Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/5954e7-3e0c-4c3a-92d0-49c89ce28882/1/QaHs1T08kyiV6pxQmSxxGHKO1rk.mft
File: QaHs1T08kyiV6pxQmSxxGHKO1rk.mft (raw, json)
Hash identifier: PHYqToHLabfnWCnd/FXCk86ZXW1FTPuBEexjI88+MUg=
Subject key identifier: E6:F3:D5:BE:56:60:C9:30:09:47:A6:DD:5D:04:F7:55:19:76:BF:DA
Authority key identifier: 41:A1:EC:D5:3D:3C:93:28:95:EA:9C:50:99:2C:71:18:72:8E:D6:B9
Certificate issuer: /CN=41a1ecd53d3c932895ea9c50992c7118728ed6b9
Certificate serial: 019D2A04F44536D3407E5EA7021FA55B46CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QaHs1T08kyiV6pxQmSxxGHKO1rk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/5954e7-3e0c-4c3a-92d0-49c89ce28882/1/QaHs1T08kyiV6pxQmSxxGHKO1rk.mft
Manifest number: 0136
Signing time: Thu 26 Mar 2026 12:01:00 +0000
Manifest this update: Thu 26 Mar 2026 12:01:00 +0000
Manifest next update: Fri 27 Mar 2026 12:01:00 +0000
Files and hashes: 1: QaHs1T08kyiV6pxQmSxxGHKO1rk.crl (hash: roN2iHvlwPYUlVoXnwwvT4Q7/rJe4dEEBE0Op46ejdk=)
2: om8xl26uHcggZq0PRt3auhU-WWM.roa (hash: NBfDZYJPi466cYGpzgFuNXlb3jsTCQ+KLhNctBGB2Wk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/5954e7-3e0c-4c3a-92d0-49c89ce28882/1/QaHs1T08kyiV6pxQmSxxGHKO1rk.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/5954e7-3e0c-4c3a-92d0-49c89ce28882/1/QaHs1T08kyiV6pxQmSxxGHKO1rk.mft
rsync://rpki.ripe.net/repository/DEFAULT/QaHs1T08kyiV6pxQmSxxGHKO1rk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:2a:04:f4:45:36:d3:40:7e:5e:a7:02:1f:a5:5b:46:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41a1ecd53d3c932895ea9c50992c7118728ed6b9
Validity
Not Before: Mar 26 12:01:00 2026 GMT
Not After : Mar 27 12:01:00 2026 GMT
Subject: CN=e6f3d5be5660c9300947a6dd5d04f7551976bfda
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:45:e1:c2:ef:98:90:bc:e5:6b:79:ff:da:87:
24:fa:8a:fb:b5:a3:23:a1:dc:87:c1:35:20:64:57:
e7:f9:13:6d:45:29:44:64:a8:bf:b1:f8:9a:a6:36:
bf:d1:20:7c:34:0b:e9:f3:f8:17:c2:2d:62:70:41:
32:e2:f7:24:8c:71:02:fb:fe:cb:7a:ed:de:3f:53:
9e:bb:b5:fc:c5:a6:fb:f7:03:96:2b:2c:bc:5b:58:
2e:fd:d6:d5:81:a1:3b:fc:a4:ff:91:f5:02:2e:1b:
08:58:2e:b8:08:20:8d:9f:75:39:03:43:ee:3b:93:
00:19:31:56:45:37:06:1d:08:f3:3d:cf:f0:aa:6e:
a4:08:fc:5f:ab:58:9c:60:7f:0d:12:5b:98:77:49:
62:09:84:88:20:8b:3b:7a:d2:31:f0:a2:5c:8b:c0:
c8:e7:92:ab:42:07:ea:af:a2:e1:0d:a7:c6:db:8b:
b5:c3:be:b2:bf:97:c9:4e:6d:4c:a7:06:18:dc:64:
c2:3c:b7:98:60:ea:c4:0c:63:bd:e2:b8:42:32:7a:
be:99:6a:86:d4:76:6c:db:a9:c9:0a:94:ca:bd:ea:
bf:82:47:54:89:2b:04:b8:6c:86:cf:98:68:c8:fa:
d3:80:62:cc:e5:5e:be:16:f5:61:6d:88:e1:f9:63:
2b:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:F3:D5:BE:56:60:C9:30:09:47:A6:DD:5D:04:F7:55:19:76:BF:DA
X509v3 Authority Key Identifier:
keyid:41:A1:EC:D5:3D:3C:93:28:95:EA:9C:50:99:2C:71:18:72:8E:D6:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QaHs1T08kyiV6pxQmSxxGHKO1rk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/5954e7-3e0c-4c3a-92d0-49c89ce28882/1/QaHs1T08kyiV6pxQmSxxGHKO1rk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/5954e7-3e0c-4c3a-92d0-49c89ce28882/1/QaHs1T08kyiV6pxQmSxxGHKO1rk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
d5:23:1e:1b:ce:84:22:b9:ab:24:b3:25:89:7f:e0:da:08:06:
01:d7:29:72:01:9b:b9:89:5b:90:8d:61:4f:b7:c4:9d:f4:8d:
72:b3:cf:f3:e6:50:cb:8b:1e:44:1f:98:23:2a:fb:ad:06:1c:
5e:4c:94:b6:95:8c:8b:a6:9d:27:81:ba:f0:08:21:19:81:7f:
ae:b0:7b:83:75:0f:1d:89:37:b2:a9:28:1f:81:0a:24:d6:b7:
b4:94:14:cf:46:ea:cc:85:a9:d2:d3:ea:a3:06:c9:4b:1d:5f:
18:ca:3c:83:b8:14:4c:71:9f:9a:20:b1:aa:69:42:ee:3b:22:
c3:c2:54:74:c3:b4:30:2f:5f:bc:db:a4:83:29:44:9e:63:b6:
e7:91:ac:72:9b:93:e9:cd:b4:c7:3d:50:e7:9e:2a:24:0c:b3:
34:74:2e:81:68:0c:b8:84:46:11:78:99:76:6d:78:12:07:a7:
e3:ba:f8:db:17:80:e5:06:14:82:4e:37:6e:16:ea:73:eb:b6:
f8:2b:af:99:5d:12:7a:d9:c5:d4:94:71:f9:a9:d1:f3:14:28:
34:cd:4e:a8:1c:c3:3f:49:69:30:34:f1:23:7e:65:bd:c6:44:
0c:c9:08:20:c1:91:13:36:07:34:c9:87:22:e2:ef:3f:ff:8f:
3a:01:7a:c6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0qBPRFNtNAfl6nAh+lW0bMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxYTFlY2Q1M2QzYzkzMjg5NWVhOWM1MDk5MmM3MTE4NzI4
ZWQ2YjkwHhcNMjYwMzI2MTIwMTAwWhcNMjYwMzI3MTIwMTAwWjAzMTEwLwYDVQQD
EyhlNmYzZDViZTU2NjBjOTMwMDk0N2E2ZGQ1ZDA0Zjc1NTE5NzZiZmRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm0Xhwu+YkLzla3n/2ock+or7taMj
odyHwTUgZFfn+RNtRSlEZKi/sfiapja/0SB8NAvp8/gXwi1icEEy4vckjHEC+/7L
eu3eP1Oeu7X8xab79wOWKyy8W1gu/dbVgaE7/KT/kfUCLhsIWC64CCCNn3U5A0Pu
O5MAGTFWRTcGHQjzPc/wqm6kCPxfq1icYH8NEluYd0liCYSIIIs7etIx8KJci8DI
55KrQgfqr6LhDafG24u1w76yv5fJTm1MpwYY3GTCPLeYYOrEDGO94rhCMnq+mWqG
1HZs26nJCpTKveq/gkdUiSsEuGyGz5hoyPrTgGLM5V6+FvVhbYjh+WMrGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFObz1b5WYMkwCUem3V0E91UZdr/aMB8GA1UdIwQY
MBaAFEGh7NU9PJMoleqcUJkscRhyjta5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWFIczFUMDhreWlWNnB4UW1TeHhHSEtPMXJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy81OTU0ZTctM2UwYy00YzNhLTkyZDAt
NDljODljZTI4ODgyLzEvUWFIczFUMDhreWlWNnB4UW1TeHhHSEtPMXJrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy81OTU0ZTctM2UwYy00YzNhLTkyZDAtNDljODljZTI4ODgy
LzEvUWFIczFUMDhreWlWNnB4UW1TeHhHSEtPMXJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA1SMeG86E
IrmrJLMliX/g2ggGAdcpcgGbuYlbkI1hT7fEnfSNcrPP8+ZQy4seRB+YIyr7rQYc
XkyUtpWMi6adJ4G68AghGYF/rrB7g3UPHYk3sqkoH4EKJNa3tJQUz0bqzIWp0tPq
owbJSx1fGMo8g7gUTHGfmiCxqmlC7jsiw8JUdMO0MC9fvNukgylEnmO255GscpuT
6c20xz1Q554qJAyzNHQugWgMuIRGEXiZdm14Egen47r42xeA5QYUgk43bhbqc+u2
+CuvmV0SetnF1JRx+anR8xQoNM1OqBzDP0lpMDTxI35lvcZEDMkIIMGREzYHNMmH
IuLvP/+POgF6xg==
-----END CERTIFICATE-----
Generated at Thu Mar 26 17:42:17 2026 by rpki-client