Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/654b89-37c1-4061-90b3-6b95500da23b/1/QxfdFbYr3XESWZuBQjNg7uegEpY.mft
File: QxfdFbYr3XESWZuBQjNg7uegEpY.mft (raw, json)
Hash identifier: Fkw5HnNtshh/WFAfEmFnwCcEa/4lyiRo+AgiU8lmfk0=
Subject key identifier: 16:7B:00:16:7A:9B:7B:1D:C7:4D:BD:0B:C0:AC:C7:B1:67:6E:D0:AE
Authority key identifier: 43:17:DD:15:B6:2B:DD:71:12:59:9B:81:42:33:60:EE:E7:A0:12:96
Certificate issuer: /CN=4317dd15b62bdd7112599b81423360eee7a01296
Certificate serial: 019D99998FE11452777702184AB9A140B221
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QxfdFbYr3XESWZuBQjNg7uegEpY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/654b89-37c1-4061-90b3-6b95500da23b/1/QxfdFbYr3XESWZuBQjNg7uegEpY.mft
Manifest number: 0A27
Signing time: Fri 17 Apr 2026 04:01:10 +0000
Manifest this update: Fri 17 Apr 2026 04:01:10 +0000
Manifest next update: Sat 18 Apr 2026 04:01:10 +0000
Files and hashes: 1: QxfdFbYr3XESWZuBQjNg7uegEpY.crl (hash: ApL0jskwqqiXMr38DMbcqq2IaE/HpVkIPddyfh/9q9I=)
2: aPWLJM6IziuoIQ-9dg15aPOtRRI.roa (hash: nW9Lbvb0zK8UkUgMG6xc5L/WUYzGO8kQcti52apyWJQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/654b89-37c1-4061-90b3-6b95500da23b/1/QxfdFbYr3XESWZuBQjNg7uegEpY.crl
rsync://rpki.ripe.net/repository/DEFAULT/4f/654b89-37c1-4061-90b3-6b95500da23b/1/QxfdFbYr3XESWZuBQjNg7uegEpY.mft
rsync://rpki.ripe.net/repository/DEFAULT/QxfdFbYr3XESWZuBQjNg7uegEpY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 04:01:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:99:99:8f:e1:14:52:77:77:02:18:4a:b9:a1:40:b2:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4317dd15b62bdd7112599b81423360eee7a01296
Validity
Not Before: Apr 17 04:01:10 2026 GMT
Not After : Apr 18 04:01:10 2026 GMT
Subject: CN=167b00167a9b7b1dc74dbd0bc0acc7b1676ed0ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:03:25:4f:5e:87:c0:06:ed:36:ea:c1:5f:5c:
9b:44:33:4e:2c:ca:44:4a:7f:3f:92:89:e7:9e:8f:
da:5f:63:02:48:26:bc:e1:a7:b6:60:ae:e4:0b:e1:
66:c3:a5:7c:c8:c5:f5:fa:a2:a0:63:22:d4:23:24:
81:b3:c8:52:23:b4:81:7c:3e:f2:cb:40:08:e7:f5:
de:3a:fe:0c:f2:36:8a:0d:70:7f:4c:d7:aa:c4:c1:
e2:39:4f:78:ee:9a:ca:c4:09:f3:ef:46:6c:60:6b:
32:0e:6c:6c:8b:4a:fb:4c:0a:e4:3e:0a:61:bd:8e:
c5:82:13:5c:e9:89:11:d9:ef:5a:35:2b:57:bf:fa:
a1:9c:1f:b7:45:d8:a4:a4:50:88:50:31:b6:d3:a3:
55:31:20:60:a0:14:e1:0c:c4:49:b1:c7:5a:1e:9b:
0a:56:be:3f:fc:ed:d2:75:14:48:75:52:65:ad:1c:
33:53:bd:ba:ab:01:d1:50:69:d3:ed:aa:a8:e7:e9:
aa:90:ae:1e:d1:fc:50:5c:2a:34:6a:9b:73:d5:9d:
7b:65:08:7d:26:0f:2d:c9:f0:ee:26:a2:db:b0:61:
7c:18:e4:1d:b4:97:b3:d5:75:e5:77:1a:09:ff:64:
e0:17:1e:23:cb:2e:85:6b:3a:7d:6c:8b:ac:74:34:
5e:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:7B:00:16:7A:9B:7B:1D:C7:4D:BD:0B:C0:AC:C7:B1:67:6E:D0:AE
X509v3 Authority Key Identifier:
