Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/926b57-cc12-48fc-b996-92a4be85c11d/1/SQtgyL0tnQHwq1ocTApT4dczn2U.mft
File: SQtgyL0tnQHwq1ocTApT4dczn2U.mft (raw, json)
Hash identifier: m5uXfbJubYyowpFeDMKw8oOfeoJlRG4F5XIXDJJ6AHE=
Subject key identifier: 70:46:B3:8D:DB:F7:03:4A:CD:C2:BB:62:C5:7A:23:1D:FB:7C:B7:B8
Authority key identifier: 49:0B:60:C8:BD:2D:9D:01:F0:AB:5A:1C:4C:0A:53:E1:D7:33:9F:65
Certificate issuer: /CN=490b60c8bd2d9d01f0ab5a1c4c0a53e1d7339f65
Certificate serial: 019D3865E3E0840C7D66663E4929F9581D44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SQtgyL0tnQHwq1ocTApT4dczn2U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/926b57-cc12-48fc-b996-92a4be85c11d/1/SQtgyL0tnQHwq1ocTApT4dczn2U.mft
Manifest number: 1476
Signing time: Sun 29 Mar 2026 07:01:34 +0000
Manifest this update: Sun 29 Mar 2026 07:01:34 +0000
Manifest next update: Mon 30 Mar 2026 07:01:34 +0000
Files and hashes: 1: SQtgyL0tnQHwq1ocTApT4dczn2U.crl (hash: gViVHsuQkTgmKHmWE4Lyx8A3bkOKB+NAMi7AZG42iws=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/926b57-cc12-48fc-b996-92a4be85c11d/1/SQtgyL0tnQHwq1ocTApT4dczn2U.crl
rsync://rpki.ripe.net/repository/DEFAULT/dc/926b57-cc12-48fc-b996-92a4be85c11d/1/SQtgyL0tnQHwq1ocTApT4dczn2U.mft
rsync://rpki.ripe.net/repository/DEFAULT/SQtgyL0tnQHwq1ocTApT4dczn2U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:65:e3:e0:84:0c:7d:66:66:3e:49:29:f9:58:1d:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=490b60c8bd2d9d01f0ab5a1c4c0a53e1d7339f65
Validity
Not Before: Mar 29 07:01:34 2026 GMT
Not After : Mar 30 07:01:34 2026 GMT
Subject: CN=7046b38ddbf7034acdc2bb62c57a231dfb7cb7b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:b0:f3:d9:57:e6:6e:63:89:55:3d:f2:54:95:
dc:e4:c7:d2:bc:71:9f:45:d9:ee:a0:ec:bc:b7:56:
cc:50:c4:f4:53:b4:09:20:c3:e1:e8:45:8d:17:94:
14:10:e0:0e:a8:e5:96:29:04:97:c2:17:f7:b9:a9:
36:61:9e:ec:6a:95:57:8f:26:fe:08:a0:73:8d:d7:
c4:7e:b4:5c:2e:41:0e:96:52:a2:91:0f:da:a2:76:
b2:ea:d8:29:b4:ac:8e:f6:24:99:50:54:d3:e9:be:
9a:10:92:47:ce:2c:7e:1d:06:e5:d5:07:7d:51:9b:
29:b3:9c:e4:de:65:15:4a:fc:e7:8f:63:d6:bb:4a:
8d:92:50:1a:7b:f4:93:2f:81:ef:9b:a1:0a:46:d0:
df:f4:aa:52:a5:c2:dc:65:3f:82:41:cd:68:16:b6:
dd:9d:43:a7:16:29:96:28:a0:47:13:7c:7f:8b:43:
8e:2c:49:fe:4b:49:5b:a8:1d:e2:be:8a:ec:42:4f:
4b:e8:4b:74:e1:24:00:7f:3b:d3:99:0e:4d:95:88:
b8:35:98:04:6e:44:82:31:70:83:c1:35:ec:59:c7:
62:92:0a:14:5b:82:85:a2:98:84:9f:36:8f:5b:d8:
42:02:5c:24:51:90:11:1a:58:ed:f4:8e:99:c4:21:
e2:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:46:B3:8D:DB:F7:03:4A:CD:C2:BB:62:C5:7A:23:1D:FB:7C:B7:B8
X509v3 Authority Key Identifier:
