Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/d92919-962b-448d-98db-5990ea58e030/1/Q8FllZZq-wus8deTfyRdagUiIaM.mft
File: Q8FllZZq-wus8deTfyRdagUiIaM.mft (raw, json)
Hash identifier: y5qnM+eRo6c3rCWGpc1wnpHbBDIDbJZSpAtoMMd8rdQ=
Subject key identifier: 3F:AD:88:57:AA:FD:D6:DF:F7:4C:79:1A:FD:3D:FD:30:7F:6F:0B:2A
Authority key identifier: 43:C1:65:95:96:6A:FB:0B:AC:F1:D7:93:7F:24:5D:6A:05:22:21:A3
Certificate issuer: /CN=43c16595966afb0bacf1d7937f245d6a052221a3
Certificate serial: 019DCF07F1ED7BF089173ACDAA663FBCFD68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q8FllZZq-wus8deTfyRdagUiIaM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/d92919-962b-448d-98db-5990ea58e030/1/Q8FllZZq-wus8deTfyRdagUiIaM.mft
Manifest number: 18E0
Signing time: Mon 27 Apr 2026 13:01:37 +0000
Manifest this update: Mon 27 Apr 2026 13:01:37 +0000
Manifest next update: Tue 28 Apr 2026 13:01:37 +0000
Files and hashes: 1: 4txRYI484TEAkKZQuGXE7v7kNFE.roa (hash: 0LHuR+m3x801pvrNDlfkYNVRhvh7QTNXeF2avzGdu+o=)
2: 7j99n4d6ANqzBKZIb7AtbN16HNM.roa (hash: rlAo1p9sV9yO7tsi280DXkwJRnsLW38pb6gpoEvvu7w=)
3: Oo3ap3FWMfZFuKT_5X4cPgbvWBY.roa (hash: SClF6a/p5GxrqHhEbYnu5sljGKEXM6UG1fAy0VW6itY=)
4: Q8FllZZq-wus8deTfyRdagUiIaM.crl (hash: VLV1oa0NKBkl01f1016j9VAqwUdPQrSm8tPaKy3wQ70=)
5: ZoLYEk24uuNv33EjJ4m1okSNS6w.roa (hash: aOyue5Aqc/KW4Mnoyy7ahJjLtcQmVKEsi36/Y3I9yHA=)
6: aj9euBKzI3NIH66jZPh8bbmGI6A.roa (hash: 8jTNJ61hr37vcKXTL8TlYqDMnFRq1ith6TwEVeBelwE=)
7: nH1OKpXJbAvAHxN6XWdXMd6gZuY.roa (hash: j3S1I730IB3QQneXnDNotR19hJRoRUA2SbUVmp/YndQ=)
8: ottEKlKze703Xucot2ljZZmoong.roa (hash: 1DtEnDgUDcQi4vqWCrTRW5+Lsqb1kTbcbswrOF8wGaI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e1/d92919-962b-448d-98db-5990ea58e030/1/Q8FllZZq-wus8deTfyRdagUiIaM.crl
rsync://rpki.ripe.net/repository/DEFAULT/e1/d92919-962b-448d-98db-5990ea58e030/1/Q8FllZZq-wus8deTfyRdagUiIaM.mft
rsync://rpki.ripe.net/repository/DEFAULT/Q8FllZZq-wus8deTfyRdagUiIaM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Apr 2026 13:01:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:cf:07:f1:ed:7b:f0:89:17:3a:cd:aa:66:3f:bc:fd:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43c16595966afb0bacf1d7937f245d6a052221a3
Validity
Not Before: Apr 27 13:01:37 2026 GMT
Not After : Apr 28 13:01:37 2026 GMT
Subject: CN=3fad8857aafdd6dff74c791afd3dfd307f6f0b2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:c8:de:f5:4b:4a:d3:bf:65:ca:ef:1d:56:d6:
ad:a0:07:07:71:f0:ea:5c:b4:1a:ea:50:f1:bd:05:
f2:f3:0a:c5:5a:6c:52:6f:56:5d:7f:69:f4:12:39:
bb:aa:13:8d:cb:85:c1:50:0e:b4:02:02:53:01:e9:
23:d2:01:c1:33:02:78:d1:01:b4:92:c3:06:21:2f:
eb:3f:e8:ea:ba:c8:68:bf:0b:fa:bc:62:40:60:dd:
e1:00:d2:5d:07:c9:0f:37:34:34:02:f0:91:63:d8:
b3:e2:4e:98:61:23:50:5c:59:b2:89:26:5d:4c:81:
cd:74:43:aa:a0:5d:2c:f0:fb:5e:45:7e:e7:59:e6:
1e:10:f1:44:92:b7:4a:19:17:2f:40:16:f4:fd:19:
02:5c:90:e7:98:a9:da:0e:91:04:45:4a:a3:bd:42:
2e:49:06:2f:f3:59:37:dc:ff:0c:75:58:90:b4:4d:
cc:1f:1e:70:df:e7:98:5c:98:7b:fc:a8:6f:62:a8:
9d:2a:8c:0a:df:e4:78:e0:b1:f4:75:72:98:0e:07:
22:c3:9f:37:15:87:8c:ca:a1:9d:95:d2:97:8a:dd:
92:19:41:96:a6:df:35:b6:82:52:06:53:4f:91:0b:
