Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/c34c99-18c8-41a2-874b-390b85394beb/1/QiW1cPRt5cbosrZO0JCtE4XatzE.mft
File: QiW1cPRt5cbosrZO0JCtE4XatzE.mft (raw, json)
Hash identifier: C2+1APfXHW8oFFCQR2ESaMYxdBHxBEQSJg8kxT+82Y8=
Subject key identifier: 3E:89:C6:AB:C0:33:62:06:FB:C3:98:7A:34:5D:7D:AB:59:09:6F:84
Authority key identifier: 42:25:B5:70:F4:6D:E5:C6:E8:B2:B6:4E:D0:90:AD:13:85:DA:B7:31
Certificate issuer: /CN=4225b570f46de5c6e8b2b64ed090ad1385dab731
Certificate serial: 019D28BBE82976D0A1F261DE6D09447E442E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QiW1cPRt5cbosrZO0JCtE4XatzE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/c34c99-18c8-41a2-874b-390b85394beb/1/QiW1cPRt5cbosrZO0JCtE4XatzE.mft
Manifest number: 1887
Signing time: Thu 26 Mar 2026 06:01:36 +0000
Manifest this update: Thu 26 Mar 2026 06:01:36 +0000
Manifest next update: Fri 27 Mar 2026 06:01:36 +0000
Files and hashes: 1: CVESS1wyEds4BHAfnSulEoVDL6w.roa (hash: hDPJ5GteWfUiIqOYYRTQikgoZpNgyrm+JUUXa3SL4+k=)
2: QiW1cPRt5cbosrZO0JCtE4XatzE.crl (hash: 3TMj70LOvSFAQyC0AB9RGCUEB7ydqU/UzQOMNMkjiMw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/c34c99-18c8-41a2-874b-390b85394beb/1/QiW1cPRt5cbosrZO0JCtE4XatzE.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/c34c99-18c8-41a2-874b-390b85394beb/1/QiW1cPRt5cbosrZO0JCtE4XatzE.mft
rsync://rpki.ripe.net/repository/DEFAULT/QiW1cPRt5cbosrZO0JCtE4XatzE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 06:01:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:28:bb:e8:29:76:d0:a1:f2:61:de:6d:09:44:7e:44:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4225b570f46de5c6e8b2b64ed090ad1385dab731
Validity
Not Before: Mar 26 06:01:36 2026 GMT
Not After : Mar 27 06:01:36 2026 GMT
Subject: CN=3e89c6abc0336206fbc3987a345d7dab59096f84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:42:89:11:1e:9d:69:66:2d:ab:a7:e2:b1:9b:
af:9f:c6:95:6c:82:00:8a:15:4e:00:9f:35:f6:fe:
38:7b:ec:8a:6a:04:3f:bf:a7:20:3d:b3:3b:eb:ac:
34:39:4d:46:ed:27:60:f8:11:c1:9c:c2:6e:4e:db:
6f:97:00:de:f2:22:ce:d6:91:af:4a:df:5c:ef:70:
40:35:5a:a8:c5:53:7f:7d:e4:7e:f6:02:cc:3c:f7:
99:ac:8a:cb:f0:04:9f:04:05:a4:f7:6a:7a:72:8a:
e5:0c:98:04:2a:f9:ad:9d:9e:d4:df:67:5e:b4:db:
fc:79:9a:6d:6b:08:8c:fb:19:fa:8b:e8:db:14:26:
2a:bd:7b:11:79:af:ae:05:90:de:ad:45:a9:da:f9:
89:e3:df:e0:e9:1e:45:6d:1e:aa:75:da:56:98:2f:
16:7f:ec:8e:2f:97:cb:96:57:d0:1b:f5:f6:f6:5b:
97:8d:7c:56:64:7d:31:90:7b:3e:79:ef:e7:2b:6d:
c4:03:d8:b6:e3:80:83:69:d1:58:ce:2a:cf:e9:02:
70:2f:28:5b:d2:ba:c3:c5:a2:9c:a1:fc:aa:dc:4a:
ad:ec:e5:57:8a:f8:fb:c4:93:1b:3f:ba:97:e8:dc:
b4:64:31:0e:b7:95:89:64:70:e8:8f:6d:1f:63:45:
07:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:89:C6:AB:C0:33:62:06:FB:C3:98:7A:34:5D:7D:AB:59:09:6F:84
X509v3 Authority Key Identifier:
keyid:42:25:B5:70:F4:6D:E5:C6:E8:B2:B6:4E:D0:90:AD:13:85:DA:B7:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QiW1cPRt5cbosrZO0JCtE4XatzE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/c34c99-18c8-41a2-874b-390b85394beb/1/QiW1cPRt5cbosrZO0JCtE4XatzE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/c34c99-18c8-41a2-874b-390b85394beb/1/QiW1cPRt5cbosrZO0JCtE4XatzE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2c:5e:9c:34:d4:a8:14:93:77:34:4b:8e:e2:b3:c1:9c:e8:59:
0f:2c:fd:b0:fe:c6:75:0e:f7:ba:e9:1c:c2:48:b2:50:b6:a5:
83:94:c0:70:61:aa:78:0e:24:44:9b:da:6a:2c:7e:e9:05:31:
10:b7:11:f9:cf:32:dc:1d:4f:31:1b:24:28:80:df:e2:d8:86:
6a:9b:ea:24:d9:ed:66:cf:cb:f8:a1:0b:d8:45:b4:e8:36:01:
56:84:c0:fb:40:15:b1:57:fa:40:02:8f:8b:f2:b6:0b:26:97:
25:d2:aa:ee:b9:e2:7a:07:72:74:6c:09:2d:e9:ff:de:99:01:
3f:68:25:3d:c1:2a:8e:f3:29:8e:6a:50:1e:6e:09:d9:37:1a:
cd:e4:25:ef:32:c9:30:28:53:37:0b:c9:2d:24:12:79:38:89:
bb:41:2e:9f:7c:12:da:0e:82:8f:75:9e:e3:19:c6:40:ad:0f:
71:a8:ca:c1:65:5a:39:66:06:de:eb:a4:42:52:ee:2f:c1:7a:
65:ef:77:57:30:7e:1d:c9:c7:1c:f0:3c:6a:80:d1:9b:b9:0d:
8e:d2:0f:95:6a:7d:03:16:18:36:e0:c9:1f:1c:dd:12:0b:15:
20:2e:2b:ad:34:20:88:fa:c3:39:59:ef:43:3d:8e:ce:db:d1:
b1:1f:1b:39
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ou+gpdtCh8mHebQlEfkQuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyMjViNTcwZjQ2ZGU1YzZlOGIyYjY0ZWQwOTBhZDEzODVk
YWI3MzEwHhcNMjYwMzI2MDYwMTM2WhcNMjYwMzI3MDYwMTM2WjAzMTEwLwYDVQQD
EygzZTg5YzZhYmMwMzM2MjA2ZmJjMzk4N2EzNDVkN2RhYjU5MDk2Zjg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArUKJER6daWYtq6fisZuvn8aVbIIA
ihVOAJ819v44e+yKagQ/v6cgPbM766w0OU1G7Sdg+BHBnMJuTttvlwDe8iLO1pGv
St9c73BANVqoxVN/feR+9gLMPPeZrIrL8ASfBAWk92p6corlDJgEKvmtnZ7U32de
tNv8eZptawiM+xn6i+jbFCYqvXsRea+uBZDerUWp2vmJ49/g6R5FbR6qddpWmC8W
f+yOL5fLllfQG/X29luXjXxWZH0xkHs+ee/nK23EA9i244CDadFYzirP6QJwLyhb
0rrDxaKcofyq3Eqt7OVXivj7xJMbP7qX6Ny0ZDEOt5WJZHDoj20fY0UH9wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD6JxqvAM2IG+8OYejRdfatZCW+EMB8GA1UdIwQY
MBaAFEIltXD0beXG6LK2TtCQrROF2rcxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWlXMWNQUnQ1Y2Jvc3JaTzBKQ3RFNFhhdHpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9jMzRjOTktMThjOC00MWEyLTg3NGIt
MzkwYjg1Mzk0YmViLzEvUWlXMWNQUnQ1Y2Jvc3JaTzBKQ3RFNFhhdHpFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9jMzRjOTktMThjOC00MWEyLTg3NGItMzkwYjg1Mzk0YmVi
LzEvUWlXMWNQUnQ1Y2Jvc3JaTzBKQ3RFNFhhdHpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALF6cNNSo
FJN3NEuO4rPBnOhZDyz9sP7GdQ73uukcwkiyULalg5TAcGGqeA4kRJvaaix+6QUx
ELcR+c8y3B1PMRskKIDf4tiGapvqJNntZs/L+KEL2EW06DYBVoTA+0AVsVf6QAKP
i/K2CyaXJdKq7rniegdydGwJLen/3pkBP2glPcEqjvMpjmpQHm4J2TcazeQl7zLJ
MChTNwvJLSQSeTiJu0Eun3wS2g6Cj3We4xnGQK0PcajKwWVaOWYG3uukQlLuL8F6
Ze93VzB+HcnHHPA8aoDRm7kNjtIPlWp9AxYYNuDJHxzdEgsVIC4rrTQgiPrDOVnv
Qz2OztvRsR8bOQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 13:53:14 2026 by rpki-client