keyid:49:0B:60:C8:BD:2D:9D:01:F0:AB:5A:1C:4C:0A:53:E1:D7:33:9F:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SQtgyL0tnQHwq1ocTApT4dczn2U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/926b57-cc12-48fc-b996-92a4be85c11d/1/SQtgyL0tnQHwq1ocTApT4dczn2U.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/926b57-cc12-48fc-b996-92a4be85c11d/1/SQtgyL0tnQHwq1ocTApT4dczn2U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
49:df:41:a4:72:56:b4:e2:e2:c6:e7:f3:19:ed:22:b0:92:64:
22:6c:21:46:99:69:f5:1f:f3:0d:57:d7:41:2e:19:43:f5:5f:
0e:96:e0:07:8a:41:fc:52:5c:10:a5:9c:e0:13:50:84:be:d7:
d9:d8:00:7b:fa:3f:d4:36:23:de:2a:ce:83:7f:a0:4a:60:29:
77:2b:56:48:55:e3:39:ed:26:7d:60:b0:53:1e:20:a4:ed:dd:
e2:03:1f:ed:7c:41:6a:59:48:69:9d:33:4c:da:4d:07:dc:36:
13:f2:36:fc:41:7b:f3:f4:91:9b:e4:cc:ed:b5:a0:16:7c:3a:
9f:28:80:90:ab:88:c0:f4:e5:b5:d6:b8:15:cf:74:a0:25:9a:
22:97:cf:89:4a:15:4a:c7:3c:9e:ee:ac:b2:1c:d5:d5:73:0b:
5d:81:9c:7d:fe:81:87:77:12:23:bc:c6:02:0a:14:17:4d:01:
50:7e:20:91:0f:55:02:80:a8:20:25:1a:01:bb:d7:78:e4:8d:
37:8e:b0:e0:87:39:b2:41:40:15:38:d1:8f:4d:f7:58:ad:eb:
de:60:8d:ab:df:d4:4b:68:05:2c:2d:15:b9:fe:ee:82:a6:a3:
bf:36:5b:b6:ba:56:cd:0c:6f:f3:ed:47:0d:8e:42:40:fd:ed:
86:4a:f6:61
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZePghAx9ZmY+SSn5WB1EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5MGI2MGM4YmQyZDlkMDFmMGFiNWExYzRjMGE1M2UxZDcz
MzlmNjUwHhcNMjYwMzI5MDcwMTM0WhcNMjYwMzMwMDcwMTM0WjAzMTEwLwYDVQQD
Eyg3MDQ2YjM4ZGRiZjcwMzRhY2RjMmJiNjJjNTdhMjMxZGZiN2NiN2I4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq7Dz2VfmbmOJVT3yVJXc5MfSvHGf
RdnuoOy8t1bMUMT0U7QJIMPh6EWNF5QUEOAOqOWWKQSXwhf3uak2YZ7sapVXjyb+
CKBzjdfEfrRcLkEOllKikQ/aonay6tgptKyO9iSZUFTT6b6aEJJHzix+HQbl1Qd9
UZsps5zk3mUVSvznj2PWu0qNklAae/STL4Hvm6EKRtDf9KpSpcLcZT+CQc1oFrbd
nUOnFimWKKBHE3x/i0OOLEn+S0lbqB3ivorsQk9L6Et04SQAfzvTmQ5NlYi4NZgE
bkSCMXCDwTXsWcdikgoUW4KFopiEnzaPW9hCAlwkUZARGljt9I6ZxCHikQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHBGs43b9wNKzcK7YsV6Ix37fLe4MB8GA1UdIwQY
MBaAFEkLYMi9LZ0B8KtaHEwKU+HXM59lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1F0Z3lMMHRuUUh3cTFvY1RBcFQ0ZGN6bjJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy85MjZiNTctY2MxMi00OGZjLWI5OTYt
OTJhNGJlODVjMTFkLzEvU1F0Z3lMMHRuUUh3cTFvY1RBcFQ0ZGN6bjJVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy85MjZiNTctY2MxMi00OGZjLWI5OTYtOTJhNGJlODVjMTFk
LzEvU1F0Z3lMMHRuUUh3cTFvY1RBcFQ0ZGN6bjJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASd9BpHJW
tOLixufzGe0isJJkImwhRplp9R/zDVfXQS4ZQ/VfDpbgB4pB/FJcEKWc4BNQhL7X
2dgAe/o/1DYj3irOg3+gSmApdytWSFXjOe0mfWCwUx4gpO3d4gMf7XxBallIaZ0z
TNpNB9w2E/I2/EF78/SRm+TM7bWgFnw6nyiAkKuIwPTltda4Fc90oCWaIpfPiUoV
Ssc8nu6sshzV1XMLXYGcff6Bh3cSI7zGAgoUF00BUH4gkQ9VAoCoICUaAbvXeOSN
N46w4Ic5skFAFTjRj033WK3r3mCNq9/US2gFLC0Vuf7ugqajvzZbtrpWzQxv8+1H
DY5CQP3thkr2YQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 17:00:46 2026 by rpki-client