Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/4be027-88e9-47e3-bb88-6f2e2529be82/1/qltHHQugidnp9GwpExlnT6yBKNA.mft
File: qltHHQugidnp9GwpExlnT6yBKNA.mft (raw, json)
Hash identifier: 4f/S1cm+LwVQAfCyttm7hf8vhlMQLxQSN8jQbP0aOpQ=
Subject key identifier: 3C:32:E1:A5:6F:FF:38:03:4E:09:78:82:ED:AA:B4:F7:96:79:78:F2
Authority key identifier: AA:5B:47:1D:0B:A0:89:D9:E9:F4:6C:29:13:19:67:4F:AC:81:28:D0
Certificate issuer: /CN=aa5b471d0ba089d9e9f46c291319674fac8128d0
Certificate serial: 019D265ED341ED6D38F89E5B43C24124A354
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qltHHQugidnp9GwpExlnT6yBKNA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/4be027-88e9-47e3-bb88-6f2e2529be82/1/qltHHQugidnp9GwpExlnT6yBKNA.mft
Manifest number: 0ED8
Signing time: Wed 25 Mar 2026 19:00:41 +0000
Manifest this update: Wed 25 Mar 2026 19:00:41 +0000
Manifest next update: Thu 26 Mar 2026 19:00:41 +0000
Files and hashes: 1: RGHMhabHZkPW5wXprVh6WUeUNEU.roa (hash: aWxpktwD4HwK4DqUq/i3jSDZlGsjYGbb6rrk+6zxpz0=)
2: hW9pmZmoOAPv4EQxUHQXTXDJr6s.roa (hash: mjwhxdNEgH8aH/IfZWkqyz4fW356i+YVNu/YE2e6m8A=)
3: qltHHQugidnp9GwpExlnT6yBKNA.crl (hash: sfVTBAI67NKxYSWmXDkp57RR9eHGMPryhhcytcMuggw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/4be027-88e9-47e3-bb88-6f2e2529be82/1/qltHHQugidnp9GwpExlnT6yBKNA.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/4be027-88e9-47e3-bb88-6f2e2529be82/1/qltHHQugidnp9GwpExlnT6yBKNA.mft
rsync://rpki.ripe.net/repository/DEFAULT/qltHHQugidnp9GwpExlnT6yBKNA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 19:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:26:5e:d3:41:ed:6d:38:f8:9e:5b:43:c2:41:24:a3:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa5b471d0ba089d9e9f46c291319674fac8128d0
Validity
Not Before: Mar 25 19:00:41 2026 GMT
Not After : Mar 26 19:00:41 2026 GMT
Subject: CN=3c32e1a56fff38034e097882edaab4f7967978f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:ef:13:f6:23:67:68:04:a9:0e:ac:4b:5f:d4:
25:2a:ed:aa:16:ec:98:2d:50:87:02:0e:cc:a9:2f:
ae:5d:d6:c8:21:c8:9b:7c:6c:d5:86:d9:73:ed:19:
07:64:60:bb:49:b1:4d:aa:de:c1:d0:fb:41:db:46:
24:89:7a:d7:42:4d:49:25:09:5a:09:c5:4a:10:74:
42:7d:7b:41:c7:8f:ed:0b:81:ea:03:e2:b6:a7:d0:
b1:07:84:f8:8e:55:c6:0e:ba:c6:cc:25:ae:f0:e5:
f0:25:2a:30:fc:e3:18:7e:de:e6:6f:d6:a3:3c:db:
77:10:2a:a6:39:b2:e2:42:c0:de:2e:99:a3:65:3b:
b4:d9:12:8f:7a:c4:81:04:a2:d2:57:47:a2:20:20:
cf:30:e2:c6:31:12:15:cc:d4:2a:77:aa:70:44:cd:
df:c5:8d:f4:ba:1f:4d:e3:bf:2c:33:32:54:83:09:
bd:55:fe:b0:85:7e:59:b1:bc:f2:fb:30:a1:57:c0:
bb:df:bc:67:98:4c:53:1a:ce:27:df:70:db:e9:ea:
f4:6f:c9:74:6d:f4:24:f9:23:74:5f:a7:69:47:36:
a6:55:4a:2c:de:2b:b8:7d:c9:bd:4d:c2:87:d1:f7:
60:04:b6:a3:b2:76:3e:b2:3d:f1:8e:d4:2f:c1:6b:
06:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:32:E1:A5:6F:FF:38:03:4E:09:78:82:ED:AA:B4:F7:96:79:78:F2
X509v3 Authority Key Identifier:
