Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/a9a51a-e8e3-497a-aba2-e799c23aac20/1/Q2TnsO7yBINcffKon2DAK-HYmt0.mft
File: Q2TnsO7yBINcffKon2DAK-HYmt0.mft (raw, json)
Hash identifier: sGaGBjoPrcxcVmzcyR0EacJxeRiRa65nQ4+ckvcjVP0=
Subject key identifier: B0:9D:12:0F:F6:D1:8F:EA:DE:5C:0E:13:A2:93:CC:2C:BD:2C:0C:94
Authority key identifier: 43:64:E7:B0:EE:F2:04:83:5C:7D:F2:A8:9F:60:C0:2B:E1:D8:9A:DD
Certificate issuer: /CN=4364e7b0eef204835c7df2a89f60c02be1d89add
Certificate serial: 019D36E445808A20DC2D71447FDED2774819
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q2TnsO7yBINcffKon2DAK-HYmt0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/a9a51a-e8e3-497a-aba2-e799c23aac20/1/Q2TnsO7yBINcffKon2DAK-HYmt0.mft
Manifest number: 02CD
Signing time: Sun 29 Mar 2026 00:00:22 +0000
Manifest this update: Sun 29 Mar 2026 00:00:22 +0000
Manifest next update: Mon 30 Mar 2026 00:00:22 +0000
Files and hashes: 1: FQ4np3Uu_U8HBc_wlmyGfaHB8_k.roa (hash: ZMkh1EkPj0lBhpV7GegP5F1AQLzZZxZ3YJL9c+bLr0k=)
2: Q2TnsO7yBINcffKon2DAK-HYmt0.crl (hash: EO8yBqs0p/q5jHIKKTnGvtR4bb7QJ8CUPgAa18t3Ojo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9e/a9a51a-e8e3-497a-aba2-e799c23aac20/1/Q2TnsO7yBINcffKon2DAK-HYmt0.crl
rsync://rpki.ripe.net/repository/DEFAULT/9e/a9a51a-e8e3-497a-aba2-e799c23aac20/1/Q2TnsO7yBINcffKon2DAK-HYmt0.mft
rsync://rpki.ripe.net/repository/DEFAULT/Q2TnsO7yBINcffKon2DAK-HYmt0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 00:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:36:e4:45:80:8a:20:dc:2d:71:44:7f:de:d2:77:48:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4364e7b0eef204835c7df2a89f60c02be1d89add
Validity
Not Before: Mar 29 00:00:22 2026 GMT
Not After : Mar 30 00:00:22 2026 GMT
Subject: CN=b09d120ff6d18feade5c0e13a293cc2cbd2c0c94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:fc:61:82:b9:54:4e:fa:4d:99:9a:9b:6b:d7:
bc:4d:ad:93:8a:e3:ae:70:b5:21:9a:28:68:64:c0:
e5:3d:56:bd:8a:82:19:c1:b3:b4:18:78:5d:cc:91:
c7:f7:70:b8:65:6b:80:64:d2:e3:f5:94:62:7a:4a:
86:b3:15:83:c6:dc:0f:e2:76:01:61:75:8e:8e:36:
49:3b:34:2a:3e:ff:d0:b0:a1:32:03:ea:32:3a:e0:
a2:30:bc:fd:30:7c:1c:62:f4:e9:2a:91:8e:96:e1:
4e:f0:4e:a7:4b:22:d2:eb:b9:aa:de:d8:5b:71:ba:
42:c7:bf:d6:94:37:23:f0:d0:08:75:81:a5:68:dd:
ff:0c:df:2d:7e:64:4d:93:e5:db:44:d1:dc:12:29:
07:b2:30:5b:89:20:53:4e:2a:23:80:5f:af:80:02:
8e:de:05:0e:73:95:6f:ef:83:25:b0:69:18:b5:1d:
aa:f4:4b:15:cb:ca:15:e0:c8:9e:1f:fd:5d:0a:c6:
ad:90:b6:9c:9e:c6:e0:e5:77:2e:e3:c4:3a:04:92:
70:7f:7d:a3:81:f7:9c:30:27:bc:3b:e6:ee:98:5a:
0f:bb:03:95:4a:f2:3e:25:82:f0:a4:27:b4:98:de:
8b:17:cb:73:5b:e3:24:76:2b:61:80:7f:8b:44:82:
f7:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:9D:12:0F:F6:D1:8F:EA:DE:5C:0E:13:A2:93:CC:2C:BD:2C:0C:94
X509v3 Authority Key Identifier:
