Manifest
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/9dccb4b0-e30e-426c-84dc-464fd1899116/0/407DAF8DC897D3F1C43D866EA945305303AD73ED.mft
File: 407DAF8DC897D3F1C43D866EA945305303AD73ED.mft (raw, json)
Hash identifier: qmZbbfvoJHUH5yLmnNfCJ5FoPQHWeBEWcV4NbTQqAKM=
Subject key identifier: EB:EF:B5:5D:99:57:08:7F:EA:89:2F:64:92:03:05:93:78:07:3C:5B
Authority key identifier: 40:7D:AF:8D:C8:97:D3:F1:C4:3D:86:6E:A9:45:30:53:03:AD:73:ED
Certificate issuer: /CN=407daf8dc897d3f1c43d866ea945305303ad73ed
Certificate serial: 144B1807F28DF5B967F0D957679EA7E1892FFCC1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QH2vjciX0_HEPYZuqUUwUwOtc-0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/9dccb4b0-e30e-426c-84dc-464fd1899116/0/407DAF8DC897D3F1C43D866EA945305303AD73ED.mft
Manifest number: D1
Signing time: Sun 19 Apr 2026 04:22:19 +0000
Manifest this update: Sun 19 Apr 2026 04:17:19 +0000
Manifest next update: Mon 20 Apr 2026 06:48:19 +0000
Files and hashes: 1: 323030313a3637383a6531303a3a2f34382d3438203d3e20323038393135.roa (hash: Q+rBjBtdmpkMnJJ1scyQFgFf7p0XTL49lt2rh8zsejE=)
2: 407DAF8DC897D3F1C43D866EA945305303AD73ED.crl (hash: gQKlwWPVNRqdnc2LaJ15diI251z1sfHVbTbA6OgR9DY=)
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/9dccb4b0-e30e-426c-84dc-464fd1899116/0/407DAF8DC897D3F1C43D866EA945305303AD73ED.crl
rsync://rsync.paas.rpki.ripe.net/repository/9dccb4b0-e30e-426c-84dc-464fd1899116/0/407DAF8DC897D3F1C43D866EA945305303AD73ED.mft
rsync://rpki.ripe.net/repository/DEFAULT/QH2vjciX0_HEPYZuqUUwUwOtc-0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 02:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:4b:18:07:f2:8d:f5:b9:67:f0:d9:57:67:9e:a7:e1:89:2f:fc:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=407daf8dc897d3f1c43d866ea945305303ad73ed
Validity
Not Before: Apr 19 04:17:19 2026 GMT
Not After : Apr 20 06:48:19 2026 GMT
Subject: CN=EBEFB55D9957087FEA892F649203059378073C5B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:03:93:0d:43:fe:94:ff:29:d1:55:d0:bd:75:
58:22:a7:41:ed:bd:85:5c:f2:d7:2e:10:68:86:6e:
4b:ad:be:fd:92:45:bb:bd:5e:34:17:63:db:2c:8f:
e2:19:4d:9e:31:e4:45:39:52:a1:6e:d1:79:b3:0a:
ed:82:3f:6e:df:e2:1a:59:c8:76:8d:99:47:fc:cc:
ed:78:b1:42:cd:f5:73:98:93:89:9d:f6:e8:13:6c:
21:06:53:15:e0:91:25:47:cb:d5:df:96:da:0f:5e:
8d:d1:8e:27:39:d5:f5:5c:1e:53:7b:04:07:70:29:
58:15:7e:ac:db:a7:30:33:74:d1:a9:77:2e:28:85:
f4:01:9d:1a:72:62:04:f4:29:00:98:23:c7:e9:a0:
8d:29:2c:c3:59:5d:05:a6:7c:bf:6a:62:34:b5:4e:
05:29:cc:a9:1e:c2:29:06:b1:d6:33:5a:77:ef:41:
4c:30:33:1e:e7:00:ea:a7:93:67:cb:a6:d5:93:dc:
c8:5e:90:5b:1a:85:fe:2b:b4:3f:c2:09:d8:d8:d4:
42:f2:e3:d7:0c:73:45:9c:88:3c:94:f2:ae:4c:73:
df:5f:6f:02:9a:88:4f:92:26:99:42:b3:df:8a:c1:
bb:3f:72:55:d4:b5:cb:d7:c3:3c:ab:7d:49:df:8d:
79:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:EF:B5:5D:99:57:08:7F:EA:89:2F:64:92:03:05:93:78:07:3C:5B
X509v3 Authority Key Identifier:
keyid:40:7D:AF:8D:C8:97:D3:F1:C4:3D:86:6E:A9:45:30:53:03:AD:73:ED
