Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/3c7f83-bc28-4282-aa02-969f2a00ede0/1/QpXD7wDP_s4vcbYZkcbG09pJwRA.mft
File: QpXD7wDP_s4vcbYZkcbG09pJwRA.mft (raw, json)
Hash identifier: 2hNhcnm6fkoLtbqI7SlbYR2j07oiF0ABanOR51mewGs=
Subject key identifier: B2:07:D8:44:36:23:B3:DC:5B:2D:F0:B2:08:BD:CF:85:8D:6D:59:BE
Authority key identifier: 42:95:C3:EF:00:CF:FE:CE:2F:71:B6:19:91:C6:C6:D3:DA:49:C1:10
Certificate issuer: /CN=4295c3ef00cffece2f71b61991c6c6d3da49c110
Certificate serial: 019D28BB096EFB45DE4955AD6A03D037564D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QpXD7wDP_s4vcbYZkcbG09pJwRA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/3c7f83-bc28-4282-aa02-969f2a00ede0/1/QpXD7wDP_s4vcbYZkcbG09pJwRA.mft
Manifest number: 0571
Signing time: Thu 26 Mar 2026 06:00:39 +0000
Manifest this update: Thu 26 Mar 2026 06:00:39 +0000
Manifest next update: Fri 27 Mar 2026 06:00:39 +0000
Files and hashes: 1: BIcN5aoAOl1KvHqrpwSgfpe3bKQ.roa (hash: lnNlQg8amQO6kFSvzSOC3nKLC4UQiHYnnxg5VQ58z58=)
2: QpXD7wDP_s4vcbYZkcbG09pJwRA.crl (hash: g4c5O4+70/QitWGR9JkUfTDBClP9xDjJxqXnC0Ez3qA=)
3: mFfXpLKFugPnpjv01dOdi4FA4Gw.roa (hash: 3g2SXGJpuzV1vU10pMqGPocyoDuCUv6hUHSIZHwoqs4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/81/3c7f83-bc28-4282-aa02-969f2a00ede0/1/QpXD7wDP_s4vcbYZkcbG09pJwRA.crl
rsync://rpki.ripe.net/repository/DEFAULT/81/3c7f83-bc28-4282-aa02-969f2a00ede0/1/QpXD7wDP_s4vcbYZkcbG09pJwRA.mft
rsync://rpki.ripe.net/repository/DEFAULT/QpXD7wDP_s4vcbYZkcbG09pJwRA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 06:00:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:28:bb:09:6e:fb:45:de:49:55:ad:6a:03:d0:37:56:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4295c3ef00cffece2f71b61991c6c6d3da49c110
Validity
Not Before: Mar 26 06:00:39 2026 GMT
Not After : Mar 27 06:00:39 2026 GMT
Subject: CN=b207d8443623b3dc5b2df0b208bdcf858d6d59be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:b7:8a:ac:a3:12:38:d1:df:8f:67:18:de:6c:
bb:81:c4:c0:f9:1f:e1:f7:93:a4:fa:61:f0:ad:ad:
93:ca:f8:9d:56:7e:12:21:5b:e4:6d:c4:4f:b8:45:
fa:f6:f2:f4:da:6b:ac:51:d7:33:68:2c:ef:0a:25:
56:24:b1:e0:23:86:93:12:31:10:32:3a:92:4b:da:
6c:87:fe:a2:38:43:4a:9e:f3:4e:1d:79:a4:83:93:
bd:60:3a:83:4d:5d:68:77:18:ff:ae:97:aa:6e:a7:
94:ca:38:f3:61:c5:a8:2d:c2:f1:12:54:e5:24:cb:
6e:b3:b1:4d:da:a6:bb:cf:f0:62:73:fa:fd:70:44:
9f:3e:68:69:de:da:f4:74:05:dd:5c:b8:f1:64:af:
8d:1c:7f:8c:3c:bb:66:22:23:de:1f:29:bf:8f:fe:
9a:38:77:c6:ca:0f:39:95:82:2b:df:50:38:6e:f8:
93:65:26:3d:37:9d:82:40:de:93:7b:f0:65:0a:34:
b2:31:b7:23:06:94:7e:bd:63:73:97:ed:5a:e4:f5:
67:0b:1a:c9:eb:6c:a0:aa:10:b9:ec:c3:35:5e:eb:
87:7f:c8:44:32:a8:95:12:3d:ff:0c:67:05:7e:da:
6e:1c:9c:97:5c:2d:44:3e:a8:0c:83:38:d5:33:43:
42:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:07:D8:44:36:23:B3:DC:5B:2D:F0:B2:08:BD:CF:85:8D:6D:59:BE
X509v3 Authority Key Identifier:
keyid:42:95:C3:EF:00:CF:FE:CE:2F:71:B6:19:91:C6:C6:D3:DA:49:C1:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QpXD7wDP_s4vcbYZkcbG09pJwRA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/3c7f83-bc28-4282-aa02-969f2a00ede0/1/QpXD7wDP_s4vcbYZkcbG09pJwRA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/3c7f83-bc28-4282-aa02-969f2a00ede0/1/QpXD7wDP_s4vcbYZkcbG09pJwRA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
43:d8:22:ab:97:e3:13:67:4b:43:7a:e0:ce:53:18:45:1d:dd:
3b:1b:a5:3e:bb:39:85:2a:69:f4:b7:a9:0b:d5:20:f4:94:de:
78:a5:1a:b0:c1:ba:b3:2a:c7:6b:0f:9b:49:cb:fc:31:be:97:
26:85:c1:6b:29:46:b8:ca:53:a5:51:f0:eb:9f:4c:de:b0:98:
b3:99:35:97:b3:f0:ed:a5:88:3c:4b:be:f7:ea:0a:48:24:c2:
05:c8:1a:cb:20:a0:8e:2a:77:ac:d4:82:ff:c8:81:42:92:64:
6a:22:46:39:af:50:3f:ae:b7:46:36:73:4f:c0:41:5d:78:70:
bf:8d:80:82:6c:30:7a:a0:3c:26:54:13:51:0c:27:46:13:1a:
f1:c5:88:a4:68:de:82:4f:80:c0:5c:de:8f:a3:da:03:36:32:
2e:17:64:6a:8e:a2:8a:1c:ce:51:bc:04:9d:85:4e:01:26:a0:
97:8e:e8:b4:c9:d7:9b:70:c8:1e:fa:87:78:60:fa:37:93:bd:
f6:22:ba:9d:2b:42:1f:e7:0c:23:9b:05:1c:f2:c4:3c:a1:04:
b4:57:31:ce:77:2e:1e:92:ea:96:b0:cf:87:ff:96:24:f6:1a:
4e:68:08:d9:38:7a:10:59:b1:bd:61:19:59:4c:2f:55:8b:a3:
c3:4d:49:9f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ouwlu+0XeSVWtagPQN1ZNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyOTVjM2VmMDBjZmZlY2UyZjcxYjYxOTkxYzZjNmQzZGE0
OWMxMTAwHhcNMjYwMzI2MDYwMDM5WhcNMjYwMzI3MDYwMDM5WjAzMTEwLwYDVQQD
EyhiMjA3ZDg0NDM2MjNiM2RjNWIyZGYwYjIwOGJkY2Y4NThkNmQ1OWJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmLeKrKMSONHfj2cY3my7gcTA+R/h
95Ok+mHwra2TyvidVn4SIVvkbcRPuEX69vL02musUdczaCzvCiVWJLHgI4aTEjEQ
MjqSS9psh/6iOENKnvNOHXmkg5O9YDqDTV1odxj/rpeqbqeUyjjzYcWoLcLxElTl
JMtus7FN2qa7z/Bic/r9cESfPmhp3tr0dAXdXLjxZK+NHH+MPLtmIiPeHym/j/6a
OHfGyg85lYIr31A4bviTZSY9N52CQN6Te/BlCjSyMbcjBpR+vWNzl+1a5PVnCxrJ
62ygqhC57MM1XuuHf8hEMqiVEj3/DGcFftpuHJyXXC1EPqgMgzjVM0NCNwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLIH2EQ2I7PcWy3wsgi9z4WNbVm+MB8GA1UdIwQY
MBaAFEKVw+8Az/7OL3G2GZHGxtPaScEQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXBYRDd3RFBfczR2Y2JZWmtjYkcwOXBKd1JBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8zYzdmODMtYmMyOC00MjgyLWFhMDIt
OTY5ZjJhMDBlZGUwLzEvUXBYRDd3RFBfczR2Y2JZWmtjYkcwOXBKd1JBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS8zYzdmODMtYmMyOC00MjgyLWFhMDItOTY5ZjJhMDBlZGUw
LzEvUXBYRDd3RFBfczR2Y2JZWmtjYkcwOXBKd1JBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQ9giq5fj
E2dLQ3rgzlMYRR3dOxulPrs5hSpp9LepC9Ug9JTeeKUasMG6syrHaw+bScv8Mb6X
JoXBaylGuMpTpVHw659M3rCYs5k1l7Pw7aWIPEu+9+oKSCTCBcgayyCgjip3rNSC
/8iBQpJkaiJGOa9QP663RjZzT8BBXXhwv42AgmwweqA8JlQTUQwnRhMa8cWIpGje
gk+AwFzej6PaAzYyLhdkao6iihzOUbwEnYVOASagl47otMnXm3DIHvqHeGD6N5O9
9iK6nStCH+cMI5sFHPLEPKEEtFcxzncuHpLqlrDPh/+WJPYaTmgI2Th6EFmxvWEZ
WUwvVYujw01Jnw==
-----END CERTIFICATE-----
Generated at Thu Mar 26 13:52:42 2026 by rpki-client