8StInStsuKqYfjrEtya1hGcHYFilSEBs4WqHSM
R7obPLaQ0e5bdA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 15:24:18 2026 by rpki-client