keyid:43:17:DD:15:B6:2B:DD:71:12:59:9B:81:42:33:60:EE:E7:A0:12:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QxfdFbYr3XESWZuBQjNg7uegEpY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/654b89-37c1-4061-90b3-6b95500da23b/1/QxfdFbYr3XESWZuBQjNg7uegEpY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/654b89-37c1-4061-90b3-6b95500da23b/1/QxfdFbYr3XESWZuBQjNg7uegEpY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
95:3b:8c:5e:cc:e2:b6:6c:d0:2b:06:20:ef:ea:cb:39:e1:e2:
32:ef:12:b4:bd:15:c6:37:1a:af:af:ab:66:24:7f:cb:b6:36:
a0:88:3f:71:a1:2e:d7:17:4c:a2:e2:0b:d0:10:a4:d2:7d:df:
15:7b:37:ac:8e:6a:e9:2c:26:99:a9:67:2f:3a:cb:55:53:55:
e5:35:30:74:ff:ae:57:27:f1:32:f2:16:eb:3d:c6:0d:a1:1e:
9a:d3:72:a4:63:6f:2f:68:b0:47:5c:ca:d8:93:f3:71:f4:52:
23:26:3e:4f:d8:26:4a:86:b6:50:7d:bc:3d:89:93:ee:54:47:
32:dc:64:75:89:21:7f:0a:ae:c3:3b:cc:c3:de:27:8f:4c:d2:
5c:b3:27:1f:2d:4f:65:94:14:85:bd:a6:c4:64:a1:9d:ce:fb:
43:be:94:2b:33:c5:c8:0e:01:24:93:7e:f3:62:8d:5f:65:0c:
82:26:fa:c5:03:2b:e8:22:d5:5d:ba:86:80:a7:7e:9a:65:a8:
4c:70:a8:6d:b6:84:5c:c0:6a:a8:b7:3d:a3:af:d0:83:3c:76:
b1:9e:b6:7e:5a:53:b7:66:09:0a:36:84:14:bf:5f:6a:35:26:
42:cd:7d:3d:f1:b0:35:53:38:2e:42:27:07:49:ae:ea:43:b3:
3d:70:82:5c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2ZmY/hFFJ3dwIYSrmhQLIhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMTdkZDE1YjYyYmRkNzExMjU5OWI4MTQyMzM2MGVlZTdh
MDEyOTYwHhcNMjYwNDE3MDQwMTEwWhcNMjYwNDE4MDQwMTEwWjAzMTEwLwYDVQQD
EygxNjdiMDAxNjdhOWI3YjFkYzc0ZGJkMGJjMGFjYzdiMTY3NmVkMGFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArAMlT16HwAbtNurBX1ybRDNOLMpE
Sn8/konnno/aX2MCSCa84ae2YK7kC+Fmw6V8yMX1+qKgYyLUIySBs8hSI7SBfD7y
y0AI5/XeOv4M8jaKDXB/TNeqxMHiOU947prKxAnz70ZsYGsyDmxsi0r7TArkPgph
vY7FghNc6YkR2e9aNStXv/qhnB+3RdikpFCIUDG206NVMSBgoBThDMRJscdaHpsK
Vr4//O3SdRRIdVJlrRwzU726qwHRUGnT7aqo5+mqkK4e0fxQXCo0aptz1Z17ZQh9
Jg8tyfDuJqLbsGF8GOQdtJez1XXldxoJ/2TgFx4jyy6Fazp9bIusdDRetQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBZ7ABZ6m3sdx029C8Csx7FnbtCuMB8GA1UdIwQY
MBaAFEMX3RW2K91xElmbgUIzYO7noBKWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXhmZEZiWXIzWEVTV1p1QlFqTmc3dWVnRXBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi82NTRiODktMzdjMS00MDYxLTkwYjMt
NmI5NTUwMGRhMjNiLzEvUXhmZEZiWXIzWEVTV1p1QlFqTmc3dWVnRXBZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi82NTRiODktMzdjMS00MDYxLTkwYjMtNmI5NTUwMGRhMjNi
LzEvUXhmZEZiWXIzWEVTV1p1QlFqTmc3dWVnRXBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlTuMXszi
tmzQKwYg7+rLOeHiMu8StL0Vxjcar6+rZiR/y7Y2oIg/caEu1xdMouIL0BCk0n3f
FXs3rI5q6SwmmalnLzrLVVNV5TUwdP+uVyfxMvIW6z3GDaEemtNypGNvL2iwR1zK
2JPzcfRSIyY+T9gmSoa2UH28PYmT7lRHMtxkdYkhfwquwzvMw94nj0zSXLMnHy1P
ZZQUhb2mxGShnc77Q76UKzPFyA4BJJN+82KNX2UMgib6xQMr6CLVXbqGgKd+mmWo
THCobbaEXMBqqLc9o6/Qgzx2sZ62flpTt2YJCjaEFL9fajUmQs19PfGwNVM4LkIn
B0mu6kOzPXCCXA==
-----END CERTIFICATE-----
Generated at Fri Apr 17 14:34:44 2026 by rpki-client