9d:55:ff:a3:90:c9:90:f3:22:ec:36:ca:eb:8e:a3:
13:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:AD:88:57:AA:FD:D6:DF:F7:4C:79:1A:FD:3D:FD:30:7F:6F:0B:2A
X509v3 Authority Key Identifier:
keyid:43:C1:65:95:96:6A:FB:0B:AC:F1:D7:93:7F:24:5D:6A:05:22:21:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q8FllZZq-wus8deTfyRdagUiIaM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/d92919-962b-448d-98db-5990ea58e030/1/Q8FllZZq-wus8deTfyRdagUiIaM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/d92919-962b-448d-98db-5990ea58e030/1/Q8FllZZq-wus8deTfyRdagUiIaM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
bd:cd:86:6d:aa:2a:4c:93:80:25:04:1a:b5:e7:92:16:14:5c:
71:27:46:53:4d:49:eb:8e:58:e0:6f:8e:a0:92:14:b2:7a:97:
a1:9f:b7:2f:cb:9d:da:5a:b0:e1:22:91:b7:45:e4:43:87:ec:
81:7d:81:93:df:62:63:47:84:77:4e:a5:6d:5e:fa:9f:8d:c8:
f2:0a:9d:17:6f:92:2c:21:97:f0:11:ce:d6:f5:b8:85:6c:64:
6b:e8:48:7c:29:ac:c5:b8:43:a3:fd:04:48:25:ee:bf:f3:bc:
9f:72:85:b6:db:77:81:74:f1:ce:79:35:8d:d1:ef:01:e0:b5:
2c:86:48:82:69:a3:68:3a:d3:19:cb:9a:16:4b:b3:58:fa:d3:
2e:2d:21:66:1c:52:99:b6:89:28:79:d0:94:51:32:a0:7d:2d:
d1:3a:b3:66:22:9b:c6:29:33:e6:75:59:ae:04:fd:7b:3a:b9:
9b:0e:c8:81:9b:de:08:cb:00:ad:78:b1:96:57:f4:e9:de:78:
77:e4:b2:94:a6:90:e2:d0:2e:45:5b:72:dc:61:d2:47:ee:a1:
c9:8c:28:3d:9e:02:5b:58:4c:66:61:cb:1d:49:3e:66:f2:26:
4e:35:ab:0d:9f:cd:ed:bd:39:75:5c:22:84:62:04:2f:ab:ff:
1b:26:5d:e9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ3PB/Hte/CJFzrNqmY/vP1oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzYzE2NTk1OTY2YWZiMGJhY2YxZDc5MzdmMjQ1ZDZhMDUy
MjIxYTMwHhcNMjYwNDI3MTMwMTM3WhcNMjYwNDI4MTMwMTM3WjAzMTEwLwYDVQQD
EygzZmFkODg1N2FhZmRkNmRmZjc0Yzc5MWFmZDNkZmQzMDdmNmYwYjJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxsje9UtK079lyu8dVtatoAcHcfDq
XLQa6lDxvQXy8wrFWmxSb1Zdf2n0Ejm7qhONy4XBUA60AgJTAekj0gHBMwJ40QG0
ksMGIS/rP+jqushovwv6vGJAYN3hANJdB8kPNzQ0AvCRY9iz4k6YYSNQXFmyiSZd
TIHNdEOqoF0s8PteRX7nWeYeEPFEkrdKGRcvQBb0/RkCXJDnmKnaDpEERUqjvUIu
SQYv81k33P8MdViQtE3MHx5w3+eYXJh7/KhvYqidKowK3+R44LH0dXKYDgciw583
FYeMyqGdldKXit2SGUGWpt81toJSBlNPkQudVf+jkMmQ8yLsNsrrjqMTmwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD+tiFeq/dbf90x5Gv09/TB/bwsqMB8GA1UdIwQY
MBaAFEPBZZWWavsLrPHXk38kXWoFIiGjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUThGbGxaWnEtd3VzOGRlVGZ5UmRhZ1VpSWFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9kOTI5MTktOTYyYi00NDhkLTk4ZGIt
NTk5MGVhNThlMDMwLzEvUThGbGxaWnEtd3VzOGRlVGZ5UmRhZ1VpSWFNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9kOTI5MTktOTYyYi00NDhkLTk4ZGItNTk5MGVhNThlMDMw
LzEvUThGbGxaWnEtd3VzOGRlVGZ5UmRhZ1VpSWFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvc2Gbaoq
TJOAJQQateeSFhRccSdGU01J645Y4G+OoJIUsnqXoZ+3L8ud2lqw4SKRt0XkQ4fs
gX2Bk99iY0eEd06lbV76n43I8gqdF2+SLCGX8BHO1vW4hWxka+hIfCmsxbhDo/0E
SCXuv/O8n3KFttt3gXTxznk1jdHvAeC1LIZIgmmjaDrTGcuaFkuzWPrTLi0hZhxS
mbaJKHnQlFEyoH0t0TqzZiKbxikz5nVZrgT9ezq5mw7IgZveCMsArXixllf06d54
d+SylKaQ4tAuRVty3GHSR+6hyYwoPZ4CW1hMZmHLHUk+ZvImTjWrDZ/N7b05dVwi
hGIEL6v/GyZd6Q==
-----END CERTIFICATE-----
Generated at Mon Apr 27 19:06:21 2026 by rpki-client