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/9dccb4b0-e30e-426c-84dc-464fd1899116/0/407DAF8DC897D3F1C43D866EA945305303AD73ED.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QH2vjciX0_HEPYZuqUUwUwOtc-0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/9dccb4b0-e30e-426c-84dc-464fd1899116/0/407DAF8DC897D3F1C43D866EA945305303AD73ED.mft
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
86:1a:74:f7:e1:5a:c6:f2:f2:31:b2:c2:57:91:18:ed:57:88:
13:89:b9:56:6e:2b:10:e7:78:69:09:61:a0:08:90:0d:70:01:
c0:bf:fc:e7:63:0a:9d:23:bd:0d:a3:2a:52:84:91:b7:fd:57:
f5:8f:e3:fc:28:6d:15:e0:20:40:40:43:0e:86:e4:e6:ec:1e:
55:d5:fc:a5:79:28:ea:61:44:b9:fb:a7:e2:40:9d:4c:2e:80:
02:52:e2:42:15:98:9b:73:04:dd:ce:f8:93:c0:82:2e:db:07:
64:54:95:f3:6f:8d:1b:dd:0e:de:ff:15:f5:22:d4:da:c1:1d:
09:03:e9:18:6a:5b:a4:ae:50:46:c6:bf:91:8e:27:4b:d7:22:
3d:6a:d6:d9:90:36:92:7e:98:d0:32:d3:f4:75:f5:bd:97:b0:
67:bb:cd:09:05:c3:a6:4e:9b:11:89:2e:71:0a:56:ab:ae:3b:
8b:a0:f9:37:19:a9:f0:21:6e:6c:6b:ce:88:51:79:29:2a:19:
98:22:fb:7f:68:18:7a:08:51:25:43:b6:ed:13:21:13:fc:e6:
d4:f7:0a:dd:ba:fa:d0:cb:0d:e8:da:22:75:a7:fd:0c:e2:03:
3a:b9:a6:af:e2:af:d6:07:e5:ef:5c:bd:0a:f1:b2:ed:bb:4e:
41:1f:1b:42
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgIUFEsYB/KN9bln8NlXZ56n4Ykv/MEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDA3ZGFmOGRjODk3ZDNmMWM0M2Q4NjZlYTk0NTMwNTMw
M2FkNzNlZDAeFw0yNjA0MTkwNDE3MTlaFw0yNjA0MjAwNjQ4MTlaMDMxMTAvBgNV
BAMTKEVCRUZCNTVEOTk1NzA4N0ZFQTg5MkY2NDkyMDMwNTkzNzgwNzNDNUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBA5MNQ/6U/ynRVdC9dVgip0Ht
vYVc8tcuEGiGbkutvv2SRbu9XjQXY9ssj+IZTZ4x5EU5UqFu0XmzCu2CP27f4hpZ
yHaNmUf8zO14sULN9XOYk4md9ugTbCEGUxXgkSVHy9XfltoPXo3Rjic51fVcHlN7
BAdwKVgVfqzbpzAzdNGpdy4ohfQBnRpyYgT0KQCYI8fpoI0pLMNZXQWmfL9qYjS1
TgUpzKkewikGsdYzWnfvQUwwMx7nAOqnk2fLptWT3MhekFsahf4rtD/CCdjY1ELy
49cMc0WciDyU8q5Mc99fbwKaiE+SJplCs9+Kwbs/clXUtcvXwzyrfUnfjXlbAgMB
AAGjggJHMIICQzAdBgNVHQ4EFgQU6++1XZlXCH/qiS9kkgMFk3gHPFswHwYDVR0j
BBgwFoAUQH2vjciX0/HEPYZuqUUwUwOtc+0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOWRjY2I0YjAtZTMwZS00MjZjLTg0ZGMtNDY0ZmQxODk5
MTE2LzAvNDA3REFGOERDODk3RDNGMUM0M0Q4NjZFQTk0NTMwNTMwM0FENzNFRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1FIMnZqY2lYMF9IRVBZWnVxVVV3VXdP
dGMtMC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6
Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS85ZGNjYjRiMC1l
MzBlLTQyNmMtODRkYy00NjRmZDE4OTkxMTYvMC80MDdEQUY4REM4OTdEM0YxQzQz
RDg2NkVBOTQ1MzA1MzAzQUQ3M0VELm1mdDAYBgNVHSABAf8EDjAMMAoGCCsGAQUF
Bw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYIKwYBBQUH
AQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhhp09+FaxvLyMbLCV5EY
7VeIE4m5Vm4rEOd4aQlhoAiQDXABwL/852MKnSO9DaMqUoSRt/1X9Y/j/ChtFeAg
QEBDDobk5uweVdX8pXko6mFEufun4kCdTC6AAlLiQhWYm3ME3c74k8CCLtsHZFSV
82+NG90O3v8V9SLU2sEdCQPpGGpbpK5QRsa/kY4nS9ciPWrW2ZA2kn6Y0DLT9HX1
vZewZ7vNCQXDpk6bEYkucQpWq647i6D5Nxmp8CFubGvOiFF5KSoZmCL7f2gYeghR
JUO27RMhE/zm1PcK3br60MsN6Noidaf9DOIDOrmmr+Kv1gfl71y9CvGy7btOQR8b
Qg==
-----END CERTIFICATE-----
Generated at Sun Apr 19 12:14:52 2026 by rpki-client