keyid:AA:5B:47:1D:0B:A0:89:D9:E9:F4:6C:29:13:19:67:4F:AC:81:28:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qltHHQugidnp9GwpExlnT6yBKNA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/4be027-88e9-47e3-bb88-6f2e2529be82/1/qltHHQugidnp9GwpExlnT6yBKNA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/4be027-88e9-47e3-bb88-6f2e2529be82/1/qltHHQugidnp9GwpExlnT6yBKNA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
92:74:5d:43:fb:73:8d:78:07:11:6c:5a:c3:63:22:dd:4b:1f:
7d:37:19:16:95:a5:87:bf:c8:7a:ee:d7:f0:31:b0:81:20:00:
41:e2:3f:42:9d:bc:7d:11:21:65:d9:a9:99:0b:c5:35:81:92:
51:11:6a:29:2a:1b:d0:7f:68:9c:33:22:0c:82:de:f4:1c:af:
64:ff:5f:50:32:68:2e:a2:94:00:7f:ba:83:ed:e3:25:4c:42:
b8:95:ba:a2:16:c4:e6:3c:05:a1:d6:b8:db:1f:6d:fc:f2:f7:
8b:fb:40:44:f5:61:22:f1:ac:08:aa:52:f4:dd:27:83:72:8b:
25:e4:c6:00:26:9b:2d:36:24:7b:ca:c8:e1:35:16:20:a7:ec:
5b:cd:33:0e:8f:c2:03:fb:f6:43:d4:5e:7d:39:b2:27:1c:88:
da:b1:48:49:1d:39:96:27:44:89:26:66:4f:77:ed:50:14:28:
a8:86:9a:b4:dc:eb:f6:76:86:3d:20:9d:41:25:e9:41:81:3f:
5d:d9:94:d8:a5:8b:6a:cd:54:f0:ab:5c:10:44:88:c2:fd:2c:
f1:16:81:0e:bd:63:10:80:35:c9:6e:35:e0:7f:68:b7:70:5c:
6a:42:08:6a:34:c2:8d:f8:d2:3a:91:e2:7e:c6:65:29:48:86:
fa:25:af:ff
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mXtNB7W04+J5bQ8JBJKNUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhNWI0NzFkMGJhMDg5ZDllOWY0NmMyOTEzMTk2NzRmYWM4
MTI4ZDAwHhcNMjYwMzI1MTkwMDQxWhcNMjYwMzI2MTkwMDQxWjAzMTEwLwYDVQQD
EygzYzMyZTFhNTZmZmYzODAzNGUwOTc4ODJlZGFhYjRmNzk2Nzk3OGYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1u8T9iNnaASpDqxLX9QlKu2qFuyY
LVCHAg7MqS+uXdbIIcibfGzVhtlz7RkHZGC7SbFNqt7B0PtB20YkiXrXQk1JJQla
CcVKEHRCfXtBx4/tC4HqA+K2p9CxB4T4jlXGDrrGzCWu8OXwJSow/OMYft7mb9aj
PNt3ECqmObLiQsDeLpmjZTu02RKPesSBBKLSV0eiICDPMOLGMRIVzNQqd6pwRM3f
xY30uh9N478sMzJUgwm9Vf6whX5Zsbzy+zChV8C737xnmExTGs4n33Db6er0b8l0
bfQk+SN0X6dpRzamVUos3iu4fcm9TcKH0fdgBLajsnY+sj3xjtQvwWsGXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDwy4aVv/zgDTgl4gu2qtPeWeXjyMB8GA1UdIwQY
MBaAFKpbRx0LoInZ6fRsKRMZZ0+sgSjQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWx0SEhRdWdpZG5wOUd3cEV4bG5UNnlCS05BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS80YmUwMjctODhlOS00N2UzLWJiODgt
NmYyZTI1MjliZTgyLzEvcWx0SEhRdWdpZG5wOUd3cEV4bG5UNnlCS05BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS80YmUwMjctODhlOS00N2UzLWJiODgtNmYyZTI1MjliZTgy
LzEvcWx0SEhRdWdpZG5wOUd3cEV4bG5UNnlCS05BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAknRdQ/tz
jXgHEWxaw2Mi3UsffTcZFpWlh7/Ieu7X8DGwgSAAQeI/Qp28fREhZdmpmQvFNYGS
URFqKSob0H9onDMiDILe9ByvZP9fUDJoLqKUAH+6g+3jJUxCuJW6ohbE5jwFoda4
2x9t/PL3i/tARPVhIvGsCKpS9N0ng3KLJeTGACabLTYke8rI4TUWIKfsW80zDo/C
A/v2Q9RefTmyJxyI2rFISR05lidEiSZmT3ftUBQoqIaatNzr9naGPSCdQSXpQYE/
XdmU2KWLas1U8KtcEESIwv0s8RaBDr1jEIA1yW414H9ot3BcakIIajTCjfjSOpHi
fsZlKUiG+iWv/w==
-----END CERTIFICATE-----
Generated at Thu Mar 26 05:00:17 2026 by rpki-client