Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/e5654c-9fe7-4793-8a8f-40edadeee860/1/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.mft
File: QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.mft (raw, json)
Hash identifier: jGtyxUxRtIo1EcVvvPiua+uWUtI3RWWpFA+c8Zd1xsI=
Subject key identifier: 6A:E1:B2:3A:A3:8B:8A:72:D0:C7:C4:38:E1:4D:B3:63:DD:88:85:B0
Authority key identifier: 40:8B:0F:E6:58:EB:96:FB:50:B1:35:F7:1B:B9:2F:27:B9:2C:13:94
Certificate issuer: /CN=408b0fe658eb96fb50b135f71bb92f27b92c1394
Certificate serial: 019D25BAAD49D59EBC3BC6041BD3092E3E33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/e5654c-9fe7-4793-8a8f-40edadeee860/1/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.mft
Manifest number: 1881
Signing time: Wed 25 Mar 2026 16:01:24 +0000
Manifest this update: Wed 25 Mar 2026 16:01:24 +0000
Manifest next update: Thu 26 Mar 2026 16:01:24 +0000
Files and hashes: 1: QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.crl (hash: IFqdvNRjwsJF7bF714PjDGdGLdSF3wgECGL5HVYwNEU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/55/e5654c-9fe7-4793-8a8f-40edadeee860/1/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/55/e5654c-9fe7-4793-8a8f-40edadeee860/1/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:25:ba:ad:49:d5:9e:bc:3b:c6:04:1b:d3:09:2e:3e:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=408b0fe658eb96fb50b135f71bb92f27b92c1394
Validity
Not Before: Mar 25 16:01:24 2026 GMT
Not After : Mar 26 16:01:24 2026 GMT
Subject: CN=6ae1b23aa38b8a72d0c7c438e14db363dd8885b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:63:35:04:a7:64:3a:c7:28:b8:90:fe:1f:10:
dc:b9:6c:63:83:89:e6:70:14:2d:5b:ff:87:26:16:
9d:5e:6c:68:89:97:1a:7d:b3:5d:88:d2:84:91:8d:
fe:30:9e:3d:f4:87:d6:cc:f1:53:23:0e:9c:5c:51:
db:23:c9:65:3e:bf:98:29:18:1a:bd:9c:a8:75:f3:
56:03:fd:f5:40:b6:00:4d:a4:44:9e:f2:d2:14:23:
16:48:36:ae:0d:9d:6a:c9:a2:c4:c9:ac:7e:9e:80:
1f:86:f1:1e:ba:54:ea:39:50:54:68:28:40:d4:84:
a4:87:20:9d:13:a2:55:4c:90:f1:b7:b3:76:52:9f:
1d:d5:3a:17:d0:c2:6c:f7:3b:8e:db:40:82:9d:5c:
c5:5e:89:28:1c:d1:2e:09:58:98:d4:24:dd:58:c5:
40:78:d6:be:f4:48:d1:63:bf:9b:d7:08:5a:df:3e:
8f:fe:1d:a7:17:3d:aa:f4:7c:3e:55:cb:ba:5b:61:
83:b6:79:24:61:eb:9f:ea:5d:91:b3:a1:63:23:a7:
4f:19:7f:b7:1c:f7:d9:ca:61:d9:56:e0:d0:3a:31:
5a:f6:14:dc:70:51:f4:cb:cb:e9:2c:71:61:ee:48:
00:8f:43:d4:c4:81:5f:24:0c:b5:8e:21:a3:7e:1f:
fc:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:E1:B2:3A:A3:8B:8A:72:D0:C7:C4:38:E1:4D:B3:63:DD:88:85:B0
X509v3 Authority Key Identifier:
keyid:40:8B:0F:E6:58:EB:96:FB:50:B1:35:F7:1B:B9:2F:27:B9:2C:13:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/e5654c-9fe7-4793-8a8f-40edadeee860/1/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/e5654c-9fe7-4793-8a8f-40edadeee860/1/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
15:5e:a9:e9:5a:3a:a5:ae:dd:24:05:a5:4b:5f:d6:6a:92:93:
db:56:3e:47:a9:d8:83:3c:cf:41:9d:b2:56:e6:62:ee:81:d4:
52:98:d4:3d:d0:d9:1a:b2:9d:82:31:e3:d5:73:4f:c6:f8:31:
e4:6a:7b:05:a2:2d:d6:3c:19:2c:16:32:80:21:ca:9a:c2:be:
09:d5:26:68:ba:c0:b8:83:a5:51:67:d9:13:dd:61:15:1e:dd:
14:11:1c:1b:60:16:53:13:89:8c:5f:f1:26:63:2c:44:54:7d:
fc:b3:41:e8:98:65:b2:e4:b3:ad:15:92:a5:f6:8a:83:4c:08:
2b:12:57:ca:d7:c8:f0:2c:20:fa:af:9b:d0:4c:4f:1f:98:32:
36:5b:f9:69:3f:18:79:12:a6:db:6f:25:45:15:92:ce:4d:95:
79:af:b1:99:b7:69:a6:55:e1:c4:4c:8b:0a:12:19:9c:d9:2d:
86:01:ff:77:7f:d3:0c:61:f3:1a:f3:88:e9:7d:ca:30:fc:f0:
6e:cb:31:63:34:d6:e2:a1:4d:d8:d9:20:9f:b3:9f:59:d2:c9:
60:2a:05:b7:4b:67:3d:e3:16:a5:3f:28:28:dc:59:2c:2e:d6:
db:31:59:f8:a5:25:74:81:bd:a7:12:9c:07:0d:2c:34:ac:a9:
5e:1b:c7:00
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0luq1J1Z68O8YEG9MJLj4zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwOGIwZmU2NThlYjk2ZmI1MGIxMzVmNzFiYjkyZjI3Yjky
YzEzOTQwHhcNMjYwMzI1MTYwMTI0WhcNMjYwMzI2MTYwMTI0WjAzMTEwLwYDVQQD
Eyg2YWUxYjIzYWEzOGI4YTcyZDBjN2M0MzhlMTRkYjM2M2RkODg4NWIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsWM1BKdkOscouJD+HxDcuWxjg4nm
cBQtW/+HJhadXmxoiZcafbNdiNKEkY3+MJ499IfWzPFTIw6cXFHbI8llPr+YKRga
vZyodfNWA/31QLYATaREnvLSFCMWSDauDZ1qyaLEyax+noAfhvEeulTqOVBUaChA
1ISkhyCdE6JVTJDxt7N2Up8d1ToX0MJs9zuO20CCnVzFXokoHNEuCViY1CTdWMVA
eNa+9EjRY7+b1wha3z6P/h2nFz2q9Hw+Vcu6W2GDtnkkYeuf6l2Rs6FjI6dPGX+3
HPfZymHZVuDQOjFa9hTccFH0y8vpLHFh7kgAj0PUxIFfJAy1jiGjfh/8CwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGrhsjqji4py0MfEOOFNs2PdiIWwMB8GA1UdIwQY
MBaAFECLD+ZY65b7ULE19xu5Lye5LBOUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUlzUDVsanJsdnRRc1RYM0c3a3ZKN2tzRTVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS9lNTY1NGMtOWZlNy00NzkzLThhOGYt
NDBlZGFkZWVlODYwLzEvUUlzUDVsanJsdnRRc1RYM0c3a3ZKN2tzRTVRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS9lNTY1NGMtOWZlNy00NzkzLThhOGYtNDBlZGFkZWVlODYw
LzEvUUlzUDVsanJsdnRRc1RYM0c3a3ZKN2tzRTVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFV6p6Vo6
pa7dJAWlS1/WapKT21Y+R6nYgzzPQZ2yVuZi7oHUUpjUPdDZGrKdgjHj1XNPxvgx
5Gp7BaIt1jwZLBYygCHKmsK+CdUmaLrAuIOlUWfZE91hFR7dFBEcG2AWUxOJjF/x
JmMsRFR9/LNB6JhlsuSzrRWSpfaKg0wIKxJXytfI8Cwg+q+b0ExPH5gyNlv5aT8Y
eRKm228lRRWSzk2Vea+xmbdpplXhxEyLChIZnNkthgH/d3/TDGHzGvOI6X3KMPzw
bssxYzTW4qFN2Nkgn7OfWdLJYCoFt0tnPeMWpT8oKNxZLC7W2zFZ+KUldIG9pxKc
Bw0sNKypXhvHAA==
-----END CERTIFICATE-----
Generated at Thu Mar 26 02:10:50 2026 by rpki-client