Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/faea65-90b4-46db-beef-84b473b9ebcd/1/q4Ug7IPjDreTi4AC9HDw0cUFxFE.mft
File: q4Ug7IPjDreTi4AC9HDw0cUFxFE.mft (raw, json)
Hash identifier: C7X6mm+dZd8luEFzXEjQcqwz8bhu5w22bjAnExW5pYk=
Subject key identifier: F9:AF:30:01:92:0E:81:33:70:F9:FF:0E:D6:F0:44:05:BC:25:1D:12
Authority key identifier: AB:85:20:EC:83:E3:0E:B7:93:8B:80:02:F4:70:F0:D1:C5:05:C4:51
Certificate issuer: /CN=ab8520ec83e30eb7938b8002f470f0d1c505c451
Certificate serial: 019CAC469E2D0AF38082D652935EB2A5313F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q4Ug7IPjDreTi4AC9HDw0cUFxFE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/faea65-90b4-46db-beef-84b473b9ebcd/1/q4Ug7IPjDreTi4AC9HDw0cUFxFE.mft
Manifest number: 0E3A
Signing time: Mon 02 Mar 2026 02:00:34 +0000
Manifest this update: Mon 02 Mar 2026 02:00:34 +0000
Manifest next update: Tue 03 Mar 2026 02:00:34 +0000
Files and hashes: 1: AlG308eUrdACgBL2wLNqtHFgCfE.roa (hash: ln/5TqimsvosBxc2NaYRg6677es5mps+ZXNF6/n2oDg=)
2: q4Ug7IPjDreTi4AC9HDw0cUFxFE.crl (hash: lvWN/cZhq7EItRS4I+Q//kXmn/mgD8EBy1chZPkXino=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b3/faea65-90b4-46db-beef-84b473b9ebcd/1/q4Ug7IPjDreTi4AC9HDw0cUFxFE.crl
rsync://rpki.ripe.net/repository/DEFAULT/b3/faea65-90b4-46db-beef-84b473b9ebcd/1/q4Ug7IPjDreTi4AC9HDw0cUFxFE.mft
rsync://rpki.ripe.net/repository/DEFAULT/q4Ug7IPjDreTi4AC9HDw0cUFxFE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ac:46:9e:2d:0a:f3:80:82:d6:52:93:5e:b2:a5:31:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab8520ec83e30eb7938b8002f470f0d1c505c451
Validity
Not Before: Mar 2 02:00:34 2026 GMT
Not After : Mar 3 02:00:34 2026 GMT
Subject: CN=f9af3001920e813370f9ff0ed6f04405bc251d12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:1e:e5:86:c9:a4:e8:2e:7a:f4:69:38:21:ed:
c7:14:0b:65:76:5b:45:ad:d8:92:44:cf:a6:dc:34:
d5:87:a0:b0:e5:78:e9:30:ea:bf:8d:b7:bb:61:61:
b9:35:30:81:49:8f:b8:14:3b:f1:8e:72:a9:0b:34:
e9:52:d6:30:24:06:d9:7e:79:0d:0a:3e:0c:38:64:
be:6a:eb:03:e2:81:11:e8:70:4d:76:03:b4:88:9d:
3a:d9:f8:a9:7d:6d:64:48:15:fb:54:b0:a1:8d:67:
e4:d1:1a:78:ee:89:56:5a:ab:6b:fb:6b:11:20:e7:
aa:f9:db:61:cf:76:d7:ef:21:33:6b:9c:37:ca:32:
ea:24:5a:38:c2:e6:e8:6e:55:9c:1b:d1:42:ae:52:
aa:ee:8d:79:60:76:6b:fa:38:44:4a:5e:22:9c:19:
89:ce:ae:4d:92:61:45:64:90:fb:b6:49:39:62:f2:
77:39:de:71:ef:a1:07:0d:0e:c5:ae:be:b2:59:2a:
dd:ac:c9:69:cc:5b:16:74:a4:64:47:b7:0c:fe:2c:
aa:d4:db:4b:72:06:f1:9a:df:ca:07:ed:c7:6d:dd:
2f:a7:a0:73:b1:6b:97:1e:b8:19:1b:ac:7a:de:bb:
30:02:e2:a3:ba:72:03:6b:13:19:94:6d:b2:e8:7d:
28:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:AF:30:01:92:0E:81:33:70:F9:FF:0E:D6:F0:44:05:BC:25:1D:12
X509v3 Authority Key Identifier:
keyid:AB:85:20:EC:83:E3:0E:B7:93:8B:80:02:F4:70:F0:D1:C5:05:C4:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q4Ug7IPjDreTi4AC9HDw0cUFxFE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/faea65-90b4-46db-beef-84b473b9ebcd/1/q4Ug7IPjDreTi4AC9HDw0cUFxFE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/faea65-90b4-46db-beef-84b473b9ebcd/1/q4Ug7IPjDreTi4AC9HDw0cUFxFE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
18:39:14:06:35:a3:ac:65:14:7a:27:5f:4e:91:64:ff:14:34:
b5:53:3f:a1:4b:46:90:d9:32:53:4f:bb:18:20:ea:ed:38:d0:
10:e2:78:1d:34:1d:34:42:62:de:cb:71:be:16:f6:72:25:10:
b4:ce:50:2d:a3:fb:3f:05:5b:c2:cf:14:8e:57:1f:a9:b0:88:
c8:ee:1d:49:bd:eb:49:95:62:6e:f8:ce:b5:59:43:a4:dc:e9:
c6:9b:a4:9f:e6:fb:e0:a3:44:95:6e:81:ca:87:6b:cb:e9:39:
43:c1:e8:7b:09:5e:e3:17:82:05:72:c3:74:52:19:ed:a3:a1:
9e:36:d3:a8:c2:63:0d:4a:f6:d3:f1:f3:b8:90:03:5b:c8:b7:
23:c8:f3:05:5d:7d:88:5b:51:08:94:10:31:89:0a:24:36:de:
e2:62:4c:57:50:be:b8:04:5b:a3:dc:19:57:21:1e:1b:0b:ba:
35:af:fa:5b:4f:ff:50:ca:cd:55:9b:a0:ca:0c:e1:47:e8:b0:
97:ac:8f:c5:ce:dd:55:1e:91:92:83:7b:6c:7e:d6:d7:6f:57:
31:a3:e4:77:a3:3c:d5:8a:7b:3a:00:35:81:fb:6a:9e:91:72:
18:97:ee:1a:9c:01:3d:67:4f:b4:f7:23:29:7e:2a:3b:c0:08:
a2:81:9f:c8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZysRp4tCvOAgtZSk16ypTE/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiODUyMGVjODNlMzBlYjc5MzhiODAwMmY0NzBmMGQxYzUw
NWM0NTEwHhcNMjYwMzAyMDIwMDM0WhcNMjYwMzAzMDIwMDM0WjAzMTEwLwYDVQQD
EyhmOWFmMzAwMTkyMGU4MTMzNzBmOWZmMGVkNmYwNDQwNWJjMjUxZDEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0R7lhsmk6C569Gk4Ie3HFAtldltF
rdiSRM+m3DTVh6Cw5XjpMOq/jbe7YWG5NTCBSY+4FDvxjnKpCzTpUtYwJAbZfnkN
Cj4MOGS+ausD4oER6HBNdgO0iJ062fipfW1kSBX7VLChjWfk0Rp47olWWqtr+2sR
IOeq+dthz3bX7yEza5w3yjLqJFo4wuboblWcG9FCrlKq7o15YHZr+jhESl4inBmJ
zq5NkmFFZJD7tkk5YvJ3Od5x76EHDQ7Frr6yWSrdrMlpzFsWdKRkR7cM/iyq1NtL
cgbxmt/KB+3Hbd0vp6BzsWuXHrgZG6x63rswAuKjunIDaxMZlG2y6H0oJQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPmvMAGSDoEzcPn/DtbwRAW8JR0SMB8GA1UdIwQY
MBaAFKuFIOyD4w63k4uAAvRw8NHFBcRRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTRVZzdJUGpEcmVUaTRBQzlIRHcwY1VGeEZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9mYWVhNjUtOTBiNC00NmRiLWJlZWYt
ODRiNDczYjllYmNkLzEvcTRVZzdJUGpEcmVUaTRBQzlIRHcwY1VGeEZFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy9mYWVhNjUtOTBiNC00NmRiLWJlZWYtODRiNDczYjllYmNk
LzEvcTRVZzdJUGpEcmVUaTRBQzlIRHcwY1VGeEZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGDkUBjWj
rGUUeidfTpFk/xQ0tVM/oUtGkNkyU0+7GCDq7TjQEOJ4HTQdNEJi3stxvhb2ciUQ
tM5QLaP7PwVbws8UjlcfqbCIyO4dSb3rSZVibvjOtVlDpNzpxpukn+b74KNElW6B
yodry+k5Q8Hoewle4xeCBXLDdFIZ7aOhnjbTqMJjDUr20/HzuJADW8i3I8jzBV19
iFtRCJQQMYkKJDbe4mJMV1C+uARbo9wZVyEeGwu6Na/6W0//UMrNVZugygzhR+iw
l6yPxc7dVR6RkoN7bH7W129XMaPkd6M81Yp7OgA1gftqnpFyGJfuGpwBPWdPtPcj
KX4qO8AIooGfyA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 05:45:08 2026 by rpki-client