Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/de9401-56bb-4813-8f88-fd11bb1cc82d/1/QKqUnTHGaIjLR1jyPdXzEhQd7Eo.mft
File: QKqUnTHGaIjLR1jyPdXzEhQd7Eo.mft (raw, json)
Hash identifier: xZoi2hfaCwF07F2kDo7BUBboBQdFzBEVpDR6zKtRRGM=
Subject key identifier: 21:A7:99:0F:5F:57:3E:53:93:32:BC:07:8F:4B:46:FE:24:A3:A9:E1
Authority key identifier: 40:AA:94:9D:31:C6:68:88:CB:47:58:F2:3D:D5:F3:12:14:1D:EC:4A
Certificate issuer: /CN=40aa949d31c66888cb4758f23dd5f312141dec4a
Certificate serial: 019D265FAEA002C930F3BFE966EFBC585BF8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QKqUnTHGaIjLR1jyPdXzEhQd7Eo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/de9401-56bb-4813-8f88-fd11bb1cc82d/1/QKqUnTHGaIjLR1jyPdXzEhQd7Eo.mft
Manifest number: 0FA7
Signing time: Wed 25 Mar 2026 19:01:38 +0000
Manifest this update: Wed 25 Mar 2026 19:01:38 +0000
Manifest next update: Thu 26 Mar 2026 19:01:38 +0000
Files and hashes: 1: QKqUnTHGaIjLR1jyPdXzEhQd7Eo.crl (hash: p74SUM9GqrPpT4qezD9byYVsuVy1cbr9EUEpe9lR+Tw=)
2: vk5Y2YJ09rjiWROVoHQwodUn4yU.roa (hash: vpQeQxzEnsV7qHV8y9P4IV2nzoCx88/TOJF++oD3hVE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/04/de9401-56bb-4813-8f88-fd11bb1cc82d/1/QKqUnTHGaIjLR1jyPdXzEhQd7Eo.crl
rsync://rpki.ripe.net/repository/DEFAULT/04/de9401-56bb-4813-8f88-fd11bb1cc82d/1/QKqUnTHGaIjLR1jyPdXzEhQd7Eo.mft
rsync://rpki.ripe.net/repository/DEFAULT/QKqUnTHGaIjLR1jyPdXzEhQd7Eo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:26:5f:ae:a0:02:c9:30:f3:bf:e9:66:ef:bc:58:5b:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40aa949d31c66888cb4758f23dd5f312141dec4a
Validity
Not Before: Mar 25 19:01:38 2026 GMT
Not After : Mar 26 19:01:38 2026 GMT
Subject: CN=21a7990f5f573e539332bc078f4b46fe24a3a9e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:e4:c5:96:2b:ca:40:94:7f:79:cd:48:64:b4:
cc:2d:e0:d3:61:13:9a:f7:aa:88:52:dc:50:31:1b:
ed:59:99:4c:ad:31:35:3a:92:78:cd:38:74:ab:90:
5e:10:50:9b:58:1e:61:71:78:a8:38:a1:ac:8c:fc:
e0:4e:ee:b3:f5:3a:c7:92:94:4e:33:ee:eb:47:9e:
29:a7:59:c1:69:dc:e6:ff:3a:a0:76:49:52:52:9f:
04:70:bf:31:41:b8:19:eb:6f:1c:39:eb:c0:5e:e7:
e0:50:4b:4f:04:67:eb:42:5c:c6:3d:61:c3:7b:8b:
92:c9:ae:68:91:0f:2a:b8:8a:73:78:08:36:6a:86:
80:11:c3:7a:19:eb:4f:a7:f6:f3:5f:8d:a6:7b:ca:
aa:34:d3:96:2f:22:83:34:c3:6d:c1:59:6b:82:6e:
4b:e9:c0:46:de:ba:d0:7a:dd:fd:fe:9a:f1:1e:4e:
32:73:63:57:79:08:ed:5d:ae:f0:21:a4:0d:b5:9f:
d9:80:82:75:16:b9:22:5b:b2:27:15:74:8b:67:bb:
a5:86:e7:f1:f1:62:66:18:23:3a:9a:db:02:ae:f7:
bb:4f:79:4a:40:b3:07:c5:73:e9:64:3f:cc:f8:c4:
fe:d3:93:9d:77:11:d4:27:73:63:e5:eb:92:11:68:
25:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:A7:99:0F:5F:57:3E:53:93:32:BC:07:8F:4B:46:FE:24:A3:A9:E1
X509v3 Authority Key Identifier:
keyid:40:AA:94:9D:31:C6:68:88:CB:47:58:F2:3D:D5:F3:12:14:1D:EC:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QKqUnTHGaIjLR1jyPdXzEhQd7Eo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/de9401-56bb-4813-8f88-fd11bb1cc82d/1/QKqUnTHGaIjLR1jyPdXzEhQd7Eo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/de9401-56bb-4813-8f88-fd11bb1cc82d/1/QKqUnTHGaIjLR1jyPdXzEhQd7Eo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3e:bf:b7:aa:04:47:3d:0b:b4:1a:9a:f0:13:5a:b8:f9:90:44:
02:31:9f:f2:a2:17:d7:e2:5f:c8:ca:d8:f5:22:ca:e0:c9:97:
9d:fe:7e:60:4f:f9:88:74:73:ff:56:f0:83:81:0f:ef:9c:a0:
0c:b9:2d:5a:4f:55:57:37:17:29:18:65:e9:e9:6d:44:27:a0:
55:16:a9:e1:ec:5e:62:30:96:8b:a4:cc:f0:b5:36:85:e8:66:
db:2a:17:29:1d:f9:37:27:d9:7c:3b:c9:aa:54:de:6c:59:80:
16:72:5e:d0:de:91:9d:93:3f:fc:fa:03:e1:ed:30:f6:63:18:
59:9a:f0:69:92:94:c9:a6:65:74:61:dd:36:02:b9:e8:41:71:
0c:ed:c8:8e:73:4c:de:f0:d3:6f:70:bc:eb:99:af:67:c3:89:
4f:0a:95:14:a0:ca:2d:1e:73:43:90:17:88:5a:4d:d2:14:0c:
2e:f6:93:45:cd:0a:a0:ca:c4:fb:b3:17:4a:05:f4:2d:85:9f:
d1:8d:ed:a8:09:a3:53:a8:3a:3a:97:a8:31:68:3e:1e:71:8b:
8e:df:d3:21:5f:9a:01:b6:b3:45:e1:90:ec:9c:dc:60:99:07:
ea:cf:e4:2b:34:61:b6:8a:80:96:3f:a3:0a:b3:fb:6b:7c:8e:
a6:f5:16:63
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mX66gAskw87/pZu+8WFv4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwYWE5NDlkMzFjNjY4ODhjYjQ3NThmMjNkZDVmMzEyMTQx
ZGVjNGEwHhcNMjYwMzI1MTkwMTM4WhcNMjYwMzI2MTkwMTM4WjAzMTEwLwYDVQQD
EygyMWE3OTkwZjVmNTczZTUzOTMzMmJjMDc4ZjRiNDZmZTI0YTNhOWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx+TFlivKQJR/ec1IZLTMLeDTYROa
96qIUtxQMRvtWZlMrTE1OpJ4zTh0q5BeEFCbWB5hcXioOKGsjPzgTu6z9TrHkpRO
M+7rR54pp1nBadzm/zqgdklSUp8EcL8xQbgZ628cOevAXufgUEtPBGfrQlzGPWHD
e4uSya5okQ8quIpzeAg2aoaAEcN6GetPp/bzX42me8qqNNOWLyKDNMNtwVlrgm5L
6cBG3rrQet39/prxHk4yc2NXeQjtXa7wIaQNtZ/ZgIJ1FrkiW7InFXSLZ7ulhufx
8WJmGCM6mtsCrve7T3lKQLMHxXPpZD/M+MT+05OddxHUJ3Nj5euSEWglawIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCGnmQ9fVz5TkzK8B49LRv4ko6nhMB8GA1UdIwQY
MBaAFECqlJ0xxmiIy0dY8j3V8xIUHexKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUtxVW5USEdhSWpMUjFqeVBkWHpFaFFkN0VvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC9kZTk0MDEtNTZiYi00ODEzLThmODgt
ZmQxMWJiMWNjODJkLzEvUUtxVW5USEdhSWpMUjFqeVBkWHpFaFFkN0VvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC9kZTk0MDEtNTZiYi00ODEzLThmODgtZmQxMWJiMWNjODJk
LzEvUUtxVW5USEdhSWpMUjFqeVBkWHpFaFFkN0VvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPr+3qgRH
PQu0GprwE1q4+ZBEAjGf8qIX1+JfyMrY9SLK4MmXnf5+YE/5iHRz/1bwg4EP75yg
DLktWk9VVzcXKRhl6eltRCegVRap4exeYjCWi6TM8LU2hehm2yoXKR35NyfZfDvJ
qlTebFmAFnJe0N6RnZM//PoD4e0w9mMYWZrwaZKUyaZldGHdNgK56EFxDO3IjnNM
3vDTb3C865mvZ8OJTwqVFKDKLR5zQ5AXiFpN0hQMLvaTRc0KoMrE+7MXSgX0LYWf
0Y3tqAmjU6g6OpeoMWg+HnGLjt/TIV+aAbazReGQ7JzcYJkH6s/kKzRhtoqAlj+j
CrP7a3yOpvUWYw==
-----END CERTIFICATE-----
Generated at Thu Mar 26 02:14:13 2026 by rpki-client