Manifest
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/9dccb4b0-e30e-426c-84dc-464fd1899116/0/407DAF8DC897D3F1C43D866EA945305303AD73ED.mft
File: 407DAF8DC897D3F1C43D866EA945305303AD73ED.mft (raw, json)
Hash identifier: QOwoHhREQc4FJRMNUQDpm3cWtGOp0SALEm+jTspkh+I=
Subject key identifier: AC:5E:42:2A:66:99:4E:51:E2:03:14:A1:2E:E3:77:6A:9E:BE:6B:D5
Authority key identifier: 40:7D:AF:8D:C8:97:D3:F1:C4:3D:86:6E:A9:45:30:53:03:AD:73:ED
Certificate issuer: /CN=407daf8dc897d3f1c43d866ea945305303ad73ed
Certificate serial: 5439A3B7726AEC1CD87073C6B26FA1C011E1D89F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QH2vjciX0_HEPYZuqUUwUwOtc-0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/9dccb4b0-e30e-426c-84dc-464fd1899116/0/407DAF8DC897D3F1C43D866EA945305303AD73ED.mft
Manifest number: 0101
Signing time: Mon 25 May 2026 01:12:27 +0000
Manifest this update: Mon 25 May 2026 01:07:27 +0000
Manifest next update: Tue 26 May 2026 05:04:27 +0000
Files and hashes: 1: 407DAF8DC897D3F1C43D866EA945305303AD73ED.crl (hash: /ZR6iJcFNCq9izGcFJF1lx9AdgjCQjHVOq5zcuRoGhU=)
2: 323030313a3637383a6531303a3a2f34382d3438203d3e20323038393135.roa (hash: Q+rBjBtdmpkMnJJ1scyQFgFf7p0XTL49lt2rh8zsejE=)
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/9dccb4b0-e30e-426c-84dc-464fd1899116/0/407DAF8DC897D3F1C43D866EA945305303AD73ED.crl
rsync://rsync.paas.rpki.ripe.net/repository/9dccb4b0-e30e-426c-84dc-464fd1899116/0/407DAF8DC897D3F1C43D866EA945305303AD73ED.mft
rsync://rpki.ripe.net/repository/DEFAULT/QH2vjciX0_HEPYZuqUUwUwOtc-0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 May 2026 05:04:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:39:a3:b7:72:6a:ec:1c:d8:70:73:c6:b2:6f:a1:c0:11:e1:d8:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=407daf8dc897d3f1c43d866ea945305303ad73ed
Validity
Not Before: May 25 01:07:27 2026 GMT
Not After : May 26 05:04:27 2026 GMT
Subject: CN=AC5E422A66994E51E20314A12EE3776A9EBE6BD5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:61:b6:e0:06:ce:1e:50:13:62:82:56:4d:34:
48:b7:30:b8:a3:1d:9a:5b:68:47:ef:62:e8:31:c9:
5f:ac:bf:13:11:cb:9a:a9:c1:1b:83:7e:79:e3:04:
1a:96:29:90:0d:bd:9e:2e:08:a1:e8:7e:8e:a7:bd:
80:54:f7:06:26:13:33:8c:32:de:d8:e8:84:b0:8c:
36:0f:1f:88:08:44:70:12:d6:42:ad:34:29:4b:14:
1f:30:f6:9d:d5:11:1a:ac:21:96:bd:4a:56:b3:2c:
00:21:7a:a5:d3:47:aa:b6:f1:ba:34:59:5d:b5:5e:
6c:28:3e:6d:ce:46:fc:15:47:da:91:91:6f:f8:a4:
b2:32:8e:70:e3:4b:b8:c1:e2:d1:19:95:cb:66:52:
00:98:d2:6d:37:6c:e6:b3:29:50:69:ff:c8:1e:6d:
cb:df:43:28:28:d0:b3:3a:ea:99:fa:de:2c:a1:1b:
37:3d:15:d8:d3:49:36:58:e9:37:74:ea:a7:d3:4b:
f8:db:0c:db:f9:86:54:f5:10:33:e7:52:ae:cc:60:
b9:95:a7:39:e9:73:9e:14:b8:aa:5d:b0:f3:8f:0c:
2e:33:61:cc:b3:65:bd:68:71:8a:7c:48:49:34:9d:
d5:82:27:1a:97:90:a5:2f:a3:88:b8:13:8d:88:f0:
63:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:5E:42:2A:66:99:4E:51:E2:03:14:A1:2E:E3:77:6A:9E:BE:6B:D5
X509v3 Authority Key Identifier:
keyid:40:7D:AF:8D:C8:97:D3:F1:C4:3D:86:6E:A9:45:30:53:03:AD:73:ED
