Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/4a3068-ea9d-4966-be55-7943d9a79bd2/1/Qn35XuEKKtTq8ILfrBWYOLN9NFA.mft
File: Qn35XuEKKtTq8ILfrBWYOLN9NFA.mft (raw, json)
Hash identifier: RRvIDjoGWXars5+CH83PDL1mPDTFN7Jqh6NYn1rkFLw=
Subject key identifier: 12:49:EF:05:53:86:2C:DA:AF:E1:02:BF:56:73:BB:18:C6:5C:63:D2
Authority key identifier: 42:7D:F9:5E:E1:0A:2A:D4:EA:F0:82:DF:AC:15:98:38:B3:7D:34:50
Certificate issuer: /CN=427df95ee10a2ad4eaf082dfac159838b37d3450
Certificate serial: 019D9A06E171B480F8DF1AC9650A33722342
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Qn35XuEKKtTq8ILfrBWYOLN9NFA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/4a3068-ea9d-4966-be55-7943d9a79bd2/1/Qn35XuEKKtTq8ILfrBWYOLN9NFA.mft
Manifest number: 0919
Signing time: Fri 17 Apr 2026 06:00:35 +0000
Manifest this update: Fri 17 Apr 2026 06:00:35 +0000
Manifest next update: Sat 18 Apr 2026 06:00:35 +0000
Files and hashes: 1: GDoBWX1Zlup6n9R7-4KowHMAH2c.roa (hash: zITFjtSHZtBX6uRd3C9BycIhrxB4/nE70BUhqc7LIiw=)
2: Qn35XuEKKtTq8ILfrBWYOLN9NFA.crl (hash: DAhQFzpzdl8W7+SG736k6NUHsRg/ZcLvx5MSaHOWxEQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/4a3068-ea9d-4966-be55-7943d9a79bd2/1/Qn35XuEKKtTq8ILfrBWYOLN9NFA.crl
rsync://rpki.ripe.net/repository/DEFAULT/b4/4a3068-ea9d-4966-be55-7943d9a79bd2/1/Qn35XuEKKtTq8ILfrBWYOLN9NFA.mft
rsync://rpki.ripe.net/repository/DEFAULT/Qn35XuEKKtTq8ILfrBWYOLN9NFA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 06:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9a:06:e1:71:b4:80:f8:df:1a:c9:65:0a:33:72:23:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=427df95ee10a2ad4eaf082dfac159838b37d3450
Validity
Not Before: Apr 17 06:00:35 2026 GMT
Not After : Apr 18 06:00:35 2026 GMT
Subject: CN=1249ef0553862cdaafe102bf5673bb18c65c63d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:0b:fb:f0:05:ca:77:e6:b0:ca:c0:eb:c3:06:
f7:fe:9f:06:ed:7b:73:a7:73:79:ad:d7:c7:9b:a1:
d1:f3:03:56:18:1a:5b:ea:82:16:3f:a7:8f:cb:7a:
13:5c:b2:5e:2a:7c:87:00:77:90:ed:29:25:0e:46:
98:3c:ca:1d:b1:2b:70:4a:f0:15:d7:91:57:0e:e0:
5f:04:49:66:1e:86:35:11:12:86:c5:c7:f7:46:81:
fa:c4:58:cd:1c:5b:1d:84:a7:22:30:06:4f:93:5a:
6f:26:1f:33:32:55:f6:cd:88:80:f9:a2:ac:3e:64:
ed:49:d4:dc:09:7f:f7:df:ef:e8:23:df:b5:ab:0d:
d1:0a:fc:87:63:6c:c4:c9:d7:23:6b:73:ac:22:18:
95:b7:86:70:86:79:59:87:32:ba:c4:48:ea:e6:da:
f8:d0:eb:64:7f:38:8f:c8:72:b2:6f:a5:9c:1a:fa:
67:3c:ce:f2:fd:60:2a:3d:f3:a6:27:c9:a4:4d:36:
0f:99:10:97:b9:52:c6:aa:f1:12:96:21:16:f5:d4:
32:20:34:82:ca:bc:13:8a:32:54:05:26:c6:b8:9a:
af:c9:94:d0:ba:5e:0c:33:b4:15:c0:18:e4:c2:64:
e1:e4:00:ac:c4:84:dd:02:ca:8f:fc:95:d6:c8:69:
cc:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:49:EF:05:53:86:2C:DA:AF:E1:02:BF:56:73:BB:18:C6:5C:63:D2
X509v3 Authority Key Identifier:
keyid:42:7D:F9:5E:E1:0A:2A:D4:EA:F0:82:DF:AC:15:98:38:B3:7D:34:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Qn35XuEKKtTq8ILfrBWYOLN9NFA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/4a3068-ea9d-4966-be55-7943d9a79bd2/1/Qn35XuEKKtTq8ILfrBWYOLN9NFA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/4a3068-ea9d-4966-be55-7943d9a79bd2/1/Qn35XuEKKtTq8ILfrBWYOLN9NFA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6f:e2:bd:66:be:4c:ce:eb:c9:85:f6:ae:50:65:1f:52:46:bf:
8f:85:1b:24:93:9d:eb:80:76:c2:d2:c1:64:97:2e:6f:4d:80:
5a:ca:79:5c:b1:fc:79:21:34:80:64:48:40:06:a7:ee:4b:51:
77:9d:b6:3f:96:bc:0b:b8:18:22:ce:3b:10:08:94:39:ce:5c:
7d:6e:7d:d9:a4:95:02:04:18:6c:2a:c2:f8:2a:61:09:90:37:
7e:8f:8c:04:ed:12:2f:fa:67:1d:df:b0:95:a5:7c:eb:6a:2c:
17:b3:f3:98:89:52:df:23:a3:0b:e5:ac:d5:9a:e7:61:5e:63:
13:e2:dd:d4:97:cf:7b:97:f7:94:97:03:f2:c3:41:d5:c6:c2:
cb:1b:98:10:67:c1:3e:32:7f:0d:08:61:16:5a:54:fa:0f:7b:
27:1c:8e:92:99:8a:e3:39:f3:d4:aa:3a:81:a8:43:85:db:d5:
fa:f6:18:6c:4c:d5:4f:8b:5d:6c:d4:d5:c9:fa:83:80:8f:93:
81:9b:fa:b8:f3:48:c4:72:5f:81:b1:32:c0:e7:fd:b0:67:03:
71:92:a6:f0:72:b9:5f:61:13:e7:db:bd:5a:cf:6e:d4:e2:d0:
f5:b9:2c:de:b1:c1:96:df:4d:10:9d:86:86:34:89:80:20:e9:
bb:e7:39:a5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2aBuFxtID43xrJZQozciNCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyN2RmOTVlZTEwYTJhZDRlYWYwODJkZmFjMTU5ODM4YjM3
ZDM0NTAwHhcNMjYwNDE3MDYwMDM1WhcNMjYwNDE4MDYwMDM1WjAzMTEwLwYDVQQD
EygxMjQ5ZWYwNTUzODYyY2RhYWZlMTAyYmY1NjczYmIxOGM2NWM2M2QyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Qv78AXKd+awysDrwwb3/p8G7Xtz
p3N5rdfHm6HR8wNWGBpb6oIWP6ePy3oTXLJeKnyHAHeQ7SklDkaYPModsStwSvAV
15FXDuBfBElmHoY1ERKGxcf3RoH6xFjNHFsdhKciMAZPk1pvJh8zMlX2zYiA+aKs
PmTtSdTcCX/33+/oI9+1qw3RCvyHY2zEydcja3OsIhiVt4ZwhnlZhzK6xEjq5tr4
0OtkfziPyHKyb6WcGvpnPM7y/WAqPfOmJ8mkTTYPmRCXuVLGqvESliEW9dQyIDSC
yrwTijJUBSbGuJqvyZTQul4MM7QVwBjkwmTh5ACsxITdAsqP/JXWyGnMaQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBJJ7wVThizar+ECv1ZzuxjGXGPSMB8GA1UdIwQY
MBaAFEJ9+V7hCirU6vCC36wVmDizfTRQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUW4zNVh1RUtLdFRxOElMZnJCV1lPTE45TkZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC80YTMwNjgtZWE5ZC00OTY2LWJlNTUt
Nzk0M2Q5YTc5YmQyLzEvUW4zNVh1RUtLdFRxOElMZnJCV1lPTE45TkZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC80YTMwNjgtZWE5ZC00OTY2LWJlNTUtNzk0M2Q5YTc5YmQy
LzEvUW4zNVh1RUtLdFRxOElMZnJCV1lPTE45TkZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAb+K9Zr5M
zuvJhfauUGUfUka/j4UbJJOd64B2wtLBZJcub02AWsp5XLH8eSE0gGRIQAan7ktR
d522P5a8C7gYIs47EAiUOc5cfW592aSVAgQYbCrC+CphCZA3fo+MBO0SL/pnHd+w
laV862osF7PzmIlS3yOjC+Ws1ZrnYV5jE+Ld1JfPe5f3lJcD8sNB1cbCyxuYEGfB
PjJ/DQhhFlpU+g97JxyOkpmK4znz1Ko6gahDhdvV+vYYbEzVT4tdbNTVyfqDgI+T
gZv6uPNIxHJfgbEywOf9sGcDcZKm8HK5X2ET59u9Ws9u1OLQ9bks3rHBlt9NEJ2G
hjSJgCDpu+c5pQ==
-----END CERTIFICATE-----
Generated at Fri Apr 17 12:07:01 2026 by rpki-client