Manifest
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/9dccb4b0-e30e-426c-84dc-464fd1899116/0/407DAF8DC897D3F1C43D866EA945305303AD73ED.mft
File: 407DAF8DC897D3F1C43D866EA945305303AD73ED.mft (raw, json)
Hash identifier: dZlWpkY6ROhCsyM6pIMu3+YFyVC4ZvfiTzgRSE/XaRQ=
Subject key identifier: 03:ED:C6:C5:77:7D:D0:FE:3D:7B:D6:33:F2:6B:1E:FC:82:87:7A:CE
Authority key identifier: 40:7D:AF:8D:C8:97:D3:F1:C4:3D:86:6E:A9:45:30:53:03:AD:73:ED
Certificate issuer: /CN=407daf8dc897d3f1c43d866ea945305303ad73ed
Certificate serial: 31C8E4AF85190786550579F9B233F84CFBF3803F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QH2vjciX0_HEPYZuqUUwUwOtc-0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/9dccb4b0-e30e-426c-84dc-464fd1899116/0/407DAF8DC897D3F1C43D866EA945305303AD73ED.mft
Manifest number: B5
Signing time: Sat 28 Mar 2026 17:10:56 +0000
Manifest this update: Sat 28 Mar 2026 17:05:56 +0000
Manifest next update: Sun 29 Mar 2026 20:36:56 +0000
Files and hashes: 1: 407DAF8DC897D3F1C43D866EA945305303AD73ED.crl (hash: Bul1CpO8sRYKOT/dx4VrB8dXpKsqB0VgfNAmInGW87Q=)
2: 323030313a3637383a6531303a3a2f34382d3438203d3e20323038393135.roa (hash: Q+rBjBtdmpkMnJJ1scyQFgFf7p0XTL49lt2rh8zsejE=)
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/9dccb4b0-e30e-426c-84dc-464fd1899116/0/407DAF8DC897D3F1C43D866EA945305303AD73ED.crl
rsync://rsync.paas.rpki.ripe.net/repository/9dccb4b0-e30e-426c-84dc-464fd1899116/0/407DAF8DC897D3F1C43D866EA945305303AD73ED.mft
rsync://rpki.ripe.net/repository/DEFAULT/QH2vjciX0_HEPYZuqUUwUwOtc-0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Mar 2026 20:36:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:c8:e4:af:85:19:07:86:55:05:79:f9:b2:33:f8:4c:fb:f3:80:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=407daf8dc897d3f1c43d866ea945305303ad73ed
Validity
Not Before: Mar 28 17:05:56 2026 GMT
Not After : Mar 29 20:36:56 2026 GMT
Subject: CN=03EDC6C5777DD0FE3D7BD633F26B1EFC82877ACE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:78:a6:25:1f:f0:63:63:f6:cb:33:e2:f8:b6:
7b:0c:f7:68:6a:b5:2c:75:19:5b:f4:52:2c:ea:3a:
93:32:aa:31:5b:85:cd:60:6c:87:3d:b8:9f:47:a1:
2c:3e:03:c5:34:21:0f:e1:45:99:79:64:04:f9:1f:
a1:e8:41:bb:ed:7b:f8:f4:d0:36:71:9f:b2:9b:43:
1b:46:cb:a1:cb:43:1c:b4:6a:55:61:36:31:69:fb:
ca:ba:3a:31:97:c7:66:48:a6:00:a3:6c:c4:02:27:
c9:2c:39:5f:b3:3e:99:31:6c:bc:74:96:e6:5e:ca:
2d:70:8e:44:36:e0:37:b7:8b:dd:ad:36:c1:74:4e:
1d:25:e3:ed:6c:57:62:5a:04:3f:3d:e0:0f:23:ee:
67:d1:26:2d:56:de:49:cb:dc:f8:b5:ac:d5:79:71:
d8:e9:80:9f:83:a5:9e:66:29:4c:36:10:af:44:cb:
83:ba:11:38:68:47:52:d2:23:3a:3f:9e:ae:2c:1a:
55:bf:ed:ac:b6:a8:88:72:22:ba:a9:08:76:8e:8a:
76:ce:e0:83:87:fb:7d:2d:91:a3:53:ed:c1:18:13:
ac:60:01:92:3f:0a:ae:e9:1a:06:25:2c:0b:8b:6c:
47:1f:5c:86:47:1f:80:69:dd:99:c1:31:83:69:5f:
fc:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:ED:C6:C5:77:7D:D0:FE:3D:7B:D6:33:F2:6B:1E:FC:82:87:7A:CE
X509v3 Authority Key Identifier:
keyid:40:7D:AF:8D:C8:97:D3:F1:C4:3D:86:6E:A9:45:30:53:03:AD:73:ED
