Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/4a3068-ea9d-4966-be55-7943d9a79bd2/1/Qn35XuEKKtTq8ILfrBWYOLN9NFA.mft
File: Qn35XuEKKtTq8ILfrBWYOLN9NFA.mft (raw, json)
Hash identifier: qy+AkqiFDH7+mFBvDhVidtFa5z3F/LbkGVlVrRInWmk=
Subject key identifier: 72:1D:83:E5:74:9A:86:48:57:0C:64:8F:C1:7D:78:E7:50:88:83:AF
Authority key identifier: 42:7D:F9:5E:E1:0A:2A:D4:EA:F0:82:DF:AC:15:98:38:B3:7D:34:50
Certificate issuer: /CN=427df95ee10a2ad4eaf082dfac159838b37d3450
Certificate serial: 019CAA8F9BF328796FACC8DEAA0598BCC595
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Qn35XuEKKtTq8ILfrBWYOLN9NFA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/4a3068-ea9d-4966-be55-7943d9a79bd2/1/Qn35XuEKKtTq8ILfrBWYOLN9NFA.mft
Manifest number: 089D
Signing time: Sun 01 Mar 2026 18:01:04 +0000
Manifest this update: Sun 01 Mar 2026 18:01:04 +0000
Manifest next update: Mon 02 Mar 2026 18:01:04 +0000
Files and hashes: 1: GDoBWX1Zlup6n9R7-4KowHMAH2c.roa (hash: zITFjtSHZtBX6uRd3C9BycIhrxB4/nE70BUhqc7LIiw=)
2: Qn35XuEKKtTq8ILfrBWYOLN9NFA.crl (hash: I4PcU+KPxpGawD/9qvItnGCyVxisvVuHZIPdOPP7sfo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/4a3068-ea9d-4966-be55-7943d9a79bd2/1/Qn35XuEKKtTq8ILfrBWYOLN9NFA.crl
rsync://rpki.ripe.net/repository/DEFAULT/b4/4a3068-ea9d-4966-be55-7943d9a79bd2/1/Qn35XuEKKtTq8ILfrBWYOLN9NFA.mft
rsync://rpki.ripe.net/repository/DEFAULT/Qn35XuEKKtTq8ILfrBWYOLN9NFA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:aa:8f:9b:f3:28:79:6f:ac:c8:de:aa:05:98:bc:c5:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=427df95ee10a2ad4eaf082dfac159838b37d3450
Validity
Not Before: Mar 1 18:01:04 2026 GMT
Not After : Mar 2 18:01:04 2026 GMT
Subject: CN=721d83e5749a8648570c648fc17d78e7508883af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:b0:d8:c0:a9:f2:2e:b7:2c:91:00:71:7b:99:
ba:02:87:2d:25:3d:a0:df:aa:ff:c2:db:5b:40:47:
bf:42:31:69:c7:4f:f0:a1:1e:46:73:86:34:db:c0:
86:c8:ae:c7:2f:92:91:f2:ed:ee:5f:53:b6:23:dd:
a6:61:c7:06:d6:d5:e1:42:8f:b6:65:9a:88:00:ed:
e5:e7:77:79:a8:53:8d:36:f4:64:21:ad:93:60:3a:
5b:54:a3:4b:a8:50:76:3d:cf:2f:52:3d:89:c7:c9:
e3:54:29:9c:31:36:59:5b:92:eb:f0:cf:45:3c:89:
ea:4e:4c:cf:00:b4:f2:7d:a9:a8:3d:c0:6b:74:62:
b6:4c:de:6b:8a:c2:0f:53:6a:0c:9e:f3:95:96:42:
76:cb:37:0d:c6:d6:20:25:b9:b6:ad:7b:dc:81:1a:
7d:ad:a5:43:f3:00:6c:bb:99:cd:f6:09:56:94:f5:
31:fc:a9:e0:4a:4f:4d:22:4f:c7:00:1a:57:11:fa:
3b:92:3f:1b:5e:49:3f:d7:84:28:3f:44:e1:93:49:
58:29:79:f2:f5:da:10:37:69:24:97:a5:ee:d5:8e:
6e:6d:45:90:6a:cc:e0:75:62:76:a2:7c:a5:32:d0:
6a:c9:20:fb:da:b1:d5:c6:4f:6a:0f:8f:c8:f0:2c:
b4:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:1D:83:E5:74:9A:86:48:57:0C:64:8F:C1:7D:78:E7:50:88:83:AF
X509v3 Authority Key Identifier:
