Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/c33731-3c52-4c85-9789-bd27afad9c3d/1/QOY0vcMMDEtfeUXz0EHiNQW80Vk.mft
File: QOY0vcMMDEtfeUXz0EHiNQW80Vk.mft (raw, json)
Hash identifier: GwalU5C3ulKG/MYoyKs7Iik+CxqpZdQIHbhDcfScH5c=
Subject key identifier: BB:57:A9:2B:4A:25:42:2E:F8:22:17:40:7A:A7:78:52:32:6A:7E:63
Authority key identifier: 40:E6:34:BD:C3:0C:0C:4B:5F:79:45:F3:D0:41:E2:35:05:BC:D1:59
Certificate issuer: /CN=40e634bdc30c0c4b5f7945f3d041e23505bcd159
Certificate serial: 019D2A0535BD83D5BD06426EEE96EFC9E5AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QOY0vcMMDEtfeUXz0EHiNQW80Vk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/c33731-3c52-4c85-9789-bd27afad9c3d/1/QOY0vcMMDEtfeUXz0EHiNQW80Vk.mft
Manifest number: 01EB
Signing time: Thu 26 Mar 2026 12:01:17 +0000
Manifest this update: Thu 26 Mar 2026 12:01:17 +0000
Manifest next update: Fri 27 Mar 2026 12:01:17 +0000
Files and hashes: 1: Otng_ezlHXU4kxRwo4HMGqBulxQ.roa (hash: ZzUAW/zmUDDboHtiC8pCPo3qWbKB9FgFtOseaATnUSk=)
2: QOY0vcMMDEtfeUXz0EHiNQW80Vk.crl (hash: E3Qu6JTk13HBDXKdBrHfawGE6sHjT9ZfuLNk/A9zjEo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/67/c33731-3c52-4c85-9789-bd27afad9c3d/1/QOY0vcMMDEtfeUXz0EHiNQW80Vk.crl
rsync://rpki.ripe.net/repository/DEFAULT/67/c33731-3c52-4c85-9789-bd27afad9c3d/1/QOY0vcMMDEtfeUXz0EHiNQW80Vk.mft
rsync://rpki.ripe.net/repository/DEFAULT/QOY0vcMMDEtfeUXz0EHiNQW80Vk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:2a:05:35:bd:83:d5:bd:06:42:6e:ee:96:ef:c9:e5:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40e634bdc30c0c4b5f7945f3d041e23505bcd159
Validity
Not Before: Mar 26 12:01:17 2026 GMT
Not After : Mar 27 12:01:17 2026 GMT
Subject: CN=bb57a92b4a25422ef82217407aa77852326a7e63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:bf:6c:1b:62:12:2a:e6:48:72:a4:de:61:d7:
ad:b7:83:f9:1d:08:bc:f1:3a:a4:fa:d6:10:50:20:
32:be:f2:f6:f5:45:86:b2:10:3a:29:bf:13:7e:03:
70:a8:a3:23:63:11:ec:48:f3:1b:2b:eb:9f:0d:aa:
1c:e6:bc:cf:7c:1d:a7:2a:b0:ad:66:6f:0e:19:65:
e2:15:ef:6a:5a:f3:fa:c6:95:88:e6:fc:b2:6e:6a:
6f:54:90:63:a7:79:0f:51:a2:61:3e:0d:dd:00:68:
01:e4:a1:e0:a9:d6:1f:a7:86:ae:54:b5:6f:4b:a0:
b0:d9:cb:bf:29:f3:c0:f7:ac:fc:ae:a1:0a:e7:df:
cd:4c:3a:aa:72:66:63:be:f7:f7:90:e7:f6:c1:7e:
25:7a:7d:f0:a8:08:1a:5e:b1:46:f7:ff:e5:10:6b:
d4:ed:14:18:84:19:10:7f:08:ca:42:b1:76:c9:1c:
3f:e7:b9:4c:bc:9c:dc:9e:1b:c1:58:dc:0a:ea:22:
e3:77:68:73:69:e0:a7:39:23:21:85:22:f3:ca:fa:
bd:fd:b1:7a:6c:b0:77:cf:74:0c:76:5d:31:2d:af:
1d:88:fc:94:3f:ba:27:0d:01:a1:c2:f2:f5:b8:6e:
95:ca:f7:12:de:d3:00:27:e4:0d:b6:7a:f1:e5:00:
c4:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:57:A9:2B:4A:25:42:2E:F8:22:17:40:7A:A7:78:52:32:6A:7E:63
X509v3 Authority Key Identifier:
