Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/ec39be-e227-4a2d-b4b2-632caeef4584/1/0xQt8vZwlAzPWksnoNDJh-zIhlY.mft
File: 0xQt8vZwlAzPWksnoNDJh-zIhlY.mft (raw, json)
Hash identifier: ysvYpRKOtMNWDxuuCamJ5fS1EoGxnKa6aYaCUVfxwmI=
Subject key identifier: DA:59:70:29:32:EF:34:A9:64:8F:F0:4F:17:ED:2D:3B:79:B8:8D:FE
Authority key identifier: D3:14:2D:F2:F6:70:94:0C:CF:5A:4B:27:A0:D0:C9:87:EC:C8:86:56
Certificate issuer: /CN=d3142df2f670940ccf5a4b27a0d0c987ecc88656
Certificate serial: 019DA566F4126DF3CF0049096D5EA8F58460
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0xQt8vZwlAzPWksnoNDJh-zIhlY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/ec39be-e227-4a2d-b4b2-632caeef4584/1/0xQt8vZwlAzPWksnoNDJh-zIhlY.mft
Manifest number: 05D9
Signing time: Sun 19 Apr 2026 11:01:20 +0000
Manifest this update: Sun 19 Apr 2026 11:01:20 +0000
Manifest next update: Mon 20 Apr 2026 11:01:20 +0000
Files and hashes: 1: 0xQt8vZwlAzPWksnoNDJh-zIhlY.crl (hash: GJg8cmQ7qsE2/yjcSZYf5WMb5+KNykzkMwow/vs8XdQ=)
2: iWvUwAU_qvWcuMvoIuoO-qPVv9c.roa (hash: FGFkjOVAlseZE4i4Gp+aJPkMH2fpBKQOFk0SOsvRbNA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/ec39be-e227-4a2d-b4b2-632caeef4584/1/0xQt8vZwlAzPWksnoNDJh-zIhlY.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/ec39be-e227-4a2d-b4b2-632caeef4584/1/0xQt8vZwlAzPWksnoNDJh-zIhlY.mft
rsync://rpki.ripe.net/repository/DEFAULT/0xQt8vZwlAzPWksnoNDJh-zIhlY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 04:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:a5:66:f4:12:6d:f3:cf:00:49:09:6d:5e:a8:f5:84:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3142df2f670940ccf5a4b27a0d0c987ecc88656
Validity
Not Before: Apr 19 11:01:20 2026 GMT
Not After : Apr 20 11:01:20 2026 GMT
Subject: CN=da59702932ef34a9648ff04f17ed2d3b79b88dfe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:29:44:52:98:05:e1:07:c2:00:ba:2d:8b:b9:
32:69:0e:7a:5e:9f:18:ac:64:ae:97:6f:d1:2e:d9:
8d:02:8e:a8:c5:d1:73:bf:47:7f:a2:fd:da:15:12:
0a:4d:bb:d6:16:ae:06:1d:e8:0d:af:a2:f5:58:85:
d3:68:6d:5d:e1:dc:d0:fd:23:ac:85:b5:c3:d6:18:
da:6c:08:9d:ab:b7:09:a2:2b:53:da:22:e0:53:8d:
c9:b5:99:6e:17:85:2f:f1:ed:08:c0:bf:f7:fa:ae:
0d:05:c7:88:7d:37:b1:cc:34:c5:d5:fb:7c:07:c5:
f5:44:84:bc:cc:92:3f:ca:40:48:35:c7:db:f1:d2:
a5:3f:ca:dc:2a:c8:d3:a4:92:d6:c8:d8:e9:fb:33:
42:b4:7e:3b:63:a6:5d:92:15:4b:1c:d6:ac:d0:de:
eb:2c:51:e5:53:8f:2b:3d:33:3b:c5:d3:ec:8c:4b:
c3:db:69:1c:8b:bf:f6:86:6b:ce:94:1b:b8:2a:54:
3a:83:00:b2:a5:56:77:9e:a1:f2:b3:01:96:55:50:
bf:27:42:32:15:41:af:bb:fe:dc:e1:58:01:0d:23:
5e:f6:e5:42:3c:61:8f:13:1d:90:63:35:df:5b:cf:
dc:4c:a3:90:fa:cf:a2:fe:35:a2:1d:8e:d6:74:e2:
da:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:59:70:29:32:EF:34:A9:64:8F:F0:4F:17:ED:2D:3B:79:B8:8D:FE
X509v3 Authority Key Identifier:
keyid:D3:14:2D:F2:F6:70:94:0C:CF:5A:4B:27:A0:D0:C9:87:EC:C8:86:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0xQt8vZwlAzPWksnoNDJh-zIhlY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/ec39be-e227-4a2d-b4b2-632caeef4584/1/0xQt8vZwlAzPWksnoNDJh-zIhlY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/ec39be-e227-4a2d-b4b2-632caeef4584/1/0xQt8vZwlAzPWksnoNDJh-zIhlY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a5:be:6c:74:11:97:b2:32:bc:a4:41:ec:49:b4:7a:ea:18:b7:
12:d8:d2:ad:d4:69:a4:45:2f:bf:c1:9a:6e:69:5e:92:f7:ba:
6f:f3:f8:95:db:dc:5e:8e:af:1d:9f:ef:2d:ba:fc:51:8b:40:
1e:99:e1:f2:21:c0:d1:bb:68:8d:65:a0:cb:39:0d:c5:72:c8:
47:8e:d7:36:0a:6f:94:92:91:da:c5:3e:c3:49:da:fd:79:6f:
e9:6f:27:be:40:65:7a:2c:72:51:77:fd:96:f8:44:77:cc:cb:
da:63:f8:71:5b:03:fb:75:58:61:49:35:d0:91:d8:92:c9:11:
44:f5:fa:3b:63:a8:fd:bb:c3:d3:8f:39:28:26:54:b9:c4:97:
da:4f:0f:3f:45:c0:29:d2:69:60:39:bb:fe:97:96:ab:11:01:
4f:b7:da:11:56:4d:16:ee:4a:ff:2d:42:8b:e2:70:af:96:f5:
29:38:b6:1f:21:df:03:9e:49:ae:ab:16:83:0e:49:61:4f:75:
ed:3f:a3:56:d7:72:2e:c0:2f:98:78:3b:dd:4c:db:bb:40:f6:
b8:3d:72:79:90:55:9c:b5:bd:14:3c:7c:73:32:a9:8c:24:00:
66:d2:be:52:e7:b3:15:0a:4f:f9:79:7c:73:bc:ef:89:0d:0b:
14:3d:98:c5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2lZvQSbfPPAEkJbV6o9YRgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzMTQyZGYyZjY3MDk0MGNjZjVhNGIyN2EwZDBjOTg3ZWNj
ODg2NTYwHhcNMjYwNDE5MTEwMTIwWhcNMjYwNDIwMTEwMTIwWjAzMTEwLwYDVQQD
EyhkYTU5NzAyOTMyZWYzNGE5NjQ4ZmYwNGYxN2VkMmQzYjc5Yjg4ZGZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7ilEUpgF4QfCALoti7kyaQ56Xp8Y
rGSul2/RLtmNAo6oxdFzv0d/ov3aFRIKTbvWFq4GHegNr6L1WIXTaG1d4dzQ/SOs
hbXD1hjabAidq7cJoitT2iLgU43JtZluF4Uv8e0IwL/3+q4NBceIfTexzDTF1ft8
B8X1RIS8zJI/ykBINcfb8dKlP8rcKsjTpJLWyNjp+zNCtH47Y6ZdkhVLHNas0N7r
LFHlU48rPTM7xdPsjEvD22kci7/2hmvOlBu4KlQ6gwCypVZ3nqHyswGWVVC/J0Iy
FUGvu/7c4VgBDSNe9uVCPGGPEx2QYzXfW8/cTKOQ+s+i/jWiHY7WdOLagQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNpZcCky7zSpZI/wTxftLTt5uI3+MB8GA1UdIwQY
MBaAFNMULfL2cJQMz1pLJ6DQyYfsyIZWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHhRdDh2WndsQXpQV2tzbm9OREpoLXpJaGxZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9lYzM5YmUtZTIyNy00YTJkLWI0YjIt
NjMyY2FlZWY0NTg0LzEvMHhRdDh2WndsQXpQV2tzbm9OREpoLXpJaGxZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9lYzM5YmUtZTIyNy00YTJkLWI0YjItNjMyY2FlZWY0NTg0
LzEvMHhRdDh2WndsQXpQV2tzbm9OREpoLXpJaGxZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApb5sdBGX
sjK8pEHsSbR66hi3EtjSrdRppEUvv8Gabmlekve6b/P4ldvcXo6vHZ/vLbr8UYtA
Hpnh8iHA0btojWWgyzkNxXLIR47XNgpvlJKR2sU+w0na/Xlv6W8nvkBleixyUXf9
lvhEd8zL2mP4cVsD+3VYYUk10JHYkskRRPX6O2Oo/bvD0485KCZUucSX2k8PP0XA
KdJpYDm7/peWqxEBT7faEVZNFu5K/y1Ci+Jwr5b1KTi2HyHfA55JrqsWgw5JYU91
7T+jVtdyLsAvmHg73Uzbu0D2uD1yeZBVnLW9FDx8czKpjCQAZtK+UuezFQpP+Xl8
c7zviQ0LFD2YxQ==
-----END CERTIFICATE-----
Generated at Sun Apr 19 12:57:20 2026 by rpki-client