Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/9b39b9-82c8-4c7d-b268-766e546057a7/1/qLq2HDYOoQjNGSx856ftVWW9--A.mft
File: qLq2HDYOoQjNGSx856ftVWW9--A.mft (raw, json)
Hash identifier: YXr2wfvbqf+ELhn7cAPlLUh6L/HH4QXPaF8286bPmdg=
Subject key identifier: 6C:E5:57:F4:72:B5:A5:AE:63:AE:4E:CB:A2:C7:E7:70:76:4C:3E:6F
Authority key identifier: A8:BA:B6:1C:36:0E:A1:08:CD:19:2C:7C:E7:A7:ED:55:65:BD:FB:E0
Certificate issuer: /CN=a8bab61c360ea108cd192c7ce7a7ed5565bdfbe0
Certificate serial: 019D284E533D103B0B3F9B0C64ACD22D2DE0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qLq2HDYOoQjNGSx856ftVWW9--A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/9b39b9-82c8-4c7d-b268-766e546057a7/1/qLq2HDYOoQjNGSx856ftVWW9--A.mft
Manifest number: 0FFD
Signing time: Thu 26 Mar 2026 04:01:54 +0000
Manifest this update: Thu 26 Mar 2026 04:01:54 +0000
Manifest next update: Fri 27 Mar 2026 04:01:54 +0000
Files and hashes: 1: qLq2HDYOoQjNGSx856ftVWW9--A.crl (hash: fRIDhF6oh6c+YNM2QSQ2Ggyxr1ZzZsOz96Hv0TTqyPs=)
2: xbvEJZeUt0xfTCQkzUMYNid2WuU.roa (hash: N+c9uTWESBLyJAw1GRbCX5BbluIVDmwBAavnIr/6+Wc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/9b39b9-82c8-4c7d-b268-766e546057a7/1/qLq2HDYOoQjNGSx856ftVWW9--A.crl
rsync://rpki.ripe.net/repository/DEFAULT/44/9b39b9-82c8-4c7d-b268-766e546057a7/1/qLq2HDYOoQjNGSx856ftVWW9--A.mft
rsync://rpki.ripe.net/repository/DEFAULT/qLq2HDYOoQjNGSx856ftVWW9--A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 04:01:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:28:4e:53:3d:10:3b:0b:3f:9b:0c:64:ac:d2:2d:2d:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a8bab61c360ea108cd192c7ce7a7ed5565bdfbe0
Validity
Not Before: Mar 26 04:01:54 2026 GMT
Not After : Mar 27 04:01:54 2026 GMT
Subject: CN=6ce557f472b5a5ae63ae4ecba2c7e770764c3e6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:71:23:0c:68:c9:29:8b:67:cd:bf:7e:40:e0:
81:0c:c8:99:76:c6:60:5d:96:0e:11:d2:d3:d8:e1:
b6:c9:49:5a:02:6c:da:47:3e:57:43:f1:cd:6b:25:
ed:e7:26:b0:33:3f:f8:29:25:f7:59:8d:dc:04:bc:
b7:75:90:84:28:81:a6:29:90:73:e3:be:7a:2f:36:
93:f4:a9:9e:ef:81:33:a1:3b:1b:5d:86:26:93:ca:
e2:a1:34:fb:0a:f3:15:d3:34:54:6c:50:49:9a:97:
33:59:86:b1:6f:54:45:fc:87:fb:85:41:77:92:fe:
73:c0:18:6b:1b:0b:17:87:a7:59:0e:60:b8:7e:eb:
e6:af:b1:58:a5:19:cd:e9:ef:0a:99:65:f1:0a:22:
3f:aa:e8:4c:26:14:ee:72:47:88:e6:c5:a9:67:18:
6a:b8:6d:82:52:93:46:68:e2:2e:25:88:3f:49:d2:
38:fb:eb:b8:f6:8a:60:1a:d1:49:19:59:12:68:dc:
8c:2d:65:50:72:94:2c:26:2e:70:20:57:ed:d0:a1:
0d:14:8f:82:70:30:5e:38:e2:09:69:8d:b9:3e:40:
8f:f9:1a:80:95:7a:f3:82:46:62:51:32:da:6c:d7:
b2:1d:9b:72:c5:73:83:d5:92:6d:3a:5e:80:1c:e0:
e9:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:E5:57:F4:72:B5:A5:AE:63:AE:4E:CB:A2:C7:E7:70:76:4C:3E:6F
X509v3 Authority Key Identifier:
keyid:A8:BA:B6:1C:36:0E:A1:08:CD:19:2C:7C:E7:A7:ED:55:65:BD:FB:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qLq2HDYOoQjNGSx856ftVWW9--A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/9b39b9-82c8-4c7d-b268-766e546057a7/1/qLq2HDYOoQjNGSx856ftVWW9--A.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/9b39b9-82c8-4c7d-b268-766e546057a7/1/qLq2HDYOoQjNGSx856ftVWW9--A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
45:dd:78:bc:3d:e0:5c:ca:60:16:38:10:d6:86:37:15:e6:11:
26:25:d4:c0:50:00:96:24:fc:72:da:9d:10:77:f5:e5:e2:4b:
e4:06:8c:ed:ce:81:f9:f4:aa:bc:3f:70:c9:38:2f:fd:8b:da:
3f:ab:20:76:af:2a:bc:e6:b5:c0:de:52:a0:1e:7f:c7:da:8a:
f8:ec:6f:c1:24:15:6b:9a:1f:0c:8f:4d:87:e4:e3:c8:d1:ec:
e1:88:d8:5a:17:f7:0a:c4:9b:33:cb:49:b8:de:4c:c7:ea:75:
44:78:5a:2e:93:35:8d:2d:6e:39:a7:b1:65:65:41:54:7d:b0:
56:4d:d8:20:ac:41:cb:6d:d6:dc:f6:c8:06:5d:a1:ec:b1:a9:
50:13:4c:b9:e3:e0:76:1f:1f:f0:69:0e:e7:d4:01:d3:24:52:
79:28:d0:b2:de:e6:ff:1a:7e:91:26:b5:5d:13:0e:9f:9e:a0:
e0:85:11:24:76:1f:c6:e7:18:df:d1:74:c8:e7:1d:16:7e:6b:
33:8e:3b:67:b9:26:ac:d3:ac:6c:d4:6e:7a:e5:7f:c6:38:87:
2c:80:f3:a4:42:06:84:f5:2c:38:8f:2b:41:16:c8:56:dc:f6:
8c:1a:cf:57:15:bc:ef:d3:9a:fd:a0:e4:70:78:3c:ce:1e:5d:
2b:58:dc:fe
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0oTlM9EDsLP5sMZKzSLS3gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4YmFiNjFjMzYwZWExMDhjZDE5MmM3Y2U3YTdlZDU1NjVi
ZGZiZTAwHhcNMjYwMzI2MDQwMTU0WhcNMjYwMzI3MDQwMTU0WjAzMTEwLwYDVQQD
Eyg2Y2U1NTdmNDcyYjVhNWFlNjNhZTRlY2JhMmM3ZTc3MDc2NGMzZTZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArnEjDGjJKYtnzb9+QOCBDMiZdsZg
XZYOEdLT2OG2yUlaAmzaRz5XQ/HNayXt5yawMz/4KSX3WY3cBLy3dZCEKIGmKZBz
4756LzaT9Kme74EzoTsbXYYmk8rioTT7CvMV0zRUbFBJmpczWYaxb1RF/If7hUF3
kv5zwBhrGwsXh6dZDmC4fuvmr7FYpRnN6e8KmWXxCiI/quhMJhTuckeI5sWpZxhq
uG2CUpNGaOIuJYg/SdI4++u49opgGtFJGVkSaNyMLWVQcpQsJi5wIFft0KENFI+C
cDBeOOIJaY25PkCP+RqAlXrzgkZiUTLabNeyHZtyxXOD1ZJtOl6AHODpSQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGzlV/RytaWuY65Oy6LH53B2TD5vMB8GA1UdIwQY
MBaAFKi6thw2DqEIzRksfOen7VVlvfvgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUxxMkhEWU9vUWpOR1N4ODU2ZnRWV1c5LS1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC85YjM5YjktODJjOC00YzdkLWIyNjgt
NzY2ZTU0NjA1N2E3LzEvcUxxMkhEWU9vUWpOR1N4ODU2ZnRWV1c5LS1BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC85YjM5YjktODJjOC00YzdkLWIyNjgtNzY2ZTU0NjA1N2E3
LzEvcUxxMkhEWU9vUWpOR1N4ODU2ZnRWV1c5LS1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARd14vD3g
XMpgFjgQ1oY3FeYRJiXUwFAAliT8ctqdEHf15eJL5AaM7c6B+fSqvD9wyTgv/Yva
P6sgdq8qvOa1wN5SoB5/x9qK+OxvwSQVa5ofDI9Nh+TjyNHs4YjYWhf3CsSbM8tJ
uN5Mx+p1RHhaLpM1jS1uOaexZWVBVH2wVk3YIKxBy23W3PbIBl2h7LGpUBNMuePg
dh8f8GkO59QB0yRSeSjQst7m/xp+kSa1XRMOn56g4IURJHYfxucY39F0yOcdFn5r
M447Z7kmrNOsbNRueuV/xjiHLIDzpEIGhPUsOI8rQRbIVtz2jBrPVxW879Oa/aDk
cHg8zh5dK1jc/g==
-----END CERTIFICATE-----
Generated at Thu Mar 26 14:09:01 2026 by rpki-client