keyid:43:64:E7:B0:EE:F2:04:83:5C:7D:F2:A8:9F:60:C0:2B:E1:D8:9A:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q2TnsO7yBINcffKon2DAK-HYmt0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/a9a51a-e8e3-497a-aba2-e799c23aac20/1/Q2TnsO7yBINcffKon2DAK-HYmt0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/a9a51a-e8e3-497a-aba2-e799c23aac20/1/Q2TnsO7yBINcffKon2DAK-HYmt0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8e:b6:14:f6:d1:d3:9b:01:9e:2c:d6:58:80:db:b8:5b:18:00:
a0:f1:17:50:c0:16:3f:15:aa:6f:91:d7:39:12:b3:07:74:3f:
b7:7b:94:ce:e0:d2:62:04:64:90:79:74:f2:75:a8:eb:73:bf:
e8:38:bd:62:a1:1d:f6:fe:5b:fc:51:5a:97:17:6d:6d:0b:fb:
11:78:f0:2f:be:80:ad:52:ae:8e:62:9d:83:41:7c:5f:ab:b8:
27:3b:5a:00:84:31:e6:d8:83:95:ff:4f:5a:79:7d:e7:1a:22:
eb:e2:87:fb:6c:be:3f:26:47:c0:f7:32:0c:b7:53:1e:5e:de:
23:79:24:fd:6d:24:ab:61:b6:eb:06:38:e7:0e:81:66:ac:1b:
a0:f2:18:14:51:dc:bb:27:33:87:37:8f:87:dd:32:aa:c9:49:
fd:e1:f9:c0:92:d7:8f:35:4d:6f:f4:90:fe:61:b3:83:6f:e5:
69:9d:9e:eb:ec:b7:7c:cd:ed:26:f3:51:fd:f4:19:09:b4:df:
dc:5a:ed:1e:47:bf:e3:0c:db:ce:83:34:2d:97:64:7b:21:c8:
f4:ed:b9:6e:10:5a:4c:87:2f:0d:80:1e:90:8e:a3:d7:8b:8f:
17:87:a5:6b:91:ee:b2:34:65:97:c1:e7:92:5a:e8:e9:d9:96:
00:d0:59:21
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ025EWAiiDcLXFEf97Sd0gZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzNjRlN2IwZWVmMjA0ODM1YzdkZjJhODlmNjBjMDJiZTFk
ODlhZGQwHhcNMjYwMzI5MDAwMDIyWhcNMjYwMzMwMDAwMDIyWjAzMTEwLwYDVQQD
EyhiMDlkMTIwZmY2ZDE4ZmVhZGU1YzBlMTNhMjkzY2MyY2JkMmMwYzk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlvxhgrlUTvpNmZqba9e8Ta2TiuOu
cLUhmihoZMDlPVa9ioIZwbO0GHhdzJHH93C4ZWuAZNLj9ZRiekqGsxWDxtwP4nYB
YXWOjjZJOzQqPv/QsKEyA+oyOuCiMLz9MHwcYvTpKpGOluFO8E6nSyLS67mq3thb
cbpCx7/WlDcj8NAIdYGlaN3/DN8tfmRNk+XbRNHcEikHsjBbiSBTTiojgF+vgAKO
3gUOc5Vv74MlsGkYtR2q9EsVy8oV4MieH/1dCsatkLacnsbg5Xcu48Q6BJJwf32j
gfecMCe8O+bumFoPuwOVSvI+JYLwpCe0mN6LF8tzW+MkdithgH+LRIL3UwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLCdEg/20Y/q3lwOE6KTzCy9LAyUMB8GA1UdIwQY
MBaAFENk57Du8gSDXH3yqJ9gwCvh2JrdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTJUbnNPN3lCSU5jZmZLb24yREFLLUhZbXQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9hOWE1MWEtZThlMy00OTdhLWFiYTIt
ZTc5OWMyM2FhYzIwLzEvUTJUbnNPN3lCSU5jZmZLb24yREFLLUhZbXQwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9hOWE1MWEtZThlMy00OTdhLWFiYTItZTc5OWMyM2FhYzIw
LzEvUTJUbnNPN3lCSU5jZmZLb24yREFLLUhZbXQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjrYU9tHT
mwGeLNZYgNu4WxgAoPEXUMAWPxWqb5HXORKzB3Q/t3uUzuDSYgRkkHl08nWo63O/
6Di9YqEd9v5b/FFalxdtbQv7EXjwL76ArVKujmKdg0F8X6u4JztaAIQx5tiDlf9P
Wnl95xoi6+KH+2y+PyZHwPcyDLdTHl7eI3kk/W0kq2G26wY45w6BZqwboPIYFFHc
uyczhzePh90yqslJ/eH5wJLXjzVNb/SQ/mGzg2/laZ2e6+y3fM3tJvNR/fQZCbTf
3FrtHke/4wzbzoM0LZdkeyHI9O25bhBaTIcvDYAekI6j14uPF4ela5HusjRll8Hn
klro6dmWANBZIQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:15:55 2026 by rpki-client