keyid:42:7D:F9:5E:E1:0A:2A:D4:EA:F0:82:DF:AC:15:98:38:B3:7D:34:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Qn35XuEKKtTq8ILfrBWYOLN9NFA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/4a3068-ea9d-4966-be55-7943d9a79bd2/1/Qn35XuEKKtTq8ILfrBWYOLN9NFA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/4a3068-ea9d-4966-be55-7943d9a79bd2/1/Qn35XuEKKtTq8ILfrBWYOLN9NFA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
24:5a:b4:2f:b9:6f:f3:4d:a4:34:eb:a2:4a:d5:6e:25:e8:16:
19:cb:aa:f1:8a:35:2b:60:aa:be:db:1a:ed:2a:ad:3e:10:93:
8d:0f:5a:d7:f8:79:11:21:7b:70:08:2f:18:9b:07:09:ec:4b:
b9:e8:9b:0a:19:a3:62:4e:2b:24:e6:05:a6:ea:f2:f6:9c:51:
c5:43:67:b7:47:41:45:b5:5e:38:66:f0:c6:83:3a:52:5c:51:
df:2b:a6:1c:4d:41:a6:10:65:d7:bf:e6:65:a4:f3:d8:a0:96:
de:fe:ef:14:43:18:66:5e:ac:a3:52:7d:72:65:2c:b4:a4:c2:
51:56:9b:ba:07:24:ef:c2:ae:c6:97:dc:7a:54:8d:34:27:83:
c2:8c:1c:7e:f5:7e:d6:b6:ce:de:fa:48:7c:dc:46:98:fa:db:
b3:9e:12:77:a7:9a:07:58:03:a1:b9:82:80:d2:32:59:82:28:
ae:2b:f4:a6:b2:de:b9:c9:63:68:e9:e2:77:c2:b2:96:bf:1d:
54:92:d9:0d:67:ca:5c:81:02:72:9d:ed:88:cf:d8:c2:7e:05:
14:72:ac:fc:21:40:25:2d:67:07:fc:8c:a5:0d:4f:78:41:fb:
24:b4:7d:97:83:4b:e5:e6:b4:70:46:b1:6d:2f:39:d5:40:ae:
6a:31:de:70
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqj5vzKHlvrMjeqgWYvMWVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyN2RmOTVlZTEwYTJhZDRlYWYwODJkZmFjMTU5ODM4YjM3
ZDM0NTAwHhcNMjYwMzAxMTgwMTA0WhcNMjYwMzAyMTgwMTA0WjAzMTEwLwYDVQQD
Eyg3MjFkODNlNTc0OWE4NjQ4NTcwYzY0OGZjMTdkNzhlNzUwODg4M2FmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy7DYwKnyLrcskQBxe5m6AoctJT2g
36r/wttbQEe/QjFpx0/woR5Gc4Y028CGyK7HL5KR8u3uX1O2I92mYccG1tXhQo+2
ZZqIAO3l53d5qFONNvRkIa2TYDpbVKNLqFB2Pc8vUj2Jx8njVCmcMTZZW5Lr8M9F
PInqTkzPALTyfamoPcBrdGK2TN5risIPU2oMnvOVlkJ2yzcNxtYgJbm2rXvcgRp9
raVD8wBsu5nN9glWlPUx/KngSk9NIk/HABpXEfo7kj8bXkk/14QoP0Thk0lYKXny
9doQN2kkl6Xu1Y5ubUWQaszgdWJ2onylMtBqySD72rHVxk9qD4/I8Cy0ywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHIdg+V0moZIVwxkj8F9eOdQiIOvMB8GA1UdIwQY
MBaAFEJ9+V7hCirU6vCC36wVmDizfTRQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUW4zNVh1RUtLdFRxOElMZnJCV1lPTE45TkZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC80YTMwNjgtZWE5ZC00OTY2LWJlNTUt
Nzk0M2Q5YTc5YmQyLzEvUW4zNVh1RUtLdFRxOElMZnJCV1lPTE45TkZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC80YTMwNjgtZWE5ZC00OTY2LWJlNTUtNzk0M2Q5YTc5YmQy
LzEvUW4zNVh1RUtLdFRxOElMZnJCV1lPTE45TkZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJFq0L7lv
802kNOuiStVuJegWGcuq8Yo1K2Cqvtsa7SqtPhCTjQ9a1/h5ESF7cAgvGJsHCexL
ueibChmjYk4rJOYFpury9pxRxUNnt0dBRbVeOGbwxoM6UlxR3yumHE1BphBl17/m
ZaTz2KCW3v7vFEMYZl6so1J9cmUstKTCUVabugck78KuxpfcelSNNCeDwowcfvV+
1rbO3vpIfNxGmPrbs54Sd6eaB1gDobmCgNIyWYIoriv0prLeucljaOnid8Kylr8d
VJLZDWfKXIECcp3tiM/Ywn4FFHKs/CFAJS1nB/yMpQ1PeEH7JLR9l4NL5ea0cEax
bS851UCuajHecA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 03:14:02 2026 by rpki-client