Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/3f151b-fb71-4f1b-bb09-539b329f995c/1/Q0Qhz2oCs4r1trvKbb03ZESLbLc.mft
File: Q0Qhz2oCs4r1trvKbb03ZESLbLc.mft (raw, json)
Hash identifier: HHdOMhDlRezduHPh87zmopO/LO45jVYHw//xpI5gsr4=
Subject key identifier: B5:0F:DA:96:C8:F3:95:34:A8:A1:81:03:3C:44:29:48:07:A4:76:01
Authority key identifier: 43:44:21:CF:6A:02:B3:8A:F5:B6:BB:CA:6D:BD:37:64:44:8B:6C:B7
Certificate issuer: /CN=434421cf6a02b38af5b6bbca6dbd3764448b6cb7
Certificate serial: 019D2929ADDC94BD9DF61216B0DF6397AEB2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q0Qhz2oCs4r1trvKbb03ZESLbLc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/3f151b-fb71-4f1b-bb09-539b329f995c/1/Q0Qhz2oCs4r1trvKbb03ZESLbLc.mft
Manifest number: 1889
Signing time: Thu 26 Mar 2026 08:01:30 +0000
Manifest this update: Thu 26 Mar 2026 08:01:30 +0000
Manifest next update: Fri 27 Mar 2026 08:01:30 +0000
Files and hashes: 1: Q0Qhz2oCs4r1trvKbb03ZESLbLc.crl (hash: nsoH4JJfHkC8SmHmoEUUSUJaG9s0tVNGG/4IHDIFagc=)
2: QyZa0nXuZdTRYOcamDUuEXlxJrw.roa (hash: fY3crQbaUbhZWemSvo5lCgx+xQL5kp/7I3vPr0MN5Fo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/27/3f151b-fb71-4f1b-bb09-539b329f995c/1/Q0Qhz2oCs4r1trvKbb03ZESLbLc.crl
rsync://rpki.ripe.net/repository/DEFAULT/27/3f151b-fb71-4f1b-bb09-539b329f995c/1/Q0Qhz2oCs4r1trvKbb03ZESLbLc.mft
rsync://rpki.ripe.net/repository/DEFAULT/Q0Qhz2oCs4r1trvKbb03ZESLbLc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 08:01:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:29:29:ad:dc:94:bd:9d:f6:12:16:b0:df:63:97:ae:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=434421cf6a02b38af5b6bbca6dbd3764448b6cb7
Validity
Not Before: Mar 26 08:01:30 2026 GMT
Not After : Mar 27 08:01:30 2026 GMT
Subject: CN=b50fda96c8f39534a8a181033c44294807a47601
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:75:74:e4:fb:ed:19:ca:0b:35:6b:cb:0e:52:
4c:c9:9b:5e:08:37:a8:e2:29:69:3e:30:4e:fc:48:
a9:7f:11:25:ce:81:6e:84:ab:18:6a:7a:fc:68:c2:
49:f5:89:ff:3f:15:5e:54:f8:0e:4c:05:b3:96:7d:
06:b6:14:f7:91:79:54:96:42:24:92:12:40:67:8c:
92:9c:3b:fb:62:0f:10:91:4e:b7:9a:b7:e7:ee:76:
5d:84:2d:29:55:5b:33:e0:62:06:ba:49:9c:00:e8:
4d:ac:63:90:b9:f3:0f:c8:85:ea:a9:00:68:e7:0f:
a3:26:8b:af:ae:11:3e:d4:e7:e2:52:fa:f5:24:e2:
9d:b4:18:ff:be:50:76:21:4b:c9:0d:29:54:e7:34:
5b:e9:3e:8d:c5:73:8f:f4:33:97:59:43:94:f9:f1:
08:aa:da:7b:c7:a0:ac:2a:cf:c3:df:56:21:57:8b:
fb:67:ae:4b:e9:1e:c5:ff:47:34:75:41:d1:07:49:
02:b3:2f:ee:69:3e:4f:84:71:5d:1e:8c:f6:ed:c4:
e6:0f:dc:da:ee:c8:92:87:6d:7a:35:cd:26:27:5b:
ba:54:89:3b:ad:35:28:80:d6:4f:64:a4:c6:73:df:
28:89:56:39:89:65:55:e7:c1:28:d1:08:7a:f3:08:
24:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:0F:DA:96:C8:F3:95:34:A8:A1:81:03:3C:44:29:48:07:A4:76:01
X509v3 Authority Key Identifier:
keyid:43:44:21:CF:6A:02:B3:8A:F5:B6:BB:CA:6D:BD:37:64:44:8B:6C:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q0Qhz2oCs4r1trvKbb03ZESLbLc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/3f151b-fb71-4f1b-bb09-539b329f995c/1/Q0Qhz2oCs4r1trvKbb03ZESLbLc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/3f151b-fb71-4f1b-bb09-539b329f995c/1/Q0Qhz2oCs4r1trvKbb03ZESLbLc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
67:f8:2b:5a:c0:52:42:46:8d:09:8d:99:73:ca:db:95:47:f1:
24:17:c6:9b:0f:c8:5c:86:8f:66:1e:e1:a7:66:21:e7:3a:da:
b2:35:0c:ff:c9:47:e5:39:02:c7:97:43:5e:80:25:ae:aa:d8:
98:9c:bf:f0:92:e7:4a:d3:d3:61:0f:1f:c9:2a:46:df:0a:4c:
63:da:db:25:2f:6d:03:71:b2:a7:92:5a:0a:04:d5:de:ac:39:
ab:ad:96:80:a8:5d:3f:e1:7c:d6:63:69:ac:ed:ab:ed:f7:e5:
a0:9f:a7:b2:d9:a0:5c:fa:0e:fb:2f:14:8e:37:8b:f6:ad:c4:
c5:8b:36:71:b0:42:40:f4:11:4a:95:e1:00:ef:dc:9d:83:33:
36:96:d7:e8:3d:38:63:e8:2a:b8:40:48:cf:4f:f3:d8:81:ca:
08:2d:80:83:e9:f5:fd:9f:8f:d7:11:ee:e2:57:9d:22:a3:8a:
e7:a9:bb:cf:2b:4f:93:9e:86:23:b2:30:c5:45:04:1b:6c:f8:
a9:e7:64:64:6f:92:fd:3c:3a:89:18:7c:fe:0a:d8:b1:77:9b:
4e:93:53:ec:cc:da:7c:d7:32:bc:e5:29:b1:7b:2c:08:da:13:
af:78:f3:75:37:5c:d6:2d:af:f8:d4:09:dc:be:4e:10:b2:ac:
e7:63:f3:22
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pKa3clL2d9hIWsN9jl66yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzNDQyMWNmNmEwMmIzOGFmNWI2YmJjYTZkYmQzNzY0NDQ4
YjZjYjcwHhcNMjYwMzI2MDgwMTMwWhcNMjYwMzI3MDgwMTMwWjAzMTEwLwYDVQQD
EyhiNTBmZGE5NmM4ZjM5NTM0YThhMTgxMDMzYzQ0Mjk0ODA3YTQ3NjAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx3V05PvtGcoLNWvLDlJMyZteCDeo
4ilpPjBO/EipfxElzoFuhKsYanr8aMJJ9Yn/PxVeVPgOTAWzln0GthT3kXlUlkIk
khJAZ4ySnDv7Yg8QkU63mrfn7nZdhC0pVVsz4GIGukmcAOhNrGOQufMPyIXqqQBo
5w+jJouvrhE+1OfiUvr1JOKdtBj/vlB2IUvJDSlU5zRb6T6NxXOP9DOXWUOU+fEI
qtp7x6CsKs/D31YhV4v7Z65L6R7F/0c0dUHRB0kCsy/uaT5PhHFdHoz27cTmD9za
7siSh216Nc0mJ1u6VIk7rTUogNZPZKTGc98oiVY5iWVV58Eo0Qh68wgkvQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLUP2pbI85U0qKGBAzxEKUgHpHYBMB8GA1UdIwQY
MBaAFENEIc9qArOK9ba7ym29N2REi2y3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTBRaHoyb0NzNHIxdHJ2S2JiMDNaRVNMYkxjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8zZjE1MWItZmI3MS00ZjFiLWJiMDkt
NTM5YjMyOWY5OTVjLzEvUTBRaHoyb0NzNHIxdHJ2S2JiMDNaRVNMYkxjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy8zZjE1MWItZmI3MS00ZjFiLWJiMDktNTM5YjMyOWY5OTVj
LzEvUTBRaHoyb0NzNHIxdHJ2S2JiMDNaRVNMYkxjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZ/grWsBS
QkaNCY2Zc8rblUfxJBfGmw/IXIaPZh7hp2Yh5zrasjUM/8lH5TkCx5dDXoAlrqrY
mJy/8JLnStPTYQ8fySpG3wpMY9rbJS9tA3Gyp5JaCgTV3qw5q62WgKhdP+F81mNp
rO2r7ffloJ+nstmgXPoO+y8UjjeL9q3ExYs2cbBCQPQRSpXhAO/cnYMzNpbX6D04
Y+gquEBIz0/z2IHKCC2Ag+n1/Z+P1xHu4ledIqOK56m7zytPk56GI7IwxUUEG2z4
qedkZG+S/Tw6iRh8/grYsXebTpNT7MzafNcyvOUpsXssCNoTr3jzdTdc1i2v+NQJ
3L5OELKs52PzIg==
-----END CERTIFICATE-----
Generated at Thu Mar 26 13:59:48 2026 by rpki-client