Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/83f82d-1545-4074-8682-a1de58a3b35b/1/goiQPZDAHi1c4YeIBa1KktKK7ck.mft
File: goiQPZDAHi1c4YeIBa1KktKK7ck.mft (raw, json)
Hash identifier: GQeNS5xtZEZRohugh2YbB+9puhZiCdQLQEHW3J03kH8=
Subject key identifier: 49:65:16:F6:BD:D6:93:ED:85:2E:8E:DD:2C:EA:AF:91:0D:75:A1:DD
Authority key identifier: 82:88:90:3D:90:C0:1E:2D:5C:E1:87:88:05:AD:4A:92:D2:8A:ED:C9
Certificate issuer: /CN=8288903d90c01e2d5ce1878805ad4a92d28aedc9
Certificate serial: 019D3A1CF46991E11E8F89BB8603C1EAC111
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/goiQPZDAHi1c4YeIBa1KktKK7ck.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/83f82d-1545-4074-8682-a1de58a3b35b/1/goiQPZDAHi1c4YeIBa1KktKK7ck.mft
Manifest number: 0FE3
Signing time: Sun 29 Mar 2026 15:01:09 +0000
Manifest this update: Sun 29 Mar 2026 15:01:09 +0000
Manifest next update: Mon 30 Mar 2026 15:01:09 +0000
Files and hashes: 1: FKqb6xzvddOBKsdPHF3mhYAJS0k.roa (hash: 910PvDYWRjp0nPe0uzUMCv2AassoiwccQm9jYSF+i2c=)
2: goiQPZDAHi1c4YeIBa1KktKK7ck.crl (hash: EZLo7kbgN9gobUVWPPfOAITFxJMc87UZH/sVab4mxPs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e2/83f82d-1545-4074-8682-a1de58a3b35b/1/goiQPZDAHi1c4YeIBa1KktKK7ck.crl
rsync://rpki.ripe.net/repository/DEFAULT/e2/83f82d-1545-4074-8682-a1de58a3b35b/1/goiQPZDAHi1c4YeIBa1KktKK7ck.mft
rsync://rpki.ripe.net/repository/DEFAULT/goiQPZDAHi1c4YeIBa1KktKK7ck.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 08:48:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:3a:1c:f4:69:91:e1:1e:8f:89:bb:86:03:c1:ea:c1:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8288903d90c01e2d5ce1878805ad4a92d28aedc9
Validity
Not Before: Mar 29 15:01:09 2026 GMT
Not After : Mar 30 15:01:09 2026 GMT
Subject: CN=496516f6bdd693ed852e8edd2ceaaf910d75a1dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:3a:60:3b:4c:f6:fd:b1:33:7e:37:e3:57:0d:
14:92:e5:6a:2d:8a:c7:a6:8f:96:d8:e3:2e:8f:85:
8a:59:67:bf:a3:d7:06:a6:02:1e:a6:83:35:e7:65:
e1:65:33:31:1a:a3:a7:73:8a:77:3c:7f:98:77:c5:
3a:94:34:ca:e4:cb:c6:b8:76:79:bc:42:e1:3a:b3:
74:32:b4:ee:ad:1d:48:03:23:25:b4:6a:4a:b6:19:
ad:fa:f1:c7:dd:e3:6a:bb:d2:26:8c:c8:35:1e:31:
2a:2d:68:f9:ef:e8:f4:c5:da:a1:5f:9f:c9:db:4f:
bc:f7:1a:b8:54:20:09:73:db:b1:0b:32:23:bf:7b:
6a:26:9f:2e:73:80:37:39:4b:72:5e:8a:3c:7f:57:
b7:66:07:94:d0:13:12:ba:4d:e9:24:d6:86:5e:bb:
f1:0a:1f:40:45:2f:a6:33:dc:57:9a:81:06:69:22:
fe:c8:19:64:22:b0:c7:67:4f:92:0f:4b:75:73:de:
16:d9:26:f8:70:21:50:94:c7:a1:36:35:d5:fd:cd:
1d:fb:d5:d1:52:6b:1e:24:80:04:d9:82:df:6e:13:
e1:08:ad:72:94:66:85:63:e3:86:4c:16:f8:f5:4e:
0c:ea:0e:9f:57:2b:d7:bc:83:e7:14:cd:1b:5b:8d:
ab:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:65:16:F6:BD:D6:93:ED:85:2E:8E:DD:2C:EA:AF:91:0D:75:A1:DD
X509v3 Authority Key Identifier:
