Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/955a40-9d94-4f82-88e5-69c6298415f8/1/QukMnRAJsywZRbb45liUg8XqR0M.mft
File: QukMnRAJsywZRbb45liUg8XqR0M.mft (raw, json)
Hash identifier: 2rOhIp2/axySVgnEvSOUsWrl9DBoPhLOuFnc5AweOg0=
Subject key identifier: 2B:78:EC:0B:1F:7C:CB:45:BC:E7:C0:38:E9:69:38:8E:08:01:4F:31
Authority key identifier: 42:E9:0C:9D:10:09:B3:2C:19:45:B6:F8:E6:58:94:83:C5:EA:47:43
Certificate issuer: /CN=42e90c9d1009b32c1945b6f8e6589483c5ea4743
Certificate serial: 019D296151015B0105A738175C29E0BF76A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QukMnRAJsywZRbb45liUg8XqR0M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/955a40-9d94-4f82-88e5-69c6298415f8/1/QukMnRAJsywZRbb45liUg8XqR0M.mft
Manifest number: 0C70
Signing time: Thu 26 Mar 2026 09:02:16 +0000
Manifest this update: Thu 26 Mar 2026 09:02:16 +0000
Manifest next update: Fri 27 Mar 2026 09:02:16 +0000
Files and hashes: 1: J5ZOlJUFOltu4GqoVFNsLAc_Yhc.roa (hash: lcx5+pKS3s5wMnsyT5k7DP3iJe+El0QomD11K0ox374=)
2: QukMnRAJsywZRbb45liUg8XqR0M.crl (hash: Dg3+MC3shZ0guTJjFOJJqg8qIYOikEXRAzOzd95oglA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/955a40-9d94-4f82-88e5-69c6298415f8/1/QukMnRAJsywZRbb45liUg8XqR0M.crl
rsync://rpki.ripe.net/repository/DEFAULT/38/955a40-9d94-4f82-88e5-69c6298415f8/1/QukMnRAJsywZRbb45liUg8XqR0M.mft
rsync://rpki.ripe.net/repository/DEFAULT/QukMnRAJsywZRbb45liUg8XqR0M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:29:61:51:01:5b:01:05:a7:38:17:5c:29:e0:bf:76:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42e90c9d1009b32c1945b6f8e6589483c5ea4743
Validity
Not Before: Mar 26 09:02:16 2026 GMT
Not After : Mar 27 09:02:16 2026 GMT
Subject: CN=2b78ec0b1f7ccb45bce7c038e969388e08014f31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:02:be:49:d0:3d:ca:a2:93:cc:a5:ac:db:4b:
87:18:ce:c2:fe:b5:04:85:49:d5:01:76:74:5c:07:
cd:2d:40:27:20:a2:d7:07:e1:4b:de:7e:59:2a:b3:
7c:ff:c7:fa:ea:88:29:2c:0e:37:da:48:2d:85:ce:
ba:81:06:84:5f:ef:46:2c:e7:bd:a4:0f:35:7a:db:
91:8e:e4:b9:e2:8c:9f:a3:d6:44:37:a9:83:34:76:
68:fe:62:ba:49:bb:83:43:66:ef:34:bf:f3:9a:c4:
58:02:98:3b:29:37:b5:07:e1:14:59:84:b8:d9:97:
30:b9:fe:bd:64:bb:54:a4:bc:80:a6:3f:e0:5e:af:
37:08:f7:d3:4c:fb:62:70:fb:eb:ea:74:06:2f:ad:
51:92:0c:3e:0e:ab:3d:81:99:fe:0a:b1:a3:c2:87:
94:33:75:01:42:c8:c2:8b:03:a2:40:d8:88:a3:97:
50:c3:66:6e:5c:9b:4a:c3:8b:64:37:99:6f:17:77:
f4:99:3c:b6:ae:a6:b0:a3:ac:05:3d:b0:05:f3:11:
83:af:24:57:fe:fd:41:de:3a:02:58:10:65:4b:98:
d9:c9:58:e1:60:13:a6:68:19:6a:b1:e3:57:17:cf:
74:14:a1:90:2e:10:06:4f:ae:66:28:83:84:02:54:
ad:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:78:EC:0B:1F:7C:CB:45:BC:E7:C0:38:E9:69:38:8E:08:01:4F:31
X509v3 Authority Key Identifier:
keyid:42:E9:0C:9D:10:09:B3:2C:19:45:B6:F8:E6:58:94:83:C5:EA:47:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QukMnRAJsywZRbb45liUg8XqR0M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/955a40-9d94-4f82-88e5-69c6298415f8/1/QukMnRAJsywZRbb45liUg8XqR0M.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/955a40-9d94-4f82-88e5-69c6298415f8/1/QukMnRAJsywZRbb45liUg8XqR0M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
87:ed:a9:fc:63:ba:c9:52:c5:68:b5:27:7f:2e:95:a6:41:27:
84:c4:b6:27:9c:71:eb:75:9a:6f:68:39:bc:87:40:95:29:7f:
c2:e7:46:2c:bd:a6:7e:04:e7:33:45:e8:f2:40:64:7a:54:be:
da:b6:df:2f:cf:a4:1d:0b:fe:a1:cf:7f:7a:d4:ee:84:36:17:
6a:77:81:23:78:25:36:83:78:ad:e0:ab:b5:3a:2f:73:22:58:
75:81:5a:e8:18:79:6c:f4:04:0f:77:ed:85:a5:36:79:d0:56:
f8:e9:d2:c1:fe:80:58:5b:46:eb:9b:eb:91:94:84:8a:bc:c4:
d0:17:76:22:43:5a:22:57:a9:d0:99:81:68:4c:b0:7a:3b:77:
a0:69:5a:58:33:86:24:c7:fc:db:0b:9e:03:cf:97:b6:08:ee:
dc:69:0b:28:74:64:18:38:e0:a1:b8:87:6d:c3:bb:7b:c7:3b:
2a:55:d2:b5:17:cf:b3:61:41:b9:53:e4:5d:13:dc:b4:6e:cd:
da:1f:be:9d:34:9f:c1:be:9e:0b:2c:83:f3:e3:e6:24:9f:fb:
10:c3:56:c6:3d:28:70:8b:e6:7d:96:79:69:dd:37:4a:c3:5f:
b9:3b:a6:0d:1e:5a:f6:bc:7a:f4:5e:69:ba:01:0e:af:e0:17:
b9:4a:5e:0d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pYVEBWwEFpzgXXCngv3aoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyZTkwYzlkMTAwOWIzMmMxOTQ1YjZmOGU2NTg5NDgzYzVl
YTQ3NDMwHhcNMjYwMzI2MDkwMjE2WhcNMjYwMzI3MDkwMjE2WjAzMTEwLwYDVQQD
EygyYjc4ZWMwYjFmN2NjYjQ1YmNlN2MwMzhlOTY5Mzg4ZTA4MDE0ZjMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvwK+SdA9yqKTzKWs20uHGM7C/rUE
hUnVAXZ0XAfNLUAnIKLXB+FL3n5ZKrN8/8f66ogpLA432kgthc66gQaEX+9GLOe9
pA81etuRjuS54oyfo9ZEN6mDNHZo/mK6SbuDQ2bvNL/zmsRYApg7KTe1B+EUWYS4
2Zcwuf69ZLtUpLyApj/gXq83CPfTTPticPvr6nQGL61Rkgw+Dqs9gZn+CrGjwoeU
M3UBQsjCiwOiQNiIo5dQw2ZuXJtKw4tkN5lvF3f0mTy2rqawo6wFPbAF8xGDryRX
/v1B3joCWBBlS5jZyVjhYBOmaBlqseNXF890FKGQLhAGT65mKIOEAlSt+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCt47AsffMtFvOfAOOlpOI4IAU8xMB8GA1UdIwQY
MBaAFELpDJ0QCbMsGUW2+OZYlIPF6kdDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXVrTW5SQUpzeXdaUmJiNDVsaVVnOFhxUjBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC85NTVhNDAtOWQ5NC00ZjgyLTg4ZTUt
NjljNjI5ODQxNWY4LzEvUXVrTW5SQUpzeXdaUmJiNDVsaVVnOFhxUjBNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC85NTVhNDAtOWQ5NC00ZjgyLTg4ZTUtNjljNjI5ODQxNWY4
LzEvUXVrTW5SQUpzeXdaUmJiNDVsaVVnOFhxUjBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAh+2p/GO6
yVLFaLUnfy6VpkEnhMS2J5xx63Wab2g5vIdAlSl/wudGLL2mfgTnM0Xo8kBkelS+
2rbfL8+kHQv+oc9/etTuhDYXaneBI3glNoN4reCrtTovcyJYdYFa6Bh5bPQED3ft
haU2edBW+OnSwf6AWFtG65vrkZSEirzE0Bd2IkNaIlep0JmBaEywejt3oGlaWDOG
JMf82wueA8+Xtgju3GkLKHRkGDjgobiHbcO7e8c7KlXStRfPs2FBuVPkXRPctG7N
2h++nTSfwb6eCyyD8+PmJJ/7EMNWxj0ocIvmfZZ5ad03SsNfuTumDR5a9rx69F5p
ugEOr+AXuUpeDQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 19:12:10 2026 by rpki-client