Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/9c83a5-3a9a-4715-9b16-4046324970af/1/q53IX5TKZH3g22TXTTE5lHzESbo.mft
File: q53IX5TKZH3g22TXTTE5lHzESbo.mft (raw, json)
Hash identifier: ej6R0IGMG+dShD0C8Fx0gst6P08pQMRvubBTf+ILalI=
Subject key identifier: E8:D7:78:A5:FF:09:71:44:F8:07:BB:D0:A9:82:68:C3:67:DE:E5:2E
Authority key identifier: AB:9D:C8:5F:94:CA:64:7D:E0:DB:64:D7:4D:31:39:94:7C:C4:49:BA
Certificate issuer: /CN=ab9dc85f94ca647de0db64d74d3139947cc449ba
Certificate serial: 019CABD9D1B48D5C4A028AD509724B5FE978
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q53IX5TKZH3g22TXTTE5lHzESbo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/9c83a5-3a9a-4715-9b16-4046324970af/1/q53IX5TKZH3g22TXTTE5lHzESbo.mft
Manifest number: 1534
Signing time: Mon 02 Mar 2026 00:01:44 +0000
Manifest this update: Mon 02 Mar 2026 00:01:44 +0000
Manifest next update: Tue 03 Mar 2026 00:01:44 +0000
Files and hashes: 1: 479ZV3Yo2azoMThPuEqrM6qYhP8.roa (hash: iH7bjfyw/FV+kXgRaALQRgdoNp0fV7bf6CUsJ1nPg+k=)
2: q53IX5TKZH3g22TXTTE5lHzESbo.crl (hash: Uj0JUfgNeE6VVH90pow+LYYswolGDiCEVoplNLynSPE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/37/9c83a5-3a9a-4715-9b16-4046324970af/1/q53IX5TKZH3g22TXTTE5lHzESbo.crl
rsync://rpki.ripe.net/repository/DEFAULT/37/9c83a5-3a9a-4715-9b16-4046324970af/1/q53IX5TKZH3g22TXTTE5lHzESbo.mft
rsync://rpki.ripe.net/repository/DEFAULT/q53IX5TKZH3g22TXTTE5lHzESbo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ab:d9:d1:b4:8d:5c:4a:02:8a:d5:09:72:4b:5f:e9:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab9dc85f94ca647de0db64d74d3139947cc449ba
Validity
Not Before: Mar 2 00:01:44 2026 GMT
Not After : Mar 3 00:01:44 2026 GMT
Subject: CN=e8d778a5ff097144f807bbd0a98268c367dee52e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:75:3f:0f:46:19:ca:8c:63:2a:80:73:f5:d4:
b8:db:d1:17:07:10:1b:06:5f:d0:25:e5:8f:32:3b:
b4:b3:7b:9b:54:6a:0c:49:04:19:9c:8f:09:fd:8d:
97:1e:03:61:9f:2a:51:de:a6:0b:d2:50:31:65:8c:
65:bb:b7:3d:42:0b:61:fc:fd:84:b3:c5:9e:b7:cb:
95:9b:58:90:4d:0d:fb:3f:05:e3:aa:52:ab:a7:88:
c0:ef:2e:a4:27:0a:0d:9f:46:a9:fb:62:03:57:ac:
6f:d7:b4:8d:ae:ee:d6:13:f1:c3:5a:fd:40:d8:cb:
fc:8f:71:60:26:cd:b0:ab:38:ef:d8:fa:2d:54:e0:
07:22:1e:54:6e:58:53:89:7e:5a:c2:b3:90:50:99:
08:20:a6:0e:08:88:4d:77:33:c9:5d:ff:0f:c5:2e:
b6:85:99:bc:a4:4b:6c:3e:b9:33:20:80:e8:84:1d:
e1:c3:ae:56:2c:7b:6c:e4:cc:dd:6c:e6:db:89:0a:
12:16:df:f6:fa:ec:7d:b3:31:b7:51:57:3b:9d:21:
0a:25:32:7b:25:80:c4:63:7b:a9:bd:bb:19:0c:3b:
ec:56:2f:31:e4:a2:22:76:9c:90:97:f3:71:e3:64:
d6:78:81:f4:51:c0:b9:ad:3b:ca:d7:27:cb:ed:9f:
e7:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:D7:78:A5:FF:09:71:44:F8:07:BB:D0:A9:82:68:C3:67:DE:E5:2E
X509v3 Authority Key Identifier:
keyid:AB:9D:C8:5F:94:CA:64:7D:E0:DB:64:D7:4D:31:39:94:7C:C4:49:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q53IX5TKZH3g22TXTTE5lHzESbo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/9c83a5-3a9a-4715-9b16-4046324970af/1/q53IX5TKZH3g22TXTTE5lHzESbo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/9c83a5-3a9a-4715-9b16-4046324970af/1/q53IX5TKZH3g22TXTTE5lHzESbo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
50:3c:a4:87:ef:8a:10:4d:c8:d4:9e:34:a7:68:05:b8:3d:87:
5e:81:04:88:b7:9d:16:5e:3b:72:06:9e:57:75:87:6f:d2:42:
da:c9:2b:44:8d:fb:79:bb:ad:f2:7a:6c:01:57:d5:17:02:8a:
c0:59:4e:3f:f4:ef:1e:01:07:07:07:e8:de:a4:11:5f:1b:de:
5d:07:17:a4:4d:2f:81:b2:9a:2c:0d:36:06:9d:d5:52:c7:d4:
94:4f:5c:cd:bd:38:4f:f8:21:46:1f:b4:15:43:4c:ff:91:e1:
93:d9:96:1a:00:92:fb:a1:bd:2c:9c:3e:cb:ee:55:f2:9b:f7:
b5:99:4f:5f:1f:06:0d:06:45:9b:25:e9:7d:12:01:f6:e4:40:
2a:a4:b3:a5:b0:ab:c2:30:29:c9:e8:42:ab:a1:61:1b:17:fd:
55:86:05:de:a1:26:c4:6d:ad:74:c8:62:48:e2:08:fe:09:31:
f9:49:57:25:b6:53:99:e4:15:e2:8d:fa:83:35:6d:05:5d:30:
11:5d:2f:24:dd:b5:cb:2b:f3:73:c9:a9:29:cc:c9:2d:df:e4:
27:7a:58:f8:b3:3d:47:79:bc:1e:90:fa:0a:aa:1d:81:22:31:
09:7c:16:e3:42:21:00:b7:8d:36:c7:ea:f4:51:c0:e9:96:c3:
c3:fe:0b:1b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyr2dG0jVxKAorVCXJLX+l4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiOWRjODVmOTRjYTY0N2RlMGRiNjRkNzRkMzEzOTk0N2Nj
NDQ5YmEwHhcNMjYwMzAyMDAwMTQ0WhcNMjYwMzAzMDAwMTQ0WjAzMTEwLwYDVQQD
EyhlOGQ3NzhhNWZmMDk3MTQ0ZjgwN2JiZDBhOTgyNjhjMzY3ZGVlNTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi3U/D0YZyoxjKoBz9dS429EXBxAb
Bl/QJeWPMju0s3ubVGoMSQQZnI8J/Y2XHgNhnypR3qYL0lAxZYxlu7c9Qgth/P2E
s8Wet8uVm1iQTQ37PwXjqlKrp4jA7y6kJwoNn0ap+2IDV6xv17SNru7WE/HDWv1A
2Mv8j3FgJs2wqzjv2PotVOAHIh5UblhTiX5awrOQUJkIIKYOCIhNdzPJXf8PxS62
hZm8pEtsPrkzIIDohB3hw65WLHts5MzdbObbiQoSFt/2+ux9szG3UVc7nSEKJTJ7
JYDEY3upvbsZDDvsVi8x5KIidpyQl/Nx42TWeIH0UcC5rTvK1yfL7Z/nwwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOjXeKX/CXFE+Ae70KmCaMNn3uUuMB8GA1UdIwQY
MBaAFKudyF+UymR94Ntk100xOZR8xEm6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTUzSVg1VEtaSDNnMjJUWFRURTVsSHpFU2JvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy85YzgzYTUtM2E5YS00NzE1LTliMTYt
NDA0NjMyNDk3MGFmLzEvcTUzSVg1VEtaSDNnMjJUWFRURTVsSHpFU2JvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy85YzgzYTUtM2E5YS00NzE1LTliMTYtNDA0NjMyNDk3MGFm
LzEvcTUzSVg1VEtaSDNnMjJUWFRURTVsSHpFU2JvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUDykh++K
EE3I1J40p2gFuD2HXoEEiLedFl47cgaeV3WHb9JC2skrRI37ebut8npsAVfVFwKK
wFlOP/TvHgEHBwfo3qQRXxveXQcXpE0vgbKaLA02Bp3VUsfUlE9czb04T/ghRh+0
FUNM/5Hhk9mWGgCS+6G9LJw+y+5V8pv3tZlPXx8GDQZFmyXpfRIB9uRAKqSzpbCr
wjApyehCq6FhGxf9VYYF3qEmxG2tdMhiSOII/gkx+UlXJbZTmeQV4o36gzVtBV0w
EV0vJN21yyvzc8mpKczJLd/kJ3pY+LM9R3m8HpD6CqodgSIxCXwW40IhALeNNsfq
9FHA6ZbDw/4LGw==
-----END CERTIFICATE-----
Generated at Mon Mar 2 05:01:40 2026 by rpki-client