keyid:82:88:90:3D:90:C0:1E:2D:5C:E1:87:88:05:AD:4A:92:D2:8A:ED:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/goiQPZDAHi1c4YeIBa1KktKK7ck.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/83f82d-1545-4074-8682-a1de58a3b35b/1/goiQPZDAHi1c4YeIBa1KktKK7ck.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/83f82d-1545-4074-8682-a1de58a3b35b/1/goiQPZDAHi1c4YeIBa1KktKK7ck.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1e:b6:03:56:ea:ea:5f:dc:8e:a3:be:a8:cd:87:0a:f1:b8:27:
57:e0:a1:f1:5d:db:b4:a3:8b:b2:61:19:8b:33:4f:6d:27:9a:
ba:2b:1f:9d:2d:02:92:af:62:cd:94:a8:07:ed:e4:ce:8b:ee:
c6:20:69:64:61:0e:39:1a:dc:f9:67:07:2a:99:41:6d:e8:51:
ca:72:ce:1f:e0:a5:a0:bf:59:a9:46:4f:e6:d3:32:b5:e6:bf:
59:30:a9:c2:bc:30:8d:64:ac:48:ed:33:75:3b:f1:80:83:7f:
fc:b0:57:95:8c:da:d0:fb:d0:86:ba:5b:2f:73:5d:79:62:47:
14:cf:82:69:79:10:6f:3a:5d:ed:d9:80:02:fd:bb:33:ed:de:
41:0a:b2:8e:f5:63:20:98:c9:a0:06:24:e1:d0:69:b7:eb:d2:
eb:70:f8:58:48:74:1f:33:40:7a:a3:48:fb:f2:e5:58:18:70:
22:b1:97:4e:91:40:81:c3:ae:60:a4:8d:fe:4f:89:fa:37:2d:
a4:81:f6:63:60:17:a6:0f:c8:7b:29:4b:a3:36:50:bd:03:26:
ea:9e:99:91:a6:a8:57:aa:26:08:57:03:20:c2:8e:51:96:3e:
8d:6d:86:75:be:27:48:87:e9:9c:10:40:e4:cd:bb:2d:ae:a9:
ea:55:3e:14
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ06HPRpkeEej4m7hgPB6sERMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyODg5MDNkOTBjMDFlMmQ1Y2UxODc4ODA1YWQ0YTkyZDI4
YWVkYzkwHhcNMjYwMzI5MTUwMTA5WhcNMjYwMzMwMTUwMTA5WjAzMTEwLwYDVQQD
Eyg0OTY1MTZmNmJkZDY5M2VkODUyZThlZGQyY2VhYWY5MTBkNzVhMWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwjpgO0z2/bEzfjfjVw0UkuVqLYrH
po+W2OMuj4WKWWe/o9cGpgIepoM152XhZTMxGqOnc4p3PH+Yd8U6lDTK5MvGuHZ5
vELhOrN0MrTurR1IAyMltGpKthmt+vHH3eNqu9ImjMg1HjEqLWj57+j0xdqhX5/J
20+89xq4VCAJc9uxCzIjv3tqJp8uc4A3OUtyXoo8f1e3ZgeU0BMSuk3pJNaGXrvx
Ch9ARS+mM9xXmoEGaSL+yBlkIrDHZ0+SD0t1c94W2Sb4cCFQlMehNjXV/c0d+9XR
UmseJIAE2YLfbhPhCK1ylGaFY+OGTBb49U4M6g6fVyvXvIPnFM0bW42rJQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEllFva91pPthS6O3Szqr5ENdaHdMB8GA1UdIwQY
MBaAFIKIkD2QwB4tXOGHiAWtSpLSiu3JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ29pUVBaREFIaTFjNFllSUJhMUtrdEtLN2NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi84M2Y4MmQtMTU0NS00MDc0LTg2ODIt
YTFkZTU4YTNiMzViLzEvZ29pUVBaREFIaTFjNFllSUJhMUtrdEtLN2NrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi84M2Y4MmQtMTU0NS00MDc0LTg2ODItYTFkZTU4YTNiMzVi
LzEvZ29pUVBaREFIaTFjNFllSUJhMUtrdEtLN2NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHrYDVurq
X9yOo76ozYcK8bgnV+Ch8V3btKOLsmEZizNPbSeauisfnS0Ckq9izZSoB+3kzovu
xiBpZGEOORrc+WcHKplBbehRynLOH+CloL9ZqUZP5tMytea/WTCpwrwwjWSsSO0z
dTvxgIN//LBXlYza0PvQhrpbL3NdeWJHFM+CaXkQbzpd7dmAAv27M+3eQQqyjvVj
IJjJoAYk4dBpt+vS63D4WEh0HzNAeqNI+/LlWBhwIrGXTpFAgcOuYKSN/k+J+jct
pIH2Y2AXpg/IeylLozZQvQMm6p6ZkaaoV6omCFcDIMKOUZY+jW2Gdb4nSIfpnBBA
5M27La6p6lU+FA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 19:23:19 2026 by rpki-client