Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/107467-56a1-48c5-add1-43a8526d82bb/1/bQih9MOF86e2KYTVPoFmWplUEPM.mft
File: bQih9MOF86e2KYTVPoFmWplUEPM.mft (raw, json)
Hash identifier: UHMJKfp7mcvc7I/oxWPuNkNKfZETVIbEFTMGKYJLaqo=
Subject key identifier: 78:43:E6:4D:5B:73:75:4D:A0:23:92:6A:B9:9C:FF:1E:EE:E2:90:E7
Authority key identifier: 6D:08:A1:F4:C3:85:F3:A7:B6:29:84:D5:3E:81:66:5A:99:54:10:F3
Certificate issuer: /CN=6d08a1f4c385f3a7b62984d53e81665a995410f3
Certificate serial: 019D992B16341E4B6CDE909FAFA5056BAE23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bQih9MOF86e2KYTVPoFmWplUEPM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/107467-56a1-48c5-add1-43a8526d82bb/1/bQih9MOF86e2KYTVPoFmWplUEPM.mft
Manifest number: 0CC1
Signing time: Fri 17 Apr 2026 02:00:30 +0000
Manifest this update: Fri 17 Apr 2026 02:00:30 +0000
Manifest next update: Sat 18 Apr 2026 02:00:30 +0000
Files and hashes: 1: ALmp9QVk21GznNgt6Dz8ZcrWqhg.roa (hash: O+KLwwhLgCZOa9Dra8cvY4Q3raXGnTT+rDZassQxMZs=)
2: bQih9MOF86e2KYTVPoFmWplUEPM.crl (hash: SO+vaqSX15RqnCar4iWdJtpi22l75MGFTeGyTmFPOVA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/107467-56a1-48c5-add1-43a8526d82bb/1/bQih9MOF86e2KYTVPoFmWplUEPM.crl
rsync://rpki.ripe.net/repository/DEFAULT/21/107467-56a1-48c5-add1-43a8526d82bb/1/bQih9MOF86e2KYTVPoFmWplUEPM.mft
rsync://rpki.ripe.net/repository/DEFAULT/bQih9MOF86e2KYTVPoFmWplUEPM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:99:2b:16:34:1e:4b:6c:de:90:9f:af:a5:05:6b:ae:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d08a1f4c385f3a7b62984d53e81665a995410f3
Validity
Not Before: Apr 17 02:00:30 2026 GMT
Not After : Apr 18 02:00:30 2026 GMT
Subject: CN=7843e64d5b73754da023926ab99cff1eeee290e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:5f:34:49:2f:48:59:66:bf:f0:1f:98:73:8e:
d6:36:e9:25:c6:8d:cb:cd:97:a1:8e:1d:bb:ef:d7:
9c:d3:6f:9b:45:fb:ce:ae:00:30:3d:87:d8:92:9e:
10:ed:48:c2:89:0a:ce:4b:29:43:0d:49:c2:90:d7:
05:86:86:29:29:2f:d4:de:15:ac:59:39:66:c7:1b:
78:60:88:8d:a5:7c:74:6a:74:39:14:39:e3:47:43:
f4:81:f5:18:79:f6:60:f6:63:0f:0a:9f:7c:58:f4:
af:6d:88:19:65:a9:fd:c1:49:cb:aa:61:98:5e:6e:
a0:92:94:74:ad:ad:5e:82:3d:aa:9a:f6:8b:84:56:
16:be:c1:e2:42:26:7e:53:c5:11:01:ab:94:5a:21:
85:d5:6f:5e:3c:f4:aa:ed:19:7f:40:99:f3:e1:fc:
b8:52:ee:3e:3e:7d:cc:9d:2a:c0:bc:20:f1:ca:93:
a6:82:49:9e:8a:98:8e:df:e6:e7:2a:fa:3d:9e:40:
43:b4:3d:8c:ea:01:b8:1f:05:af:1f:87:b2:01:90:
72:b1:76:4f:25:9d:f0:5e:6c:e6:18:d6:f8:9e:74:
74:be:33:71:d4:a2:19:f9:a4:d1:5c:58:3f:b4:b1:
92:70:3b:ad:3b:4b:01:22:05:7c:6b:0d:c8:ae:1d:
6d:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:43:E6:4D:5B:73:75:4D:A0:23:92:6A:B9:9C:FF:1E:EE:E2:90:E7
X509v3 Authority Key Identifier:
keyid:6D:08:A1:F4:C3:85:F3:A7:B6:29:84:D5:3E:81:66:5A:99:54:10:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bQih9MOF86e2KYTVPoFmWplUEPM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/107467-56a1-48c5-add1-43a8526d82bb/1/bQih9MOF86e2KYTVPoFmWplUEPM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/107467-56a1-48c5-add1-43a8526d82bb/1/bQih9MOF86e2KYTVPoFmWplUEPM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
97:4b:f6:76:bf:1c:0c:72:60:f0:12:f3:0d:95:d2:32:64:52:
71:5e:17:fc:8a:d4:9e:7f:1e:41:71:9c:7f:fa:5d:a4:0e:c9:
d0:ba:c3:62:e8:05:06:6b:bc:bd:9f:04:17:c9:81:cc:41:05:
4b:24:6d:3a:75:c1:ed:03:2b:49:fc:d9:fa:fe:a1:31:ac:ef:
bc:45:e7:2a:9e:00:e8:77:4b:6b:e7:36:f9:58:c6:f6:f3:fd:
68:1e:3c:ca:0c:48:1a:b5:c1:a1:26:2b:80:c4:83:0c:c3:c9:
c1:dc:ba:c1:0a:7c:96:b9:d4:89:e0:cc:3f:48:2d:ff:ed:62:
42:f9:b6:bf:d5:d9:58:11:6f:14:08:b7:76:d4:ca:00:a0:2e:
96:d0:53:b0:0a:cd:d6:4e:b2:15:8c:08:78:c1:76:00:50:7d:
e1:fc:c1:bf:90:94:2b:45:6f:63:b4:50:32:d9:2a:9b:b7:2f:
66:c2:2d:fe:a1:42:5d:af:2d:09:c8:d1:d5:65:da:8a:e7:b8:
e3:e1:db:c5:64:31:e3:c7:f5:26:d2:72:ca:93:eb:e9:2f:cf:
b5:76:fc:e5:44:ea:80:68:74:df:4a:77:63:b1:3b:11:94:c2:
a4:43:4c:e5:c6:4e:9d:48:b3:2b:64:8b:3c:61:16:bf:83:83:
0c:d2:c3:40
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2ZKxY0Hkts3pCfr6UFa64jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMDhhMWY0YzM4NWYzYTdiNjI5ODRkNTNlODE2NjVhOTk1
NDEwZjMwHhcNMjYwNDE3MDIwMDMwWhcNMjYwNDE4MDIwMDMwWjAzMTEwLwYDVQQD
Eyg3ODQzZTY0ZDViNzM3NTRkYTAyMzkyNmFiOTljZmYxZWVlZTI5MGU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsV80SS9IWWa/8B+Yc47WNuklxo3L
zZehjh2779ec02+bRfvOrgAwPYfYkp4Q7UjCiQrOSylDDUnCkNcFhoYpKS/U3hWs
WTlmxxt4YIiNpXx0anQ5FDnjR0P0gfUYefZg9mMPCp98WPSvbYgZZan9wUnLqmGY
Xm6gkpR0ra1egj2qmvaLhFYWvsHiQiZ+U8URAauUWiGF1W9ePPSq7Rl/QJnz4fy4
Uu4+Pn3MnSrAvCDxypOmgkmeipiO3+bnKvo9nkBDtD2M6gG4HwWvH4eyAZBysXZP
JZ3wXmzmGNb4nnR0vjNx1KIZ+aTRXFg/tLGScDutO0sBIgV8aw3Irh1t0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHhD5k1bc3VNoCOSarmc/x7u4pDnMB8GA1UdIwQY
MBaAFG0IofTDhfOntimE1T6BZlqZVBDzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlFpaDlNT0Y4NmUyS1lUVlBvRm1XcGxVRVBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8xMDc0NjctNTZhMS00OGM1LWFkZDEt
NDNhODUyNmQ4MmJiLzEvYlFpaDlNT0Y4NmUyS1lUVlBvRm1XcGxVRVBNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS8xMDc0NjctNTZhMS00OGM1LWFkZDEtNDNhODUyNmQ4MmJi
LzEvYlFpaDlNT0Y4NmUyS1lUVlBvRm1XcGxVRVBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAl0v2dr8c
DHJg8BLzDZXSMmRScV4X/IrUnn8eQXGcf/pdpA7J0LrDYugFBmu8vZ8EF8mBzEEF
SyRtOnXB7QMrSfzZ+v6hMazvvEXnKp4A6HdLa+c2+VjG9vP9aB48ygxIGrXBoSYr
gMSDDMPJwdy6wQp8lrnUieDMP0gt/+1iQvm2v9XZWBFvFAi3dtTKAKAultBTsArN
1k6yFYwIeMF2AFB94fzBv5CUK0VvY7RQMtkqm7cvZsIt/qFCXa8tCcjR1WXaiue4
4+HbxWQx48f1JtJyypPr6S/PtXb85UTqgGh030p3Y7E7EZTCpENM5cZOnUizK2SL
PGEWv4ODDNLDQA==
-----END CERTIFICATE-----
Generated at Fri Apr 17 06:49:51 2026 by rpki-client