Manifest
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/9dccb4b0-e30e-426c-84dc-464fd1899116/0/407DAF8DC897D3F1C43D866EA945305303AD73ED.mft
File: 407DAF8DC897D3F1C43D866EA945305303AD73ED.mft (raw, json)
Hash identifier: hdkNC2Psf9wlyjhYjRowjOtTb7TsRcKzfgcGR8HNcqM=
Subject key identifier: 65:26:87:A6:9B:8B:28:0D:98:5E:17:0E:D0:60:2E:1A:CF:76:33:2F
Authority key identifier: 40:7D:AF:8D:C8:97:D3:F1:C4:3D:86:6E:A9:45:30:53:03:AD:73:ED
Certificate issuer: /CN=407daf8dc897d3f1c43d866ea945305303ad73ed
Certificate serial: 7961BF97AC3EDCC9B81EDC8B282FC9FA3B575504
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QH2vjciX0_HEPYZuqUUwUwOtc-0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/9dccb4b0-e30e-426c-84dc-464fd1899116/0/407DAF8DC897D3F1C43D866EA945305303AD73ED.mft
Manifest number: 91
Signing time: Sun 01 Mar 2026 23:47:36 +0000
Manifest this update: Sun 01 Mar 2026 23:42:36 +0000
Manifest next update: Tue 03 Mar 2026 02:00:36 +0000
Files and hashes: 1: 323030313a3637383a6531303a3a2f34382d3438203d3e20323038393135.roa (hash: Q+rBjBtdmpkMnJJ1scyQFgFf7p0XTL49lt2rh8zsejE=)
2: 407DAF8DC897D3F1C43D866EA945305303AD73ED.crl (hash: JP490QBzzefJ5mVhJPvxzGPdvmYU2sM4egfVOmBrcHE=)
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/9dccb4b0-e30e-426c-84dc-464fd1899116/0/407DAF8DC897D3F1C43D866EA945305303AD73ED.crl
rsync://rsync.paas.rpki.ripe.net/repository/9dccb4b0-e30e-426c-84dc-464fd1899116/0/407DAF8DC897D3F1C43D866EA945305303AD73ED.mft
rsync://rpki.ripe.net/repository/DEFAULT/QH2vjciX0_HEPYZuqUUwUwOtc-0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:61:bf:97:ac:3e:dc:c9:b8:1e:dc:8b:28:2f:c9:fa:3b:57:55:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=407daf8dc897d3f1c43d866ea945305303ad73ed
Validity
Not Before: Mar 1 23:42:36 2026 GMT
Not After : Mar 3 02:00:36 2026 GMT
Subject: CN=652687A69B8B280D985E170ED0602E1ACF76332F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:8b:08:25:12:20:1d:86:c4:74:74:28:92:e9:
62:53:c8:fa:fe:4f:25:d6:c7:06:2c:ec:26:6e:d2:
27:70:f4:42:5c:45:8f:c3:90:54:6c:a1:75:2f:0c:
d1:ca:ba:20:4a:89:0f:49:96:e3:62:55:34:41:40:
2f:c5:75:b7:77:44:75:d7:bd:14:b2:3e:37:26:ac:
14:f5:2c:14:8e:2d:98:33:2e:da:37:59:db:eb:c8:
e1:c7:74:af:ba:01:09:6c:7d:de:1b:87:40:66:02:
27:6c:b5:99:4d:88:27:ad:52:c9:2c:90:41:63:ac:
df:31:f0:be:61:fa:4d:3d:1c:c6:90:5b:39:f1:9d:
87:3a:98:42:14:74:60:2e:e8:87:46:f8:64:18:06:
36:98:cd:aa:ea:18:40:66:30:c1:d4:0e:4d:e3:58:
42:d5:95:5b:4a:bd:ad:8a:61:2e:78:17:bb:5a:25:
c8:04:44:e0:49:75:5e:9b:64:b1:14:a4:17:ff:19:
88:05:a3:4d:a1:41:32:02:76:00:c9:81:6d:43:79:
23:0e:45:81:f9:a9:c8:2e:09:f7:03:ae:b2:95:09:
a8:d2:0d:4a:ed:da:e5:73:64:80:79:f7:dc:09:b1:
76:8b:83:53:5c:4a:89:24:f7:43:ec:e4:4d:a5:05:
0f:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:26:87:A6:9B:8B:28:0D:98:5E:17:0E:D0:60:2E:1A:CF:76:33:2F
X509v3 Authority Key Identifier:
keyid:40:7D:AF:8D:C8:97:D3:F1:C4:3D:86:6E:A9:45:30:53:03:AD:73:ED
