Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/b43857-021c-4262-b183-1d77cf2a7100/1/QY1UtVsZKiSLhHI026US-XYMq_o.mft
File: QY1UtVsZKiSLhHI026US-XYMq_o.mft (raw, json)
Hash identifier: k6N/z31NBTsdxaX5RTrqy9WlpUy9A9fIhlD6uMHaZ7w=
Subject key identifier: 1C:D8:8C:9B:9F:9B:73:32:7F:68:0C:E8:04:45:41:63:38:D3:4B:96
Authority key identifier: 41:8D:54:B5:5B:19:2A:24:8B:84:72:34:DB:A5:12:F9:76:0C:AB:FA
Certificate issuer: /CN=418d54b55b192a248b847234dba512f9760cabfa
Certificate serial: 019D284DB0DF3E7D86B0B4A0637A53FB0A0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QY1UtVsZKiSLhHI026US-XYMq_o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/b43857-021c-4262-b183-1d77cf2a7100/1/QY1UtVsZKiSLhHI026US-XYMq_o.mft
Manifest number: 0C0B
Signing time: Thu 26 Mar 2026 04:01:13 +0000
Manifest this update: Thu 26 Mar 2026 04:01:13 +0000
Manifest next update: Fri 27 Mar 2026 04:01:13 +0000
Files and hashes: 1: QY1UtVsZKiSLhHI026US-XYMq_o.crl (hash: yTSVC8XSQr70dQn1+nDZGyRPMf+J9+49IjWXlv1AcQ8=)
2: SD4DOOe1Q-YfVl5PpC2wzjneINo.roa (hash: rAueVU0HnCRC0myAX4koUuZ65An0z5mJknuS+tLrJrQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/99/b43857-021c-4262-b183-1d77cf2a7100/1/QY1UtVsZKiSLhHI026US-XYMq_o.crl
rsync://rpki.ripe.net/repository/DEFAULT/99/b43857-021c-4262-b183-1d77cf2a7100/1/QY1UtVsZKiSLhHI026US-XYMq_o.mft
rsync://rpki.ripe.net/repository/DEFAULT/QY1UtVsZKiSLhHI026US-XYMq_o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:28:4d:b0:df:3e:7d:86:b0:b4:a0:63:7a:53:fb:0a:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=418d54b55b192a248b847234dba512f9760cabfa
Validity
Not Before: Mar 26 04:01:13 2026 GMT
Not After : Mar 27 04:01:13 2026 GMT
Subject: CN=1cd88c9b9f9b73327f680ce80445416338d34b96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:f4:d2:7e:16:2d:f9:23:e2:08:69:a2:1e:3d:
b0:dc:f1:bb:d3:c5:3f:5f:4e:61:54:33:7b:11:e4:
4f:bd:27:0c:a3:80:c9:2a:6b:c2:0e:a1:db:ed:c0:
7b:7d:97:2b:21:9e:c3:1a:e4:f7:74:a9:b6:40:35:
f5:5b:ae:40:46:d6:27:28:29:d3:2b:2c:54:71:58:
7e:e4:17:af:ec:72:85:c5:7d:47:8f:bf:7f:d5:4f:
f9:e3:04:1e:cd:28:94:fe:55:a9:cc:84:46:c5:02:
54:b8:56:96:2f:3b:ee:66:75:fe:36:d1:99:e8:14:
1a:fd:3f:6b:60:d4:44:33:14:d4:26:39:0f:66:da:
73:56:5d:42:5c:e2:89:c6:1b:37:aa:8a:dc:50:b1:
fb:9c:05:b6:34:c8:1a:15:87:d2:d9:aa:90:1d:32:
ec:0f:17:82:4b:d7:8b:fb:de:94:06:bf:eb:d2:dd:
b0:27:4b:3c:ff:90:bf:69:e9:56:c0:91:d7:db:84:
f8:63:b4:1f:c9:9a:77:46:b1:ec:3c:c0:fb:2c:42:
d4:99:65:d7:0e:1a:12:c1:f9:c7:55:a7:d6:2a:b1:
83:53:2f:2d:4b:bc:ef:10:de:70:b3:15:c5:20:38:
a7:e9:ab:27:4f:2a:10:da:72:31:80:03:14:8a:bf:
0e:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:D8:8C:9B:9F:9B:73:32:7F:68:0C:E8:04:45:41:63:38:D3:4B:96
X509v3 Authority Key Identifier:
keyid:41:8D:54:B5:5B:19:2A:24:8B:84:72:34:DB:A5:12:F9:76:0C:AB:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QY1UtVsZKiSLhHI026US-XYMq_o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/b43857-021c-4262-b183-1d77cf2a7100/1/QY1UtVsZKiSLhHI026US-XYMq_o.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/b43857-021c-4262-b183-1d77cf2a7100/1/QY1UtVsZKiSLhHI026US-XYMq_o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
15:f4:6a:b2:17:79:88:92:fd:14:bd:9e:23:e9:88:89:1c:2d:
d6:2a:20:3d:43:79:28:75:4b:9b:88:72:1c:b7:c1:a7:7a:e2:
51:69:39:57:05:3c:b8:85:4b:e8:23:25:f7:ef:13:7e:9c:a3:
1d:ad:b0:d3:c1:ea:13:ca:68:4e:c8:19:f3:37:af:00:67:9c:
12:ce:35:2d:5a:91:fb:b5:6a:ab:a0:03:f6:96:5d:b8:5c:c4:
40:5e:89:ed:da:d2:2c:0e:c9:f8:e5:39:0b:64:a0:56:25:74:
34:68:03:65:99:24:87:da:a6:b9:ef:1d:ee:8c:35:88:f8:a9:
65:55:28:c5:db:9d:78:7e:97:5b:05:ce:29:10:67:11:66:20:
6a:42:21:0f:46:de:cc:86:4c:43:cd:6b:49:b6:18:d8:aa:59:
0b:4d:dc:7d:e3:25:f4:df:67:18:cd:d7:d1:cd:93:c3:71:c5:
16:1b:0f:c2:a2:a3:83:38:bf:31:bc:92:92:15:f0:ee:91:c1:
64:ee:ba:3d:91:2c:f0:2a:ce:34:9b:55:88:4f:1b:72:25:a0:
2a:85:f6:44:f4:08:e0:bc:7d:b6:4c:23:38:ac:10:0a:62:69:
ca:c6:32:c3:f5:b1:92:e7:d3:54:b0:3d:57:fe:28:1d:6a:21:
46:db:f9:42
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0oTbDfPn2GsLSgY3pT+woLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxOGQ1NGI1NWIxOTJhMjQ4Yjg0NzIzNGRiYTUxMmY5NzYw
Y2FiZmEwHhcNMjYwMzI2MDQwMTEzWhcNMjYwMzI3MDQwMTEzWjAzMTEwLwYDVQQD
EygxY2Q4OGM5YjlmOWI3MzMyN2Y2ODBjZTgwNDQ1NDE2MzM4ZDM0Yjk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt/TSfhYt+SPiCGmiHj2w3PG708U/
X05hVDN7EeRPvScMo4DJKmvCDqHb7cB7fZcrIZ7DGuT3dKm2QDX1W65ARtYnKCnT
KyxUcVh+5Bev7HKFxX1Hj79/1U/54wQezSiU/lWpzIRGxQJUuFaWLzvuZnX+NtGZ
6BQa/T9rYNREMxTUJjkPZtpzVl1CXOKJxhs3qorcULH7nAW2NMgaFYfS2aqQHTLs
DxeCS9eL+96UBr/r0t2wJ0s8/5C/aelWwJHX24T4Y7QfyZp3RrHsPMD7LELUmWXX
DhoSwfnHVafWKrGDUy8tS7zvEN5wsxXFIDin6asnTyoQ2nIxgAMUir8OmQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBzYjJufm3Myf2gM6ARFQWM400uWMB8GA1UdIwQY
MBaAFEGNVLVbGSoki4RyNNulEvl2DKv6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVkxVXRWc1pLaVNMaEhJMDI2VVMtWFlNcV9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9iNDM4NTctMDIxYy00MjYyLWIxODMt
MWQ3N2NmMmE3MTAwLzEvUVkxVXRWc1pLaVNMaEhJMDI2VVMtWFlNcV9vLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS9iNDM4NTctMDIxYy00MjYyLWIxODMtMWQ3N2NmMmE3MTAw
LzEvUVkxVXRWc1pLaVNMaEhJMDI2VVMtWFlNcV9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFfRqshd5
iJL9FL2eI+mIiRwt1iogPUN5KHVLm4hyHLfBp3riUWk5VwU8uIVL6CMl9+8Tfpyj
Ha2w08HqE8poTsgZ8zevAGecEs41LVqR+7Vqq6AD9pZduFzEQF6J7drSLA7J+OU5
C2SgViV0NGgDZZkkh9qmue8d7ow1iPipZVUoxdudeH6XWwXOKRBnEWYgakIhD0be
zIZMQ81rSbYY2KpZC03cfeMl9N9nGM3X0c2Tw3HFFhsPwqKjgzi/MbySkhXw7pHB
ZO66PZEs8CrONJtViE8bciWgKoX2RPQI4Lx9tkwjOKwQCmJpysYyw/WxkufTVLA9
V/4oHWohRtv5Qg==
-----END CERTIFICATE-----
Generated at Thu Mar 26 10:51:56 2026 by rpki-client