keyid:40:E6:34:BD:C3:0C:0C:4B:5F:79:45:F3:D0:41:E2:35:05:BC:D1:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QOY0vcMMDEtfeUXz0EHiNQW80Vk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/c33731-3c52-4c85-9789-bd27afad9c3d/1/QOY0vcMMDEtfeUXz0EHiNQW80Vk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/c33731-3c52-4c85-9789-bd27afad9c3d/1/QOY0vcMMDEtfeUXz0EHiNQW80Vk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
15:0a:e8:48:ed:96:17:d0:86:ea:77:aa:9b:2c:5c:2d:8d:50:
bc:2a:1c:cc:42:aa:00:52:29:c9:86:45:c7:8b:20:ab:64:ae:
41:da:11:f9:d4:28:2e:73:cf:b7:f3:13:3d:5a:eb:dd:0c:64:
e0:7b:34:9c:a2:2e:c5:66:a2:41:14:12:7d:f6:50:0c:a7:c7:
ba:35:45:44:e5:95:fa:6d:75:40:84:42:27:35:56:ae:3a:d7:
02:42:53:bc:b2:ff:ac:de:b0:b8:6c:52:e4:b6:b7:0e:4d:e4:
1c:7b:48:39:f6:a9:cf:d6:ad:dc:da:66:5e:fd:08:c2:bd:06:
d9:ef:da:1c:6f:0f:12:49:f2:51:18:6c:ec:78:67:3b:b2:66:
b2:ed:1d:91:82:1d:af:5d:ca:35:d2:b9:dc:10:10:b0:da:a6:
d3:e1:ad:ce:eb:0c:20:17:0a:d2:3f:67:09:55:47:ce:c5:44:
b0:80:c3:5f:1e:fa:13:33:83:f8:bf:d0:2b:ae:f7:d2:92:7b:
d1:e2:0c:78:58:f7:2f:b2:ba:f8:65:2b:0c:a6:65:d6:ea:77:
a1:7d:5b:0a:f3:73:1e:3b:9e:8c:cd:b2:81:fa:73:ff:cd:c5:
52:13:a2:29:4a:e8:c7:c4:99:a2:07:e3:45:82:ce:ad:57:61:
65:d5:7e:81
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0qBTW9g9W9BkJu7pbvyeWqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwZTYzNGJkYzMwYzBjNGI1Zjc5NDVmM2QwNDFlMjM1MDVi
Y2QxNTkwHhcNMjYwMzI2MTIwMTE3WhcNMjYwMzI3MTIwMTE3WjAzMTEwLwYDVQQD
EyhiYjU3YTkyYjRhMjU0MjJlZjgyMjE3NDA3YWE3Nzg1MjMyNmE3ZTYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw79sG2ISKuZIcqTeYdett4P5HQi8
8Tqk+tYQUCAyvvL29UWGshA6Kb8TfgNwqKMjYxHsSPMbK+ufDaoc5rzPfB2nKrCt
Zm8OGWXiFe9qWvP6xpWI5vyybmpvVJBjp3kPUaJhPg3dAGgB5KHgqdYfp4auVLVv
S6Cw2cu/KfPA96z8rqEK59/NTDqqcmZjvvf3kOf2wX4len3wqAgaXrFG9//lEGvU
7RQYhBkQfwjKQrF2yRw/57lMvJzcnhvBWNwK6iLjd2hzaeCnOSMhhSLzyvq9/bF6
bLB3z3QMdl0xLa8diPyUP7onDQGhwvL1uG6VyvcS3tMAJ+QNtnrx5QDEJQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLtXqStKJUIu+CIXQHqneFIyan5jMB8GA1UdIwQY
MBaAFEDmNL3DDAxLX3lF89BB4jUFvNFZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUU9ZMHZjTU1ERXRmZVVYejBFSGlOUVc4MFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny9jMzM3MzEtM2M1Mi00Yzg1LTk3ODkt
YmQyN2FmYWQ5YzNkLzEvUU9ZMHZjTU1ERXRmZVVYejBFSGlOUVc4MFZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny9jMzM3MzEtM2M1Mi00Yzg1LTk3ODktYmQyN2FmYWQ5YzNk
LzEvUU9ZMHZjTU1ERXRmZVVYejBFSGlOUVc4MFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFQroSO2W
F9CG6neqmyxcLY1QvCoczEKqAFIpyYZFx4sgq2SuQdoR+dQoLnPPt/MTPVrr3Qxk
4Hs0nKIuxWaiQRQSffZQDKfHujVFROWV+m11QIRCJzVWrjrXAkJTvLL/rN6wuGxS
5La3Dk3kHHtIOfapz9at3NpmXv0Iwr0G2e/aHG8PEknyURhs7HhnO7Jmsu0dkYId
r13KNdK53BAQsNqm0+GtzusMIBcK0j9nCVVHzsVEsIDDXx76EzOD+L/QK6730pJ7
0eIMeFj3L7K6+GUrDKZl1up3oX1bCvNzHjuejM2ygfpz/83FUhOiKUrox8SZogfj
RYLOrVdhZdV+gQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 18:27:46 2026 by rpki-client