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/9dccb4b0-e30e-426c-84dc-464fd1899116/0/407DAF8DC897D3F1C43D866EA945305303AD73ED.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QH2vjciX0_HEPYZuqUUwUwOtc-0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/9dccb4b0-e30e-426c-84dc-464fd1899116/0/407DAF8DC897D3F1C43D866EA945305303AD73ED.mft
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3b:63:9c:5f:89:47:c1:11:df:71:ef:e9:a8:cb:49:6d:cd:b5:
df:0a:ba:7f:3d:c6:0d:e1:ea:c4:51:e8:d0:ab:0b:06:c5:76:
be:08:fa:a5:bc:56:91:bb:1c:d1:7c:cd:ac:50:a9:6f:22:66:
b5:53:28:33:f8:4e:1a:02:5e:59:88:a9:e8:04:25:82:e8:50:
94:c5:03:56:d9:db:5a:9a:73:9d:a7:19:02:e1:67:6d:96:65:
37:ef:f3:c5:fc:02:d6:92:a7:14:52:86:8a:b4:bf:5d:fa:7e:
1d:76:5e:1a:dc:97:3a:2a:cf:47:77:74:09:e7:1c:c8:a8:be:
26:a3:72:23:2e:77:05:4a:df:85:bc:ac:69:c4:a0:3b:bc:90:
d8:3c:8c:93:06:7a:8f:b6:b3:0f:13:87:fe:a5:9d:5f:5d:fa:
77:3f:44:f6:c6:6d:be:dd:50:e1:4c:3c:8e:4b:39:5a:27:df:
13:8b:a9:f8:2a:fa:ef:e2:dc:3e:77:4c:57:4f:36:cd:4d:33:
ec:d4:b7:ef:cc:38:7b:7a:0f:94:67:45:b8:18:fa:9f:5b:a9:
ed:2a:a4:e7:18:be:4d:2d:fb:de:68:19:fb:32:aa:77:15:1a:
00:59:1e:b4:e6:83:73:ec:21:3f:44:8c:73:a6:45:f7:ea:47:
b4:6f:f0:d7
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgIUeWG/l6w+3Mm4HtyLKC/J+jtXVQQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDA3ZGFmOGRjODk3ZDNmMWM0M2Q4NjZlYTk0NTMwNTMw
M2FkNzNlZDAeFw0yNjAzMDEyMzQyMzZaFw0yNjAzMDMwMjAwMzZaMDMxMTAvBgNV
BAMTKDY1MjY4N0E2OUI4QjI4MEQ5ODVFMTcwRUQwNjAyRTFBQ0Y3NjMzMkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDjiwglEiAdhsR0dCiS6WJTyPr+
TyXWxwYs7CZu0idw9EJcRY/DkFRsoXUvDNHKuiBKiQ9JluNiVTRBQC/Fdbd3RHXX
vRSyPjcmrBT1LBSOLZgzLto3WdvryOHHdK+6AQlsfd4bh0BmAidstZlNiCetUsks
kEFjrN8x8L5h+k09HMaQWznxnYc6mEIUdGAu6IdG+GQYBjaYzarqGEBmMMHUDk3j
WELVlVtKva2KYS54F7taJcgEROBJdV6bZLEUpBf/GYgFo02hQTICdgDJgW1DeSMO
RYH5qcguCfcDrrKVCajSDUrt2uVzZIB599wJsXaLg1NcSokk90Ps5E2lBQ85AgMB
AAGjggJHMIICQzAdBgNVHQ4EFgQUZSaHppuLKA2YXhcO0GAuGs92My8wHwYDVR0j
BBgwFoAUQH2vjciX0/HEPYZuqUUwUwOtc+0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOWRjY2I0YjAtZTMwZS00MjZjLTg0ZGMtNDY0ZmQxODk5
MTE2LzAvNDA3REFGOERDODk3RDNGMUM0M0Q4NjZFQTk0NTMwNTMwM0FENzNFRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1FIMnZqY2lYMF9IRVBZWnVxVVV3VXdP
dGMtMC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6
Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS85ZGNjYjRiMC1l
MzBlLTQyNmMtODRkYy00NjRmZDE4OTkxMTYvMC80MDdEQUY4REM4OTdEM0YxQzQz
RDg2NkVBOTQ1MzA1MzAzQUQ3M0VELm1mdDAYBgNVHSABAf8EDjAMMAoGCCsGAQUF
Bw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYIKwYBBQUH
AQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAO2OcX4lHwRHfce/pqMtJ
bc213wq6fz3GDeHqxFHo0KsLBsV2vgj6pbxWkbsc0XzNrFCpbyJmtVMoM/hOGgJe
WYip6AQlguhQlMUDVtnbWppznacZAuFnbZZlN+/zxfwC1pKnFFKGirS/Xfp+HXZe
GtyXOirPR3d0CeccyKi+JqNyIy53BUrfhbysacSgO7yQ2DyMkwZ6j7azDxOH/qWd
X136dz9E9sZtvt1Q4Uw8jks5WiffE4up+Cr67+LcPndMV082zU0z7NS378w4e3oP
lGdFuBj6n1up7Sqk5xi+TS373mgZ+zKqdxUaAFketOaDc+whP0SMc6ZF9+pHtG/w
1w==
-----END CERTIFICATE-----
Generated at Mon Mar 2 07:57:37 2026 by rpki-client