Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/a4cd0d-af14-49c3-9481-35479c54dcbd/1/L-QXNib0YCZA6NTpa1ShoJar54s.mft
File: L-QXNib0YCZA6NTpa1ShoJar54s.mft (raw, json)
Hash identifier: QAcRHPjVTnyOQHfl5/sNzOVvEVrhV4kuNUdyFT8C16o=
Subject key identifier: 29:61:10:E1:73:7B:D3:6F:9C:07:55:A9:9E:46:B4:1C:94:7E:37:90
Authority key identifier: 2F:E4:17:36:26:F4:60:26:40:E8:D4:E9:6B:54:A1:A0:96:AB:E7:8B
Certificate issuer: /CN=2fe4173626f4602640e8d4e96b54a1a096abe78b
Certificate serial: 019D9B50A264C558168EF0394798EC03A4A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L-QXNib0YCZA6NTpa1ShoJar54s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/a4cd0d-af14-49c3-9481-35479c54dcbd/1/L-QXNib0YCZA6NTpa1ShoJar54s.mft
Manifest number: 13B0
Signing time: Fri 17 Apr 2026 12:00:46 +0000
Manifest this update: Fri 17 Apr 2026 12:00:46 +0000
Manifest next update: Sat 18 Apr 2026 12:00:46 +0000
Files and hashes: 1: DQDusfxjlUfsx_jYQ2_QIlod900.roa (hash: w5lQk1AHZADVNhIU1Bs+67ehT2OLHgD2oIHKthafOJo=)
2: L-QXNib0YCZA6NTpa1ShoJar54s.crl (hash: xzdb43imgeynybZghiBRHX7+xvRBIBUZOK6MUWDHGT4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b3/a4cd0d-af14-49c3-9481-35479c54dcbd/1/L-QXNib0YCZA6NTpa1ShoJar54s.crl
rsync://rpki.ripe.net/repository/DEFAULT/b3/a4cd0d-af14-49c3-9481-35479c54dcbd/1/L-QXNib0YCZA6NTpa1ShoJar54s.mft
rsync://rpki.ripe.net/repository/DEFAULT/L-QXNib0YCZA6NTpa1ShoJar54s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9b:50:a2:64:c5:58:16:8e:f0:39:47:98:ec:03:a4:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fe4173626f4602640e8d4e96b54a1a096abe78b
Validity
Not Before: Apr 17 12:00:46 2026 GMT
Not After : Apr 18 12:00:46 2026 GMT
Subject: CN=296110e1737bd36f9c0755a99e46b41c947e3790
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:09:d1:7b:65:7d:2b:a1:40:49:4b:dc:7d:42:
96:5a:97:45:00:52:36:93:fd:50:4c:c4:3e:f4:f3:
d3:c9:e5:55:3a:3d:a9:5e:ec:4e:e7:3b:da:64:f2:
20:fb:62:85:82:9b:21:31:2d:38:8b:19:95:95:cc:
1c:4e:9a:b0:e3:fe:94:30:2a:a2:91:87:bf:9e:eb:
e3:88:55:be:13:aa:f6:f6:74:e4:9c:ff:53:d6:57:
96:86:c7:98:36:0b:0d:44:cf:72:92:91:43:d8:3e:
a3:0c:17:99:09:98:e0:a3:a9:3a:5a:88:01:35:9f:
2d:94:45:db:4d:59:42:d9:3d:c2:ed:35:7d:c6:ac:
c8:6b:a1:91:66:c7:d2:5f:84:3b:76:73:b7:43:f5:
86:39:e3:8f:b5:8c:23:d1:27:a0:40:22:88:6f:e3:
e5:1e:19:64:93:10:70:c0:72:f5:54:6c:7c:03:9c:
87:9d:99:29:40:2d:b8:ca:51:39:48:4c:0a:ac:23:
46:86:4d:ac:1b:ac:eb:8c:cb:a2:1e:d6:3d:d7:2b:
47:ed:f3:cd:fa:d1:af:d8:8b:dd:53:ee:d5:a9:8c:
1d:d4:49:10:a5:cd:83:af:19:88:02:b4:75:3f:fb:
51:7a:0c:62:f7:50:38:0a:ee:dd:b2:e2:f2:b0:d5:
7c:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:61:10:E1:73:7B:D3:6F:9C:07:55:A9:9E:46:B4:1C:94:7E:37:90
X509v3 Authority Key Identifier:
keyid:2F:E4:17:36:26:F4:60:26:40:E8:D4:E9:6B:54:A1:A0:96:AB:E7:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L-QXNib0YCZA6NTpa1ShoJar54s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/a4cd0d-af14-49c3-9481-35479c54dcbd/1/L-QXNib0YCZA6NTpa1ShoJar54s.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/a4cd0d-af14-49c3-9481-35479c54dcbd/1/L-QXNib0YCZA6NTpa1ShoJar54s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a1:27:64:50:54:e7:00:ae:b5:48:c2:0d:3f:eb:98:9e:8f:d0:
56:a4:3f:43:49:9e:87:83:a4:d1:f2:cb:5e:76:4e:17:57:f9:
56:b0:68:5e:48:c4:f9:ce:20:7f:17:9e:47:41:7a:65:c0:de:
5b:26:e1:e9:68:1c:75:7c:67:3b:ae:9c:1d:9e:66:93:29:d7:
81:50:f4:92:c5:cd:86:a7:e7:98:c5:a4:e4:06:d9:61:25:3c:
6d:7e:1d:d9:85:47:bb:30:e9:fd:94:33:2c:d3:e8:eb:40:40:
0c:b2:8a:35:6e:cb:62:ef:9e:53:aa:c0:58:8a:c6:e0:5f:c6:
29:33:31:4c:9c:03:72:6f:8f:92:ba:c2:09:99:58:db:5c:e3:
af:18:49:45:5a:f3:50:76:3d:4b:a8:3c:5b:d9:5e:37:79:26:
77:2e:c3:f0:e5:f2:3f:34:f6:e8:93:ec:4a:42:e4:7f:5a:b2:
d1:3f:24:25:db:fe:a8:dc:1a:54:c3:46:84:89:f7:a8:c6:e8:
51:e7:00:5a:30:83:be:d1:a2:70:42:32:72:11:4c:2c:15:67:
0e:b3:75:ab:bc:0d:c0:ff:63:fb:17:1f:9c:ed:2b:b3:f8:6a:
97:35:6a:eb:03:16:56:a3:12:fd:ba:01:4f:62:d9:89:26:50:
3d:e3:47:b7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2bUKJkxVgWjvA5R5jsA6SlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmZTQxNzM2MjZmNDYwMjY0MGU4ZDRlOTZiNTRhMWEwOTZh
YmU3OGIwHhcNMjYwNDE3MTIwMDQ2WhcNMjYwNDE4MTIwMDQ2WjAzMTEwLwYDVQQD
EygyOTYxMTBlMTczN2JkMzZmOWMwNzU1YTk5ZTQ2YjQxYzk0N2UzNzkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwgnRe2V9K6FASUvcfUKWWpdFAFI2
k/1QTMQ+9PPTyeVVOj2pXuxO5zvaZPIg+2KFgpshMS04ixmVlcwcTpqw4/6UMCqi
kYe/nuvjiFW+E6r29nTknP9T1leWhseYNgsNRM9ykpFD2D6jDBeZCZjgo6k6WogB
NZ8tlEXbTVlC2T3C7TV9xqzIa6GRZsfSX4Q7dnO3Q/WGOeOPtYwj0SegQCKIb+Pl
HhlkkxBwwHL1VGx8A5yHnZkpQC24ylE5SEwKrCNGhk2sG6zrjMuiHtY91ytH7fPN
+tGv2IvdU+7VqYwd1EkQpc2DrxmIArR1P/tRegxi91A4Cu7dsuLysNV8UwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFClhEOFze9NvnAdVqZ5GtByUfjeQMB8GA1UdIwQY
MBaAFC/kFzYm9GAmQOjU6WtUoaCWq+eLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTC1RWE5pYjBZQ1pBNk5UcGExU2hvSmFyNTRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9hNGNkMGQtYWYxNC00OWMzLTk0ODEt
MzU0NzljNTRkY2JkLzEvTC1RWE5pYjBZQ1pBNk5UcGExU2hvSmFyNTRzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy9hNGNkMGQtYWYxNC00OWMzLTk0ODEtMzU0NzljNTRkY2Jk
LzEvTC1RWE5pYjBZQ1pBNk5UcGExU2hvSmFyNTRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoSdkUFTn
AK61SMINP+uYno/QVqQ/Q0meh4Ok0fLLXnZOF1f5VrBoXkjE+c4gfxeeR0F6ZcDe
Wybh6WgcdXxnO66cHZ5mkynXgVD0ksXNhqfnmMWk5AbZYSU8bX4d2YVHuzDp/ZQz
LNPo60BADLKKNW7LYu+eU6rAWIrG4F/GKTMxTJwDcm+PkrrCCZlY21zjrxhJRVrz
UHY9S6g8W9leN3kmdy7D8OXyPzT26JPsSkLkf1qy0T8kJdv+qNwaVMNGhIn3qMbo
UecAWjCDvtGicEIychFMLBVnDrN1q7wNwP9j+xcfnO0rs/hqlzVq6wMWVqMS/boB
T2LZiSZQPeNHtw==
-----END CERTIFICATE-----
Generated at Fri Apr 17 15:22:56 2026 by rpki-client