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/9dccb4b0-e30e-426c-84dc-464fd1899116/0/407DAF8DC897D3F1C43D866EA945305303AD73ED.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QH2vjciX0_HEPYZuqUUwUwOtc-0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/9dccb4b0-e30e-426c-84dc-464fd1899116/0/407DAF8DC897D3F1C43D866EA945305303AD73ED.mft
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
23:84:95:75:7a:c7:b2:d2:26:3b:13:28:1c:7e:92:2b:c8:97:
e9:57:e0:42:13:f5:9a:61:c3:0e:27:e9:6f:a6:33:de:fe:99:
89:76:90:a3:5e:06:de:80:c2:65:c8:4f:08:37:b2:11:e4:7a:
cc:97:87:ca:9a:e3:ee:08:5e:e5:09:a3:73:3c:5b:01:23:77:
56:f6:85:62:7f:3e:48:9c:36:7f:27:8c:41:48:a0:f5:87:b7:
f3:26:da:c1:d8:a7:ee:1d:e0:b6:ca:48:64:6b:6a:16:cd:1c:
da:fc:15:d1:fe:a3:b8:e7:0a:7f:c2:df:a1:b5:e8:19:34:70:
d0:93:77:02:75:e2:05:70:69:42:83:2b:c1:c3:f5:66:f6:f9:
a0:a6:f8:33:fc:95:1f:cf:12:17:9e:32:54:ce:65:3d:80:2a:
51:b7:40:65:db:83:50:55:9f:6c:2e:c3:a0:e6:b7:ee:69:61:
c8:95:46:85:d0:df:e7:93:4a:89:b2:ad:43:1e:4a:e2:08:d3:
c4:8b:0f:fb:9e:fa:b0:61:01:80:bb:03:7c:73:f8:ff:f7:a0:
0f:6a:97:7d:4e:f3:7c:25:a3:27:cb:a4:ba:b0:e6:b8:7a:6f:
fb:d8:8f:ba:4c:c2:8d:36:82:e1:82:0d:3c:93:d2:ab:aa:3e:
81:d6:42:41
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgIUVDmjt3Jq7BzYcHPGsm+hwBHh2J8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDA3ZGFmOGRjODk3ZDNmMWM0M2Q4NjZlYTk0NTMwNTMw
M2FkNzNlZDAeFw0yNjA1MjUwMTA3MjdaFw0yNjA1MjYwNTA0MjdaMDMxMTAvBgNV
BAMTKEFDNUU0MjJBNjY5OTRFNTFFMjAzMTRBMTJFRTM3NzZBOUVCRTZCRDUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9YbbgBs4eUBNiglZNNEi3MLij
HZpbaEfvYugxyV+svxMRy5qpwRuDfnnjBBqWKZANvZ4uCKHofo6nvYBU9wYmEzOM
Mt7Y6ISwjDYPH4gIRHAS1kKtNClLFB8w9p3VERqsIZa9SlazLAAheqXTR6q28bo0
WV21XmwoPm3ORvwVR9qRkW/4pLIyjnDjS7jB4tEZlctmUgCY0m03bOazKVBp/8ge
bcvfQygo0LM66pn63iyhGzc9FdjTSTZY6Td06qfTS/jbDNv5hlT1EDPnUq7MYLmV
pznpc54UuKpdsPOPDC4zYcyzZb1ocYp8SEk0ndWCJxqXkKUvo4i4E42I8GNNAgMB
AAGjggJHMIICQzAdBgNVHQ4EFgQUrF5CKmaZTlHiAxShLuN3ap6+a9UwHwYDVR0j
BBgwFoAUQH2vjciX0/HEPYZuqUUwUwOtc+0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOWRjY2I0YjAtZTMwZS00MjZjLTg0ZGMtNDY0ZmQxODk5
MTE2LzAvNDA3REFGOERDODk3RDNGMUM0M0Q4NjZFQTk0NTMwNTMwM0FENzNFRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1FIMnZqY2lYMF9IRVBZWnVxVVV3VXdP
dGMtMC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6
Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS85ZGNjYjRiMC1l
MzBlLTQyNmMtODRkYy00NjRmZDE4OTkxMTYvMC80MDdEQUY4REM4OTdEM0YxQzQz
RDg2NkVBOTQ1MzA1MzAzQUQ3M0VELm1mdDAYBgNVHSABAf8EDjAMMAoGCCsGAQUF
Bw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYIKwYBBQUH
AQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAI4SVdXrHstImOxMoHH6S
K8iX6VfgQhP1mmHDDifpb6Yz3v6ZiXaQo14G3oDCZchPCDeyEeR6zJeHyprj7ghe
5QmjczxbASN3VvaFYn8+SJw2fyeMQUig9Ye38ybawdin7h3gtspIZGtqFs0c2vwV
0f6juOcKf8LfobXoGTRw0JN3AnXiBXBpQoMrwcP1Zvb5oKb4M/yVH88SF54yVM5l
PYAqUbdAZduDUFWfbC7DoOa37mlhyJVGhdDf55NKibKtQx5K4gjTxIsP+576sGEB
gLsDfHP4//egD2qXfU7zfCWjJ8ukurDmuHpv+9iPukzCjTaC4YINPJPSq6o+gdZC
QQ==
-----END CERTIFICATE-----
Generated at Mon May 25 13:45:57 2026 by rpki-client