Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/9c83a5-3a9a-4715-9b16-4046324970af/1/q53IX5TKZH3g22TXTTE5lHzESbo.mft
File: q53IX5TKZH3g22TXTTE5lHzESbo.mft (raw, json)
Hash identifier: aTIQYEiY6G4ahqnEDQ3jIMvIirhmwEvB3yLFvoWVdP0=
Subject key identifier: 02:82:B5:36:DF:DC:04:02:DB:FF:46:58:C6:45:3F:CE:5A:A1:99:B3
Authority key identifier: AB:9D:C8:5F:94:CA:64:7D:E0:DB:64:D7:4D:31:39:94:7C:C4:49:BA
Certificate issuer: /CN=ab9dc85f94ca647de0db64d74d3139947cc449ba
Certificate serial: 019D9B50AC3DD31DF764CAD674614A4529B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q53IX5TKZH3g22TXTTE5lHzESbo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/9c83a5-3a9a-4715-9b16-4046324970af/1/q53IX5TKZH3g22TXTTE5lHzESbo.mft
Manifest number: 15B0
Signing time: Fri 17 Apr 2026 12:00:48 +0000
Manifest this update: Fri 17 Apr 2026 12:00:48 +0000
Manifest next update: Sat 18 Apr 2026 12:00:48 +0000
Files and hashes: 1: 479ZV3Yo2azoMThPuEqrM6qYhP8.roa (hash: iH7bjfyw/FV+kXgRaALQRgdoNp0fV7bf6CUsJ1nPg+k=)
2: q53IX5TKZH3g22TXTTE5lHzESbo.crl (hash: bhAB0sV51qJvIbxAmr4pqHwSu5lRVg9wSRysog3ig00=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/37/9c83a5-3a9a-4715-9b16-4046324970af/1/q53IX5TKZH3g22TXTTE5lHzESbo.crl
rsync://rpki.ripe.net/repository/DEFAULT/37/9c83a5-3a9a-4715-9b16-4046324970af/1/q53IX5TKZH3g22TXTTE5lHzESbo.mft
rsync://rpki.ripe.net/repository/DEFAULT/q53IX5TKZH3g22TXTTE5lHzESbo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9b:50:ac:3d:d3:1d:f7:64:ca:d6:74:61:4a:45:29:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab9dc85f94ca647de0db64d74d3139947cc449ba
Validity
Not Before: Apr 17 12:00:48 2026 GMT
Not After : Apr 18 12:00:48 2026 GMT
Subject: CN=0282b536dfdc0402dbff4658c6453fce5aa199b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:e9:d0:bb:7f:f8:30:19:53:42:be:4d:c2:0c:
c2:5c:b6:25:6e:f5:1a:b9:6b:de:68:72:ed:b4:81:
1b:f7:fa:02:dc:4e:3b:a0:32:ed:1c:2c:d8:2d:c9:
75:6a:08:57:ff:1d:bf:81:98:a2:e7:4b:40:54:0c:
cb:71:6e:cb:23:42:7a:e5:a9:41:88:e4:91:56:2b:
55:c4:11:1e:2c:12:18:b7:41:de:bf:33:e2:c1:0c:
26:bd:a6:c5:66:3b:e5:f8:83:f2:48:9e:9b:37:88:
d5:f6:70:62:01:04:49:e5:bb:62:f5:ac:65:aa:9a:
4d:f4:15:f5:b6:1b:3a:d7:2b:88:2a:71:72:54:85:
72:8e:00:9e:d0:fb:97:08:69:aa:4b:a0:39:be:74:
b8:05:41:4a:55:5d:58:a9:d3:be:ea:0e:c4:88:38:
6a:8a:7f:84:d5:80:89:6a:bf:c6:23:8a:32:d1:a3:
06:1b:a1:d2:75:e7:e1:74:93:0e:a7:7a:7a:52:30:
b0:65:57:d0:6c:31:42:b7:23:b3:80:7d:28:cd:ec:
0e:13:70:4f:f6:2b:b1:c2:8e:f8:e0:88:49:16:d6:
9c:7b:d2:7e:44:5d:3c:62:97:72:19:a7:40:5c:78:
19:49:6b:46:5a:03:52:2a:54:02:b7:06:41:99:b5:
6e:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:82:B5:36:DF:DC:04:02:DB:FF:46:58:C6:45:3F:CE:5A:A1:99:B3
X509v3 Authority Key Identifier:
keyid:AB:9D:C8:5F:94:CA:64:7D:E0:DB:64:D7:4D:31:39:94:7C:C4:49:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q53IX5TKZH3g22TXTTE5lHzESbo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/9c83a5-3a9a-4715-9b16-4046324970af/1/q53IX5TKZH3g22TXTTE5lHzESbo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/9c83a5-3a9a-4715-9b16-4046324970af/1/q53IX5TKZH3g22TXTTE5lHzESbo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
55:7c:a1:b5:a1:d4:53:f4:62:55:29:6d:fb:e5:ca:35:5f:a1:
9a:b6:9c:fe:e1:39:20:f4:c1:d4:a6:7c:39:fa:46:50:d6:06:
b1:06:c1:bf:75:bd:f0:bb:06:76:6a:32:e5:e9:20:09:b2:e5:
d9:6b:eb:82:39:5a:eb:d8:34:5e:d3:c7:2a:60:41:ce:f7:dc:
e6:d0:65:fc:fb:45:03:bf:08:c4:08:dc:e3:f6:ef:dc:c9:71:
64:13:3a:56:2b:ba:f0:62:b6:86:ce:58:66:82:6a:0e:a2:0e:
a9:ec:c5:4e:bb:90:e7:65:30:34:f2:6b:fb:50:da:7d:e4:3e:
17:d5:9f:88:40:20:2e:74:b3:7e:45:2f:d2:8e:5b:8c:f8:14:
54:4b:ef:94:a2:37:c9:1d:1b:20:64:df:bc:b3:af:5a:30:40:
d3:4d:e8:e1:f2:42:ce:55:3b:be:be:de:11:78:cd:98:3b:29:
90:14:43:8d:f0:0e:0a:ff:1f:d6:32:31:2b:73:d1:a8:7e:76:
02:e7:26:7d:89:57:55:82:03:c4:43:ec:98:a9:29:94:03:d2:
6b:5e:4e:56:6f:80:a0:e0:e6:e1:61:ef:df:ca:28:01:67:f2:
61:c5:9f:bb:d7:1d:62:da:e7:c3:ff:86:ad:eb:4b:6c:60:fc:
47:2e:70:0b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2bUKw90x33ZMrWdGFKRSmxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiOWRjODVmOTRjYTY0N2RlMGRiNjRkNzRkMzEzOTk0N2Nj
NDQ5YmEwHhcNMjYwNDE3MTIwMDQ4WhcNMjYwNDE4MTIwMDQ4WjAzMTEwLwYDVQQD
EygwMjgyYjUzNmRmZGMwNDAyZGJmZjQ2NThjNjQ1M2ZjZTVhYTE5OWIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkenQu3/4MBlTQr5NwgzCXLYlbvUa
uWveaHLttIEb9/oC3E47oDLtHCzYLcl1aghX/x2/gZii50tAVAzLcW7LI0J65alB
iOSRVitVxBEeLBIYt0HevzPiwQwmvabFZjvl+IPySJ6bN4jV9nBiAQRJ5bti9axl
qppN9BX1ths61yuIKnFyVIVyjgCe0PuXCGmqS6A5vnS4BUFKVV1YqdO+6g7EiDhq
in+E1YCJar/GI4oy0aMGG6HSdefhdJMOp3p6UjCwZVfQbDFCtyOzgH0ozewOE3BP
9iuxwo744IhJFtace9J+RF08YpdyGadAXHgZSWtGWgNSKlQCtwZBmbVusQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAKCtTbf3AQC2/9GWMZFP85aoZmzMB8GA1UdIwQY
MBaAFKudyF+UymR94Ntk100xOZR8xEm6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTUzSVg1VEtaSDNnMjJUWFRURTVsSHpFU2JvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy85YzgzYTUtM2E5YS00NzE1LTliMTYt
NDA0NjMyNDk3MGFmLzEvcTUzSVg1VEtaSDNnMjJUWFRURTVsSHpFU2JvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy85YzgzYTUtM2E5YS00NzE1LTliMTYtNDA0NjMyNDk3MGFm
LzEvcTUzSVg1VEtaSDNnMjJUWFRURTVsSHpFU2JvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVXyhtaHU
U/RiVSlt++XKNV+hmrac/uE5IPTB1KZ8OfpGUNYGsQbBv3W98LsGdmoy5ekgCbLl
2Wvrgjla69g0XtPHKmBBzvfc5tBl/PtFA78IxAjc4/bv3MlxZBM6Viu68GK2hs5Y
ZoJqDqIOqezFTruQ52UwNPJr+1DafeQ+F9WfiEAgLnSzfkUv0o5bjPgUVEvvlKI3
yR0bIGTfvLOvWjBA003o4fJCzlU7vr7eEXjNmDspkBRDjfAOCv8f1jIxK3PRqH52
AucmfYlXVYIDxEPsmKkplAPSa15OVm+AoODm4WHv38ooAWfyYcWfu9cdYtrnw/+G
retLbGD8Ry5wCw==
-----END CERTIFICATE-----
Generated at Fri Apr 17 14:33:11 2026 by rpki-client