Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/4a3068-ea9d-4966-be55-7943d9a79bd2/1/Qn35XuEKKtTq8ILfrBWYOLN9NFA.mft
File: Qn35XuEKKtTq8ILfrBWYOLN9NFA.mft (raw, json)
Hash identifier: 3CZMcIvQ2cgRP3E8nWM9SUhTLphq5Bl3X1LpsPR323k=
Subject key identifier: E5:6A:66:7F:6D:0B:81:B1:AE:22:9D:F1:DA:35:15:F1:E4:0E:4A:50
Authority key identifier: 42:7D:F9:5E:E1:0A:2A:D4:EA:F0:82:DF:AC:15:98:38:B3:7D:34:50
Certificate issuer: /CN=427df95ee10a2ad4eaf082dfac159838b37d3450
Certificate serial: 019D3789455013AFE94AF6B02E25DE213737
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Qn35XuEKKtTq8ILfrBWYOLN9NFA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/4a3068-ea9d-4966-be55-7943d9a79bd2/1/Qn35XuEKKtTq8ILfrBWYOLN9NFA.mft
Manifest number: 08E6
Signing time: Sun 29 Mar 2026 03:00:36 +0000
Manifest this update: Sun 29 Mar 2026 03:00:36 +0000
Manifest next update: Mon 30 Mar 2026 03:00:36 +0000
Files and hashes: 1: GDoBWX1Zlup6n9R7-4KowHMAH2c.roa (hash: zITFjtSHZtBX6uRd3C9BycIhrxB4/nE70BUhqc7LIiw=)
2: Qn35XuEKKtTq8ILfrBWYOLN9NFA.crl (hash: qlwnXbzhVKYi8xIF+wRLdWRPZWtJJB4gbQvxUj93k9Q=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/4a3068-ea9d-4966-be55-7943d9a79bd2/1/Qn35XuEKKtTq8ILfrBWYOLN9NFA.crl
rsync://rpki.ripe.net/repository/DEFAULT/b4/4a3068-ea9d-4966-be55-7943d9a79bd2/1/Qn35XuEKKtTq8ILfrBWYOLN9NFA.mft
rsync://rpki.ripe.net/repository/DEFAULT/Qn35XuEKKtTq8ILfrBWYOLN9NFA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 03:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:89:45:50:13:af:e9:4a:f6:b0:2e:25:de:21:37:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=427df95ee10a2ad4eaf082dfac159838b37d3450
Validity
Not Before: Mar 29 03:00:36 2026 GMT
Not After : Mar 30 03:00:36 2026 GMT
Subject: CN=e56a667f6d0b81b1ae229df1da3515f1e40e4a50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:02:09:78:21:bf:3c:37:da:f0:87:4b:33:7f:
02:30:27:0c:e2:e0:2b:1c:61:2e:8b:d7:7c:3d:cf:
ec:9e:d8:55:ff:9b:a7:94:8f:68:c2:5f:42:c3:fe:
30:f2:5b:6a:b7:cf:3d:7c:40:1d:df:b4:4d:d3:26:
31:31:22:18:cc:f3:9d:74:7e:ea:fe:03:2b:82:a2:
2e:f4:02:5b:dc:cc:78:91:8c:a7:9a:34:db:ab:4d:
fc:9f:f8:01:f6:ba:b3:2a:d7:2d:b6:f3:d5:0f:f7:
8c:a3:c5:7f:69:a2:bb:84:97:6c:a0:a1:f2:60:5c:
bb:ce:55:f9:b7:6f:0f:5e:fe:35:4a:6d:f1:bb:fb:
80:b3:d9:a8:b0:2b:07:ee:ee:78:79:b0:1c:78:30:
13:48:56:91:81:2c:af:f9:ed:9f:9d:2c:69:84:09:
9c:d9:69:16:27:df:bd:e9:02:1f:dd:ee:fb:b3:ca:
6a:2c:61:1f:1e:56:ac:37:18:bc:57:2e:1f:67:c8:
71:a2:33:7c:55:32:62:12:2f:1d:d3:53:ea:b0:03:
fd:cf:c9:fd:ab:47:a4:5b:0f:18:08:f7:35:58:2d:
eb:2f:a6:a9:83:51:51:c6:23:7b:52:64:9f:13:aa:
44:ee:df:fd:d1:a6:20:b6:f4:18:3e:40:8d:a6:37:
5e:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:6A:66:7F:6D:0B:81:B1:AE:22:9D:F1:DA:35:15:F1:E4:0E:4A:50
X509v3 Authority Key Identifier:
keyid:42:7D:F9:5E:E1:0A:2A:D4:EA:F0:82:DF:AC:15:98:38:B3:7D:34:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Qn35XuEKKtTq8ILfrBWYOLN9NFA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/4a3068-ea9d-4966-be55-7943d9a79bd2/1/Qn35XuEKKtTq8ILfrBWYOLN9NFA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/4a3068-ea9d-4966-be55-7943d9a79bd2/1/Qn35XuEKKtTq8ILfrBWYOLN9NFA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
69:4a:4c:7d:4e:05:1c:7c:95:e4:2e:08:65:8b:67:cf:c4:5a:
31:b1:c2:d1:bf:15:a4:19:92:36:c9:db:f4:9d:01:48:10:c8:
83:25:03:76:c4:8b:48:48:ac:81:31:7b:e2:6c:ee:93:7a:1a:
39:3e:a7:e8:b4:f6:a7:11:e9:5d:b0:9c:60:b1:97:80:be:0e:
7e:d4:a3:de:87:ff:fb:5a:3e:de:cc:e6:8e:47:f4:c8:28:77:
37:fa:92:1e:a1:90:b7:78:ad:42:76:f1:69:d9:31:2c:e0:c0:
45:af:d2:c5:e6:b2:4a:ae:e6:f2:bf:5e:db:33:a0:b4:9d:e8:
ad:f5:99:1b:15:32:2d:0f:d5:1e:c1:ae:9a:5d:1b:56:06:5e:
04:1f:50:0c:54:4b:b6:c1:29:dd:02:c7:a4:bb:8c:19:f9:63:
20:ea:52:69:db:7b:c6:8c:2c:e1:c2:56:9a:e4:72:ca:6a:4a:
be:39:c0:60:a5:d5:cb:95:3e:36:27:7a:ba:7d:d4:f0:e8:fa:
3d:11:c4:68:b5:ed:38:38:60:f8:d0:d7:d6:2c:70:2f:e3:63:
ad:69:62:21:3d:1c:3d:a6:bf:1d:60:19:22:a6:b0:87:cb:da:
a9:23:7d:5f:20:c5:f1:f7:f2:90:c5:25:82:6b:c9:01:f1:1f:
68:87:73:cd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03iUVQE6/pSvawLiXeITc3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyN2RmOTVlZTEwYTJhZDRlYWYwODJkZmFjMTU5ODM4YjM3
ZDM0NTAwHhcNMjYwMzI5MDMwMDM2WhcNMjYwMzMwMDMwMDM2WjAzMTEwLwYDVQQD
EyhlNTZhNjY3ZjZkMGI4MWIxYWUyMjlkZjFkYTM1MTVmMWU0MGU0YTUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5gIJeCG/PDfa8IdLM38CMCcM4uAr
HGEui9d8Pc/snthV/5unlI9owl9Cw/4w8ltqt889fEAd37RN0yYxMSIYzPOddH7q
/gMrgqIu9AJb3Mx4kYynmjTbq038n/gB9rqzKtcttvPVD/eMo8V/aaK7hJdsoKHy
YFy7zlX5t28PXv41Sm3xu/uAs9mosCsH7u54ebAceDATSFaRgSyv+e2fnSxphAmc
2WkWJ9+96QIf3e77s8pqLGEfHlasNxi8Vy4fZ8hxojN8VTJiEi8d01PqsAP9z8n9
q0ekWw8YCPc1WC3rL6apg1FRxiN7UmSfE6pE7t/90aYgtvQYPkCNpjdeRwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOVqZn9tC4GxriKd8do1FfHkDkpQMB8GA1UdIwQY
MBaAFEJ9+V7hCirU6vCC36wVmDizfTRQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUW4zNVh1RUtLdFRxOElMZnJCV1lPTE45TkZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC80YTMwNjgtZWE5ZC00OTY2LWJlNTUt
Nzk0M2Q5YTc5YmQyLzEvUW4zNVh1RUtLdFRxOElMZnJCV1lPTE45TkZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC80YTMwNjgtZWE5ZC00OTY2LWJlNTUtNzk0M2Q5YTc5YmQy
LzEvUW4zNVh1RUtLdFRxOElMZnJCV1lPTE45TkZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaUpMfU4F
HHyV5C4IZYtnz8RaMbHC0b8VpBmSNsnb9J0BSBDIgyUDdsSLSEisgTF74mzuk3oa
OT6n6LT2pxHpXbCcYLGXgL4OftSj3of/+1o+3szmjkf0yCh3N/qSHqGQt3itQnbx
adkxLODARa/SxeaySq7m8r9e2zOgtJ3orfWZGxUyLQ/VHsGuml0bVgZeBB9QDFRL
tsEp3QLHpLuMGfljIOpSadt7xows4cJWmuRyympKvjnAYKXVy5U+Nid6un3U8Oj6
PRHEaLXtODhg+NDX1ixwL+NjrWliIT0cPaa/HWAZIqawh8vaqSN9XyDF8ffykMUl
gmvJAfEfaIdzzQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:46:47 2026 by rpki-client