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/9dccb4b0-e30e-426c-84dc-464fd1899116/0/407DAF8DC897D3F1C43D866EA945305303AD73ED.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QH2vjciX0_HEPYZuqUUwUwOtc-0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/9dccb4b0-e30e-426c-84dc-464fd1899116/0/407DAF8DC897D3F1C43D866EA945305303AD73ED.mft
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9b:4e:1a:87:7b:75:b3:9b:65:2c:ab:31:04:10:af:61:26:c3:
d2:88:2d:7f:da:3c:bd:02:2c:67:11:d1:2a:10:de:be:b3:c6:
99:a0:fa:b1:69:d5:74:25:87:cc:c8:7b:1c:ee:39:78:f9:37:
2a:09:ca:fa:c3:d4:0b:63:d1:58:0f:71:19:e9:4e:54:fc:98:
8f:a2:4a:2e:27:4a:b5:b3:f7:c0:3c:22:e3:7e:93:bc:86:72:
35:72:50:16:80:d5:86:1a:2a:69:29:3b:06:25:32:c5:58:99:
87:1c:db:12:78:79:d5:cf:db:8b:1a:f3:c2:20:5d:6a:05:33:
d1:c9:26:ca:50:04:cd:eb:11:43:a0:7d:35:4e:27:9d:ac:b3:
d1:aa:3c:87:d7:58:8d:e4:2a:3d:34:3b:1e:e1:d0:59:57:4c:
6b:a1:e7:d4:de:28:76:ce:36:32:a6:3a:46:88:ee:2c:78:34:
f3:15:81:89:22:53:0c:70:2d:5c:50:37:bc:eb:1a:f4:d7:3f:
a4:a3:aa:a9:2a:80:54:f7:92:f2:4d:3f:bf:6f:92:45:46:bc:
bf:48:7c:07:9c:d8:7b:b1:38:d1:d3:2a:33:ce:e6:ef:41:11:
a7:35:95:09:88:5a:e6:62:b3:9b:72:73:7d:07:f4:4d:24:5e:
5a:9c:ca:85
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgIUMcjkr4UZB4ZVBXn5sjP4TPvzgD8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDA3ZGFmOGRjODk3ZDNmMWM0M2Q4NjZlYTk0NTMwNTMw
M2FkNzNlZDAeFw0yNjAzMjgxNzA1NTZaFw0yNjAzMjkyMDM2NTZaMDMxMTAvBgNV
BAMTKDAzRURDNkM1Nzc3REQwRkUzRDdCRDYzM0YyNkIxRUZDODI4NzdBQ0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCweKYlH/BjY/bLM+L4tnsM92hq
tSx1GVv0UizqOpMyqjFbhc1gbIc9uJ9HoSw+A8U0IQ/hRZl5ZAT5H6HoQbvte/j0
0DZxn7KbQxtGy6HLQxy0alVhNjFp+8q6OjGXx2ZIpgCjbMQCJ8ksOV+zPpkxbLx0
luZeyi1wjkQ24De3i92tNsF0Th0l4+1sV2JaBD894A8j7mfRJi1W3knL3Pi1rNV5
cdjpgJ+DpZ5mKUw2EK9Ey4O6EThoR1LSIzo/nq4sGlW/7ay2qIhyIrqpCHaOinbO
4IOH+30tkaNT7cEYE6xgAZI/Cq7pGgYlLAuLbEcfXIZHH4Bp3ZnBMYNpX/zBAgMB
AAGjggJHMIICQzAdBgNVHQ4EFgQUA+3GxXd90P49e9Yz8mse/IKHes4wHwYDVR0j
BBgwFoAUQH2vjciX0/HEPYZuqUUwUwOtc+0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOWRjY2I0YjAtZTMwZS00MjZjLTg0ZGMtNDY0ZmQxODk5
MTE2LzAvNDA3REFGOERDODk3RDNGMUM0M0Q4NjZFQTk0NTMwNTMwM0FENzNFRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1FIMnZqY2lYMF9IRVBZWnVxVVV3VXdP
dGMtMC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6
Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS85ZGNjYjRiMC1l
MzBlLTQyNmMtODRkYy00NjRmZDE4OTkxMTYvMC80MDdEQUY4REM4OTdEM0YxQzQz
RDg2NkVBOTQ1MzA1MzAzQUQ3M0VELm1mdDAYBgNVHSABAf8EDjAMMAoGCCsGAQUF
Bw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYIKwYBBQUH
AQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAm04ah3t1s5tlLKsxBBCv
YSbD0ogtf9o8vQIsZxHRKhDevrPGmaD6sWnVdCWHzMh7HO45ePk3KgnK+sPUC2PR
WA9xGelOVPyYj6JKLidKtbP3wDwi436TvIZyNXJQFoDVhhoqaSk7BiUyxViZhxzb
Enh51c/bixrzwiBdagUz0ckmylAEzesRQ6B9NU4nnayz0ao8h9dYjeQqPTQ7HuHQ
WVdMa6Hn1N4ods42MqY6RojuLHg08xWBiSJTDHAtXFA3vOsa9Nc/pKOqqSqAVPeS
8k0/v2+SRUa8v0h8B5zYe7E40dMqM87m70ERpzWVCYha5mKzm3JzfQf0TSReWpzK
hQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:49:49 2026 by rpki-client